Active—
Workers active
Web Clicks—
Signal traffic
Complaints Submitted—
Complaint intake
Blocked—
Needs movement
Coverage Gap—
Non-active lanes
System vs Observed—
Continuity state
L5 means runtime truth and launch gates are green. L5 does not mean every lane has autonomous department authority.
Runtime L5Green runtime truth
Canonical system reality and launch gates can be green.
Candidate authorityNot promoted
Proof or readiness exists, but formal department authority has not been granted.
Verified proof laneEvidence exists
Evidence is visible and governed; this is not the same as autonomous authority.
Support-onlyPrepare / route / verify
BOA may support the lane but must not act as final department authority.
Provider support-onlyRead provider truth
BOA may surface provider readiness and drift without mutating providers.
Human boundaryApproval required
Deployment, production mutation, customer contact, review closure, and promotion require human approval.
BOA GPT is AI labor, not final authority. Green runtime is allowed. Candidate/support states are allowed. Hidden or unclear authority language is not allowed.
BOA is green for runtime and launch. The next business-readiness step is separating safe AI autonomous work, delegated human-governor work, and founder-only decisions.
AI autonomousObserve / prepare / verify
AI labor may run read-only checks, classify, summarize, draft packets, and surface drift without customer contact or production mutation.
AI prepares reviewApproval-ready packets
Patch zips, customer drafts, review packets, risk summaries, and handoff recommendations must include source evidence and boundary notes.
Delegated governorRoutine human approval
Bounded operational approvals can move out of founder hands only after a formal delegation policy and receipt path exist.
Founder-onlyVision / liability / capital
Department promotion, material deploys, legal/privacy risk, policy changes, spend thresholds, public messaging, and strategy stay founder-level.
Current autonomyYellow
BOA is controlled-production ready with founder oversight, but not yet low-grind business-autonomous ready.
Next build orderCustomer Ops → FIN → Signals → Risk
Promote business leverage by building operating spines, not by hiding candidate/support states.
This card does not approve, deploy, contact customers, mutate production, or promote any lane. It defines the delegation boundary needed for founder-level leverage.
Complaint Intake is live and useful, but it remains support-only until Customer Ops has templates, SLA tiers, delegated thresholds, resolution receipts, and promotion proof.
Current truthSupport-only
Complaint Intake may classify, prepare, queue, and route, but it is not final department authority.
AI labor nowDraft / route / verify
AI may prepare response drafts, review packets, Labs routing, and mismatch alerts with source evidence.
Human governorCustomer-facing approval
Review closure, response sending, refund promises, and escalations require human approval.
Founder-onlyPolicy / promotion
Refund policy, legal/privacy posture, medical handling, delegated thresholds, and department promotion stay founder-level.
Missing spineSLA + templates
Customer Ops needs governed templates, SLA tiers, escalation policy, and resolution receipts before promotion.
Next buildCustomer Ops proof pack
Build the operating spine first; do not promote by hiding support-only truth.
This card does not contact customers, close reviews, promise refunds, mutate production, or promote Customer Ops.
Finance is verified as a proof lane, but IRL business readiness needs revenue truth, spend truth, burn, runway, unit economics, and founder-approved spend thresholds.
Current truthCandidate authority
Finance remains observation-only. This surface does not promote Finance to department authority.
Visible metricsGross / net / spend
24h, week, and month finance fields are surfaced so zero-data and stale-data cannot hide.
Unit economicsCost per complaint
BOA should expose cost per complaint, cost per Labs run, provider spend, burn, and runway.
AI labor nowCalculate / warn / draft
AI may read finance truth, calculate visible indicators, surface warnings, and draft recommendations.
Founder-onlyBudget / pricing / spend
Spend thresholds, pricing, vendor commitments, capital allocation, and Finance promotion stay founder-level.
Next buildSpend ledger + brief
Build provider/API spend ledger, daily finance brief, thresholds, and recommendation receipts before promotion.
This card does not move money, approve spend, change pricing, promise refunds, mutate providers, or promote Finance.
Signals is verified as a provider lane, but IRL business readiness needs provider freshness, attribution, conversion quality, growth recommendations, and founder-approved campaign thresholds.
Current truthProvider support-only
Signals may read provider truth, but it does not hold provider mutation or department authority.
Visible metricsTraffic + intake
Website clicks, complaint submissions, incomplete intake, and conversion rate must stay visible.
Growth controlAttribution + quality
BOA needs source attribution, funnel stage quality, lead quality, and provider freshness before growth autonomy.
AI labor nowCalculate / warn / draft
AI may read signals, calculate conversion indicators, surface stale-data warnings, and draft recommendations.
Founder-onlyCampaigns / spend / messaging
Campaign launches, provider mutations, tracking/privacy posture, spend, and public messaging stay founder-level.
Next buildGrowth brief + receipts
Build provider freshness ledger, attribution map, weekly growth brief, and recommendation receipts before promotion.
This card does not mutate providers, launch campaigns, approve growth spend, publish messaging, contact customers, or promote Signals.
Risk and compliance are the boundary between useful AI labor and unsafe autonomy. Legal, medical, privacy, customer-contact, and policy decisions stay human/founder governed.
Current truthFounder-governed
BOA may prepare and route risk evidence, but it does not hold final legal, medical, privacy, or customer-contact authority.
Risk domainsLegal / medical / privacy
Legal threats, medical or essential-service complaints, data/privacy requests, refunds, and public claims need governed boundaries.
AI labor nowFlag / draft / route
AI may classify risk, prepare review packets, draft safe summaries, and surface missing policy or stale evidence.
Human governorCustomer-facing closure
Review closure, customer responses, refund promises, and escalations require human approval with receipt proof.
Founder-onlyPolicy / liability
Privacy, retention, legal posture, medical handling, delegated thresholds, public messaging, and promotion stay founder-level.
Next buildRisk policy registry
Build response templates, escalation playbooks, privacy/data paths, risk thresholds, and compliance receipts before autonomy.
This card does not contact customers, close reviews, give final legal/medical/privacy decisions, change policy, or promote Risk / Compliance.