Branchoria AI Sense AI Sense

Clear, practical explanations of what AI does, where it helps, and where it fails.

Within Model Cards

Why AI paperwork is not enough

Datasheets and model cards can expose risks, but they cannot replace testing, audits, monitoring, or evidence that the claims are complete and true.

On this page

  • What documentation can reveal but not fix
  • How checklist compliance can become superficial
  • Why audits and monitoring need stronger evidence
Preview for Why AI paperwork is not enough

Introduction

Dataset datasheets and model cards are valuable because they make AI systems less opaque. They can reveal where data came from, how a model was trained, what tests were performed, and which limitations developers already know about. However, documentation alone cannot make an AI system safe. A model card can describe risks, but it cannot prove that all risks have been found, that reported results are accurate, or that the system will behave safely once deployed in the real world. Transparency is useful, but safety depends on evidence, verification, and ongoing accountability. Documentation is therefore best understood as a starting point for safety governance rather than a substitute for it. [NVIDIA Developer]developer.nvidia.comDeveloper Enhancing AI Transparency and Ethical ConsiderationsNVIDIA DeveloperEnhancing AI Transparency and Ethical Considerations…September 19, 2022 — 19 Sept 2022 — Learn about the importance of…Published: September 19, 2022

Paper safety illustration 1

What documentation can reveal but not fix

Datasheets and model cards help organisations ask better questions before deployment. They can expose gaps in training data, identify intended and unintended uses, disclose known biases, and summarise evaluation results. This information helps reviewers judge whether a system is appropriate for a specific context. [NVIDIA Developer]developer.nvidia.comDeveloper Enhancing AI Transparency and Ethical ConsiderationsNVIDIA DeveloperEnhancing AI Transparency and Ethical Considerations…September 19, 2022 — 19 Sept 2022 — Learn about the importance of…Published: September 19, 2022

The problem is that documentation is descriptive rather than corrective. A model card can state that a facial recognition system performs worse on certain demographic groups, but the statement itself does not remove the disparity. A datasheet can disclose that a dataset under-represents particular populations, but disclosure does not create missing data or improve model performance.

Documentation also depends heavily on what developers know and choose to report. AI systems often encounter unexpected situations after deployment. New user behaviour, changing environments, and previously unseen inputs can reveal weaknesses that were not apparent during development. Even detailed documentation cannot guarantee that every relevant failure mode has already been identified. This is one reason why risk-management frameworks emphasise continuous measurement and management rather than relying solely on transparency documents. [NIST Publications]nvlpubs.nist.govPublications Artificial Intelligence Risk Management FrameworkNIST PublicationsArtificial Intelligence Risk Management FrameworkMarch 24, 2025 — by N AI · 2024 · Cited by 144 — As GAI covers risks of…Published: March 24, 2025

Another limitation is that documentation may be incomplete or inaccurate. Readers usually have to trust that reported evaluations were conducted properly and that important limitations were not omitted. Unless independent testing or auditing verifies the claims, documentation remains largely self-reported evidence.

Is Europe the Same as the EU? Most People Don't Know

Channel: European Commission · Views: 294.1K · Uploaded: April 2026 · Length: 1 minute 54 seconds

Open on YouTube

How checklist compliance can become superficial

A recurring criticism of AI governance is that documentation requirements can encourage a “paper compliance” mindset. Organisations may focus on producing the required forms while paying less attention to whether the underlying system is actually trustworthy.

Model cards were originally proposed as tools for transparency and informed decision-making, not as proof of safety. Yet in practice, there is a risk that stakeholders treat the existence of documentation as evidence that sufficient safeguards already exist. A well-designed document can create an impression of diligence even when testing is limited or weaknesses remain unresolved. [IAPP.org]iapp.org5 things to know about AI model cardsNovember 13, 2023 — 23 Aug 2023 — While model cards are a great example of transparency in AI, there…Published: November 13, 2023

This problem is familiar in other regulated industries. Completing a checklist is easier than demonstrating that a process consistently works. In AI, organisations may document fairness metrics, robustness tests, or intended-use restrictions without establishing strong mechanisms to verify those claims in operation.

