Prashant AkhawatBuilding AI-Native Enterprises

You Can Outsource the Model. You Can't Outsource the Liability.

Eighteen months from now, a company much like yours will discover that the AI system it is proudest of has quietly started making decisions it cannot defend, cannot explain, and cannot prove it ever controlled. No one will have done anything wrong. That is what will make it so dangerous.

Here is how it happens. You deploy a model to do something valuable, screen applicants, price a policy, approve a transaction, flag a case for review. You test it carefully. It performs beautifully. It goes live to quiet applause, and everyone moves on to the next thing.

Then the world around the model drifts, the way the world always does. Customer behavior shifts. An upstream data feed changes format. A vendor silently updates its own model. Your system's behavior degrades by degrees, too slowly for anyone to notice, until it is routinely making a class of decision that is wrong, biased, or against the law. And because no one owns the ongoing question of whether it still works, no one is watching.

Eventually something surfaces it. A complaint. A journalist. An auditor. A regulator. A lawsuit. And in that moment, the most important thing about your AI system will not be how accurate it was on the day you launched it. It will be whether you can answer three questions, under oath if necessary: who owned this system's risk, how did you monitor it, and when it changed, who approved it continuing to run.

Most companies cannot answer those questions today. That gap, between deploying AI and being able to account for it, is about to become one of the defining business risks of the decade. This article is about why, and what to do before it reaches you.

The comfortable lie in most boardrooms

Ask almost any executive team whether they have AI governance and they will say yes. They are mostly wrong, and the data shows it. In Deloitte's enterprise survey, 87 percent of executives claimed to have AI governance frameworks, yet fewer than 25 percent had actually operationalized them across their organization.[1] A separate industry study found that while 79 percent of businesses are using or planning to use agentic AI, only 48 percent have any framework to govern and limit its autonomy.[2]

That distance, between the governance people believe they have and the governance that would survive an audit, is where the risk lives. And three forces are now converging to close it, whether organizations are ready or not.

The three forces converging at once

Individually, each of these is manageable. Arriving together, inside the same short window, they change the operating environment for anyone deploying AI at scale.

Three Forces Converging at Once Individually manageable. Together, they close the window. 1 EU AI Act Binding law, with teeth Prohibited practices: live GPAI models: live High-risk: phasing in now Up to EUR 35M or 7% of global turnover. Higher than GDPR. Extraterritorial. 2 ISO/IEC 42001 The certifiable standard First certifiable AI management system standard. Becoming the ISO 27001 of AI. Customers and procurement now ask for it by name. 3 NIST AI RMF The common language Govern · Map Measure · Manage The shared vocabulary for AI risk. When everyone references it, structure becomes the default. CXO Intelligence Series on Governance · By Prashant Akhawat · akhawat.com
Three regulatory and standards forces are landing at the same time.

One: the EU AI Act now has teeth. This is not a future consultation paper. Prohibited AI practices have been enforceable since February 2025, and obligations on general-purpose AI models since August 2025.[3] In June 2026, the EU formally adopted the Digital Omnibus, which set firm dates for the rest: the heaviest obligations for high-risk systems, covering exactly the use cases enterprises care about, credit scoring, insurance pricing, medical devices, hiring, biometrics, and critical infrastructure, now apply from December 2, 2027 for standalone systems and August 2, 2028 for AI embedded in regulated products.[3][4] Crucially, this is a deferral, not a reprieve: August 2, 2026 remains a live enforcement date for transparency obligations, general-purpose AI penalties, and market-surveillance powers.[4] The penalties are the part that focuses attention: up to 35 million euros or 7 percent of global annual turnover, a higher ceiling than GDPR.[3] And the Act reaches across borders. If your AI touches someone in the EU, it applies to you regardless of where you are headquartered.

Two: ISO/IEC 42001 has become the standard buyers ask for. Published in 2023, it is the first certifiable management system standard for artificial intelligence.[5] That word, certifiable, is what changes the game: an accredited body can audit you and issue a certificate, and your customers, partners, and procurement teams can now demand it by name. They increasingly do. Microsoft is among the technology leaders pursuing certification, and analysts describe ISO 42001 as moving "from differentiator to table stakes" in enterprise procurement.[5][6] Several US state laws, including the Colorado AI Act and the Texas Responsible AI Governance Act, now treat alignment with recognized frameworks as evidence of reasonable care.[6][7] It is becoming the ISO 27001 of AI.

