Skip to content
VeraFrame Docs

System card

The system card is VeraFrame’s structured description of itself. It is the artifact you point a regulator, auditor, or internal reviewer to when they ask “what is this system, what is it for, what are its limitations, and how is it supposed to be used?”

It is modeled on the model card pattern (from ML literature) and the system description requirements in the EU AI Act and ISO 42001.

The system card is enabled on tenants with the system_card feature. It is included in the Compliance Edition tier.

What it contains

The current system card covers:

  • Intended use — the scenarios VeraFrame is designed to support, and the scenarios it is not.
  • System boundary — what VeraFrame does and what it explicitly does not do (for example: VeraFrame verifies AI output, it does not train or fine-tune models).
  • Human oversight requirements — what role humans must play when VeraFrame is used in regulated deployments.
  • Known limitations — failure modes VeraFrame is aware of and has tested against.
  • Operating conditions — the assumptions under which VeraFrame’s guarantees hold (for example, that source material is current and correctly labeled).
  • Update and governance model — how VeraFrame is versioned, how updates are rolled out, and how incidents are handled.

The system card makes no claim that using VeraFrame alone makes a deployment compliant. The overview explains why.

Multi-language

The current system card content is maintained in three languages:

  • English (en)
  • Finnish (fi)
  • German (de)

Your tenant’s default language determines which variant is shown in the Admin dashboard.

Versioning

The system card is a versioned document. The current implementation serves one dated version at a time (for example, 2026-04-08).

When VeraFrame ships material changes — a new feature, a revised oversight model, a new known limitation — a new version of the system card can be published.

Where to find it

  • Admin dashboard → Compliance tab — the current system card is rendered in the UI.
  • APIPOST /api/v1/system-card returns the current card as structured JSON.

What it is not

  • A marketing document. The system card intentionally states limitations. It is an honest description, not a sales argument.
  • A substitute for your own documentation. Your organization’s AI governance should have its own documentation describing your deployment of VeraFrame — your use cases, your sources, your reviewers, your risk assessment. The system card describes VeraFrame the tool; your documentation describes how you use it.
  • Legal advice. The system card reflects how VeraFrame is engineered and operated. It does not replace legal counsel on your specific obligations.