5 Questions to Ask Before Choosing an AI Model Provider
Every compliance and risk leader in financial services has heard the same question over the past 18 months: "Can we just start using this AI tool?"
But the answer is not simply a technology decision. AI delivers significant business value, but regulators have made one thing clear: outsourcing the technology does not outsource responsibility. Your firm remains accountable for how AI is governed, how records are retained, and how customer data is protected.
Key takeaways
- Your firm remains accountable for AI governance, regardless of which vendor you choose.
- AI vendor due diligence should evaluate governance, records management, resilience, and data protection, not just security.
- Regulators are already scrutinizing how firms assess and oversee AI vendors.
- AI-generated records may be subject to the same retention and discovery requirements as other business communications.
- Documenting your due diligence helps demonstrate compliance during examinations.
Why AI vendor due diligence matters right now
Regulators have moved from general warnings about AI to specific expectations about how firms vet the vendors behind it. FINRA's 2025 Annual Regulatory Oversight Report flagged inadequate due diligence on third-party vendors — including failing to verify that a vendor could support Books and Records requirements — as a key examination finding.
The FCA has said AI vendor relationships fall within existing outsourcing and operational resilience rules under SYSC 8 and SYSC 15A. And the EU AI Act layers obligations onto the deployer, not just the developer of a model.
Only 26% of financial firms believe their AI governance keeps pace with how fast the business is adopting AI, and 70% report limited or minimal ability to detect and manage shadow AI (Smarsh, 2026 AI Survey). That gap leaves firms exposed to regulatory scrutiny.
The firms that handle this well aren't the ones saying no to AI. They're the ones asking the right questions before saying yes. The five areas below — and the due diligence questions each one generates — are what compliance and risk teams should work through before any AI model provider touches a regulated workflow.
These aren't separate risks that different teams can assess in isolation. Data governance, recordkeeping, operational resilience, and vendor oversight are interconnected. Evaluating them together — and documenting the results — creates a stronger, exam-ready due diligence process.
Close AI vendor gaps before regulators do
Explore how Smarsh helps compliance teams evaluate AI vendors with greater consistency and confidence.
The five areas to evaluate before deployment
Before approving an AI model provider, make sure you can confidently answer the five questions below.
1. Data protection capabilities backed by recognized standards
Start by understanding how the provider governs its AI systems and protects sensitive information. Independent certifications help demonstrate that a vendor follows recognized AI management practices rather than relying solely on its own claims.
Ask whether the provider holds ISO/IEC 42001:2023 certification, the international standard for AI management systems, or an equivalent third-party-audited attestation. Self-attestation is not the same as independent verification, and the Hong Kong Monetary Authority has specifically pointed to ISO/IEC 42001 as a marker of trustworthiness in AI vendors.
Require written confirmation, through a signed Data Processing Agreement (DPA), that your enterprise or API tier prohibits the use of firm prompts and data to train the underlying model. Consumer-tier products from several major providers use interaction data for model improvement by default, while enterprise agreements often exclude that practice. Don't assume those protections are included. Verify them in writing.
The Gramm-Leach-Bliley Act (GLBA) Title V and Regulation S-P Rule 30 apply the moment an employee enters customer information into an AI prompt.
Relevant rules: ISO/IEC 42001:2023, GLBA Title V, Regulation S-P Rule 30, GDPR Art. 6, Interagency Guidance on Third-Party Relationships (2023)
2. Ability to retrieve historical information on demand
AI-generated content should be treated with the same discipline as email or any other regulated business communication. If employees use AI to support client interactions, investment decisions, or supervisory activities, those conversations may become business records that must be retained and produced.
Under SEC Rules 17a-3 and 17a-4, along with FINRA Rule 4511(a), AI outputs related to regulated business activity may qualify as records subject to retention requirements.
Just as important, the platform should support your firm's retention policies rather than forcing you to adapt to the vendor's defaults. Many AI platforms automatically delete sessions after 30, 60, or 90 days. If your regulatory obligations require longer retention, those settings need to be configurable and confirmed contractually.