Three: NIST AI RMF has become the common language. The US National Institute of Standards and Technology's AI Risk Management Framework, with its Govern, Map, Measure, and Manage functions, is the shared vocabulary that regulators and mature organizations use to operationalize AI risk.[8] Its reach is quiet but pervasive: the FTC, CFPB, FDA, SEC, and EEOC all reference NIST principles in their enforcement guidance, and NIST publishes an official crosswalk mapping the framework directly to ISO 42001.[8] When your regulator, your auditor, and your enterprise customer all speak the same four functions, a structured program becomes the default expectation, not the exception.

Put them together and the message is unambiguous. The era of deploying AI without a defensible governance trail is closing.

The liability nobody put on the balance sheet

If the frameworks feel abstract, the courts are making them concrete. The single most important development for any executive to understand is not a regulation at all. It is a pattern of cases answering one question: when your AI gets it wrong, who pays?

Start with the simplest example. In 2024, a grieving customer asked Air Canada's website chatbot about bereavement fares. It gave him a confidently worded answer that was simply wrong, telling him he could claim the discount retroactively when the airline's policy did not allow it. When he sued, Air Canada's defense was, in the tribunal's own word, "remarkable": it argued the chatbot was "a separate legal entity that is responsible for its own actions."[9] The tribunal rejected that outright, ruling the chatbot was simply part of Air Canada's website and the company was liable for what it said.[9] The damages were small; the precedent is not. A company is accountable for what its AI tells a customer, and "the bot did it" is not a defense.

Now scale that principle up. In Mobley v. Workday, a case in the US federal courts, a job applicant alleged that an AI-powered screening tool rejected him from more than one hundred roles on the basis of age, race, and disability. In 2024 the court declined to dismiss the case; in May 2025 it certified a nationwide collective action potentially reaching a vast pool of applicants; and in March 2026 the judge again rejected the vendor's motion to dismiss, sending the case into discovery.[10][11] The detail that should make every CEO sit up is the theory the court accepted: it allowed claims to advance against the software vendor itself, treating the AI tool as an "agent" of the employers who used it.[10][11]

Together these cases dismantle the two assumptions most companies are quietly relying on:

"The algorithm did it" is not a legal defense.

And the exposure is widening on every side:

The pattern is unmistakable: you can outsource the model, but you cannot outsource the liability.

Why this is a CEO problem, not a compliance problem

Here is where most leaders make their mistake. They hear "regulation," route it to legal and quality, and move on. That instinct is exactly backwards. The Air Canada and Workday cases did not turn on a compliance technicality; they turned on accountability, and accountability sits with the chief executive. There are three reasons a CEO cannot delegate this:

Put plainly: the CEO owns the AI the way the CEO owns the balance sheet. You do not have to understand every model, but you are answerable for what all of them do. When a regulator, a board member, or a journalist asks "who is accountable for this system," the honest answer, in a well-run company, is you, by way of the person you named.

The shift underneath all of it

To understand why all of this is happening now, you have to see the technological shift the regulation and the courts are chasing.

For a decade, enterprise AI mostly made predictions. A model scored a lead, flagged a transaction, ranked a result. A human stayed in the loop and acted on the output. A wrong prediction was an error you could catch.

Agentic AI changes the physics.

AI used to predict. Now it acts. Why the risk, and the regulation, changed at the same time THE PREDICTION ERA The model scores, ranks, flags. A human stays in the loop and decides. The output is a suggestion. A wrong prediction is an error. You can catch it before it acts. The blast radius is small. THE AGENTIC ERA The agent calls tools and acts. It moves data, triggers payments, sends messages. Often with no human reviewing each step. A wrong action is an incident. It has already happened by the time you see it. The blast radius is real and immediate. CXO Intelligence Series on Governance · akhawat.com
The move from prediction to action is why risk and regulation escalated together.

AI used to predict. Now it acts.

