Post-Deployment Accountability in AI Governance: A Cross-Regulatory Empirical Analysis of AI Incidents
Abstract
Post-deployment accountability has become central to AI governance, yet little empirical evidence shows whether monitoring, incident reporting, and impact assessment obligations are visible when AI systems fail.
This study analyzes real-world AI incidents from the AI Incident Database (2020--2026) and codes them against nine post-deployment provisions from the EU AI Act, the NIST AI Risk Management Framework, and the GDPR.
The findings show substantial accountability gaps: 77.1\% of incidents lack evidence of EU AI Act post-market monitoring, and 99.6\% lack documented Data-Protection Impact Assessment evidence.
Governance gaps are also systemic, with 9.8\% of incidents simultaneously non-compliant under two or more regimes.
Incidents detected through internal monitoring show much higher compliance than externally detected incidents (87.5\% vs 5.3\% under the EU AI Act; 95.8\% vs 58.1\% under NIST), suggesting that monitoring capacity is a key condition for effective post-deployment governance.
Building on these findings, the paper proposes the Proactive AI Governance Compliance Framework (PAGCF), a four-phase lifecycle for pre-deployment assessment, continuous monitoring, incident preparedness, and cross-framework verification.
이 뉴스, 어떠셨어요?
탭 한 번으로 반응 · 로그인 불필요