Who is accountable when an AI-influenced decision goes wrong — and why three separate owners are required for every consequential decision class

 

THE ARGUMENT IN ONE PARAGRAPH When a credit decision goes wrong, the institution must be able to identify, within hours, who is accountable for what. Traditional governance answers this with a single owner — usually the business head whose unit made the decision. But when artificial intelligence materially influences the decision, single ownership obscures rather than clarifies accountability. The decision belongs to the business; the model belongs to the data function; the controls belong to risk. Pillar II of the AEGIS™ framework — Role Cartography — resolves this through the three-owner principle: a named Decision Owner, a named Model Owner, and a named Control Owner for every consequential AI-influenced decision class, with separate, documented, non-overlapping accountabilities. This article sets out the three roles, the boundaries between them, the accountability transitions protocol that prevents gaps, and the role-concentration reality that Caribbean institutions must design for honestly.

WHY THREE, NOT ONE

 

The instinct of mature institutions is to ask for a single name. When something goes wrong, the board wants to know who is accountable; the regulator wants to know who to interview; the affected customer wants to know who decides. A single name is operationally tidy. It is also, in the presence of artificial intelligence, materially misleading.

Consider a Caribbean commercial bank’s credit-decisioning AI that declines a small-business loan application. Three distinct judgements have produced that outcome. The Head of Commercial Credit judged that AI-assisted decisioning was the right approach for this loan tier — that judgement is a business decision. The Head of Model Risk judged that this specific model, with its specific training data and specific calibration, was appropriate for production — that judgement is a model design decision. The Head of Operational Risk judged that the controls around the model — the override protocol, the exception escalation, the periodic review — were sufficient to constrain the model’s influence — that judgement is a control design decision.

When the declined applicant complains, when the regulator inquires, or when the board reviews, three different questions are being asked simultaneously: was using AI appropriate for this decision? Was this model appropriate? Were the controls around the model appropriate? Each question is answered by a different judgement, made at a different time, by a different individual. Pillar II’s three-owner principle simply formalises what is already structurally true.

The alternative — collapsing the three into a single accountable individual — has a predictable consequence: the individual cannot competently hold all three accountabilities at once. They either become a generalist who carries nominal accountability for matters they cannot operationally oversee, or they specialise into one of the three roles and the other two go effectively unowned. Both outcomes are worse than the three-owner architecture.

Single ownership of AI-influenced decisions is comfortable because it is familiar. It is incompetent because the decision being made is composite.

THE THREE OWNERS IN OPERATIONAL TERMS

Each of the three roles is defined by what it is accountable for, what authority it exercises, and what it answers to. The roles are designed to be separable — that is, the same individual should not, by default, hold more than one of them for the same decision class. The contrast table below sets the three side-by-side; the deep-dive Component Cards that follow address each in operational specification.

 

	DECISION OWNER	MODEL OWNER	CONTROL OWNER
Accountable for	The business outcome of the decision the AI influences.	The integrity and performance of the AI system itself.	The constraints within which the AI is permitted to operate.
Authority over	Use, restriction, or replacement of the AI as a decision input.	Model design, retraining, threshold setting, retirement.	Control framework design, monitoring, exception handling.
Answers to	Business leadership and ultimately the board for customer / commercial outcomes.	Risk leadership and the model risk function.	The second and third lines of defence; internal audit assurance.
Typical role title	Head of Retail / Commercial / Underwriting / Claims.	Head of Model Risk / Chief Data Officer / Quant Lead.	Head of Operational Risk / Compliance / Internal Controls.
Operating cadence	Continuous — the decisions are happening every day.	Tiered — continuous monitoring with structured reviews.	Continuous monitoring; periodic control testing.