Worth knowing: United States v. Heppner (S.D.N.Y. 2026) held that AI chat outputs are discoverable and generally not protected by attorney-client privilege unless an attorney specifically directed the interaction.
Relevant rules: SEC 17a-3, SEC 17a-4(b), SEC 17a-4(f)(3)(v), FINRA Rule 4511(a), FINRA Rule 2210
3. Ability to produce complete output, backed by SLA commitments
AI models don't always return the same type or amount of information. Content filters, usage limits, and model updates can all affect the completeness of responses. Understanding how those changes are managed is essential if employees rely on AI to support regulated business activities.
Ask whether the platform applies content filters, volume limits, or other thresholds that could block, alter, or omit output related to legitimate business activity, and how the provider communicates changes to that behavior.
Firms are responsible for supervising AI-generated business content just as they supervise other communications. If a model update changes how responses are generated, compliance teams need enough advance notice to evaluate the impact before those changes affect production use.
FINRA Rule 3110 requires firms to supervise the tools their associated persons use, including AI systems that generate business-related content.
Vendor oversight should also extend to cybersecurity obligations. If customer information is compromised, firms need timely notification so they can respond appropriately and meet their own regulatory obligations.
Amended Regulation S-P requires covered institutions to obtain written commitments that vendors will notify them within 72 hours of becoming aware of a breach involving customer information. That commitment should extend throughout the provider's subprocessor chain.
Relevant rules: FINRA Rule 3110, FINRA Rule 2210, FINRA Regulatory Notice 24-09, Regulation S-P (2023 amendments), GDPR Art. 33
Tip
A "general security incident policy" is not the same as a contractual 72-hour breach notification clause. If it's not in the contract, it's not enforceable.
4. Ability to deliver information to established archiving solutions
AI-generated content is only useful for compliance if it can be captured alongside the rest of your regulated communications. Without reliable archiving, firms may struggle to supervise AI usage or respond to regulatory requests.
Confirm the platform provides an API or export mechanism that allows a third-party archiving solution to capture outputs in real or near-real time, including metadata such as the user, timestamp, session context, and original prompt.
Integration experience matters as much as technical capability. Ask whether the provider has already deployed and validated integrations with archiving platforms used by regulated financial services firms. Otherwise, your organization may inherit the cost and risk of building custom integrations itself.
FINRA's 2025 Annual Regulatory Oversight Report specifically highlighted firms that failed to confirm their vendors could support required recordkeeping obligations.
Relevant rules: FINRA Rule 4511(a), FINRA Rule 3110(b)(1), SEC Rule 17a-4(b)(4), FINRA Rule 2210(b)(4), FINRA Regulatory Notice 21-29
5. Published business continuity plans for AI service disruption
Traditional business continuity plans often overlook risks that are unique to AI services. Model infrastructure, frequent updates, and dependencies on a small number of providers introduce new operational considerations that firms should evaluate before deployment.
Ask for documentation explaining what happens if model inference infrastructure becomes unavailable, how model updates are managed, and what recovery time objective (RTO) and recovery point objective (RPO) commitments apply to production AI services.
Regulators are increasingly focused on concentration risk across the AI provider landscape. As more firms rely on the same small group of providers, disruptions can affect large portions of the financial sector at once.
The Bank of England's Financial Policy Committee has warned about concentration among AI model providers, often citing the July 2024 CrowdStrike outage as an example of how third-party technology failures can create widespread operational disruption.
Also confirm the provider commits to advance notice of planned model changes, infrastructure changes, and sub-processor changes that could affect availability or output — with defined timelines, not vague assurances. A model update that changes output style or introduces new refusal behavior can quietly affect the completeness of your supervisory record.
