Three independent vectors are converging on programmatic verification of research data compliance

The Section 5 latent liability is currently not surfaced at architectural scale. Three independent vectors are loading the conditions under which surfacing becomes mechanically possible:

Vector 1 — Funder verification policy. NIH DMS Policy effective January 2023, simpler standardized DMSP format effective May 25, 2026, Gates Foundation OA.Works contracted January 2025, Horizon Europe FAIR mandate via Grant Agreement Article 17, Wellcome Trust suspension power, NSF DMP-required-or-returned-without-review policy, OSTP Nelson Memo (August 2022) covering ~$90B in annual federal research funding (E-0046 through E-0051). The shift is not from "no mandate" to "mandate"; it is from a mandate regime that cannot programmatically detect non-compliance to one that can.

Vector 2 — False Claims Act precedent. Duke $112.5M (2019), Harvard-Anversa $10M (2017), Dana-Farber $15M (December 2025) under the implied-certification theory established in Universal Health Services v. Escobar (2016). The settlement range above prices scientific fraud, not architectural data unavailability — but the implied-certification theory sits doctrinally available for that extension. What has prevented architectural cases is not the legal theory but the audit infrastructure required to surface architectural failure as a documentable claim.

Vector 3 — Regulatory convergence. Every adjacent industry handling consequential data has crossed the verification threshold: SEC Rule 17a-4 + $3.5B in fines since 2021, HIPAA Security Rule + $2.19M willful-neglect penalty tier, 21 CFR Part 11 + Applied Therapeutics rejection. Research is the last major consequential-data sector without mandatory verification of the infrastructure that holds it. The mandate regime is now closing that outlier status (E-0052 through E-0055).

The convergence does not, in 2026, convert Section 5's latent liability to realized loss. It loads the conditions under which conversion becomes mechanically possible across the next funding and audit cycles, on a trajectory in which the rate-limiting input — institutional audit infrastructure — is also the input the rest of the paper proposes that institutions build.