 

COMPONENT 1 The Decision Owner The Decision Owner is the named senior executive accountable for the business outcomes of a decision class in which AI is materially influential. This is not the individual who ‘uses’ the AI; it is the executive who is answerable to the board for whether the decisions produced — collectively, across thousands or millions of instances — serve the institution’s strategic, commercial, and customer-obligation positions. The Decision Owner does not need to understand model mathematics; they need to understand the business decision the model is influencing and the institution’s tolerance for the way that decision is being shaped. OPERATING INDICATORS ▪          Named at executive or senior management level within the business unit that owns the decision class ▪          Documented authority over use, restriction, or replacement of the AI as a decision input ▪          Engages the Model Owner and Control Owner on a defined cadence, not only when concerns surface ▪          Holds the explicit authority to challenge model outputs that conflict with business judgement, with documented escalation if disagreement is unresolved ▪          Accepts accountability for business outcomes regardless of whether the AI ’caused’ a poor outcome

 

COMPONENT 2 The Model Owner The Model Owner is the named individual accountable for the integrity, performance, drift, and behavioural characteristics of the AI system itself. The Model Owner is staffed by individuals with technical and risk expertise sufficient to credibly oversee model design, calibration, training data, retraining decisions, threshold setting, and retirement. The Model Owner’s accountability is to the institution’s risk leadership and to the model risk management framework — not to the business unit that benefits from the model’s output, which would create a conflict of interest the architecture is specifically designed to prevent. OPERATING INDICATORS ▪          Named within the data, risk, or model risk function — never within the business unit that consumes the model’s output ▪          Holds documented authority over the model’s life cycle: deployment, retraining, threshold adjustment, halt, and retirement ▪          Operates within a defined Model Risk Management framework that interlocks with Pillar III (Continuous Validation) ▪          Maintains the model evidence file: design rationale, training data provenance, validation history, drift events, remediation actions ▪          Is part of a community of practice with shared methodology, peer review, and continuous capability development across the institution’s portfolio of AI systems

 

COMPONENT 3 The Control Owner The Control Owner is the named individual accountable for the boundaries, monitoring instrumentation, and exception-handling protocols that constrain how the AI is permitted to influence the decision. The Control Owner is independent of both the Decision Owner (who benefits commercially from the AI’s deployment) and the Model Owner (who has natural intellectual investment in the model performing well). The Control Owner’s question is not ‘is the AI working?’ — that is the Model Owner’s question. The Control Owner’s question is ‘are the constraints around the AI sufficient to limit the consequence of the AI being wrong?’ OPERATING INDICATORS ▪          Sits within the second line of defence — operational risk, internal controls, or compliance — never within the first line that uses the model or within the function that builds it ▪          Designs and operates the control framework: override protocols, exception thresholds, escalation pathways, audit trails ▪          Performs or commissions control testing on a defined cadence ▪          Interlocks with Internal Audit’s third-line assurance plan, providing controlled access to control evidence ▪          Holds the authority to escalate to central risk or to the audit committee when controls are observed to be insufficient — independent of whether the Model Owner or Decision Owner agrees

COMPONENT 4: ACCOUNTABILITY TRANSITIONS

 

The three owner roles are not the entirety of Pillar II. There is a fourth operational component — and it is the component most often absent in institutions that believe they have implemented Pillar II. When any of the three owners changes role, leaves the institution, retires, transfers, or is reassigned, accountability for the affected AI systems must transfer cleanly to a new named individual. Without a formal transition protocol, accountability gaps open quietly, sometimes for months, sometimes longer, and the institution does not discover the gap until a crystallisation event reveals that no one was actually accountable during the gap.