Several researchers and governance specialists have argued that transparency tools are only meaningful when they are connected to measurable criteria and external review. Documentation can describe a model’s behaviour, but without independent validation there is often no way to determine whether the description is complete or accurate. Studies examining AI governance under the European regulatory framework have similarly highlighted the challenge of translating high-level requirements into verifiable evidence rather than relying on declarations alone. [arXiv]arxiv.orgConformity Assessments and Post-market Monitoring: A Guide to the Role of Auditing in the Proposed European AI RegulationNovember 9…Published: November 9, 2021

Paper safety illustration 2

Why audits and monitoring need stronger evidence

If documentation identifies potential risks, audits and monitoring are intended to test whether those risks are being managed effectively.

An audit goes beyond reading a model card. Auditors may inspect training procedures, reproduce evaluations, examine governance processes, review incident records, or test the system against additional scenarios. The goal is to determine whether documented claims are supported by evidence. This shifts the focus from “What does the developer say?” to “What can be independently verified?” [arXiv]arxiv.orgConformity Assessments and Post-market Monitoring: A Guide to the Role of Auditing in the Proposed European AI RegulationNovember 9…Published: November 9, 2021

Monitoring addresses a different problem: AI systems can change in practice even when the underlying model remains unchanged. User populations evolve, operating environments shift, and new forms of misuse emerge. A model that appeared acceptable during pre-deployment testing may become unreliable months later.

Because of this, modern governance frameworks increasingly require post-deployment oversight. The NIST AI Risk Management Framework treats risk management as an ongoing process involving governance, measurement, and continuous management rather than a one-time documentation exercise. [NIST Publications]nvlpubs.nist.govPublications Artificial Intelligence Risk Management FrameworkNIST PublicationsArtificial Intelligence Risk Management FrameworkMarch 24, 2025 — by N AI · 2024 · Cited by 144 — As GAI covers risks of…Published: March 24, 2025

The same logic appears in the European Union’s AI regulatory approach. High-risk AI systems are not expected merely to maintain technical documentation; providers are also required to establish post-market monitoring systems that collect and analyse evidence about real-world performance after deployment. The framework combines documentation with conformity assessment, incident reporting, monitoring, and enforcement mechanisms because documentation alone is not considered sufficient to demonstrate safety. AI Act Service Desk+3Digital Strategy Europe+3AI Act Service Desk [digital-strategy.ec.europa.eu]digital-strategy.ec.europa.euDigital Strategy Europe AI Act | Shaping Europe's digital futureDigital Strategy EuropeAI Act | Shaping Europe's digital future - European UnionThe AI Act is the first-ever legal framework on AI, which…

Paper safety illustration 3

Transparency is useful only when it creates accountability

The strongest argument for documentation is not that it guarantees safety, but that it makes accountability possible. Organisations cannot meaningfully evaluate, audit, or regulate a system if they have no information about how it was built.

However, transparency becomes valuable only when it leads to action. If a model card reveals poor performance for a particular population, someone must decide whether additional testing, retraining, restrictions, or deployment changes are necessary. If a datasheet exposes weaknesses in a dataset, those weaknesses must be addressed rather than merely recorded.

This distinction is crucial. Documentation answers the question, “What do we know about this system?” Safety requires answering a harder question: “What evidence shows that the system is performing acceptably in the real world?” The first question can often be addressed with paperwork. The second requires testing, auditing, monitoring, incident reporting, and mechanisms that hold organisations responsible when documented assurances fail. [NIST Publications+2arXiv]nvlpubs.nist.govPublications Artificial Intelligence Risk Management FrameworkNIST PublicationsArtificial Intelligence Risk Management FrameworkMarch 24, 2025 — by N AI · 2024 · Cited by 144 — As GAI covers risks of…Published: March 24, 2025

Amazon book picks

Further Reading

Books and field guides related to Why AI paperwork is not enough. Use these as the next step if you want deeper reading beyond the article.

