Worldwide spending on artificial intelligence is accelerating even as buyers become less willing to accept bold promises without evidence. Gartner said in May that global AI outlay is expected to reach $2.59 trillion in 2026, up 47% year on year, with much of the increase driven by infrastructure such as AI-optimised servers and data centres. That surge, combined with Gartner’s warning that 2026 marks a “Trough of Disillusionment” phase, is forcing technology leaders to rethink ...
Continue Reading This Article
Enjoy this article as well as all of our content, including reports, news, tips and more.
By registering or signing into your SRM Today account, you agree to SRM Today's Terms of Use and consent to the processing of your personal information as described in our Privacy Policy.
how they assess vendors.
The old procurement checklist is no longer enough. Security certificates, service availability targets and standard contract language may still matter, but they do not capture the distinctive risks of AI systems, which can drift in performance, produce false outputs and fail in ways that are difficult to detect from routine monitoring. In practice, that means a model can remain online and still become less reliable over time.
One of the clearest changes is the rise of red-teaming as a procurement requirement. Rather than relying only on demonstrations or benchmark claims, buyers are increasingly being urged to test how a system behaves when it is deliberately pushed off script. The OWASP has issued vendor-evaluation guidance for AI red-teaming providers and tooling, reflecting the growing view that adversarial testing should be part of due diligence, not a niche security exercise. Buyers are being advised to ask vendors whether sandbox testing is allowed, how they measure jailbreak success, and what controls exist for prompt injection, data leakage and hallucinations.
That demand is likely to expand further. Market forecasts cited in the industry suggest AI red-teaming services could grow from $1.3 billion in 2025 to $18.6 billion by 2035, underscoring how quickly adversarial testing is becoming embedded in enterprise governance.
Contract terms are also changing. Traditional service level agreements are built around uptime and latency, but those measures do not address model drift, where output quality gradually deteriorates as data patterns change. Legal specialists are increasingly recommending that AI contracts include baseline performance measures, regular testing intervals and explicit remedies if accuracy falls below agreed thresholds. In more mature arrangements, those remedies can escalate from notifications to service credits and, eventually, termination rights.
Liability for hallucinations is another fault line. A database tracking AI-related legal disputes now lists more than 900 documented cases worldwide, a sign that courts and tribunals are steadily defining responsibility. In one high-profile case involving Air Canada’s chatbot, a tribunal rejected the argument that the bot could be treated as a separate legal entity, reinforcing the principle that companies remain accountable for the outputs of the systems they deploy. For buyers, that makes indemnities, accuracy warranties and carefully drafted allocation of responsibility far more important than they were in earlier software deals.
Regulators are moving in the same direction. Colorado’s AI Act is due to take effect in June 2026, bringing fresh obligations for employment-related systems, including impact assessments, risk-management policies and transparency requirements. Illinois has also introduced rules requiring disclosure when AI influences employment decisions. In finance, FINRA’s 2026 oversight guidance treats vendor management as a core control area, while updated SEC requirements on customer data protection also extend scrutiny to vendors using AI.
The scale of investment across the AI supply chain helps explain why these issues are rising to the top of board agendas. Tom’s Hardware reported that Google, Microsoft, Meta and Amazon are expected to spend a combined $725 billion on AI infrastructure in 2026, while the Semiconductor Industry Association is forecasting that global chip sales will reach $1 trillion, driven by demand for GPUs, high-bandwidth memory, networking gear and storage. That capital intensity is pushing the entire ecosystem to grow quickly, but it is also increasing the cost of getting vendor selection wrong.
For companies buying AI, the implication is straightforward: vendor compliance is no longer separate from organisational compliance. A supplier’s weaknesses in governance, testing or documentation can become the buyer’s problem once the system is in production. The smartest firms will therefore treat AI procurement less like a software purchase and more like an ongoing risk-management exercise, with red-team testing, drift monitoring and liability controls built into the contract from the outset.
Source: Noah Wire Services
