Mandate Drift
Mandate drift occurs when an automated system continues operating under its original authorization while the conditions that justified that authorization have changed — without detection, without re-legitimation, and without a governance act.
What mandate drift is not
Mandate drift is not a bug, a model failure, or a compliance violation. The system continues to function correctly. Dashboards remain green. Controls are documented. Compliance reports pass.
The drift is in the relationship between the system's operational behavior and the mandate that authorized it — not in the system's technical performance.
What mandate drift is
A silent widening of the gap between what the system was approved to do and what it is actually doing. It accumulates without triggering alerts, without visible failure, and often without anyone noticing until the consequences have already materialized.
No error. No signal. Nothing to catch. Because the system is not malfunctioning — it is functioning perfectly, within a mandate that no longer exists.
Mandate drift in practice — three documented cases
Knight Capital (2012), Zillow Offers (2021), and Klarna (2024–2025) each illustrate a different mechanism of mandate drift. In all three cases, the system was operational, controls were green, and the failure was in the assumption basis — not the execution layer.
View case series →Mandate drift is the primary object DASR is designed to detect. View the DASR protocol →