Relevant rules: FINRA Rule 4370, FCA SYSC 15A, SEC Rule 206(4)-7, UK FSMA 2023 Critical Third-Party Regime, FINRA Regulatory Notice 21-29
Signs it's time to revisit your AI vendor due diligence
If any of the following sound familiar, it's worth revisiting how your firm evaluates AI providers:
- You've approved an AI tool based on a sales conversation or marketing page rather than a signed DPA and SLA.
- Nobody on your team can say, with confidence, how long the vendor retains session data by default.
- Legal, compliance, and IT are each tracking AI vendor risk separately, with no shared record.
- You'd struggle to produce your AI due diligence file if an examiner asked for it tomorrow.
Build a repeatable AI vendor due diligence process
Effective AI vendor due diligence is a repeatable process, not a one-time checklist. Turning these five areas into a documented framework helps demonstrate compliance during examinations. A few concrete places to start:
- Add AI-specific questions to your standard vendor assessment questionnaire, with written response and evidence requirements, before onboarding any new AI vendor.
- Tighten onboarding to require documented evidence: a DPA with explicit model-training prohibitions, SOC 2 with AI-specific controls, NIST/ISO alignment, SLAs, a metadata-complete archiving API with proof of integration to established financial services archiving platforms, a published BCP, and a 72-hour breach notification commitment.
- Run a simulated regulatory log-pull request against any vendor under consideration. Vendors that can't produce a complete, searchable record shouldn't move forward.
- Review existing vendor agreements against Regulation S-P, SEA Rule 17a-4(f)(3)(v), and EU AI Act requirements, with compliance, legal, information security, and procurement operating from one shared framework and sign-off process.
Explore your options
A dedicated Vendor Risk Management platform turns this from a periodic scramble into an ongoing, provable process — centralizing evidence, monitoring vendor standing continuously, and producing exam-ready reports on demand. See how Smarsh helps firms standardize AI vendor due diligence with centralized documentation, continuous monitoring, and exam-ready reporting.
This article is provided for informational and educational purposes only and does not constitute legal, regulatory, compliance, or investment advice. Regulatory guidance and vendor capabilities are evolving rapidly; all regulatory citations should be verified against primary sources. References to specific regulatory decisions or case law (including United States v. Heppner) reflect materials in the Smarsh knowledge base and should be independently verified by counsel.
Frequently asked questions
No. Regulators have been consistent that a firm remains the accountable party for recordkeeping, supervision, and data protection regardless of which AI vendor it uses.
Generally, no. United States v. Heppner (S.D.N.Y. 2026) found that AI platform interactions aren't confidential attorney communications unless made at the specific direction of counsel, and are subject to discovery.
Broker-dealers generally need to meet SEC 17a-4(b)'s six-year general retention period, with the first two years in an easily accessible format. Many AI providers default to much shorter retention windows, so this needs to be configured and confirmed contractually.
Amended Regulation S-P requires covered institutions to have written policies ensuring service providers notify the firm within 72 hours of becoming aware of a breach affecting customer information — and this needs to be a contractual term, not just a general policy.
AI vendor due diligence should evaluate more than security. Firms should assess data protection, records retention, supervision, output reliability, archiving capabilities, operational resilience, and contractual commitments before approving an AI provider.
Share this post!
Smarsh Blog
Our internal subject matter experts and our network of external industry experts are featured with insights into the technology and industry trends that affect your electronic communications compliance initiatives. Sign up to benefit from their deep understanding, tips and best practices regarding how your company can manage compliance risk while unlocking the business value of your communications data.
Ready to enable compliant productivity?
Join the 6,500+ customers using Smarsh to drive their business forward.




Subscribe to the Smarsh Blog Digest
Subscribe to receive a monthly digest of articles exploring regulatory updates, news, trends and best practices in electronic communications capture and archiving.
Smarsh handles information you submit to Smarsh in accordance with its Privacy Policy. By clicking "submit", you consent to Smarsh processing your information and storing it in accordance with the Privacy Policy and agree to receive communications from Smarsh and its third-party partners regarding products and services that may be of interest to you. You may withdraw your consent at any time by emailing [email protected].
FOLLOW US