NVI-005 Institutional Trust Framework™

SAFECHAIN™ | NATIONAL VULNERABILITY VERIFICATION INFRASTRUCTURE™

NVI™ — Publication No. NVI-005

INSTITUTIONAL TRUST

FRAMEWORK™

How Institutions Become Trusted Participants in a National Safeguarding Intelligence Network

Document Reference: NVI-005

Series: National Vulnerability Verification Infrastructure™ (NVI™)

Series Position: Trust and Certification Governance Paper

Author: Samantha Avril-Andreassen FRSA

Status: Published

Version: 1.0

Date: June 2026

Classification: Public — Institutional Distribution

Publisher: SAFECHAINN Ltd (Company No. 12038453)

Executive Summary

The Institutional Trust Framework™ (ITF™) addresses the foundational governance question of the National Vulnerability Verification Infrastructure™ (NVI™): how does an institution become a trusted participant in a national safeguarding intelligence network? The question is not merely technical — it is constitutional. A national safeguarding intelligence network is only as trustworthy as the institutions participating in it. If institutions can access the most sensitive safeguarding intelligence about vulnerable people without demonstrating the governance, capability, and accountability standards required to use that intelligence responsibly, the NVI™ is not a safeguarding infrastructure. It is a liability.

The ITF™ defines the criteria for institutional participation in the NVI™, the governance obligations that participation requires, the verification responsibilities that participants carry, the accountability thresholds at which participation is modified or withdrawn, the trust scoring system that provides a continuous assessment of institutional governance quality, and the institutional certification process through which trust status is formally assessed and recognised.

The ITF™ is not a punishment framework. Its primary purpose is not to exclude institutions from the NVI™ but to create the governance conditions under which all institutions can develop the capability and accountability standards required for trusted participation. The ITF™ includes capability development pathways, supported improvement programmes, graduated participation categories, and clear routes to full trust certification for institutions that are committed to meeting the required standards.

But the ITF™ is also an accountability framework. Where institutions do not meet participation standards, where trust is breached, where intelligence is used in ways that contradict the NVI™ governance principles — the ITF™ provides the governance mechanisms for proportionate response up to and including exclusion from the network. Trust is not unconditional. It is earned, maintained, and — where required — withdrawn.

The paper is structured across nine sections covering: the governance question the ITF™ answers; the participation criteria; the governance obligations framework; the verification responsibilities model; the accountability thresholds; the trust scoring system; the institutional certification process; the capability development pathway; and the ITF™ governance and oversight arrangements.

1. The Governance Question: What Makes an Institution Trustworthy?

1.1 The Nature of Trust in Safeguarding Intelligence Governance

Trust in the context of safeguarding intelligence governance is not a feeling or a reputation. It is a governance condition: the demonstrable, evidenced, continuously maintained capacity of an institution to: generate reliable safeguarding intelligence meeting defined quality standards; handle that intelligence with the care, security, and accountability that its sensitivity demands; use intelligence in accordance with the consent, proportionality, and purpose standards of the NVI™; be accountable for its use of intelligence — including accountability for failures; and improve its governance over time in response to audit findings, quality assessments, and accountability reviews.

An institution that cannot demonstrate these five capacities is not a trusted participant in a national safeguarding intelligence network — regardless of its statutory standing, its sector, or its historical reputation. The ITF™ creates the governance mechanism through which these capacities are assessed, evidenced, and maintained.

1.2 Why Institutional Trust Cannot Be Assumed

The SAFECHAIN™ governance series has documented comprehensively why institutional trustworthiness cannot be assumed in safeguarding contexts. The Institutional Capture™ framework identifies institutions that prioritise reputation protection over people protection. The Regulatory Silence™ framework documents regulators that know of institutional failure and decline to act. The Accountability Gap™ framework maps the systemic conditions in which institutional responsibility is diffused to the point of accountability dissolution. The Legacy Harm™ framework traces the continuing harm caused by institutions whose files are closed but whose failures are ongoing.

These are not exceptional institutions — they are ordinary ones operating in conditions that produce predictable governance failures. The ITF™ does not assume that statutory status, professional registration, or regulatory oversight is sufficient to guarantee trustworthy participation in the NVI™. It requires demonstrated compliance with ITF™ standards, assessed through a defined process, reviewed continuously, and subject to graduated accountability where standards are not met.

2. Participation Criteria

2.1 The Seven Participation Criteria

To become an NVI™ participant, an institution must demonstrate compliance with seven participation criteria assessed through the ITF™ institutional onboarding process:

Participation Criterion

What Institutions Must Demonstrate

PC1 — Statutory Safeguarding Standing

The institution carries a statutory safeguarding duty under UK law relevant to the NVI™'s scope, or is commissioned under formal arrangement by an institution that does.