Today's systems call tools, move data, trigger payments, send communications, and coordinate with other agents, often with no human reviewing each step. A wrong prediction is an error. A wrong action is an incident. The blast radius is fundamentally different, and it is why regulators, standards bodies, the courts, and your own risk exposure have all escalated at once. Notably, none of the three major frameworks was originally designed for autonomous agents, which is why organizations deploying them must extend their governance to cover cascading failures, scope creep, and the attribution gaps that appear when software acts on its own.[13] Hold onto this shift. Everything downstream, in every industry, follows from it.

The framework: four regimes, one system

Here is the mistake I see even sophisticated organizations make. They treat each regime as a separate program. A team for the EU AI Act. A separate effort for ISO 42001. A NIST mapping exercise somewhere else. And in regulated industries, a disconnected quality or risk function on top. That is slow, expensive, and it still leaves gaps between the programs where the real failures happen.

The organizations getting this right do the opposite. They recognize these are not four problems. They are four layers of one control system, and the published crosswalks between them prove how much they overlap.[8][13] Build the program once and it satisfies all of them.

The AI Governance Convergence Model Four control regimes, fused into one system EU AI Act & peer regulation The legal floor: permission to operate ISO/IEC 42001 The management-system backbone NIST AI RMF The operating model: how you run it Your industry regime GxP, model risk, sector rules: the rigour One integrated control framework Build once. Each layer reinforces the others. Silos cost four times and still leave gaps. CXO Intelligence Series on Governance · akhawat.com
The AI Governance Convergence Model: four regimes fused into a single control framework.

The EU AI Act and peer regulation set the legal floor: what you must do to be allowed to operate. ISO/IEC 42001 provides the certifiable management-system backbone, the audited evidence that your governance actually functions. NIST AI RMF supplies the operating model: how you govern, map, measure, and manage risk day to day. And your industry's own regime, GxP in life sciences, model risk management in banking, adds the domain-specific rigor a general framework cannot. Build these as one integrated control framework and each investment reinforces the others. Build them as four silos and you pay four times and are still exposed. I call this the AI Governance Convergence Model, and it is the spine of everything that follows in this series.

The AI Governance Readiness Checklist

If you do nothing else after reading this, run your organization against these ten questions. They are deliberately blunt, and they map directly to what regulators, auditors, and courts now expect. A confident yes to all ten puts you ahead of most peers. Any no is a place to start on Monday.

  1. Inventory. Do you have a complete, current inventory of every AI system in use, in development, and in procurement, including the ones a single team spun up without telling anyone?
  2. Risk classification. Is each AI system classified by risk and mapped to the regulatory categories that apply to you, so you know which are high-risk?
  3. Ownership. Does every high-risk AI system have a single, named, accountable owner with the authority and the mandate to stop it?
  4. Impact assessment. Have you assessed and documented each significant system's impact on people, including fairness across protected groups, before deployment?
  5. Human oversight. Are the points where a human must review or approve defined, enforced in the system rather than just in policy, and genuinely effective, especially for adverse decisions?
  6. Data governance. Can you evidence the quality, provenance, and representativeness of the data behind your consequential models, including data from third-party vendors?
  7. Monitoring and drift. Do you monitor deployed systems for drift and degradation in production, with alert thresholds and a defined response, not just a launch-day validation?
  8. Change control. When a model, prompt, tool, or vendor version changes, does it pass through change control, with defined triggers for re-assessment?
  9. Vendor accountability. For every third-party AI tool, have you run a bias or performance audit, and do your contracts include indemnification for algorithmic harm?
  10. Evidence trail. Could you produce, today, the documentation an auditor, a regulator, or a plaintiff's attorney would ask for on your highest-risk AI system?

If it is not documented, it does not exist.

What to do next: an action plan for leaders

You do not need to become an expert in AI regulation. You need to set five things in motion, in this order.

  1. Commission the inventory this quarter. You cannot govern what you have not mapped, and more than half of organizations still lack a basic AI inventory. Make it a named deliverable with a deadline, covering every system in use, in build, and in procurement.
  2. Classify by risk and name an owner for each high-risk system. Assign a single accountable executive to each, with the authority to intervene. Ambiguous ownership is where accountability quietly evaporates.
  3. Adopt the convergence model as your operating structure. Use NIST AI RMF to design the risk controls, ISO 42001 as the certifiable management system that produces the evidence, the EU AI Act as the legal floor, and your industry's regime for domain rigor. One program, four requirements satisfied.
  4. Rebuild validation for AI that changes. Replace one-time, launch-day sign-off with continuous monitoring, drift detection, and defined re-validation triggers. This single shift closes the most common and most dangerous gap.
  5. Fix vendor accountability before your next renewal. Demand bias audits and transparency from AI vendors, insist on a documented human checkpoint for adverse decisions, and negotiate indemnification for algorithmic harm into every contract. The terms you sign today decide who pays tomorrow.[9][14]

