Are US Businesses Too Reliant On Third-Party AI Infrastructure?

In the space of a few weeks, the US government staggered the rollout of GPT-5.6 at OpenAI’s request, imposed export controls on Anthropic’s most advanced models and pressed frontier labs to submit for voluntary pre-release safety review. The message was clear: Washington intends to control not only who builds frontier AI, but who gets to use it and when.

Businesses built on third-party AI infrastructure have received a stark reminder: the tools they rely on are vulnerable to sudden government intervention. These restrictions can be imposed without transparency, consultation, or any warning, leaving business operations at the mercy of outside forces. When Anthropic suspended access to some advanced models for foreign nationals, it had no reliable way to verify which users were foreign nationals, so it pulled the models for everyone – US customers included.

This is a new risk category that remains largely unaccounted for in current business strategy. To understand the impact, we spoke with founders, operators, and investors who are navigating this shift.

 

A New Kind Of Vendor Risk

 

Managing vendor risk is nothing new. Businesses have always had to account for the possibility that a supplier might increase costs, pivot their business model, or cease operations entirely. What’s new is the addition of a political layer: model access is now a policy instrument, and that means the tools your team uses every day can be slowed, segmented or withdrawn not because of anything the vendor did wrong or anything you did wrong, but because of a decision made in a room neither of you had a seat in.

The cloud infrastructure comparison is helpful, but limited. Switching cloud providers is painful but the building blocks are mostly standardised: compute, storage, networking and deployment models work similarly enough that migration is an engineering problem, not a fundamental one. Switching AI providers is different because the outputs themselves change. The model’s tone, reasoning patterns, refusal behaviour, latency and task-specific performance can vary enough between providers that workflows which ran reliably before may not run reliably after. That’s the part most teams haven’t tested, against scenarios they didn’t think were realistic until recently.

That’s also what makes the standard advice – build an abstraction layer, maintain fallback providers – harder to execute than it sounds. You can’t swap models the way you swap cloud regions. Knowing which workflows will tolerate a provider change and which won’t requires deliberate testing, and most teams haven’t run that test.

 

Our Experts

 

 

  • Mona Rajhans, Senior Engineering Manager, Generative AI and Copilot Engineering, Palo Alto Networks
  • Jeff Watkins, Chief AI Officer, NorthStar Intelligence
  • Kuber Sharma, Senior Director, Product Marketing, UiPath
  • Patrick Gibbs, Founder, Epiphany Dynamics
  • Arsh Singh, Founder and CEO, ApsteQ
  • Ash Govindia, Senior VP US Growth, FintechOS

 

 

Mona Rajhans, Senior Engineering Manager, Generative AI and Copilot Engineering, Palo Alto Networks

 

Mona Rajhans, Senior Engineering Manager, Generative AI and Copilot Engineering, Palo Alto Networks

 

“The Anthropic situation was the proof of concept nobody wanted. A model that enterprise teams had built workflows around disappeared overnight – not because of a breach, not because of a product failure, but because of a policy decision made in a room those businesses had no seat in. That is a new category of operational risk, and most organisations have not priced it in yet.

“The pattern the US government is establishing is clear: frontier AI access is becoming a policy instrument. Staggered rollouts, export controls, voluntary safety review pressure on Meta – these are not one-off events. They are the early infrastructure of a regulatory posture that treats model access the way it treats semiconductor exports or encryption standards. Businesses that treat their AI provider relationship like a SaaS subscription are building on an assumption that is no longer safe.

“The practical response is not to stop using third-party AI – that is not realistic. It is to build with abstraction layers that let you swap providers without rebuilding core workflows, maintain fallback options across multiple vendors, and treat model access continuity as an infrastructure risk to be managed, not a vendor relationship to be trusted. The organisations that figured out multi-cloud before the hyperscaler outages look prescient now. The AI equivalent of that lesson is available to learn cheaply today or expensively later.”

 

Jeff Watkins, Chief AI Officer, NorthStar Intelligence

 

Jeff Watkins, Chief AI Officer, NorthStar Intelligence

 

“Many countries and businesses have long since accepted a deep dependency on US-based technology infrastructure, particularly through cloud computing. The AI economy does not behave exactly like the cloud economy. If a business builds on a cloud provider, moving workload is difficult, but the underlying primitives are broadly similar: compute, storage, networking, identity, databases and deployment models. With AI, the infrastructure is not just hosting. It is behaviour, and that makes portability much harder.

