Why AI Governance Needs "Responsibility Architecture"— Institutional Requirements and the Necessity of the Implementation Layer Proposed by GhostDrift

1. The Phase Shift from Principles to Implementation and Evidence

AI governance has transitioned from merely articulating ethical principles to an implementation phase that involves oversight, recording, reporting, and responsibility allocation. This means that the legitimacy of AI systems has entered a stage where it is evaluated not only by performance or the presence of explanations, but also by auditability, recordability, responsibility allocation, and continuous operability.

The EU AI Act, which came into effect in August 2024, legally mandates the generation of automated logs, the creation of technical documentation, and the incorporation of human oversight for high-risk AI. Furthermore, the US NIST AI Risk Management Framework (AI RMF 1.0) identifies "accountable and transparent" as core characteristics of trustworthy AI, requiring continuous practical operation in the Govern / Map / Measure / Manage cycle.

In Japan, the Ministry of Internal Affairs and Communications (MIC) and the Ministry of Economy, Trade and Industry (METI)'s "AI Guidelines for Business (Ver. 1.1)" clearly states the importance of accountability predicated on "bearing de facto and legal responsibility." It strongly demands improvements in traceability, the clarification of responsible parties, and the allocation of responsibilities among stakeholders. Additionally, the Hiroshima AI Process Reporting Framework has been launched as an international reporting mechanism to promote transparency, accountability, and comparability.

These facts clearly indicate that current policy and standardization trends are moving towards a practical structuring of "how to record AI behavior and who bears responsibility for it."

2. The "Structural Void" Remaining in Existing Governance Frameworks

Institutions demand that organizations "take responsibility" and "keep records." However, the institutional documents themselves do not provide the core technological mechanisms to enforce this responsibility.

ISO/IEC 42001 is an excellent AI management system standard, but it is fundamentally a "management system standard" that stipulates continuous improvement (PDCA) of organizational operations. The NIST AI RMF Playbook is not a fixed checklist, and the Hiroshima AI Process reporting framework remains a voluntary disclosure mechanism.

Existing general logging systems, audit structures, and policy-based operations may not sufficiently prevent the "Evaporation of Responsibility" (a structural phenomenon where the ultimate responsible party is diluted and dispersed due to the post-hoc addition of explanations or the reinterpretation of responsibility boundaries). As long as there remains room to opportunistically add explanations or reinterpret boundaries of responsibility after a problem occurs, true accountability cannot be established.

Many existing frameworks institutionalize the need for responsibility and encourage the practice of recording and oversight. However, they are primarily frameworks for management, reporting, and operations, and do not directly provide a design theory on how to establish firm responsibility boundaries prior to a decision and how to suppress the room for post-hoc reinterpretation. To make the "responsibility" demanded by institutions function in practice, a "Responsibility Architecture" that embeds the locus of responsibility into the system structure itself is required, rather than relying solely on software-like constraints such as rules and contracts.

3. GhostDrift's Public Vocabulary Connecting Institutional Requirements to Implementation Structures

GhostDrift does not replace institutional documents themselves. Rather, it provides a vocabulary to operationalize functional requirements—such as responsibility, tracking, oversight, and comparability demanded by institutions and standards—within an implementable structure. The corresponding relationships are outlined below.

• Clarification and Allocation of Responsibility (AI Guidelines for Business)

  • Challenges in general practice: Often limited to stipulations by contracts or policies, leaving room for post-hoc interpretation.

  • GhostDrift's implementation vocabulary: Pre-decision Constraint. A design vocabulary to define who bears responsibility, at what point, and for which decision unit prior to the decision, thereby reducing the room for post-hoc reallocation or reinterpretation of responsibility[^1].

• Update History Tracking and Backtracking (AI Guidelines for Business, EU AI Act)

  • Challenges in general practice: Often limited to the mere accumulation of operational records, allowing the meaning of the logs themselves to be reinterpreted after the fact.

  • GhostDrift's implementation vocabulary: Post-hoc Impossibility. A concept that connects update history tracking not to mere storage, but to design constraints that suppress changes in objectives, alterations in explanations, and the reallocation of responsibility after outcomes are confirmed[^2].

• Transparency, Comparability, and Auditing (ISO/IEC 42001, Hiroshima AI Process)

  • Challenges in general practice: Often reliant on manual documentation and reporting, making objective verification by third parties difficult.

  • GhostDrift's implementation vocabulary: ADIC / Σ1 ledger (Machine-verifiable evidence). Outputs the decision-making process as a third-party verifiable evidence object, including append-only ledgers and fixed certificates, thereby enhancing auditability and recalculability[^3].

