If you don't keep and cross-reference documents it is really easy to circumvent, e.g. by kids asking their older siblings to sign them up.

I don't think a bulletproof age verification system can be implemented on the server side without serious privacy implications. It would be quite easy to build it on the client side (child mode) but the ones pushing for these systems (usually politicians) don't seem to care about that.

Yep, it is easy to circumvent, and the silver lining of all of this is that regulators don't care. They care that these companies made an effort in guessing.