AI Governance Institute logo
AI Governance Institute

Practical Governance for Enterprise AI

← All news

Topic

Third-Party AI Risk

Third-party AI risk refers to governance and compliance challenges that arise when organizations use AI systems, models, or services developed and operated by external vendors and providers. This includes risks related to data security, model reliability, vendor accountability, and compliance with regulations when AI decision-making is outsourced or integrated from third parties. Managing third-party AI risk is critical for enterprises because it extends their compliance obligations and potential liability to external partners while maintaining visibility and control over AI systems that may impact customers, employees, and regulatory standing.

2 items

ResearchGlobal2026-05-06

Three Structural Gaps Where AI Undermines Corporate Governance, Seattle University Law Review Finds

A peer-reviewed article published in the Seattle University Law Review examines how AI and emerging technologies are creating structural mismatches with existing corporate governance and regulatory frameworks. The article identifies three phenomena: the blurring of firm boundaries through externally provided AI services, strategic resource access without ownership, and the dual role of online platforms as both market facilitators and market participants. The authors argue that current governance frameworks are poorly equipped to address these shifts.

corporate governancethird-party AI riskplatform regulationAI governancesupply chain accountabilityaccountabilityrisk managementUnited Statesregulatory frameworksfinancial services
ResearchUS2025-05-30

Harvard Law Review Finds OpenAI and Anthropic Governance Structures May Fail to Prevent Unsafe Incentives

A May 2025 article in the Harvard Law Review analyzes the atypical corporate governance structures at OpenAI and Anthropic, including capped-profit models and stakeholder-oriented boards designed to resist commercial pressure. The article argues that these mechanisms may still permit unsafe incentive structures and weak accountability, raising questions about whether fiduciary duties and board independence are sufficient to enforce safety-oriented governance at frontier AI developers.

corporate governancefiduciary dutyfrontier AI vendorsboard accountabilitythird-party AI risk