PC2 — Recognition Intelligence Capability

The institution has trained practitioners with Recognition Intelligence™ capability meeting SIS-001/002 standards, and an institutional framework for maintaining and verifying that capability.

PC3 — Continuity Intelligence Infrastructure

The institution has implemented SIS-003-compliant continuity protocols for all transition points relevant to its safeguarding function.

PC4 — Vulnerability Assessment Framework

The institution applies a vulnerability assessment framework meeting SIS-004 standards, with documented processes for dynamic, multi-dimensional assessment.

PC5 — Data Governance Compliance

The institution has a data governance framework compliant with the UK GDPR, DPA 2018, and NVI-002 consent and sharing standards.

PC6 — Accountability Architecture

The institution maintains accountability records meeting SIS-005 and NVI-004 Domain 4 standards, with defined internal QA processes and external audit arrangements.

PC7 — Governance Culture Assessment

The institution demonstrates a governance culture consistent with trusted NVI™ participation — including evidence of proactive quality management, honest accountability reporting, and constructive engagement with external oversight.

2.2 The PC7 Governance Culture Assessment

PC7 — the Governance Culture Assessment — is the most challenging of the seven criteria to evidence because governance culture is not amenable to documentary proof alone. The ITF™ addresses this through a multi-method assessment: review of the institution's historical accountability record (including complaints, regulatory findings, and serious case review involvement); structured interviews with leaders and practitioners; review of internal governance documentation (including board minutes, safeguarding reports, and quality improvement plans); and — where applicable — consultation with the individuals the institution serves and the partners it works alongside.

The PC7 assessment specifically looks for the governance indicators identified in the SAFECHAIN™ Governance Integrity pillar of Accountability Intelligence™ (SIS-005): the observable markers of institutional culture that distinguish institutions that are genuinely committed to accountability from those that perform accountability while protecting institutional interests. Indicators of poor governance culture include: patterns of self-referral to serious case reviews without independent instigation; patterns of regulatory findings attributed to individual practitioners rather than institutional systems; and patterns of complaint resolution that prioritises institutional reputation protection over individual redress.

3. The Governance Obligations Framework

3.1 Ongoing Obligations of All Participants

Participation in the NVI™ is not a one-time achievement — it is an ongoing governance commitment. All participants carry the following ongoing obligations as conditions of continued participation:

•       Quality Maintenance Obligation: To maintain all seven participation criteria on a continuous basis and to notify the NVI™ Oversight Body of any material change to the institution's capacity to meet any criterion within 14 days of becoming aware of the change.

•       Annual Compliance Reporting Obligation: To submit an Annual ITF™ Compliance Report to the NVI™ Oversight Body covering the institution's performance against all seven participation criteria, its verification compliance rates (as generated by NVI-004 domain assessments), its accountability record for the year, and its quality improvement activities.

•       Audit Cooperation Obligation: To cooperate fully with ITF™ compliance audits — including providing access to records, systems, and staff — within defined response timeframes.

•       Incident Reporting Obligation: To report any governance incident affecting NVI™ compliance — including security incidents, consent failures, proportionality breaches, and accountability record failures — to the NVI™ Oversight Body within the timeframes specified for each incident category.

•       Capability Development Obligation: To maintain an active programme of capability development aligned to the NVI™ participation criteria, including participation in NVI™ Standards Board updates and training refresh cycles.

•       Individual Rights Facilitation Obligation: To maintain effective mechanisms through which individuals whose intelligence is held within the NVI™ can exercise their rights — access, correction, challenge, and withdrawal — and to process rights requests within the required timeframes.

3.2 Enhanced Obligations for Specific Participation Categories

Institutions with Primary Verification Authority (as defined in NVI-003) carry additional obligations in respect of their verification functions: maintaining verifier qualification standards; completing verification assignments within defined timeframes; contributing to the Standards Board's quality jurisprudence development; and reporting verification challenges and emerging quality issues to the Standards Board as part of continuous standards development.

Institutions with access to the Layer 5 Predictive Governance Model™ carry additional obligations in respect of their predictive intelligence use: maintaining the ethical governance framework of SIS-006 in all predictive intelligence applications; documenting the basis for trajectory-triggered interventions; reporting predictive safeguarding outcomes to the NVI™ Oversight Body for evidence-based model development; and ensuring that predictive intelligence is used to inform rather than determine individual assessments.

