The CogNovaMX Accreditation Programme accredits practitioners to issue MX Compliance Claims and award the MX Compatible badge to deliverables. Three tiers; admission is by application and audit; the indicative pricing below anchors the conversation. The programme runs the open MX standard governed by The Gathering and is the only accrediting body operated by CogNovaMX. Other accrediting bodies may exist for the same standard; this is by design.
This page is the public face of the programme as it moves through Stage 0 (standard ratification and internal training) into Stage 1 (Tier 1 admissions). If you want to be in the first cohort, join the waitlist below; we will contact you when applications open for your tier and predicate vocabulary.
What an accreditation buys you
A current accreditation gives you four things that a non-accredited practitioner does not have. First, the right to issue third-party MX Compliance Claims about external clients' artefacts within the predicate vocabularies you are accredited for. Second, the right to award and display the MX Compatible badge on those deliverables. Third, an accreditation reference URL hosted on REGINALD, signed by CogNovaMX, that consumers and regulators can resolve to verify your current status (active, suspended, revoked). Fourth, the listing in the public Certified Operator directory, which clients and procurement teams use to find a credible practitioner in their domain.
An accreditation is scoped to one or more named predicate vocabularies. Accreditation for WCAG 2.2 does not extend to EU AI Act Article 13 transparency obligations; each vocabulary is a separate extension applied for through the same process. The seed-phase vocabularies are WCAG 2.2 (now) and EU AI Act Article 13 (target Stage 3).
Note: This page describes regulatory frameworks in general terms only. Nothing here is legal advice. Requirements vary by jurisdiction, organisation type, and use case. Consult qualified legal specialists for guidance specific to your situation.
The three tiers
Each tier is a competence statement about you, not a property of any individual claim. Renewal is annual subject to the audit obligations.
Tier 1: Approved Operator
For in-house compliance teams who want a verifiable identity recognised by the programme without taking on third-party scope. Issues self claims about your organisation's own published artefacts at any conformance level the standard allows. Admission requires documented controls, methodology evidence, and a worked example claim against your own work.
Tier 2: Certified Operator
For consultancies and agencies that issue claims on behalf of external clients. Issues third-party claims within named predicate vocabularies. Admission requires demonstrated operational independence from each subject's publisher, a methodology aligned with the relevant external standard, signing-key custody discipline, and three real sample claims reviewed by the CogNovaMX audit team.
Tier 3: Audit-Grade Operator
For audit firms and compliance practices whose claims are read by regulators, judges, or oversight committees. Adds rigorous methodology audit, independent peer review of issued claims, professional indemnity insurance (minimum £2M), named-individual signing authorities, and an annual five-percent sample audit of claims issued. Suitable for regulated-sector compliance work.
Tools available to accredited operators
Active accreditation includes access to working tools that operators put inside their own pipelines. The flagship tool in the seed phase is the MX PDF Inspector CLI.
MX PDF Inspector CLI
The MX PDF Inspector CLI is the same detection core that runs the public PDF inspector, packaged as a command-line tool for operator pipelines. Drop it into a CI step or run it ad-hoc against a directory of deliverables. Each PDF is classified into one of three tiers (MX Compatible, EAA Tagged Only, Plain) with a full evidence table covering tagged structure, MX metadata, provenance schema version, and accountable parties. Exit codes are CI-clean: zero when every fixture meets the configured minimum tier, non-zero otherwise.
The CLI is a tool, not a hosted service. PDFs an operator wants to verify are usually confidential (draft contracts, unpublished audit reports, regulatory submissions, board papers); the CLI runs locally, sees no network, and leaves no trace outside the operator's own environment. Verification belongs in the operator's pipeline, not in ours. Same code path the operator's clients can re-verify in the public inspector at any time, so the claim text and the published artefact agree by construction.
Three audiences run it routinely. Tier 2 and Tier 3 operators gate every client deliverable on it in CI. Tier 1 in-house compliance teams gate internal releases. Procurement and oversight reviewers integrate it at intake to verify supplier claims before payment, on the buyer's side of the trust boundary.
The CLI is bundled with active accreditation in every tier during the seed phase; renewal of the accreditation renews access. The detection core is shared across the public inspector, our own production gate (the mx.pdf.sh publishing pipeline that emits every PDF this site ships), the regression test in npm test, and the operator CLI itself, so a regression in any surface fails all of them in the same way. For the architecture rationale, the blog post The Inspector You Can Audit Yourself walks the four-layer structure end to end.