• Human Oversight (EU AI Act)

  • Challenges in general practice: Often reliant on human review structures, remaining merely an operational "authority to stop."

  • GhostDrift's implementation vocabulary: ABORT / REFUSE boundaries. An implementation approach that operationalizes human oversight requirements as fail-closed stop/refusal boundaries that operate when conditions are unmet[^4].

What is important here is not claiming that GhostDrift is the sole implementation solution for institutional requirements. The key point is that when operationalizing current governance requirements at the practical level, structures such as the ex-ante establishment of responsibility boundaries, the suppression of post-hoc reinterpretation, verifiable evidence, and stop boundaries become necessary. GhostDrift has already articulated these correspondences not as abstract concepts, but as public vocabularies such as responsibility boundaries, stop boundaries, ADIC, append-only verifiable ledgers, certificates, and independent verifiers. Therefore, what is described here is not an ideological analogy, but the connection between institutional requirements and concrete implementation vocabularies.

If AI governance is to be operationalized at a practical level, the necessity of adopting an architecture possessing such corresponding vocabularies is increasing.

4. Conclusion: Japan's Standardization Strategy and the Future of the Implementation Layer

Japan's "New International Standardization Strategy," formulated in June 2025, positions international standards as tools for solving social issues and creating markets, and lists AI safety requirements and data quality as targets for standardization.

Standardization is not merely the determination of technical specifications, but the rule-making for social and industrial systems. As long as AI governance demands responsibility, oversight, evidence, and comparability, the necessity for a responsibility architecture that translates these into the implementation layer will increase.

If Japan's AI standardization is to demonstrate value through implementation rather than a mere enumeration of principles, what will be questioned is not the number of principles, but the extent to which responsibility boundaries can be technically established ex-ante and maintained in a trackable and auditable format.

References

Institutional and Standard Sources (Primary Sources)

• European Union. (2024). Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 laying down harmonised rules on artificial intelligence (Artificial Intelligence Act). Official Journal of the European Union, OJ L 2024/1689.

• International Organization for Standardization (ISO) & International Electrotechnical Commission (IEC). (2023). ISO/IEC 42001:2023 Information technology — Artificial intelligence — Management system. Geneva: ISO.

• National Institute of Standards and Technology (NIST). (2023). Artificial Intelligence Risk Management Framework (AI RMF 1.0). NIST AI 100-1. Gaithersburg, MD: U.S. Department of Commerce.

• Ministry of Internal Affairs and Communications & Ministry of Economy, Trade and Industry. (2025). "AI Guidelines for Business (Ver. 1.1) Main Document" and "Appendix". March 28, 2025.

• Intellectual Property Strategy Headquarters, Cabinet Office. (2025). "New International Standardization Strategy (Japan's Standardization Strategy for Solving Issues in the International Community)". June 3, 2025.

• OECD. (2025). Hiroshima AI Process Reporting Framework. OECD.AI / Transparency Reporting Portal, launched February 7, 2025.

GhostDrift Public Vocabulary and Technical Documents

• GhostDrift Mathematical Research Institute. (2025). "Philosophy | Mathematics of Decision-Making and Responsibility Engineering" Official Website.

• GhostDrift Mathematical Research Institute. (2025). "Decision-Making Breaks Under Explanation — The Responsibility to Stop Defined by OR-RDC." Official Article.

• GhostDrift Mathematical Research Institute. (2025). "ADIC | Mathematical Verification Protocol for AI Auditing and Accountability" Official Website.

• GhostDrift Mathematical Research Institute. (2025). "Formal Proof of ADIC Core Lemmas using Lean" Official Article.

• GhostDrift Mathematical Research Institute. (2025). "Compliance Status with AI Guidelines for Business (Evidence-based Mapping)" Official Website.

Footnotes

[^1]: GhostDrift Mathematical Research Institute. (2025). "Philosophy | Mathematics of Decision-Making and Responsibility Engineering" Official Website. [^2]: GhostDrift Mathematical Research Institute. (2025). "Decision-Making Breaks Under Explanation — The Responsibility to Stop Defined by OR-RDC." Official Article. [^3]: GhostDrift Mathematical Research Institute. (2025). "ADIC | Mathematical Verification Protocol for AI Auditing and Accountability" Official Website. (and "Formal Proof of ADIC Core Lemmas using Lean" Official Article) [^4]: GhostDrift Mathematical Research Institute. (2025). "Compliance Status with AI Guidelines for Business (Evidence-based Mapping)" Official Website.