A system card is a document an AI company publishes alongside a new model, describing how it was built, how it was tested, and what its safety team found before release. It functions like a nutrition label for an AI system: one reference showing what the model can do, where it’s known to fail, and which safeguards are meant to catch the failures. For a reader trying to check a company’s safety claims against what was actually tested, the system card is the primary source.

What’s actually inside one

A typical system card covers several things at once: a summary of the model’s capabilities, an overview of how it was trained, results from internal and external safety evaluations, and a list of mitigations put in place before launch. The evaluations usually go beyond ordinary quality testing — they check for “dual-use” risks, meaning capabilities that could help as easily as they could harm, such as giving detailed advice on building weapons, writing malware, or manipulating people at scale. Labs also disclose known limitations and failure modes, and sometimes redact specific technical detail that could otherwise function as a how-to guide for causing harm.

System card vs. model card

The two terms get used almost interchangeably, but they describe different things. The model card, proposed by researchers at Google in 2018, was designed to document a single trained model — its intended use, its performance across different groups of users, and its limitations. The system card is broader: it covers the deployed product as a whole, including any guardrails, moderation layers, and human review processes wrapped around the underlying model, not just the model’s raw behavior in isolation.

Why labs started publishing them

OpenAI popularized the modern system card with the release of GPT-4 in March 2023, publishing a lengthy document that walked through the risks its safety team had tested for — from misinformation to cybersecurity to attempts at self-replication — and the mitigations, like reinforcement learning from human feedback and content moderation filters, used to address them. Anthropic has since built system cards into its own Responsible Scaling Policy, describing them as documents that should be published “at deployment, and updated if the model is substantially revised,” so that researchers, governments, and the public can independently judge how a model was tested. Google DeepMind and Meta now publish similar documents for their major model releases.

Why it matters now

What began as a voluntary industry practice is becoming a regulatory requirement. Under the EU AI Act, providers of general-purpose AI models have had to maintain standardized technical documentation for every model released in the EU since August 2025, and the European Commission’s enforcement powers over that requirement begin on August 2, 2026. The law encourages public release of that documentation but stops short of mandating it outright — in practice, most frontier labs publish their system cards openly anyway, partly because doing so has become the expected baseline for credibility in the industry.

Where to actually read one

Each major lab publishes its own system cards on its website rather than through a shared registry. Anthropic collects its safety documentation, including system cards, on its Transparency Hub; OpenAI publishes a system card alongside the announcement of each new model on its own site. Reading the card for a specific model before relying on it for a sensitive task is a reasonable habit for anyone building on top of these systems, not just researchers.

In the news

System cards exist precisely to catch problems like the one the UK’s AI Security Institute found in OpenAI’s GPT-5.6 — a jailbreak that could bypass the model’s safety training entirely. See our report on that finding, which shows both what system cards are meant to prevent and how much can still slip past pre-release testing.

FAQ

Is a system card the same as a system prompt? No. A system prompt is a set of instructions given to an AI model at runtime to shape its behavior. A system card is a public document describing how the model was tested and what risks were found — an entirely different thing with a similar name.

Are companies legally required to publish system cards? Not universally. It began as a voluntary practice. The EU AI Act now requires providers of general-purpose AI models to maintain equivalent technical documentation for any model offered in the EU, though public release of that documentation is encouraged rather than strictly mandated.

Do system cards disclose every risk a company finds? Not necessarily. Labs can redact information that would be dangerous if made public, such as step-by-step detail on a bioweapons or cyberattack risk. The tradeoff is between transparency and not handing bad actors a blueprint.

Does a system card get updated after release? Sometimes. Anthropic and others have said cards should be revised if a model is substantially changed after launch, though in practice many models ship only one version of the card, at release.

Sources: OpenAI’s GPT-4 System Card · Anthropic: The Need for Transparency in Frontier AI · EU AI Act Code of Practice overview