BookCover for AI Snake Oil

AI Snake Oil

By Arvind Narayanan, Sayash Kapoor

Directly addresses why documentation and claims are insufficient without evidence and validation.

See on Amazon
Browse more on Amazon: Atlas of AI AI Snake Oil Weapons of Math Destruction

As an Amazon Associate I earn from qualifying purchases.

eBay marketplace picks

Marketplace Samples

Example marketplace items related to this page. Use the search link to explore similar finds on eBay.

Using USA
Browse more on eBay.co.uk

Example items shown for inspiration; availability and pricing can change. Branchoria may earn a commission if you purchase through outbound eBay links.

Endnotes

  1. Source: developer.nvidia.com
    Title: Developer Enhancing AI Transparency and Ethical Considerations
    Link: https://developer.nvidia.com/blog/enhancing-ai-transparency-and-ethical-considerations-with-model-card/
    Source snippet

    NVIDIA DeveloperEnhancing AI Transparency and Ethical Considerations...September 19, 2022 — 19 Sept 2022 — Learn about the importance of...

    Published: September 19, 2022

  2. Source: nvlpubs.nist.gov
    Title: Publications Artificial Intelligence Risk Management Framework
    Link: https://nvlpubs.nist.gov/nistpubs/ai/NIST.AI.600-1.pdf
    Source snippet

    NIST PublicationsArtificial Intelligence Risk Management FrameworkMarch 24, 2025 — by N AI · 2024 · Cited by 144 — As GAI covers risks of...

    Published: March 24, 2025

  3. Source: iapp.org
    Link: https://iapp.org/news/a/5-things-to-know-about-ai-model-cards
    Source snippet

    5 things to know about AI model cardsNovember 13, 2023 — 23 Aug 2023 — While model cards are a great example of transparency in AI, there...

    Published: November 13, 2023

  4. Source: arxiv.org
    Link: https://arxiv.org/abs/2111.05071
    Source snippet

    Conformity Assessments and Post-market Monitoring: A Guide to the Role of Auditing in the Proposed European AI RegulationNovember 9...

    Published: November 9, 2021

  5. Source: arxiv.org
    Link: https://arxiv.org/abs/2403.16808

  6. Source: arxiv.org
    Title: arXiv Safe and Certifiable AI Systems: Concepts, Challenges, and Lessons Learned
    Link: https://arxiv.org/abs/2509.08852

  7. Source: arxiv.org
    Link: https://arxiv.org/pdf/2509.20394
    Source snippet

    Blueprints of Trust: AI System Cards for End‑to‑...by H Sidhpurwala · 2025 · Cited by 3 — This paper introduces the Hazard-Aware System...

  8. Source: arxiv.org
    Link: https://arxiv.org/pdf/2601.08869
    Source snippet

    Paper Blueprint “AI Deployment Authorisationby DD Saparning · 2026 — Model cards, audits, and transparency reports provide information bu...

  9. Source: nist.gov
    Link: https://www.nist.gov/document/ai-rmf-rfi-comments-national-artificial-intelligence-institute
    Source snippet

    NIST AI Risk Management Framework RFI ResponsesRisks cannot be properly identified or otherwise managed without first identifying and tra...

  10. Source: digital-strategy.ec.europa.eu
    Title: Digital Strategy Europe AI Act | Shaping Europe’s digital future
    Link: https://digital-strategy.ec.europa.eu/en/policies/regulatory-framework-ai
    Source snippet

    Digital Strategy EuropeAI Act | Shaping Europe's digital future - European UnionThe AI Act is the first-ever legal framework on AI, which...

  11. Source: ai-act-service-desk.ec.europa.eu
    Link: https://ai-act-service-desk.ec.europa.eu/en/ai-act/article-72
    Source snippet

    Providers shall establish and document a post-market monitoring system in a manner that is proportionate to the nature of the AI technolo...

