The 30-day decision window. Six unconditional recovery levers. No-fault exit. Rolling SIGIL-anchored. This is the playbook for when a sovereign-AI customer signals churn — the playbook the customer-success team runs, the playbook the CRO signs off, and the playbook the BFT-33 council watches.
From the moment a churn signal fires (renewal objection, scope reduction, executive sponsor change, regulatory shift, or competitive replacement), the customer-success team has 30 days to run the 6-lever recovery plan. If, after 30 days, the customer still wants to leave, the no-fault exit clause activates — and we walk them out the door with their weights, their audit chain, and a public thank-you.
Within 24 hours of the churn signal, the CSOAI CEO calls the customer's named executive sponsor. Not a sales call. A listening call. 30 minutes, no slides, no agenda. Outcome: a written summary of the customer's actual concern (often different from the stated one), shared with the customer within 4 hours.
Within 48 hours, the customer-success team runs a live SIGIL-pack replay for the customer's named auditor. The replay shows the chain of evidence for the workload, the BFT-33 sign-off record, the 12-framework coverage, and the audit cadence. Outcome: a re-anchored trust moment, anchored to evidence, not promises.
Within 7 days, the customer-success team produces a gap-close plan for any framework the customer is concerned about. Typically 1-2 gaps; 90-day close; SIGIL-anchored milestones. The gap-close plan is signed by the customer, the CSOAI CRO, and the named BFT-33 council member.
Within 14 days, the customer-success team walks the customer through the no-fault exit clause. The clause is in the master contract; it is unconditional; 90-day migration window; open weights, open audit chain. The walk-through often resolves the churn signal — the customer realises the risk of leaving is provably zero, which removes the "we're stuck" objection.
Within 21 days, if the churn signal is still live, the customer-success team escalates to the CSOAI CRO + the customer's named executive sponsor. The escalation is a 60-minute working session, anchored to the SIGIL pack, with a written outcome published within 24 hours.
Within 30 days, the customer either re-signs (with a 12-month extension at current or adjusted terms) or activates the no-fault exit. There is no Lever 7. The 30-day decision window is the contract; it is SIGIL-anchored; the BFT-33 council watches.
| Signal | What it looks like | Named owner | First action |
|---|---|---|---|
| Renewal objection | Customer says "we're not renewing" or asks for a 50%+ price cut | Head of CS | Lever 1 (24-hour exec call) |
| Scope reduction | Customer reduces the number of workloads or the SEV tier | Head of CS | Lever 2 (SIGIL replay) |
| Executive sponsor change | Customer's named exec sponsor leaves or is replaced | CSOAI CEO | Lever 1 + re-pitch the sovereignty story |
| Regulatory shift | Customer's regulatory environment changes (e.g., new framework) | CSOAI CRO + GC | Lever 3 (12-framework gap-close) |
| Competitive replacement | Customer names Palantir, Anduril, or hyperscaler as the replacement | CSOAI CEO + CRO | Lever 1 + battle card + decision tree |
| BFT-33 sign-off failure | The BFT-33 council rejects a customer release (rare) | CSOAI CRO | Lever 2 + BFT-33 council open hearing |
| SIGIL chain break | The SIGIL chain shows a tamper event (very rare) | CSOAI CRO + CISO | SEV-1 escalation; full replay; public statement |
The 6 levers are unconditional. The no-fault exit is in the contract. The SIGIL pack is the chain of evidence — for the recovery attempt, for the renewal, or for the exit. Trust is the moat. The chain is the proof.
Every artefact on this page is anchored to a SIGIL receipt in the DEFONEOS public ledger. The receipts form an append-only hash chain. The chain is HMAC + Ed25519 signed; the BFT-33 council provides a 23-of-33 quorum sign-off on every release; the chain root is published externally and can be replayed by any third party without DEFONEOS cooperation.
Churn prevention/manifest/defoneos-mod-churn-prevention.ed25519 — page manifest, BFT-33 signed on publication.Churn prevention/body/defoneos-mod-churn-prevention.hmac — body content hash, HMAC-SHA-256, 90-day rotation.Churn prevention/cumulative/defoneos-mod-churn-prevention.ed25519 — cumulative chain root including this page.bft33/release/defoneos-mod-churn-prevention/digest.ed25519 — BFT-33 sign-off record, 23-of-33 quorum.framework/mapping/defoneos-mod-churn-prevention.ed25519 — 12-framework mapping receipt.ledger.get(release_id)).Total replay time: 15-30 minutes. No DEFONEOS employee is in the loop. The auditor can run it in their own tooling, in their own jurisdiction, at any time.
This surface is part of the DEFONEOS sovereign AI operating system. It is published under the CSOAI Ltd sovereign substrate (UK Co. 16939677), maintained by the SOV33 council, and verified by the BFT-33 ledger. The SOV33 substrate is the foundation layer; DEFONEOS is the application layer; SIGIL is the audit layer; BFT-33 is the governance layer.
The deployment chain is: local SOV3 substrate (MacBook orchestrator) → Mac M-series sovereign inference mesh (M2/M3/M4 nodes) → Vercel prod (public surface) → CSOAI Ltd ledger (chain of custody) → BFT-33 council (governance). Every artefact on this page is a node in that chain.
Sovereignty is the next £100B of defence-AI spend. The hyperscaler and US-prime vendors cannot meet the UK jurisdiction, audit, and control requirements — and three outages this year have proved that. DEFONEOS is the sovereign alternative: UK-domiciled, UK-auditable, UK-controlled, SIGIL-anchored, BFT-33-signed. This surface is the chain of evidence that the alternative is real, not a wrapper.
Out-of-the-box: NCSC CAF (14/14 outcomes, 38/38 components), ISO 42001 AIMS (6/6 clauses, 134/134 controls, 94%), EU AI Act (67/67 articles, 89% — Article 50 deadline 2 Aug 2026), NIST AI RMF (full mapping), OSCAL SSP (16/16 families, 240 tests, 6-hour pipeline), ISO 27001/27017/27018/27701 (full Annex A), SOC 2 Type II (5/5 trust principles), MOD Defence AI Safety Standard (9/9 principles), AUKUS AI Safety (Phase-1 mapping). The 12-framework map is the audit backbone; the SIGIL pack is the chain of evidence.
Series A £50M @ £420M post; £680M ARR Y5; 127× MOIC at exit. Three moats: sovereignty by construction, SIGIL-anchored audit, 12-framework coverage. Eight forces vs. Palantir / AWS / GCP, all won on sovereignty, audit, and TCO. The 5-year thesis is the investor angle; the sovereign proof pack is the chain of evidence; the Board memo is the cadence.