4. The Verification Responsibilities Model

4.1 What Verification Responsibilities Institutions Carry

Within the NVI™, verification is not solely the responsibility of the NVI™ Oversight Body or the Standards Board. Participating institutions carry their own verification responsibilities — both for the intelligence they submit and for the intelligence they use. The Verification Responsibilities Model defines these institutional responsibilities and the accountability that attaches to them.

4.2 Submission Verification Responsibilities

Every participating institution is responsible for the quality of the intelligence it submits to the NVI™. This responsibility is not discharged by passing submission to the external verification process — it begins with the institution's own internal QA process (Domain 5.3 of the VVS™) and extends to the institution's responsibility for accurate, complete, and proportionate submission. Institutions whose submissions consistently fail external verification carry accountability for those failures — not only as a VVS™ compliance matter but as an ITF™ governance obligation.

4.3 Use Verification Responsibilities

Institutions receiving NVI™ intelligence also carry verification responsibilities. Receipt of verified NVI™ intelligence does not transfer the institution's professional accountability for its safeguarding decisions to the NVI™ framework. The institution receiving intelligence remains professionally and legally accountable for how it interprets and applies that intelligence in its own practice. The NVI™ provides verified intelligence as an input to professional judgement — it does not substitute for that judgement.

Use verification responsibilities include: checking the quality rating and currency of received intelligence before relying on it for high-stakes decisions; seeking supplementary current assessment where intelligence is Q3 or lower; maintaining records of how received intelligence was used and what safeguarding decisions it informed; and reporting to the NVI™ Oversight Body where received intelligence is found to be inaccurate or misleading upon use.

5. Accountability Thresholds

5.1 The Graduated Accountability System

The ITF™ operates a graduated accountability system: the response to participation non-compliance is proportionate to the nature, severity, and pattern of the non-compliance. Minor, isolated compliance failures that are self-reported and promptly remediated attract a different response from systematic, repeated, or concealed failures that require external identification and produce safeguarding harm.

Threshold Level

Trigger Conditions

Response

Level 1 — Advisory

Minor compliance gap, self-reported, no safeguarding harm, isolated occurrence.

ITF™ Advisory Notice with recommended actions. No restriction on participation. 90-day review.

Level 2 — Enhanced Oversight

Moderate compliance failure, or repeated Level 1 issues, or failure to self-report a compliance gap. No safeguarding harm.

Enhanced audit oversight for 12 months. Mandatory Institutional Quality Improvement Programme. Verification sampling increased to 100%.

Level 3 — Restricted Participation

Significant compliance failure, or Pattern of Level 2 issues, or safeguarding harm attributable to participation non-compliance.

Restricted Participation status. Layer 5 access suspended. Enhanced oversight. Independent governance review within 90 days.

Level 4 — Suspended Participation

Serious governance failure, deliberate non-compliance, or safeguarding harm of significant severity attributable to participation governance failure.

Participation suspended pending full investigation. NVI™ Oversight Body investigation. Regulatory notification.

Level 5 — Exclusion

Fundamental and unresolved breach of participation criteria, or pattern of serious governance failures, or use of NVI™ intelligence in a manner fundamentally contrary to NVI™ principles.

Exclusion from NVI™. Public notification. Regulatory referral. Criminal referral where applicable.

5.2 Appeals Against Accountability Threshold Decisions

Institutions may appeal threshold decisions at Levels 3, 4, and 5 through the NVI™ Appeals and Complaints Mechanism. Appeals must be submitted within 21 days of the threshold decision notification and must set out the grounds of appeal with supporting evidence. The appeal panel includes at least one member independent of the NVI™ Oversight Body. Threshold decisions at Level 1 and 2 are not subject to formal appeal but may be subject to informal review through the ITF™ governance process.

6. The Trust Scoring System

6.1 What the Trust Score Measures

The Trust Score is the NVI™'s continuous assessment mechanism for institutional governance quality within the network. Rather than a binary trusted/not trusted classification, the Trust Score provides a granular, real-time picture of an institution's governance performance across six dimensions — creating a basis for graduated response, targeted support, and evidence-based improvement.

Trust Score Dimension

What It Measures

T1 — Verification Quality Score

Rolling assessment of the institution's verification success rate across the five VVS™ domains — the proportion of submissions achieving Q1 or Q2 rating.

T2 — Accountability Compliance Score

Assessment of the institution's compliance with accountability reporting obligations — timeliness, completeness, and accuracy of Annual Compliance Reports and incident notifications.