 

COMPONENT 4 The Accountability Transitions Protocol A documented protocol governing what happens when any of the three owners for any material AI system changes. The protocol specifies the required handover steps, the timeline within which a successor must be confirmed, the documented acceptance by the successor, the role of the central risk function in tracking pending transitions, and the prohibition on any AI system operating in production without a confirmed owner in all three roles. The protocol is the structural defence against silent accountability decay. OPERATING INDICATORS ▪          Documented protocol exists, is known to all owners, and is referenced in role descriptions ▪          Central register of pending transitions is maintained and visible to risk leadership ▪          No AI system operates in production with an unfilled Decision Owner, Model Owner, or Control Owner role beyond a defined maximum duration ▪          Transitions trigger a formal review of the affected AI system before the new owner accepts accountability — succession is not automatic ▪          Succession planning for critical owner roles is integrated with the institution’s broader talent development ▪          Planned overlap periods exist for material AI systems where the outgoing and incoming owners share accountability for a defined transition window

 

THE QUIET FAILURE The most consequential Pillar II failure mode is not the institution that fails to designate owners. It is the institution that designated owners three years ago, and never updated the register when the named individuals moved on, retired, or were reassigned. The board believes Pillar II is operational because the policy document exists; the policy document is referencing names of people who have not held the role for two years. The institution discovers this only when something crystallises, the regulator asks who was accountable, and the answer is: the person on the register is not the person actually responsible, and the person actually responsible was never formally accountable.

THE THREE MOST COMMON FAILURE MODES

 

Across implementation engagements with Caribbean institutions, three Pillar II failure modes recur with sufficient frequency to warrant explicit naming. Each is more common than its visibility suggests.

Failure Mode 1: Role Collapse

The institution names three owners on paper, but the same individual holds two — or, more commonly, the Model Owner and Control Owner roles are held by individuals who report to the same superior, work in adjacent offices, share a budget, or sit on the same committee with overlapping authority. Functional independence on the organisation chart does not survive contact with operational reality. The Control Owner who depends on the Model Owner for technical guidance, budget approval, or career progression is not a Control Owner; they are a Model Owner with a different title.

The test of role collapse is simple: ask the Control Owner to describe the most recent occasion on which they reached a conclusion that the Model Owner disagreed with — and what happened. If the answer is that no such occasion has arisen, or that disagreements are always ‘worked through informally,’ the roles have collapsed. Genuine separation produces documented disagreements with documented resolutions, because the roles are designed to ask different questions and will sometimes reach different answers.

Failure Mode 2: The Business Head as Model Owner

A particular and dangerous variant of role collapse: the Decision Owner is also named as the Model Owner. This occurs most often when the business unit has built or commissioned the AI itself, and the business head ‘owns’ the system in the sense of having sponsored its development. The arrangement is structurally untenable. The individual responsible for commercial outcomes is also responsible for the integrity of the model that produces those outcomes — meaning that any model performance concern is held by the individual who has the strongest reason to suppress it.

This is not an integrity question about the individual. It is a structural question about the architecture. The three-owner principle exists precisely to prevent the situation in which the person who benefits from the model performing is the person who attests that the model is performing. The conflict is independent of who occupies the role; it is created by the role consolidation itself.

Failure Mode 3: The Vacancy That Persists

An owner — most often a Model Owner or a Control Owner — moves on, retires, or is reassigned. The role is not formally backfilled. Operational responsibility is informally absorbed by an adjacent role, or by a deputy, or by ‘the team.’ Months pass. The register continues to show the original name, or shows the role as ‘pending appointment.’ During the vacancy, decisions are still being made by the AI; drift events may still be occurring; controls may still need testing. No one is formally accountable.

Vacancies are inevitable in any institution. What distinguishes mature Pillar II implementation from immature implementation is not whether vacancies occur but how the institution handles them: with a documented protocol, a defined maximum duration, an interim acceptance by a named individual, and visible tracking by central risk. Without these, vacancies become silent and the architecture’s claim to defensible accountability becomes paper-only.

PILLAR II IN THE CARIBBEAN CONTEXT

 

Three features of the Caribbean institutional landscape shape how Pillar II should be implemented in our region. The first is the most consequential, and the most often deflected.