  12. Source: ai-act-service-desk.ec.europa.eu
    Link: https://ai-act-service-desk.ec.europa.eu/en/ai-act/article-43
    Source snippet

    AI Act Service DeskAI Act Service Desk - Article 43: Conformity assessmentFor high-risk AI systems covered by existing EU legislation lis...

  13. Source: european-union.europa.eu
    Link: https://european-union.europa.eu/index_en
    Source snippet

    Union: Your gateway to the EU, News, Highlights7 hours ago — Discover how the EU functions, its principles, priorities; find out about it...

  14. Source: european-union.europa.eu
    Link: https://european-union.europa.eu/principles-countries-history/eu-countries_en
    Source snippet

    countries | European UnionFind out more about EU countries, their government and economy, their role in the EU, use of the euro, membersh...

Additional References

  1. Source: pmc.ncbi.nlm.nih.gov
    Link: https://pmc.ncbi.nlm.nih.gov/articles/PMC8569069/
    Source snippet

    Assessments and Post-market Monitoring - PMCby J Mökander · 2021 · Cited by 281 — In this article, we describe and discuss the two primar...

  2. Source: aibuzz.blog
    Title: ai model cards explained
    Link: https://aibuzz.blog/ai-model-cards-explained/
    Source snippet

    Document AI for Trust (2026)5 Jun 2026 — AI model cards document an AI system's purpose, performance, risks, and limitations for transpar...

  3. Source: artificialintelligenceact.eu
    Link: https://artificialintelligenceact.eu/high-level-summary/
    Source snippet

    summary of the AI ActA smaller section handles limited risk AI systems, subject to lighter transparency obligations: developers and deplo...

  4. Source: impetora.com
    Title: conformity assessment
    Link: https://impetora.com/[eu-ai-act
    Source snippet

    EU AI Act conformity assessment: routes (2026) - Impetora27 Apr 2026 — The post-market monitoring plan is part of the technical documenta...

  5. Source: linkedin.com
    Link: https://www.linkedin.com/pulse/why-ai-model-cards-foundation-enterprise-transparency-sneh-lata-9sdee
    Source snippet

    AI Model Cards for Enterprise AI TransparencyAI model cards provide structured transparency for enterprise AI systems. Learn why they are...

  6. Source: linkedin.com
    Link: https://www.linkedin.com/pulse/eu-ai-act-conformity-assessment-what-providers-must-do-zunic-maric-0dfof
    Source snippet

    EU AI Act Conformity Assessment: What Providers Must Do...Under Article 72, the post-market monitoring system must be documented in the...

  7. Source: linkedin.com
    Link: https://www.linkedin.com/pulse/your-ai-monitoring-plan-document-capability-patrick-sullivan-ydppc
    Source snippet

    Your AI Monitoring Plan Is a Document, Not a CapabilityThe first cross-cutting challenge documented in NIST AI 800-4 is the absence of tr...

  8. Source: openlayer.com
    Title: eu ai act post market monitoring requirements
    Link: https://www.openlayer.com/blog/post/eu-ai-act-post-market-monitoring-requirements
    Source snippet

    EU AI Act post-market monitoring guide April 202624 Apr 2026 — The EU AI Act's post-market monitoring requirements go into effect April 2...

    Published: April 2026

  9. Source: optro.ai
    Title: what is a model card report your guide to responsible ai
    Link: https://optro.ai/blog/what-is-a-model-card-report-your-guide-to-responsible-ai
    Source snippet

    Here's How a Model Card Report Supports Responsible AI12 Feb 2026 — Learn what a model card report is and how it supports responsible AI...

  10. Source: orca.security
    Title: nist ai risk management framework ai rmf
    Link: https://orca.security/resources/blog/nist-ai-risk-management-framework-ai-rmf/
    Source snippet

    NIST AI Risk Management Framework (AI RMF) Explained20 May 2026 — Learn how the NIST AI Risk Management Framework (AI RMF) helps organiza...

    Published: May 2026

Topic Tree

Follow this branch

Parent topic

Model Cards What AI labels should tell US before launch

Related pages 2