AI vendors are trying to bridge the governance gap

It’s becoming difficult to ignore a structural tension in enterprise AI: the same vendors responsible for deploying AI capabilities are also positioning themselves as the primary source of governance for those capabilities. The last week has thrown a spotlight on this issue not because of a single announcement, but instead the appearance of a pattern across security research, regulatory deployment and market strategy.

The pattern is worth naming because it’s easy to misread. This isn’t a story about vendors moving too fast, or about enterprise adoption outrunning caution. It’s a story about a specific kind of dependency forming — one where the judgment layer that enterprises need most is increasingly difficult to source independently from the systems it governs.

Anthropic and OpenAI’s enterprise announcements

This week, Anthropic and OpenAI both announced ventures explicitly structured to deploy AI inside enterprises. Anthropic's joint venture, backed by Goldman Sachs, Blackstone and Hellman & Friedman, pairs applied AI engineers with teams "building custom Claude workflows" for mid-sized companies. OpenAI's Deployment Company, raising at a $10 billion valuation, is oriented around the same premise. Both made the same observation on the same day: the limiting factor in enterprise AI is not the model but are, instead, the integration, orchestration and organizational layers.

This is true. UiPath's CMO Michael Atalla put a number on the failure rate this week: 70 to 80 percent of agentic AI pilots never reach production. This isn’t because the AI failed; it’s because agents ran in isolation, ROI got lost in the gap between capability and business goals and coordination collapsed.   

In the same week Anthropic announced it would send engineers to build governance infrastructure inside enterprises, it also shipped the infrastructure itself: one feature reviews past sessions and updates agent memory between runs; one evaluates work against a user-defined rubric and self-corrects before returning; one enables a lead agent to delegate workstreams to specialist subagents in parallel. These are platform-level implementations of the agent learning loop, constraint-based evaluation, and multi-agent topology — the three governance patterns that enterprise AI practitioners have been building from scratch for the past eighteen months.

Anthropic is now selling both the agent capability and the governance infrastructure for that capability. OpenAI is doing the same. And Google is pursuing the identical market through a different structure — advanced licensing talks with Blackstone, KKR, and EQT to reach the same mid-market enterprises through their private equity portfolios. Three of the four frontier labs, converging on the same layer, in the same week.

The governance layer is not vendor-independent

What makes this week's pattern interesting is what it reveals about the governance layer's lack of independence. When Anthropic's MCP — a widely-used protocol that currently plays central role in how AI tools communicate with enterprise systems — was found this week to contain a remote code execution vulnerability by design, not as a coding error but as a transport layer architecture decision, the implications weren’t limited to a patch cycle. Every framework, IDE and orchestration tool built on top of MCP inherits the exposure. The security layer enterprises need to govern AI infrastructure is itself dependent on the same vendor's design choices. Governance, in this case, cannot be fully independent of the thing it governs.

This isn’t an isolated case:

• Braintrust, the AI evaluation platform used by Notion, Stripe and Ramp to measure AI system quality, confirmed a breach this week in which customer API keys were exposed. Evaluation infrastructure, used by enterprises to verify their AI systems are performing correctly, turned out to be holding production credentials. 

•  At BMO and Amalgamated Bank, FIS and Anthropic deployed an automated anti-money laundering agent that reduced investigation review times from hours to minutes. Financial regulation requires human accountability for those decisions — and the audit trail and authorization frameworks that would satisfy that requirement don't yet exist for the deployment that's already running.

That sequencing — capability deployed, governance to follow — is what connects these cases. It isn't a story of failure. It's a story of a gap: the space between what an AI system is doing today and what the organizational and regulatory infrastructure around it can actually account for.

The governance gap is a sourcing problem

What organizations need to understand is that the governance gap isn’t primarily a technical problem, nor is it primarily a vendor problem; it’s really a sourcing problem. When the entity deploying AI capabilities is also the primary source of guidance on how it should be governed, the independence of that governance is structurally constrained. 

No vendor can credibly provide governance frameworks that recommend against their own products' use; no vendor has the organizational knowledge of a specific enterprise's risk profile, regulatory obligations and decision-making accountability structure that governance frameworks must reflect to be usable.

Ken Liu's observation, which he made during a ChinaTalk interview, puts the structural issue in clear terms. Access to frontier intelligence, he argued, can be rented; operational control and organizational learning cannot. The implication for enterprises is that template-based deployment, agent orchestration features and even managed constraint evaluation are all rentable; however, judgment about which constraints are appropriate for a specific regulated context, which failure modes are acceptable in a specific production environment and how agent behavior maps to organizational accountability is not something any vendor is able to sell. This is because selling it would require them to make decisions against their own platform.

Organizations that built their AI strategies around the assumption that governance frameworks would arrive alongside deployment tooling are now discovering the tooling is moving faster than the frameworks, and, what’s more, the frameworks offered by those same vendor channels are inherently limited. Vendor-dependency is forming before anyone has an alternative.

Developing architectural judgment

This tension will remain unresolved for the foreseeable future. That means organizations need to develop genuine architectural judgment — the capacity to evaluate, select and govern AI capabilities independently of the vendors offering it. Yes, this will be challenging given the speed of change is making independence increasingly difficult to maintain and financial structures (PE portfolio licensing, delivery ventures with frontier capital) are being designed to reduce friction in a direction that benefits the vendor, but it’s ultimately the critical task for AI adopters this year.

What a company's organizational structure actually needs to provide the governance layer independently — and whether it can be built at the pace deployment is demanding — is a question the week's signals raised clearly and left entirely open.