Role Concentration is Structural, Not Cultural

Caribbean financial institutions, by global comparison, have shallower senior management benches. A mid-sized Caribbean retail bank may have a Head of Model Risk, a Head of Operational Risk, and a Head of Internal Audit — but each of these individuals carries multiple stewardships across multiple AI systems. There is no realistic prospect of designating a different Model Owner for every model, a different Control Owner for every control framework. The same individuals will appear in multiple owner registers. This is not a problem to be apologised for; it is a structural reality to be designed around.

The implication is that role separation in Caribbean institutions must be enforced at the role-relationship level rather than at the individual-uniqueness level. The Head of Model Risk may be Model Owner for several systems; what matters is that she is never also the Decision Owner for any decision class her models influence, and that her Control Owner counterpart on each system is genuinely independent of her in the chain of authority. The test is not ‘is each role held by a different person?’ but ‘on this specific system, does each of the three owners hold authority independent of the other two?’

Vendor AI and the Model Owner Question

Caribbean institutions are predominantly consumers of vendor-supplied AI. The Model Owner role for a vendor-supplied AI raises a structural question that vendor relationships rarely answer cleanly: who, inside the institution, is accountable for the integrity of a model the institution did not build and does not maintain? The answer is unambiguous under Pillar II — accountability for the model’s integrity in production remains with a named Model Owner inside the institution, even when the model is vendor-supplied. The Model Owner’s authority over a vendor model is necessarily different from authority over an institution-built model — but the accountability does not transfer to the vendor. This connects directly to Pillar IV (Extended Enterprise Assurance), examined in Article 06.

Succession and the Transitions Protocol

The shallower benches that create role concentration also create succession exposure. When a Head of Model Risk leaves a Caribbean institution, there is rarely a deep internal pool of immediately credible successors. The accountability transitions protocol therefore needs to assume that some transitions will involve external recruitment, with the affected AI systems potentially operating under interim acceptance for several months. The protocol must define what ‘interim acceptance’ means operationally — what authority the interim owner holds, what restrictions apply to material model changes during the interim period, and what the maximum interim duration is before the system itself must be re-reviewed or paused.

In mid-sized institutions, the three-owner principle is enforced by the relationship between the roles, not by the count of the people. Architecture is not the same thing as headcount.
— Dr. Dawkins Brown

 

SIX QUESTIONS FOR THE BOARD

 

Boards and audit committees considering whether their institution holds defensible Pillar II architecture can apply six questions as an immediate self-test. As with Article 03, honest answers against documentary evidence are the test — not management assertions of completeness.

• Question 1 — Designation. For every material AI system, can the institution name, today, the current Decision Owner, the current Model Owner, and the current Control Owner — with documentary evidence that the named individuals have accepted accountability in their current role?
• Question 2 — Separation. For every material AI system, is each of the three owners genuinely independent of the other two — not merely on the organisation chart, but in operational practice, budget authority, and reporting line?
• Question 3 — Engagement. Do the three owners for each material decision class engage on a defined cadence — and can the institution produce documented records of those engagements, including documented disagreements where they have occurred?
• Question 4 — Transition Protocol. Does the institution hold a documented accountability transitions protocol, with a maintained register of pending transitions, and a maximum permitted vacancy duration — and has the protocol been activated in the past 24 months?
• Question 5 — Vendor Models. For every vendor-supplied AI in operation, is there a named Model Owner inside the institution — not a vendor relationship manager — who holds accountability for the integrity of the model in the institution’s production environment?
• Question 6 — Exercise. Can the institution point to specific instances in which the three-owner architecture surfaced a concern that single ownership would have missed — and to specific interventions that resulted?

A board that can answer all six affirmatively, with operational evidence, is operating at Stage 3 Structured maturity on Pillar II or above. A board that finds itself unable to answer Question 1 with confidence has Pillar II work that cannot be deferred.

WHAT COMES NEXT IN THIS SERIES

 

Pillar I established where accountability sits in the federation. Pillar II established who holds the accountability at each location. Pillar III — examined in next week’s article — establishes how the accountabilities are exercised continuously, through perpetual validation rather than periodic review.

