Supervisory Primacy: Human-in-the-Loop AI Orchestration for High-Consequence Domains

Human-in-the-loop frameworks for AI systems are increasingly treated as policy-level commitments — 'the human can always override' — when their operational effectiveness requires that they be architectural properties of the system itself. A policy-level HITL commitment is disabled by a configuration flag; an architectural HITL property is disabled by rebuilding from source. This paper introduces Supervisory Primacy as a design principle: the human-authoritative state is the architectural default for consequential actions, with the AI proposing and the human disposing, every consequential action carrying a mandatory authorization audit trail, and eight non-negotiable operational integrity constraints implemented as enforceable safeguards in deployment builds rather than as runtime policy. The principle is consistent with EU AI Act Article 14, NIST AI RMF 1.0 Appendix C, the Parasuraman-Sheridan-Wickens framework, and the industrial-robotics functional-safety standards (ANSI/RIA R15.06, ISO 10218, ISO/TS 15066, IEC 61508/61511).