The Vendor Concentration Scorecard for Enterprise AI Stacks

Eighty-one percent of enterprise leaders say they are worried about depending on a single AI vendor. Six percent believe they could switch without disruption. And 47% say a key business function would stop entirely if that vendor went dark[^1].

The distance between those three numbers is the part procurement keeps missing. Worry is cheap. The six-percent figure is the expensive one: almost nobody running production workloads on a vendor believes they could leave cleanly. Not because the contract is hard to cancel — most are — but because by the time leaving becomes attractive, the vendor has stopped being a line item and become structural. Vendor concentration risk does not sit in the API contract. It sits in everything an organization builds on top of it.

The risk isn't on the invoice

When a board asks about vendor concentration, the reflex is to pull the contract and check the renewal terms. That inspects the shallowest layer. The API is the easiest thing to replace: abstraction layers between an application and the underlying vendor API can cut migration effort by 60–80% when adding or switching vendors[^1]. If lock-in lived only in the API, it would already be a solved problem.

It lives lower. Vendor dependency accumulates across five independent layers: model behavior, the orchestration framework, data, the governance evidence trail, and organizational knowledge. Each layer carries its own switching cost[^1][^2]. The dangerous property is that these costs compound rather than add. A team can repoint an API endpoint in an afternoon, but it cannot re-derive months of prompt tuning, re-platform its agent orchestration, re-home its data, regenerate its audit history, and retrain its people on a new vendor's quirks in the same afternoon. And it has to do all of them at once for the switch to be real.

Agentic deployments make this worse, not better. Agentic AI entangles an enterprise simultaneously at the foundation model, the orchestration framework, the runtime environment, and the developer patterns its team has internalized, so exit costs compound across layers instead of staying isolated to one[^2][^1]. The more capable the deployment, the deeper the hooks.

Governance is the load-bearing layer

Of the five layers, the one no procurement checklist prices is the governance evidence trail. Tying audit trails and compliance policy to a single vendor's model means any model deprecation or pricing change forces a governance rebuild, not a migration[^3][^2].

That distinction carries the whole argument. A migration moves a working system onto a new substrate; controls and sign-offs come along. A rebuild starts from zero: new model, new audit baseline. The old certification doesn't transfer. For a regulated workload, that is not a switching cost. It is a re-certification project with its own budget and calendar.

Most organizations are not carrying the scaffolding to absorb that. Only 25% have implemented strong AI governance frameworks even though 83% are already using AI tools[^4]. The gap is widest exactly where it hurts most: at the organizations with the highest deployment velocity, which are also the ones wired most deeply into a single vendor. Speed of adoption and depth of lock-in are the same curve.

The fourth-party blind spot

Concentration is worse than the vendor list suggests, because many enterprise vendors build on the same handful of foundation models. A portfolio that looks diversified at the vendor layer can route the bulk of its inference through one vendor's API without anyone charting it[^5][^4]. When that vendor ships a model update, behavior shifts across dozens of ostensibly independent vendor relationships at once. The diversification is on the org chart; the concentration is in the stack.

This is also why the annual vendor review is obsolete for AI. A model can change behavior silently between review cycles when the vendor updates the underlying foundation model, which is why continuous monitoring is now required under the FS AI RMF and increasingly expected under DORA[^5]. A point-in-time assessment certifies a version of the system that won't hold past next quarter.

Building the scorecard

A concentration scorecard turns all of this into something a VP of AI can hand to compliance before signing. Score five dimensions, and grade the stack, not the vendor's marketing.

**Dependency surface area.** Map exposure across all five lock-in layers, not just the API. Be honest about the limit here: no standardized industry methodology exists yet to collapse the five layers into a single comparable composite score, so this dimension is a structured judgment, not a measurement. Treat the number as a forcing function for the conversation, not a precise readout.

**Switching cost, governance included.** Estimate the real cost of exit, and count the governance rebuild explicitly, because it is the line item everyone omits. Reward teams that have already built abstraction layers, which is the one lever shown to cut migration effort by 60–80%[^1].

**Contractual lock-in vectors.** Four provisions decide whether the contract protects you or accelerates the risk: data portability in an open-standard format, API access continuity with advance-notice requirements, termination-for-convenience rights, and pricing audit rights. The absence of any one turns the contract itself into a concentration-risk accelerant[^1][^2].

**Fourth-party exposure.** Require each vendor to disclose which foundation model sits underneath, and aggregate it across the portfolio. Two "different" vendors on the same foundation model are one bet, not two.