• Article 05 (next Thursday) |  Continuous Validation Protocols. Pillar III deep-dive. Drift thresholds, tiered validation cadence, exception escalation, the continuous evidence repository, and the operational shift from forensic to anticipatory validation.
• Article 06 |  Extended Enterprise AI Assurance. Pillar IV — the defining pillar for vendor-dependent Caribbean institutions. Vendor AI inventory, tiered assurance, contractual rights, concentration risk, and the substitution playbook.
• Article 07 |  Adaptive Compliance Posture. Pillar V. Anticipatory positioning relative to AI regulation in our region — the regulatory horizon register, anticipatory mapping, and substantive supervisor engagement.
• Articles 08 – 11 |  Sector Applications. AEGIS™ in financial services, healthcare, utilities and critical infrastructure, and the public sector.
• Article 12 |  The Failure Test. The full architecture applied to a worked failure scenario.

Readers who wish to engage the full architecture in advance of the weekly series can request the AEGIS™ Framework Architecture document — the operational companion to The Governance Inversion Thesis — directly from Dawgen Global. Boards considering a structured assessment of their current AI governance maturity can request a confidential AEGIS™ Board Readiness Diagnostic engagement.

ENGAGE PILLAR II

Where Boards Begin

Boards and audit committees that wish to translate the three-owner architecture introduced in this article into institutional practice can engage Dawgen Global through four primary modalities, each scaled to institutional size and current maturity:

1. AEGIS™ Board Readiness Diagnostic — a confidential, structured assessment of the institution’s current AI governance maturity across all five AEGIS™ pillars, with explicit pillar-by-pillar scoring, gap inventory, and prioritised remediation roadmap. The recommended entry point for boards seeking an objective baseline before commissioning implementation work. Typical duration: 6–8 weeks.
2. AEGIS™ Board & Executive Briefing — a facilitated session for the board, audit committee, or executive team, walking through The Governance Inversion Thesis, the AEGIS™ architecture, and the specific implications of Pillar II for the institution. Typical duration: half-day to full-day.
3. AEGIS™ Implementation Engagement — full architecture, design, and operationalisation of the AEGIS™ framework, including federated decision-rights mapping, three-owner accountability assignment, continuous monitoring design, vendor AI assurance, and board reporting instrumentation. Typical duration: 4–9 months.
4. Sector-Specific AEGIS™ Application Studies — tailored deep-dive engagements for institutions in financial services, healthcare, utilities, and the public sector. Typical duration: 8–12 weeks.

 

REQUEST A CONFIDENTIAL CONSULTATION OR SUBMIT AN RFP Email us at: [email protected] RFP submissions and consultation requests are responded to within three business days.

ABOUT THIS SERIES

 

The AEGIS™ Series is a twelve-article publication programme by Dr. Dawkins Brown, published weekly through Caribbean Boardroom Perspectives and the Dawgen Global firm newsletter. The series develops, pillar by pillar, the operational architecture for AI governance in Caribbean institutions of consequence, building on the intellectual foundation set out in The Governance Inversion Thesis (Caribbean Boardroom Perspectives, Landmark Edition).

About the Author

Dr. Dawkins Brown is the Executive Chairman and Founder of Dawgen Global, an independent, integrated multidisciplinary professional services firm headquartered in Kingston, Jamaica and operating across more than fifteen Caribbean territories. Dr. Brown leads Dawgen Global’s strategic direction across audit and assurance, tax advisory, risk management, cybersecurity, IT and digital transformation, business advisory, mergers and acquisitions, corporate recovery, accounting BPO, legal process outsourcing, and human capital advisory.

© 2026 DAWGEN GLOBAL  |  ALL RIGHTS RESERVED

Caribbean Boardroom Perspectives  |  The AEGIS™ Series  |  Article 04

AEGIS™ is a trademark of Dawgen Global. All proprietary frameworks referenced are trademarks of Dawgen Global.

About Dawgen Global