The companies gearing up their governance today will spend the next two years shipping AI with confidence. The ones waiting for the rules to settle will spend those years unable to deploy, or deploying blind into the liability described above. AI governance is becoming the license to operate. The only real question is whether you build it on your timeline, or on your regulator's, your customer's, or a plaintiff attorney's.

Frequently asked questions

Is a company legally liable for what its AI chatbot tells customers?

Yes. In Moffatt v. Air Canada (2024), a tribunal held Air Canada liable for incorrect information its website chatbot gave a customer, rejecting the airline's argument that the chatbot was a separate legal entity responsible for its own actions. The principle: a company is accountable for what its AI tells a customer, and "the bot did it" is not a defense.

Can an AI vendor be held liable for discrimination caused by its software?

Potentially, yes. In Mobley v. Workday, US federal courts allowed discrimination claims to proceed against the software vendor itself under an "agent" theory, treating the AI screening tool as an agent of the employers that used it. The court declined to dismiss the case in 2024, certified a nationwide collective action in May 2025, and again rejected the vendor's motion to dismiss in March 2026. Both the deployer and the vendor can be exposed.

When do the EU AI Act's high-risk obligations take effect?

Following the Digital Omnibus formally adopted in June 2026, the heaviest high-risk obligations apply from December 2, 2027 for standalone systems and August 2, 2028 for AI embedded in regulated products. This is a deferral, not a reprieve: August 2, 2026 remains a live enforcement date for transparency obligations, general-purpose AI penalties, and market-surveillance powers.

What are the penalties under the EU AI Act?

The EU AI Act allows fines of up to 35 million euros or 7 percent of global annual turnover for the most serious violations, a higher ceiling than GDPR. The Act also has extraterritorial reach: it applies if your AI affects someone in the EU, regardless of where your company is headquartered.

What is the difference between the EU AI Act, ISO/IEC 42001, and the NIST AI RMF?

They are complementary layers of one control system, not competing choices. The EU AI Act is binding law that sets the legal floor. ISO/IEC 42001 is the first certifiable AI management-system standard and provides audited evidence that governance works. The NIST AI RMF (Govern, Map, Measure, Manage) is the voluntary operating model for managing AI risk day to day. Published crosswalks map them to each other, so a single program can satisfy all three.

What is the AI Governance Convergence Model?

The AI Governance Convergence Model is a framework by Prashant Akhawat that treats four control regimes as four layers of a single system rather than separate programs: the EU AI Act and peer regulation (the legal floor), ISO/IEC 42001 (the certifiable management-system backbone), the NIST AI RMF (the operating model), and an organization's own industry regime such as GxP or model risk management (domain-specific rigor). Built once as one framework, each layer reinforces the others.

Why is AI governance a CEO responsibility rather than a compliance task?

Because it determines business velocity, enterprise value, and license to operate, and because accountability for AI outcomes sits with the chief executive. The CEO owns the AI the way the CEO owns the balance sheet: not by understanding every model, but by being answerable for what all of them do and by naming an accountable owner for each high-risk system.

Coming next in the CXO Intelligence Series on Governance

Part 2 — When AI Meets GxP. Why the collision of AI with life-sciences regulation means Computer System Validation must evolve or become a liability.
Part 3 — AI Governance in BFSI. Why Model Risk Management has to be rebuilt for the age of agentic AI.

Prashant Akhawat
Building AI-Native Enterprises
Chief Technology & AI Officer, Ninestars  ·  Author of the AI-SAFE framework

Prashant Akhawat is a technology and AI leader with over 25 years building and scaling enterprise platforms, and the author of the AI-SAFE framework (the AI Substrate Architecture Framework for Enterprises). As Chief Technology & AI Officer at Ninestars, he has taken AI from experimentation to governed, production-scale capability across more than 50 regulated enterprises in life sciences, pharmaceuticals, financial services, media, and government. His work on the AI-native platform AOTM is the subject of a published AWS case study. An AWS Summit keynote speaker (Bengaluru 2026, Mumbai 2025) and alumnus of BITS Pilani and IMI Delhi, he writes the CXO Intelligence Series on Governance and is completing a book on the substrate shift, why AI stops being a tool and becomes the ground the enterprise is built on.

