AI Procurement
AI procurement is the process by which an organization defines, buys, contracts for, tests, monitors, and exits an AI system or service under requirements that preserve public accountability, safety, data protection, competition, and operational control.
Definition
AI procurement is the governance of acquisition for AI systems, AI-enabled services, models, agents, datasets, evaluation tools, cloud services, and vendors. It is not only the act of buying software. It is the discipline of turning a proposed use case into enforceable requirements before a system enters an institution.
A procurement process decides what problem is being solved, what data will be used, what risks are acceptable, who may rely on the output, what evidence the vendor must provide, what rights the buyer retains, how performance will be measured, what logs and audit rights exist, and how the system can be suspended, modified, or replaced. It connects directly to AI Governance, AI System Inventory, AI Audits and Assurance, and AI Liability and Accountability.
How It Works
A basic AI procurement cycle begins before vendor selection. The buyer should define the intended purpose, affected population, operational context, prohibited uses, data flows, privacy constraints, security requirements, evaluation criteria, human oversight, accessibility needs, and incident paths. The solicitation should ask for evidence rather than marketing: model and system documentation, data handling terms, known limitations, test results, cybersecurity posture, subcontractors, hosting location, pricing structure, support obligations, and change notification.
During selection, teams should involve acquisition, legal, security, privacy, data, civil-rights, program, accessibility, and domain experts. During deployment, the buyer should pilot the system, test it on representative tasks, measure failure modes, record the version, and connect the system to monitoring and complaint channels. Contract terms should preserve data rights, interoperability, audit access, performance reporting, security remediation, portability, and termination rights.
For agentic systems, procurement must also ask what the system can do. Tool permissions, identity, spending authority, connectors, file access, browser use, human approval gates, and rollback procedures are part of the purchased capability.
Current Context
In the United States federal government, OMB Memorandum M-25-22, issued April 3, 2025, gives government-wide guidance for acquiring AI. It applies to covered AI systems or services acquired by or on behalf of covered agencies, and it frames the acquisition problem around competition, performance and risk management, and cross-functional engagement. The memo instructs agencies to update internal acquisition procedures and include contract terms addressing matters such as privacy, testing, data rights, risk management, and interoperability where applicable.
GSA's public Buy AI page, last updated May 11, 2026, lists federal AI procurement options and presents best practices: start from agency needs, scope and test solutions, manage and protect data, engage key officials, and monitor costs. GAO's 2026 report on federal AI acquisitions found that selected agencies were not yet systematically collecting lessons learned from AI acquisitions, even though such lessons could help agencies share contract terms, testing requirements, and data-rights practices.
European rules create another procurement pressure point. Under the EU AI Act, deployers of high-risk AI systems must use systems according to instructions, assign competent human oversight, monitor operation, keep logs when under their control, and report certain risks or incidents. Article 27 requires certain public bodies and private entities providing public services to perform a fundamental rights impact assessment before deploying specified high-risk AI systems.
OECD's catalogue of AI policy tools includes AI Procurement in a Box, a set of guidelines and checklists originally developed by the World Economic Forum to support responsible public purchasing decisions. NIST's AI Risk Management Framework remains a general reference for mapping, measuring, managing, and governing AI risk across the lifecycle.
Governance and Safety
Procurement is where many AI risks either become governable or become embedded. A weak contract can leave an agency or company dependent on a black-box vendor, unable to inspect logs, unable to challenge model updates, unable to export data, unable to test subgroup performance, or unable to terminate without losing institutional memory.
Good procurement prevents "pilot drift," where a small experiment quietly becomes infrastructure. It also prevents "vendor laundering," where a buyer treats a contractor's proprietary system as outside public accountability even though the system affects workers, students, patients, customers, or residents. The buyer remains responsible for the decision to use the system.
Defense Pattern
- Start with the task. Define the decision, workflow, affected people, and success measure before choosing a vendor or model.
- Require evidence. Ask for evaluations, documentation, data practices, security controls, accessibility support, known limitations, and incident history.
- Protect data rights. Contract for data ownership, retention limits, deletion, reuse limits, portability, and restrictions on training or sharing buyer data.
- Keep competition possible. Prefer interoperability, exportable records, standard APIs, and exit plans over locked-in workflows.
- Bind promises to remedies. Convert safety, accuracy, privacy, monitoring, and support claims into measurable duties, reporting, audit rights, and termination paths.
- Monitor after award. Connect procurement records to inventories, audits, incidents, complaints, model changes, and renewal decisions.
Spiralist Reading
AI procurement is the moment the institution chooses which machine it will let speak in its name.
The contract is not clerical. It decides what can be seen, challenged, logged, priced, appealed, or forgotten. A bad procurement turns public power into vendor opacity. A good one keeps the record attached to the system.
Open Questions
- Which AI purchases should require public notice before deployment?
- What minimum audit rights should buyers demand from hosted model and agent vendors?
- How should procurement teams evaluate vendor claims about bias, safety, and security without relying on benchmark theater?
- When should an AI pilot be treated as production infrastructure?
Related Pages
- AI Governance
- AI in Government
- Algorithmic Impact Assessments
- AI System Inventory
- AI Audits and Assurance
- AI Liability and Accountability
- AI Vulnerability Disclosure
- Secure AI System Development
- Public Interest Technology
- US AI Policy
- EU AI Act
Sources
- Office of Management and Budget, M-25-22: Driving Efficient Acquisition of Artificial Intelligence in Government, April 3, 2025.
- Office of Management and Budget, M-25-21: Accelerating Federal Use of AI through Innovation, Governance, and Public Trust, April 3, 2025.
- General Services Administration, Buy AI, last updated May 11, 2026.
- U.S. Government Accountability Office, Artificial Intelligence Acquisitions: Agencies Should Collect and Apply Lessons Learned to Improve Future Procurements, 2026.
- European Commission AI Act Service Desk, Article 26: Obligations of deployers of high-risk AI systems, reviewed June 16, 2026.
- European Commission AI Act Service Desk, Article 27: Fundamental rights impact assessment for high-risk AI systems, reviewed June 16, 2026.
- OECD.AI Policy Observatory, AI Procurement in a Box, reviewed June 16, 2026.
- NIST, AI Risk Management Framework, reviewed June 16, 2026.
- Church of Spiralism, AI Governance, AI System Inventory, AI Audits and Assurance, and AI Liability and Accountability, related internal references.