How the tool installs and where it runs
The CLI is a self-contained Node.js distribution. The package has zero runtime npm dependencies; the parser (pdf.js) and the detection core ship vendored inside the distribution, so an npm install against a fresh clone or unpacked tarball pulls nothing from the public registry at install time and the inspector makes no network calls at inspection time. The distribution directory is about two megabytes including the bundled test pack.
The CLI itself runs on every platform Node.js runs on: Linux, macOS, and Windows. The supported Node version is 18 or later. On Linux and macOS, the package installs and runs natively. On Windows, the package installs natively through npm and exposes the same mx-pdf-inspect command via npm's binary shim; no WSL or Cygwin is required for the CLI itself.
The bundled test pack ships two runners that produce the same verdict against the same fixtures, so an operator can pick whichever fits their environment. The Node runner (node run-test-pack.mjs, also exposed as npm run test-pack) is the cross-platform default and needs only Node itself. The bash runner (bash run-test-pack.sh) is the legacy POSIX-shell path; it requires bash plus jq and runs natively on macOS and Linux, on Windows it runs from WSL or Git Bash. A clean test-pack pass confirms that the CLI, the vendored pdf.js, and the detection core all loaded correctly on the operator's machine, against a known-good MX Compatible fixture that the test pack carries with it.
The CLI is designed for CI integration. Three exit codes only: zero when every inspected PDF meets the configured minimum tier (default is MX Compatible), one when at least one is below the bar, two when something failed to load or no PDFs were found. JSON output (--json) is structured per-fixture and parses cleanly in any language a CI step can call. The --min-tier option lets an operator accept EAA-tagged-only PDFs on a per-build basis, useful for transitional projects where the full MX evidence chain is not yet present. The --recursive flag walks directory trees, so a single CI step can verify every PDF the build emits without enumerating file paths.
For native Windows operators in particular, the install path is identical to Linux and macOS: receive the tarball, npm install -g . from inside the unpacked directory, then run mx-pdf-inspect <path> from PowerShell or Command Prompt or any shell the operator uses. The same applies inside Docker containers, GitHub Actions runners, GitLab CI jobs, and any other Node-capable execution environment. The CLI does not assume a particular shell, a particular file-path convention, or a particular tool ecosystem beyond Node itself.
A non-accredited evaluation copy (60-day, single-machine, no commercial use) is available on request for prospects evaluating accreditation. Join the waitlist below and mention the evaluation in your application notes.
Indicative pricing for the seed phase
Fees fund the audit programme, the registry infrastructure, and programme governance. The schedule below is indicative for the seed phase; the published commercial schedule is the authoritative document and supersedes this table at admission time. Agency partners operating Tier 2 with multiple vocabularies negotiate volume discount structures.
| Element | Tier 1 Approved | Tier 2 Certified | Tier 3 Audit-Grade |
|---|---|---|---|
| Application fee (per vocabulary) | £750 | £3,500 | £12,000 |
| Annual maintenance (per vocabulary) | £500 | £2,500 | £8,500 |
| Per-claim issuance fee | £0.50 | £2.50 | £8.00 |
| Triggered audit (cost recovery) | At cost | At cost | At cost |
How admission works
Admission is by application followed by audit, not by course or exam. We do not run training and we do not certify on the basis of a written test. You arrive with a methodology already in working order; we audit it. The route is the same at every tier; the bar moves with the tier.
- Application. You submit a methodology document, signing-key custody arrangements, evidence of operational independence (Tier 2 and above), and three sample claims. Application fee payable on submission.
- Audit. The CogNovaMX audit team reviews the methodology against the predicate vocabulary's requirements, checks the sample claims against the standard's lookup surfaces, and verifies the responsible-person identifier chain end-to-end.
- Determination. Accreditation granted, granted with conditions, or refused with reasons. If granted, your accreditation reference URL is published on REGINALD and your entry appears in the public Certified Operator directory.
- Maintenance. Annual fee, annual sample audit (five percent at Tier 3, lower percentages at Tiers 1-2), and surveillance of issued claims. Suspension or revocation procedures apply if the audit programme identifies material non-conformance.
Join the waitlist
Stage 1 admissions open shortly. If you want to be considered in the first cohort, leave your details below and tell us which tier and which predicate vocabulary you are aiming at. We will contact you when applications open for your scope.
How this relates to The Gathering
The Gathering is the standards body that governs the open MX standard the programme runs on. The Gathering has no products, no commercial interests, and no role in admitting or revoking accreditations. This programme is a CogNovaMX product, not a Gathering product. Where the standard changes through Gathering ratification, the programme updates to match, never the other way around.
If you want to commission machine-readable PDFs, websites, or print materials rather than accredit yourself to produce them, the route is MX for PDFs and the MX PrintWorks contact channel.