References and further reading

  1. Deloitte, State of Generative AI in the Enterprise — reported that 87% of executives claim AI governance frameworks while fewer than 25% have operationalized them (cited in GAICC, "What ISO 42001 Solves for U.S. Organizations," 2026).
  2. Vanta, The State of Trust Report 2025 — 79% of businesses are using or planning agentic AI; only 48% have a framework to govern its autonomy.
  3. European Commission, Regulatory framework for AI and AI Act implementation timeline (digital-strategy.ec.europa.eu); EU AI Act (Regulation (EU) 2024/1689). Penalties up to EUR 35M or 7% of global turnover.
  4. Council of the EU, "Artificial Intelligence: Council gives final green light to simplify and streamline rules" (June 29, 2026); Gibson Dunn, White & Case, and Covington client alerts on the Digital Omnibus, which defers high-risk Annex III obligations to December 2, 2027 and Annex I to August 2, 2028 while keeping August 2, 2026 live for transparency, GPAI, and market surveillance.
  5. ISO/IEC 42001:2023, Information technology — Artificial intelligence — Management system; Schellman and industry commentary on adoption, including Microsoft's certification progress.
  6. GAICC, "What ISO 42001 Solves and Why It Matters for U.S. Organizations in 2026"; TruvoCyber, "ISO 42001 vs AIUC-1 vs NIST AI RMF" (2026) — on procurement expectations and "table stakes" status.
  7. Wiley, "2025 State AI Laws Expand Liability, Raise Insurance Risks" and "2026 State AI Bills"; Colorado AI Act; Texas Responsible AI Governance Act (TRAIGA).
  8. NIST, AI Risk Management Framework (AI RMF 1.0) and the Generative AI Profile (NIST AI 600-1); NIST-to-ISO 42001 crosswalk. GAICC, "NIST AI Risk Management Framework: A Complete Guide" (2026).
  9. Moffatt v. Air Canada, 2024 BCCRT 149 (British Columbia Civil Resolution Tribunal, February 14, 2024); CBC News and Forbes coverage — the tribunal rejected Air Canada's argument that its chatbot was "a separate legal entity" and held the airline liable for negligent misrepresentation by its AI.
  10. Holland & Knight, "Federal Court Allows Collective Action Lawsuit Over Alleged AI Hiring Bias" (2025); Forbes, "A Federal Judge, A 1967 Law And A Billion Rejected Job Applications" (May 2026) — Mobley v. Workday, Inc., N.D. Cal. No. 3:23-cv-00770; motion to dismiss denied on an "agent" theory (2024), nationwide ADEA collective certified May 16, 2025, further motion to dismiss rejected March 6, 2026.
  11. Quinn Emanuel, "When Machines Discriminate: The Rise of AI Bias Lawsuits" (2025); Mobley v. Workday, Inc., 2025 WL 1424347 (N.D. Cal. May 16, 2025), collective action certification.
  12. EEOC guidance on AI and disparate impact; U.S. Equal Employment Opportunity Commission enforcement position that lack of intent is no defense.
  13. Wiley, "2025 State AI Laws Expand Liability, Raise Insurance Risks" (2025); Elevate Consult, "The Cost of Inaction" (2026) — on new private rights of action, AI-specific insurance exclusions, and the per-case cost of AI failures in financial services.
  14. GAICC, "Global AI Governance Comparison 2026: EU AI Act vs NIST AI RMF vs ISO/IEC 42001" — on framework convergence and the gap for agentic AI.
  15. Angela Reddock-Wright, "AI-Driven Hiring Bias: The Next Frontier of EEOC Enforcement" (2026) — on vendor liability and the value of documented human review and indemnification.

Educational reference, not legal advice. Regulatory details and case status reflect the position as of July 2026 and continue to evolve; verify specifics against current sources for your jurisdiction before acting.

#AIGovernance#AgenticAI#ResponsibleAI#ISO42001#EUAIAct#CXOIntelligence
· views