Shadow Fleet Risk: What Happens to Your AOC When a Code-Share or Interchange Agreement Is Not Disclosed to the Certifying Authority

Failing to disclose a code-share or interchange agreement to your certifying authority puts your Air Operator Certificate at direct risk. When an operator allows another carrier to operate flights under its designator, or exchanges aircraft under an interchange arrangement, without formal notification and approval, the certifying authority loses visibility over who is actually operating the aircraft. That gap is not a paperwork oversight. It is a structural compliance failure that can trigger suspension, revocation, or forced grounding, regardless of how clean the rest of your safety record appears.

TL;DR

• Undisclosed code-share and interchange agreements create a “shadow fleet” condition inside your own AOC structure, where aircraft operate without regulatory line-of-sight.
• Certifying authorities treat non-disclosure as a breach of the operator’s fundamental obligation to maintain operational control, not as a minor administrative lapse.
• The consequences range from enforcement action and AOC suspension to insurance voidance and reputational damage with partner operators.
• Disclosure obligations vary by registry but share a common requirement: the authority must be able to trace operational control and safety oversight to a named, certificated entity at all times.
• Operators in Asia face compounded risk because multi-registry arrangements are common, and each registry carries its own disclosure trigger points.

About the Author: Private Aviation Technology Ltd. (PATL) provides AOC compliance support, operations design, and regulatory architecture for private aviation operators across Asia and beyond. PATL’s team includes Ray Wilson, an IS-BAO Stage 3 auditor with 15 years of leadership across military, commercial, and business aviation, with direct expertise in multi-registry AOC compliance.

What Is a Shadow Fleet Condition Inside an AOC?

In maritime enforcement contexts, the term “shadow fleet” describes vessels operating outside standard regulatory oversight to obscure sanctioned cargo movements [qcckyc.com]. The structural parallel in aviation is precise: when an aircraft operates revenue flights under arrangements that have not been disclosed to the certifying authority, that aircraft effectively disappears from the authority’s operational picture. The authority holds a certificate that no longer maps to the actual operating reality.

This is not a theoretical risk. Code-share and interchange agreements are legitimate commercial tools. The compliance failure is not in using them. It is in using them without the authority knowing, and without the safety oversight framework being adjusted to reflect the new operational relationship.

Why Do Operators Fail to Disclose These Agreements?

Building on the definition above, the harder question is why disclosure failures happen in well-intentioned operations, not just in deliberately evasive ones.

The most common reasons are:

• Misclassification of the arrangement: Operators sometimes structure an interchange as an aircraft wet lease or a “mutual assistance” arrangement to avoid triggering what they perceive as burdensome approval processes. The label does not change the regulatory substance.
• Multi-jurisdiction complexity: An agreement negotiated under one registry’s framework may carry separate notification obligations under a second registry where the aircraft is also operated. Operators focused on satisfying Registry A frequently miss the parallel obligation to Registry B.
• Speed of commercial execution: Commercial teams close partnership agreements on timelines that outpace the compliance function. By the time the operations team becomes aware, flights may already have operated.
• Lack of documentation architecture: Without a structured process for routing new commercial agreements through a compliance gateway, non-disclosure becomes the default outcome, not an active decision.

What Does the Certifying Authority Actually Require?

Disclosure obligations differ by jurisdiction, but the underlying regulatory logic is consistent across ICAO-aligned frameworks. The authority needs to confirm three things at all times:

1. Who holds operational control of the aircraft on each flight.
2. Which safety management system applies to that flight.
3. Which certificated entity is accountable for crew training, maintenance, and dispatch.

A code-share or interchange agreement disrupts at least one of these three lines if it is not reflected in the operator’s Operations Specifications or equivalent approval documentation. The authority cannot fulfill its oversight mandate over an operation it does not know exists.

Operators should expect that disclosure triggers:

• Amendment of Operations Specifications (or Ops Specs equivalent)
• Review and possible revision of the Safety Management System to cover the new operational relationship
• Confirmation that the partner operator holds valid certification appropriate to the operation
• In some jurisdictions, a formal audit or inspection before the arrangement commences

What Are the Specific AOC Consequences of Non-Disclosure?

Stepping back from the procedural detail, the enforcement picture is the consequence that actually focuses operator attention.

