PMFA Compliance Statement

Official Declaration

1. Purpose

This document formally declares the compliance characteristics of systems built by NonnoTech using PMFA (Platform Meta-Fabric Architecture).

It is intended for: auditors, regulators, inspectors, legal review, enterprise procurement, and compliance documentation.

This statement describes what PMFA-compliant systems enforce by design, not by policy.

2. Definition of Compliance

A system is considered PMFA-compliant if and only if it enforces the rules defined in the PMFA Constitution, without exception or configuration at the truth layer.

Compliance is architectural, not procedural.

3. Record Integrity

PMFA-compliant systems enforce the following:

• Historical records are immutable
• Past data cannot be edited or deleted
• Corrections are recorded as new, linked documents
• All changes are append-only

This guarantees a complete and preserved historical record.

4. Document-Centric Truth Model

PMFA defines documents as the atomic unit of truth. For every document:

• A unique identifier is assigned
• Version history is preserved
• Authoring actor is recorded
• Timestamps are mandatory

No action exists outside a document context.

5. Event Traceability

All actions within a PMFA-compliant system produce immutable events. Each event records:

• Timestamp
• Actor
• Related document
• Action type

Event logs are append-only and cannot be altered.

6. Authority and Accountability

PMFA-compliant systems require explicit authority for all actions:

• Every approval is linked to a named actor
• Authority scopes are defined and enforced
• No implicit or inherited approvals exist
• Responsibility is always attributable

Anonymous or orphan actions are structurally impossible.

7. Financial Integrity

In PMFA-compliant systems:

• Financial transactions must reference documents
• Invoices link to operational records
• Payments link to invoices
• Reversals link to original transactions

This enforces end-to-end financial traceability.

8. Evidence and Verification

PMFA-compliant systems are capable of exporting complete evidence packs, containing:

• Document history
• Event timelines
• Authority chains
• Cryptographic hashes
• Timestamps and signatures (where applicable)

Evidence can be verified independently of the system.

9. Verifier Interface

PMFA requires a read-only verifier interface that allows third parties to:

• Inspect historical records
• Validate event chains
• Verify authority
• Confirm cryptographic integrity

Verification access does not allow any modification of data.

10. Prohibited Capabilities

PMFA-compliant systems explicitly prohibit:

• Deletion of historical records
• Modification of past events
• Hidden or silent changes
• Approvals without authority
• Configurable truth rules

Any system allowing these capabilities is not PMFA-compliant.

11. Regulatory Alignment

PMFA-compliant systems are designed to support and align with:

• Audit requirements
• Regulatory inspections
• Financial controls
• Legal evidence standards

PMFA does not replace regulations. It enforces the preconditions that regulations assume.

12. Applicability

All products built and delivered by NonnoTech, including WorkshopOS, inherit PMFA compliance characteristics by design.

Compliance cannot be disabled, bypassed, or reduced.

13. Statement of Finality

This compliance statement reflects enforced architectural constraints, not optional features or operational guidelines.

If a system allows ambiguity, it is not PMFA-compliant.
If a system requires trust, it is not PMFA-compliant.

14. Authority

This statement is issued and maintained by NonnoTech.

NonnoTech reserves the right to update this statement only through append-only revisions that preserve historical versions.