As an AI governance and policy consultant, I review dozens of AI models every week. From product briefs to technical specifications, from security reports to risk assessments, we request a wide range of critical details from companies. And at this point I can say this with full confidence: across generative AI and agent-based systems, the technical architectures all look increasingly alike. The promises keep getting bigger, the demos get cleaner, the experience feels seamless, but governance? The same questions remain unanswered.

This isn’t an accident. It’s a systematic maturity gap. And that gap has become one of the biggest obstacles to responsible AI adoption. The main reason isn’t just a lack of regulation, it’s also the fact that “the big players” themselves lag on these topics.

Today, I want to walk you through the recurring governance gaps that surface across dozens of vendor documents. These are not theoretical concerns. They are concrete deficiencies I encounter every day in real procurement and integration processes, issues that block risk evaluations and make the work of compliance teams nearly impossible.

Sub-processor dependency: The invisible risk nobody questions

Most vendors suffer from the same critical illusion: blind trust in their sub-processors.
“We use OpenAI, they are secure,” they say, as if OpenAI’s SOC2 report somehow guarantees the security of their product.

Yet the most basic questions go unanswered: Which models (GPT-4, Claude, Gemini) are used for which features? Where are they hosted? What does their sub-processor chain look like, and how often does it change? What contractual assurances do they have with OpenAI/Anthropic? Is there a written guarantee that customer data will not be used for training?

Key gaps:

• Contract chain ambiguity: You sign with the vendor. The vendor signs with OpenAI. But do OpenAI’s contractual commitments meet your requirements? If the vendor switches its model provider (from OpenAI to Anthropic), do you get notified or asked for approval? Most of the time the answer is: “We found out later.”

• Single point of failure: Many vendors rely on a single model provider. If OpenAI goes down, their entire service goes down. No fallback plan, no migration scenario.

• Data flow opacity: Your data flows from the user → vendor’s servers (where?) → OpenAI API (where?) → model inference (where?). Which jurisdictions does it travel through? You may have SCCs for EU→US transfer, but does the vendor have SCCs with OpenAI?

Data… data… data… but how exactly?

Here’s a crucial distinction: companies are more mature when it comes to classic data protection. GDPR (2018), CCPA (2020), and similar regulations have been around for years. Organizations learned to handle encryption, access control, retention, deletion procedures. SOC2 and ISO 27001 audits are routine. Documentation exists; processes are set; controls work.

BUT: this classic compliance framework is not integrated with the unique structure of AI systems.

AI handles data differently:

• contextual data

• vector embeddings

• sensitive information leaking through prompts

And standard vendor answers fall short:

• “We do not store your data” → But how long is it kept in memory for processing?

• “We don’t train on customer data” → Is that guaranteed in writing with OpenAI/Anthropic?

• “End-to-end encryption” → The data is decrypted during inference; what protects it then?

AI-specific questions are left unanswered:

Is fine-tuning happening? Are user inputs leaking into model weights? Is training data resurfacing in outputs? How is tenant isolation handled in multi-tenant architecture? During cross-border transfer, which jurisdiction performs model inference? Is sensitive data detected and stripped automatically, and for which data types?

AI adoption is accelerating, but data protection frameworks haven’t adapted to the structural realities of AI. Vendors are not filling this gap with the documentation, controls, or transparency required.

Human oversight

“Human oversight is in place” has become a mandatory marketing phrase. It appears in almost every vendor document. But what does it actually mean? In practice: almost nothing. Because human oversight isn’t a monolith, it has distinct levels, each designed for different risk profiles:

Human-in-Command: The human is fully in control. AI only informs or recommends; it cannot execute actions. Required for high-risk scenarios.

Human-in-the-Loop: The human approves each critical decision. Suitable for medium-to-high risk.

Human-on-the-Loop: AI acts autonomously but humans oversee the system and can intervene. Suitable for lower risk.

The issue: vendors simply say “we have human oversight,” without specifying which level applies or how it aligns with the system’s risk level. And they lack understanding of where they sit within the AI lifecycle.

• Which features map to which oversight level?

• How is risk assessed, and by whom?

• Can oversight levels change dynamically?

• How are harmful or incorrect outputs escalated?

• Is there an emergency shutdown? Who can trigger it?

• Is human intervention effectiveness measured?

In some products, even high-risk features run autonomously but are marketed as “assistive.” Yet the difference between assistive and autonomous is critical: one supports human agency; the other transfers it. Human oversight is not a checkbox — it’s a governance design requirement.

Model behavior boundaries are undefined

One of the core governance requirements for AI systems is to define the boundaries of model behavior.

• Is it deterministic or probabilistic?

• What is its hallucination rate?

• How do guardrails work?

• Is grounding present?

• Does it express uncertainty?

These gaps create a black-box effect. If behavior is undefined, governance is impossible. And users don’t know when to trust, when to question, or when to verify outputs.