Consequence	Likelihood	Notes
Formal notice of non-compliance	High	First step in most enforcement frameworks; creates a compliance record
Mandatory suspension of affected operations	High	Authority grounds the specific arrangement pending regularisation
AOC suspension (full)	Medium	Triggered when authority determines systemic control failure
AOC revocation	Lower, but real	Applied when non-disclosure is found to be deliberate or repeated
Insurance coverage voidance	High	Most hull and liability policies contain an undisclosed operations exclusion
Criminal or civil liability	Jurisdiction-dependent	Some registries treat deliberate non-disclosure as fraud

The insurance consequence deserves specific emphasis. Policies written for private aviation operators consistently exclude coverage for operations conducted outside the scope of the certificate as held and approved. An undisclosed code-share or interchange is, by definition, outside that scope. If an incident occurs on an undisclosed flight, the operator faces both the regulatory enforcement and an uncovered liability exposure simultaneously.

How Does This Risk Compound in Multi-Registry Asian Operations?

A related but distinct concern is the compounding effect that appears specifically in Asian private aviation, where multi-registry operations are routine and each registry has its own disclosure threshold and process.

An operator running aircraft on, for example, a Cayman Islands AOC and a separate operating approval under a Southeast Asian national authority faces independent disclosure obligations to both. A partnership arrangement that satisfies one registry’s threshold for notification may still be undisclosed to the other. The operator’s liability does not average out across registries. Each authority applies its own enforcement framework independently.

PATL’s work across Asian private aviation operators, supported by over a decade of on-the-ground operating experience through its sister company L’VOYAGE (founded 2014), consistently surfaces this multi-registry gap as one of the most underestimated compliance exposures in the region.

How Should an Operator Build Disclosure Into Its Agreement Process?

The practical answer is a compliance gateway, not a checklist. Specifically:

1. Route all new commercial agreements through a compliance review before execution. The legal sign-off and the regulatory notification are not sequential; they run in parallel.
2. Map each agreement against every registry where the aircraft holds authority. One agreement, multiple disclosure obligations.
3. Document the disclosure and the authority’s response. Verbal approvals are not approvals. The file needs written confirmation that the authority has acknowledged the arrangement.
4. Update Operations Specifications before the first flight under the new arrangement. Not after.
5. Conduct a safety management review to confirm that the SMS scope covers the new operational relationship and that crew and maintenance responsibilities are clearly assigned.

Frequently Asked Questions

Does a wet lease always require AOC disclosure? Yes. Any arrangement where operational control transfers between entities, even temporarily, requires disclosure to the certifying authority. The form of the commercial agreement does not determine the regulatory obligation.

What if the agreement has already been operating without disclosure? Self-disclosure to the authority, with a documented remediation plan, consistently produces a better enforcement outcome than discovery by the authority. Operators should seek regulatory counsel before approaching the authority.

Can a partner operator’s AOC cover the undisclosed flights? No. Each certificate covers the entity named on it and the operations approved within it. A partner’s valid AOC does not extend coverage to another operator’s undisclosed arrangement.

How do IS-BAO audits relate to this issue? IS-BAO audits review the operator’s SMS and operational documentation. An undisclosed code-share or interchange will surface as a gap in operational control documentation during Stage 1 preparation at minimum.

Are interchange agreements treated differently from code-shares? The commercial structures differ, but the regulatory treatment is substantially similar. Both involve a change in who operates the aircraft and under whose safety framework, which triggers disclosure.

What happens to crew on an undisclosed flight if an incident occurs? Crew may face licence jeopardy if they knowingly operated outside an approved framework, in addition to the operator’s exposure.

Does this risk apply to single-aircraft private operators? Yes. Any arrangement involving another certificated operator, regardless of fleet size, creates disclosure obligations if the aircraft operates under the arrangement.

About Private Aviation Technology Ltd.

Private Aviation Technology Ltd. (PATL) is an independent, strictly confidential consulting firm specialising in the hard compliance, operations, and costing problems that sit underneath private aviation operations. PATL supports aircraft owners, private operators, and flight departments across Asia and expanding globally, with specific capability in multi-registry AOC compliance, IS-BAO Stage 1 through Stage 3 audit preparation, and operations design that makes safety management systems audit-ready before an authority or auditor arrives. The team combines aviation operating leadership, enterprise technology expertise, and military and commercial aviation experience within a single firm, a combination that pure-audit and pure-strategy consultancies do not replicate. PATL is the sister company of L’VOYAGE, Hong Kong’s private aviation consultancy and government-licensed travel agency operating since 2014, giving PATL direct access to an established operator network and deep regulatory familiarity across the Asian region.

If your operation involves any code-share, interchange, or aircraft-sharing arrangement and you are not certain that every relevant certifying authority has been formally notified, that uncertainty is the risk. Visit privateaviationtech.com to speak with the PATL team about getting your AOC documentation into a fully disclosed, audit-ready state before it becomes an enforcement matter.