Most AI governance fails quietly. Not in a headline incident, but in the gap between a policy that exists and a control that runs. A binder of principles satisfies an auditor for exactly one cycle; it does nothing on the day a model ships an unsupported answer into a decision that matters.
The document trap
The instinct, faced with a new and powerful capability, is to write it down — a responsible-AI policy, a set of values, a slide that says human oversight. Documentation is necessary. It is also the easiest part to fake, because prose has no runtime. The work begins where the document ends: turning each stated intent into something that executes, refuses, logs, or escalates.
What a control is
A control is a specific, testable obligation attached to a specific point in the system. Not “we value accuracy,” but: every machine-generated claim is checked against its cited source before a person reads it, and the system will not surface an answer whose evidence it cannot produce. That sentence has a subject, a trigger, and a failure mode. It can be instrumented. It can pass or fail.
A framework you can’t fail isn’t a framework. It’s a wish with footnotes.
Binding, not advisory
The line between advisory and binding is the whole game. NIST’s AI RMF and ISO/IEC 42001 give you the vocabulary — govern, map, measure, manage — but vocabulary is not enforcement. A binding control is one the system cannot route around: it sits in the path of the output, not in a quarterly review of it.
Evidence as the output
Reframe what the system produces. It does not produce an answer; it produces an answer and its evidence, together, or nothing. Provenance stops being a feature you add and becomes the substrate you build on. Once that inversion is made, most of the hard governance questions answer themselves — because an unsupported claim simply has no path to the surface.
What it costs to skip
Skipping the control work doesn’t save the cost; it moves it downstream to the most expensive possible moment — after the work has shipped, in front of the client, on the record. The cheapest place to catch an error is before it ever leaves the system. Governance, done as engineering, is just the discipline of catching it there.