**Financial exposure.** Concentration has a price you can compute. Token pricing between frontier vendors spans a 3–4x range. One analysis pegs GPT-5 at roughly $25 per million input tokens and $80 per million output, against Claude 3.5 at $6 and $18. A 70/30 split across two vendors at 10M tokens a month pencils out to about 20% in savings[^6]. Treat the specific figures as illustrative; the point that survives is that single-vendor commitment is a quantifiable financial exposure, not only a strategic posture.

None of this replaces structured procurement diligence. It extends it. The current state of practice is a severity-weighted, 50-point vendor assessment with a shortlist threshold of 75/100 and automatic disqualification on any single Critical-tier failure[^7]. That template is strong on security posture, compliance certifications, data handling, model provenance, and operational resilience. What it under-weights is the governance-rebuild cost on exit. The concentration scorecard is the dimension you bolt on top.

What the scorecard can't tell you yet

The instrument has real blind spots, and pretending otherwise would make it worse than useless. There is no industry consensus on an acceptable concentration threshold. The frameworks name the problem but set no tolerance band, so "what percentage of critical workloads on one vendor triggers a mandatory diversification review" is still a number each organization has to pick for itself. It is unresolved whether open orchestration standards actually reduce behavioral lock-in or only smooth the integration layer while leaving model behavior and governance evidence as dependent as ever. And the legal status of fine-tuned weights and RLHF investment on exit, recoverable asset or stranded cost, varies by contract and remains unsettled in most enterprise agreements. A scorecard that flags these as open is more honest, and more useful, than one that pretends they are solved.

The regulatory clock

In financial services the requirement has already arrived. DORA, effective January 2025, requires EU institutions to document AI vendor concentration; the US Treasury's FS AI RMF, in February 2026, encodes 230 control objectives; and New York's DFS issued third-party AI guidance in October 2025[^5][^4]. Financial services is the leading indicator. The timeline for equivalent requirements reaching tech, healthcare, and manufacturing procurement is not yet defined — but the direction is not ambiguous.

The timing is awkward, because the market is moving the other way. Enterprise AI spending is actively consolidating into fewer, larger vendor relationships in 2026[^8][^2], increasing concentration at precisely the moment regulators and the underlying economics are arguing for diversification. Consolidation buys simpler operations and more negotiating power; it also buys exactly the dependency this scorecard is built to measure. That tension does not have a settled answer, and any vendor pitch that claims it does is selling.

The takeaway

The useful question at procurement is not "which vendor is best." It is "what does our exit cost, and how much of that cost is governance we would have to rebuild from scratch?" That reframing is the entire value of a concentration scorecard: it prices the part of the relationship that does not appear on the invoice and does not surface until a pricing shock or an outage forces the math. Score it before signing. Monitor it continuously after — because the 6% who believe they could switch cleanly are the ones who have not yet checked. The rest already know the number, and they signed anyway.

References

[^1]: How Do You Avoid AI Vendor Lock-In? A Risk Framework for Enterprise Operations Leaders — https://aiassemblylines.com/post/how-to-avoid-ai-vendor-lock-in [^2]: Enterprise Agentic AI Landscape 2026: Trust, Flexibility, and Vendor Lock-in — https://www.kai-waehner.de/blog/2026/04/06/enterprise-agentic-ai-landscape-2026-trust-flexibility-and-vendor-lock-in/ [^3]: Why Model-Agnostic Governance Is the Only Enterprise AI Strategy That Scales — https://airia.com/why-model-agnostic-governance-is-the-only-enterprise-ai-strategy-that-scales/ [^4]: Third-Party Risk Management and Risk Concentration in AI: Insights from Black Hat 2025 — https://www.thefastmode.com/expert-opinion/44754-third-party-risk-management-and-risk-concentration-in-ai-insights-from-black-hat-2025 [^5]: AI Vendor Risk in Financial Services: How the FS AI RMF Changes Third-Party and Fourth-Party AI Oversight — https://www.swept.ai/post/ai-vendor-risk-financial-services-third-party-fourth-party-oversight [^6]: OpenAI-Centric Risk: Systemic Implications for Enterprise AI Strategy in 2025 — https://ai2.work/economics/ai-market-openai-risk-2025/ [^7]: AI Vendor Risk Assessment: 50-Point Template for 2026 — https://www.digitalapplied.com/blog/ai-vendor-risk-assessment-template-50-point-2026 [^8]: VCs predict enterprises will spend more on AI in 2026 — through fewer vendors — https://techcrunch.com/2025/12/30/vcs-predict-enterprises-will-spend-more-on-ai-in-2026-through-fewer-vendors/