You can create a new enterprise-specific RoleTypes in the EPT which belong to the owning enterprise only and will not be available to other enterprises.
You can work with the EPT RoleType like any other, for example:
You can provide Read/Write permissions for model instances
You can create Role instances based on this RoleTyp.
You can customize NEO UI by defining RoleTypeUIConfig in UI MetaModel