T3 — Consent Governance Score

Assessment of the institution's consent governance quality — the proportion of intelligence submissions with NVI-002-compliant consent documentation.

T4 — Continuity Integrity Score

Assessment of the institution's continuity governance quality — the proportion of transitions managed under full SIS-003 protocol compliance.

T5 — Individual Rights Facilitation Score

Assessment of the institution's performance in facilitating individual rights requests — timeliness, completeness, and outcomes of access, correction, and challenge requests.

T6 — Capability Development Score

Assessment of the institution's active investment in NVI™ capability development — training participation rates, qualification maintenance, and improvement programme engagement.

6.2 Trust Score Calculation and Publication

Each Trust Score dimension is assessed on a 0-100 scale, with defined scoring criteria for each dimension. The composite Trust Score is the weighted average of all six dimension scores, with T1 (Verification Quality) and T3 (Consent Governance) carrying double weighting due to their direct relevance to the NVI™'s core safeguarding and rights protection functions. The composite score is updated quarterly for all Full Participants and monthly for Restricted Participants.

Trust Scores are published on the NVI™ Oversight Body's public register — providing transparency to the individuals whose intelligence institutions hold, to commissioning bodies, to regulatory bodies, and to the public. Publication is by institution name and Trust Score band (Excellent: 90-100; Good: 75-89; Adequate: 60-74; Requires Improvement: 40-59; Inadequate: 0-39) rather than specific score, to protect commercially sensitive information while maintaining meaningful public accountability.

6.3 Trust Score and Accountability Threshold Interaction

Trust Score bands interact with the accountability threshold system. An institution with a composite Trust Score in the Inadequate band for two consecutive quarters automatically triggers a Level 2 accountability threshold review. An institution whose T3 (Consent Governance) or T1 (Verification Quality) dimension falls below 40 triggers an immediate Level 3 threshold assessment, regardless of the composite score. The interaction between Trust Score and accountability thresholds creates a continuous governance feedback loop that responds to governance decline before it reaches the point of producing safeguarding harm.

7. Institutional Certification Process

7.1 The Three Levels of NVI™ Certification

The ITF™ defines three levels of NVI™ institutional certification, each reflecting a different level of demonstrated governance maturity and carrying different participation rights:

Certification Level

Requirements and Rights

Foundation Certification

Awarded to institutions that have completed ITF™ onboarding and demonstrated compliance with PC1 through PC5. Carries Full Participant status but excludes Layer 5 Predictive Governance access. Required before any NVI™ intelligence exchange. Valid for 12 months; renewed through Annual Compliance Report assessment.

Advanced Certification

Awarded to institutions that have maintained Foundation Certification for 24 months with a Trust Score in the Good band or above, and have demonstrated SIS-005 and SIS-006 capability meeting advanced participation standards. Carries full participation rights including Layer 5 access. Valid for 24 months; renewed through biennial audit.

Excellence Certification

Awarded to institutions that have maintained Advanced Certification for 36 months with a Trust Score in the Excellent band and have made documented contributions to NVI™ standards development. Carries all full participation rights plus Primary Verification Authority eligibility. Published in the NVI™ Oversight Body's register with public recognition. Valid for 36 months.

7.2 The Certification Assessment Process

Initial certification assessment is conducted by the NVI™ Oversight Body through a structured onboarding process consisting of: a documentary review of the institution's evidence against all participation criteria; a site assessment conducted by ITF™ assessors; practitioner interviews and case file review; and a governance culture assessment using the PC7 methodology. The onboarding process typically takes 90 days for Full Participants and 60 days for Restricted Participants. Emergency participation pathways are available for institutions facing imminent safeguarding needs — subject to enhanced oversight conditions.

7.3 Certification and the SAFECHAIN™ Seal of Integrity™

Institutions achieving NVI™ certification are eligible to display the SAFECHAIN™ Seal of Integrity™ in their institutional communications and publications, with a notation indicating their NVI™ certification level. The Seal of Integrity™ in this context represents not only institutional participation in the NVI™ but demonstrated compliance with the governance standards required for trusted participation. The notation distinguishes NVI™ certification from other forms of SAFECHAIN™ accreditation and provides a publicly visible, meaningful quality signal for service users, commissioners, and regulatory bodies.

8. The Capability Development Pathway

8.1 Why Capability Development Is Central to the ITF™

The ITF™ is explicit about its purpose: it is not primarily a gatekeeping mechanism. It is a governance framework that enables institutions to develop the capability required for trusted NVI™ participation. Many institutions carrying statutory safeguarding duties do not currently meet ITF™ participation criteria — not because they are bad institutions but because the capability standards required for NVI™ participation are higher than existing safeguarding governance has required. The Capability Development Pathway is the ITF™'s recognition that meeting higher standards requires support, not just assessment.