“Businesses cannot safely assume that one model can be swapped for another without consequences. Output length, formatting, reasoning style, latency, cost, safety guardrails, refusal behaviour and performance on specific tasks all vary significantly between providers and model versions. A workflow that performs well with one provider may become brittle, expensive, or unreliable when moved to another.

“The practical conclusion is that businesses building AI products need to design for AI agility. They should identify which parts of their product genuinely require frontier performance, which can run on smaller or cheaper models, and which could be supported by self-hosted or open-weight alternatives. The goal should not be perfect model portability – that is unrealistic in many cases. The goal should be to avoid making the entire business dependent on a single model, a single provider or a single government’s access policy.”

 

Kuber Sharma, Senior Director, Product Marketing, UiPath

 

Kuber Sharma, Senior Director, Product Marketing, UiPath

 

“Enterprises approached third-party AI the way they approached SaaS – sign the agreement, integrate the API, ship the feature. The assumption was that access, once purchased, was stable. That assumption is now broken at the policy level.

“Any business that built core workflows around a single frontier model without abstraction layers has a supply chain concentration risk that does not show up in their technology stack. It shows up in their foreign policy exposure.

“The fix is not exotic. Enterprises need to design for model portability: prompt abstraction layers that are not model-specific, multi-vendor evaluation at pilot stage, and procurement governance that treats model access the way legal treats supplier concentration – as a risk to distribute, not a cost to minimise. The question before any AI integration should not be “does this model perform best today” but “can we swap it out in 72 hours if we have to.”

 

Patrick Gibbs, Founder, Epiphany Dynamics

 

Patrick Gibbs, Founder, Epiphany Dynamics

 

“I run a small AI automation agency, and this risk is not theoretical for me. Every system I build for a client sits on top of someone else’s model. If access to one of those changes overnight, I am the one who has to explain it to a client whose workflow just stopped.

“The exposure most businesses miss is that they priced in the cost of AI, not the availability of it. A subscription can lapse, a rate limit can tighten, a model can get pulled behind an export control, and none of that shows up in a budget line. It shows up as a broken process on a Tuesday morning.

“What I actually do about it: never build a workflow that only works with one vendor’s model. Every core process gets written so the model is a swappable piece, not the foundation. I keep at least one alternate provider tested and ready for anything client-facing. And I do not put anything irreversible behind a single vendor’s uptime – no AI-only approval gate on money movement or customer communication without a manual fallback.

“The businesses that get hurt worst here are the ones that built fast, got a working demo, and never asked what happens if this specific model disappears. That question needs to be part of the build, not an afterthought after the government makes it urgent.”

 

Arsh Singh, Founder and CEO, ApsteQ

 

Arsh Singh, Founder and CEO, ApsteQ

 

“The way most people think about vendor risk is wrong for AI. We used to worry about pricing, or the company going under. Now the real question is jurisdiction. If Washington can pull Claude access tomorrow because of some dispute we’re not even part of, that’s not a vendor problem – that’s a geopolitical one. And you cannot SLA your way out of geopolitics.

“What actually works, at least for us: every AI call in production has a fallback chain. Claude first, OpenAI second, and for the highest-volume workflows we’ve got a local Llama running. Doubles the build time. Worth every hour.

“The other thing nobody talks about: you need a written plan for what your product looks like with AI turned off. Not degraded. Off. If you can’t answer that in a sentence, you don’t own your product. You’re leasing it.

“Build the parts you can. Lease the parts you can’t. But know which is which, because a policy decision can take the leased parts away overnight.”

 

Ash Govindia, Senior VP US Growth, FintechOS

 

Ash Govindia, Senior VP US Growth, FintechOS

 

“For regulated businesses, this adds a new layer to an already complex vendor risk conversation. Banks and insurers need AI they can depend on when regulators ask questions, when customers need answers, and when markets move fast. The Anthropic export control situation showed how quickly access can vanish through no fault of your own. That’s a problem when you’re running live underwriting or customer-facing services on that infrastructure.

“Most procurement teams are still evaluating AI vendors on performance and cost. They should be asking harder questions about architectural control, data sovereignty, and what happens if access gets restricted. The real risk is not that frontier models get regulated. It’s that businesses built critical operations on someone else’s infrastructure without a plan for when that access changes. In financial services, you cannot afford to find out your AI vendor is unavailable the same week your regulator starts asking how your decisioning works.”

 

For any questions, comments or features, please contact us directly.

techround-logo-alt