| Internet-Draft | OMP Singapore APAC Profile | April 2026 |
| Adebayo, et al. | Expires 7 October 2026 | [Page] |
This document defines a domain profile of the Operating Model Protocol (OMP) for AI systems deployed in Singapore and the ASEAN region subject to the Singapore Model AI Governance Framework (Second Edition, 2020), the Monetary Authority of Singapore (MAS) FEAT Principles for financial services AI, and the ASEAN Guide on AI Governance and Ethics (2024).¶
The profile -- designated SingapureMark -- specifies how OMP's deterministic routing invariant, Watchtower enforcement framework, and three-layer cryptographic integrity architecture generate the per-decision accountability evidence required by Singapore's model AI governance framework, satisfy the MAS FEAT Principles' named accountability and explainability requirements, and align with the ASEAN Guide's human oversight and consumer protection governance standards.¶
The OMP core specification is defined in the Operating Model Protocol Internet-Draft (draft-veridom-omp).¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 7 October 2026.¶
Copyright (c) 2026 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document.¶
This document specifies the SingapureMark domain profile for OMP, covering AI systems deployed in Singapore and the ASEAN region subject to the Singapore Model AI Governance Framework (MAIGF, Second Edition) [SG-MAIGF-2020], the Monetary Authority of Singapore (MAS) FEAT Principles [MAS-FEAT], the MAS AF-FEAT Accountability Framework [MAS-AF-FEAT], and the ASEAN Guide on AI Governance and Ethics (2024) [ASEAN-AI-2024]. The full specification is provided in the plain-text version of this Internet-Draft.¶
SingapureMark completes the geographic triad of OMP regulatory profiles alongside the UK FCA DutyMark profile [I-D.veridom-omp-fca], the EU AI Act EUAIA profile [I-D.veridom-omp-euaia], and the AI Liability Insurance InsureMark profile [I-D.veridom-omp-aiins]. Audit Trace payloads are canonicalized per [RFC8785]. Audit Traces are timestamped per [RFC3161]. Sealed Audit Traces are verifiable using the OMP Reference Validator [OMP-OPEN-CORE]. The OMP specification is also archived at [ZENODO-OMP].¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119] [RFC8174].¶
The complete profile specification -- including all terminology, regulatory framework analysis, routing state definitions, Watchtower definitions, Audit Trace schema extensions, deployment category mappings, invariant definition, and security considerations -- is provided in the companion plain-text specification for this Internet-Draft. This XML rendition provides the structured metadata, references, and IANA considerations for the IETF Datatracker and xml2rfc processing pipeline.¶
Implementations of this profile MUST satisfy the two-property invariant specified in the plain-text companion document: (1) every consequential AI decision generates a sealed Audit Trace documenting the decision, human oversight applied, and applicable regulatory evidence fields; and (2) the Audit Trace is sealed with the three-layer integrity architecture defined in [I-D.veridom-omp] Section 7, detectable as modified by any third party without access to the operator's infrastructure.¶
The security considerations of [I-D.veridom-omp] apply in full. Operators MUST implement appropriate access controls and data protection measures for Audit Trace storage, access, and disclosure consistent with applicable jurisdiction law.¶
This document has no IANA actions.¶