Lifecycle governance collapses after deployment

Vendors usually mention only pre-deployment testing: red-teaming, penetration tests, adversarial tests. Important, but not sufficient. AI systems aren’t static; they drift, degrade, evolve.

What’s missing is everything that happens after deployment:

• Drift monitoring

• Fairness monitoring

• Unexpected behavior detection

• Model update management

• Incident response
  

  Under the EU AI Act and ISO 42001, continuous risk management and lifecycle governance are mandatory. Yet vendor documents operate as if AI systems are static once deployed.

Fairness and bias reduced to marketing slogans

Every document contains the same line: “We train on diverse and balanced data to reduce bias.”

Nice slogan. But:

• dataset transparency is superficial

• benchmark testing is shallow

• group-level impact assessment is missing

• disparate impact isn’t measured

• intersectionality is ignored

• contextual fairness is weak

AI features are embedded, uncontrollable, and opaque

This is one of the most problematic areas: users often don’t even know when they’re interacting with AI, and even if they do, they cannot disable or configure it.

• No AI on/off switch

• No granular enterprise permissions

• RBAC for AI features limited to engineers

• Missing feature-level audit logs

• UI transparency inconsistent

• AI usage policies unenforceable

Auditability: “If it isn’t logged, it didn’t happen”

The golden rule of compliance, yet most AI systems still have primitive logging.

• Comprehensive interaction logs are rare

• Tamper-proof logs almost nonexistent.

• Searchability limited.

• Segmentation insufficient.

• Integration with enterprise security weak.

• Forensic readiness immature.

Our governance principles exist… but that’s all

Transparency, fairness, security, privacy, accountability, human-centric design. Great words. Inspiring values. But after reading 50 pages of vendor documentation, you realize: none of these principles translate into operational controls.

Frameworks like ISO 42001, NIST AI RMF, and the EU AI Act outline a clear path:
Principle → Control → Metric → Evidence

But vendors remain stuck at the “principle” stage. No controls. No metrics. No evidence.

A real governance chain looks like this:

• Principle: “Our system will be transparent.”

• Control: “We will show an AI disclosure in 100% of interactions.”

• Metric: “Disclosure must appear in 100%, and 90% of users must acknowledge seeing it.”

• Measurement: “97.3% displayed, 91.2% acknowledged.”

• Evidence: logs, screenshots, analytics

Most vendors never make it past step 1. There is no RACI matrix. No incident response plan. No role clarity. No verification mechanism.

AI components and risk classification: the avoided question

One of the first questions in any assessment should be:
Which features use AI, and which do not? It sounds basic, yet most vendors cannot or will not answer it, citing “proprietary IP.”

The EU AI Act defines four risk categories (unacceptable / high / limited / minimal). But vendors lump everything together. No risk differentiation, no governance alignment.

Technology is ready, but maturity is still in its infancy

Across dozens of vendor assessments, the picture is clear: The AI tools market is technically mature. The capabilities are impressive. The demos are captivating. Adoption is growing fast. But governance foundations remain fundamentally weak.

Recurring gaps include:

• opaque sub-processor chains

• wrong or missing human oversight

• undefined model behavior

• lack of post-deployment monitoring

• unproven fairness claims

• missing data minimization by design

• uncontrollable AI features

• missing AI-specific security controls

• insufficient or editable audit logs

• principles without operationalization

• no risk classification or tailored governance

Week after week, the conclusion is the same: even highly funded, technically sophisticated tools used by Fortune 500 companies still have serious governance flaws. These gaps are no longer acceptable.

• For enterprises: GDPR and the AI Act place responsibility on you. “The vendor says they’re secure” won’t satisfy regulators.

• For compliance teams: you cannot approve what you cannot verify.

• For users: trust cannot form without transparency.

• For regulators: AI Act enforcement is beginning; GDPR scrutiny is increasing.

  What needs to happen?

AI adoption will accelerate, McKinsey estimates 72% in 2024. Gartner projects over $200B in enterprise AI spending in 2025. This trend won’t reverse. But acceleration must be safe, responsible, accountable, and sustainable. Because this isn’t just a technical issue:

• It’s a trust issue:
  If people don’t trust AI, they won’t use it. If enterprises don’t trust vendors, they won’t buy. If regulators don’t trust industry, they’ll impose restrictions. Trust is slow to build and quick to lose.

• It’s a sustainability issue:
  Products that scale fast without governance foundations will face scandals, lawsuits, regulatory intervention. Theranos and Cambridge Analytica should not be forgotten.

• It’s a long-term value issue:The companies that build transparent, governable, accountable AI will be the long-term winners.

  Because:

  • enterprises are now looking for governance, not just features

  • regulatory pressure is tightening

  • talent values ethical AI

  • investors price governance risk

Now is the time to build governance.