Model Card

A model card is a structured documentation artifact that provides essential information about a machine learning model, including its intended purpose, training data characteristics, performance metrics across different populations, known limitations, and ethical considerations. Originally proposed by researchers at Google in 2018, model cards have become an industry-standard practice for transparent AI documentation and are now commonly published alongside models on platforms like Hugging Face.

While the EU AI Act does not explicitly mandate model cards by name, the transparency and documentation requirements of Articles 11 and 13 align closely with model card principles. High-risk AI systems must provide users with information sufficient to understand the system's capabilities, limitations, and appropriate use conditions. Model cards offer a proven format for organizing and communicating this information. For organizations using third-party models, model cards serve as critical due diligence artifacts. The EU AI Act holds deployers accountable for understanding the AI systems they use, and model cards from upstream providers supply essential information about model behavior, training data provenance, and known biases that deployers must consider in their own risk assessments. However, model cards alone are insufficient for EU AI Act compliance. They document the model in isolation, whereas the regulation requires documentation of the complete AI system including its integration, deployment context, and operational safeguards. Organizations must supplement model cards with broader system-level documentation.

Organizations should create or obtain model cards for every AI model they develop or deploy. A comprehensive model card includes several key sections: model details (architecture, version, training date), intended use cases and explicitly identified out-of-scope uses, training data sources and characteristics, evaluation methodology and datasets, performance metrics disaggregated by relevant demographic groups, known limitations and failure modes, and ethical considerations including potential biases and mitigation measures.

For internally developed models, teams should create model cards as part of the development lifecycle, updating them as models are retrained or modified. For third-party models, organizations should request model cards from providers and document gaps where information is unavailable. The relationship between model cards, system cards, and Annex IV documentation requires careful attention. Model cards describe individual models; system cards describe complete AI systems incorporating those models; and Annex IV technical documentation provides the comprehensive compliance record required for high-risk systems. Organizations should design their documentation strategy to build efficiently from model cards up through system cards to Annex IV requirements, avoiding duplication while ensuring completeness.