8.2 Pathway Components

The Capability Development Pathway consists of four components, available to any institution seeking NVI™ participation:

•       Diagnostic Assessment: An ITF™ assessment against all seven participation criteria that identifies capability gaps without triggering accountability consequences — a developmental assessment rather than a compliance assessment. Available free of charge to any eligible institution before the formal onboarding process begins.

•       Capability Development Plan: A tailored plan developed from the diagnostic assessment, setting out the specific capability development activities required to meet each participation criterion, with defined milestones, resources, and timeframes.

•       SAFECHAIN™ Programme Integration: Access to the SAFECHAIN™ MØPIT™, CIPID™, and R.I.S.E.™ programmes as the primary professional development vehicles for building the recognition, vulnerability assessment, and institutional safeguarding governance capabilities required by the participation criteria.

•       Supervised Pre-Participation Status: An optional status under which institutions in the Capability Development Pathway can generate intelligence for the NVI™ under supervised conditions — with enhanced oversight and a qualified partner institution providing mentoring — building the operational experience required for independent participation before formal certification.

9. ITF™ Governance and Oversight

9.1 The ITF™ Standards Panel

The ITF™ is governed by an ITF™ Standards Panel operating under the authority of the NVI™ Oversight Body. The Standards Panel is responsible for: maintaining and updating the ITF™ participation criteria; developing and reviewing the trust scoring methodology; conducting and reviewing certification assessments; managing the accountability threshold system; and developing capability development resources. The Panel includes representation from each primary NVI™ participant sector, lived experience advocacy, regulatory bodies, and academic governance expertise.

9.2 Annual ITF™ Review

The ITF™ undergoes an annual review process that draws on the year's compliance reports, audit findings, trust scoring data, accountability threshold activity, and certification assessments to assess whether the framework is achieving its purpose — enabling trusted participation and continuous capability improvement — and to identify changes required to reflect evolving safeguarding practice, legislative developments, and operational learning from the network.

9.3 Public Accountability

The NVI™ Oversight Body publishes an Annual ITF™ Report covering: the number of institutions at each certification level; aggregate trust score distribution; accountability threshold activity; capability development pathway participation; and the key findings from the year's audit activity. The report is presented to Parliament and published on the Oversight Body's public register. Institutions are identified by name in the accountability threshold sections of the report where threshold decisions at Level 3 or above have been made — providing public accountability for serious governance failures without compromising the confidentiality of intelligence exchange operations.

The Institutional Trust Framework™ is the governance answer to the question at the centre of the NVI™: who do we trust with the most sensitive intelligence about the most vulnerable people? The answer the ITF™ gives is neither optimistic nor pessimistic. It is structural. Trust is not given. Trust is demonstrated, assessed, maintained, and — when it fails — addressed. Every institution that serves vulnerable people deserves the opportunity to demonstrate it. Every person whose safety depends on that service deserves the assurance that the demonstration is real.

COPYRIGHT NOTICE

© 2026 Samantha Avril-Andreassen. All rights reserved.

SAFECHAINN Ltd (Company No. 12038453).

SAFECHAIN™, National Vulnerability Verification Infrastructure™ (NVI™), Safeguarding Intelligence Series™ (SIS™), Recognition Intelligence™, Continuity Intelligence™, Vulnerability Intelligence™, Accountability Intelligence™, Predictive Safeguarding™, The Vulnerability Intelligence Framework™, Consent-Based Vulnerability Verification™, National Safeguarding Intelligence Exchange™, Vulnerability Verification Standards™, Institutional Trust Framework™, and all associated methodologies, frameworks, governance models, verification infrastructures, safeguarding systems, interoperability architectures, intelligence models, implementation models and intellectual constructs are proprietary intellectual property authored and developed by Samantha Avril-Andreassen.

No reproduction, implementation, adaptation, deployment, AI training, machine learning ingestion, commercialisation, derivative development, institutional adoption, regulatory implementation, governmental implementation, software development, systems development, framework replication, architecture replication or operational implementation of any component of the SAFECHAIN™ ecosystem may occur without the prior written permission of Samantha Avril-Andreassen and SAFECHAINN Ltd.

The SAFECHAIN™ Master Publication Register™ remains the sole authoritative source of publication status, architecture lineage, governance authority, terminology control, implementation hierarchy, version control and intellectual property provenance.