AI Procurement

The Technical Definition

AI procurement is the process of evaluating, contracting, and onboarding AI systems and vendors. It overlaps with traditional software procurement on surface — vendor diligence, security review, pricing, SLAs — but adds a set of concerns that do not exist in standard SaaS: model behavior under stress, training data exposure, output liability, model versioning and deprecation, and the right to leave with your data and your fine-tuning artifacts intact.

What This Actually Means for Your Business

Your standard Master Services Agreement was written for software that does the same thing every time you call it. AI does not do the same thing every time you call it. That single fact breaks half the assumptions in your template.

Here is what your legal team is missing if they treat the AI contract like a SaaS renewal. Acceptance criteria — for SaaS, “the software runs” is acceptance. For AI, you need a defined eval set with measurable thresholds, run before go-live and re-run on every model update. Without it, “the AI works” is whatever the vendor says it is. Output ownership and liability — when the model hallucinates a regulation that does not exist and your team acts on it, who is liable. Default contract language pushes that to you. Training data rights — is the vendor allowed to use your prompts and outputs to train their next model. The default answer is yes unless you negotiate it out, and your competitors are training on your inputs by next quarter. IP indemnification — when the model regurgitates copyrighted text into a customer-facing email, who pays for the suit. Model versioning — when the vendor swaps the underlying model, do you get notice, do you get to test, do you get to refuse. Without that clause, your prompt-engineered workflow can break overnight and the vendor’s response is “we improved the model.”

Then there is the data exit clause, which is the most-skipped and most-expensive omission. If you fine-tuned the vendor’s model on five years of your customer data, what do you get back when you leave. The fine-tuned weights. The training data. Nothing. The default is nothing, and you find out in the renewal negotiation when they are pricing the lock-in.

Reality Check

What the vendor says: “We use industry-standard contract terms.”

What that means in practice: They use a SaaS contract that does not address model behavior, training data use, hallucination liability, or model deprecation. The terms are standard for software that is not AI. Every AI-specific risk falls on the customer by default.

What Operators Actually Do

Operators who buy AI well build a parallel diligence track that runs alongside legal and security review. It has its own checklist. Eval requirements: a defined test set the vendor must pass, with named owners on both sides, and a re-evaluation clause on every model swap. Data and training rights: explicit opt-out of customer data being used to train the vendor’s models, in writing, with audit rights. Output liability: a hallucination clause that defines what counts as material error and who carries the cost. Model versioning: written notice of model changes, with a sandbox window to re-test before forced cutover. Data exit: defined deliverables on contract termination — fine-tuned weights if applicable, prompt libraries, eval data, and any retrieval indexes built on customer data.

The other move: they buy AI in stages, not in one signature. Pilot terms first, with narrow scope and short duration. Production terms negotiated separately after the eval results are real. The vendor will resist this because it cuts their first-deal revenue. That resistance is information. The vendors who agree are easier to live with.

The Questions to Ask

1. What happens to our data, prompts, and outputs after they leave our system? Are they used to train the vendor’s models. Are they retained. Are they shared. Get the answer in the contract, not on the call.

2. What is the acceptance test, and who owns the eval set? If the answer is “the system goes live and you tell us if it works,” the vendor has shifted all definition risk to you. Define it before signing.

3. What do we walk away with on termination? Weights, data, indexes, prompt libraries, eval results. List every artifact. The default is you walk away with nothing and the vendor keeps everything you paid them to build.