Five Questions Every Procurement Team Should Ask Before Signing an AI Governance Contract

1. The Hour That Decides Two Years of Compliance Cost

For most European enterprises selecting AI governance tooling in mid-2026, the procurement process resembles every other enterprise-software RFP: a vendor matrix, a feature comparison, a security questionnaire, a reference call, a price negotiation, a contract. By the time the system goes into a regulated production path, the procurement decision is roughly twelve months old and roughly seven figures committed.

The five-question diagnostic this piece reports was named publicly during a single LinkedIn comment on 14 May 2026. It takes under an hour to run. It separates the vendors who have built the audit-trail architecture the EU AI Act assumes from the vendors who have built the deck about it. It does not replace the rest of the procurement process; it is the first hour of the procurement process, before the rest of it is worth the buyer's time.

This piece reports the diagnostic verbatim, then does three things the source thread did not do. First, it maps each of the five questions against EU AI Act Articles 16 (provider), 26 (deployer) and 72 (post-market monitoring) so the procurement team can see exactly which legal duty each question is probing. Second, it identifies the one question in the five where a vendor's refusal is a correct answer rather than a failure. Third, it reports a second-order procurement pattern that emerges only when the diagnostic is composed with what a national competent authority will actually demand at fleet scale in 2027 inspections — a pattern no contributor to the public thread has yet named.

2. The Diagnostic, Made Publicly on 14 May 2026

Antra Picard, an AIGP Certified AI Governance Strategist and Enterprise Revenue Leader, framed the diagnostic in a single sentence on the public LinkedIn thread:

Picard's diagnostic is one question. Adil Ali, Founder and CEO of Shadow AI Forensics, extended it three days later into a fuller operational test that recognises Question 5 as the structural pivot of a five-question chain:

Picard names the diagnostic. Ali identifies the structural consequence: if Question 5 cannot be answered, the deployer's own forensic capacity becomes the last line. Other contributors to the same thread added four further questions, each probing a different layer of the audit-trail architecture described in the EU AI Act audit-trail stack pillar. The five questions, in the order a procurement team should ask them, are below.

3. The Five Questions, in Order

4. The Counter-Argument the Piece Has to Address

A vendor receiving the five-question diagnostic at a procurement meeting could reasonably object that the test demands forensic-grade evidence beyond what the EU AI Act strictly requires. The objection is correct as stated. This piece's argument is not that the diagnostic restates the statutory floor; the argument is that the diagnostic is a procurement control that sits above the floor for good operational reasons.

The strongest version of the vendor objection deserves to be stated on the page, not deflected. The objection is that the diagnostic converts the EU AI Act's functional compliance duties into strict evidentiary and operational warranties the regulation does not, in its text, oblige. Article 16 of Regulation (EU) 2024/1689 sets out provider obligations (risk management, technical documentation, logging, transparency, human oversight, accuracy, robustness, cybersecurity, conformity assessment, post-market monitoring). Article 26 sets out deployer obligations (use in accordance with instructions, human oversight, monitoring of operation, cooperation with authorities). Neither Article, on the page, prescribes a dated pre-deployment scoring methodology, a bit-exact replay of a six-month-old decision, an offline-verifiable proof bundle, a personnel-independent attestation, or the disclosure of a redacted production log on demand.

`n

Counter-argument stress test

Strongest vendor objection, settled against the regulatory text

On the strict reading, the objection succeeds. The five-question diagnostic asks for evidentiary artefacts beyond the literal floor of Articles 16 and 26. A vendor that produced the bare minimum statutory documentation under Article 11, the logging capability under Article 12, the transparency information under Article 13, the oversight assignment under Article 14, and the cooperation owed under Article 26 would, in narrow legal terms, be compliant. The diagnostic is a stronger standard than the law strictly requires.

The reason that legal answer does not resolve the procurement question is that the inspection regime under Articles 72 and 26(5), the harmonised-standards roadmap under Article 40, and the national-authority powers under Article 79(1) together operationalise the floor at a higher functional level than the literal text reads. A competent authority arriving in 2027 will not be reading the technical documentation alone; it will be testing whether that documentation reflects what the system actually did. The artefacts the diagnostic asks for are the artefacts that survive that test.

The defensible procurement framing is therefore narrower than “the Act requires this” and stronger than “we would like this”: the diagnostic asks vendors to demonstrate that their compliance claims are operationally true, not that they have been drafted. A vendor cannot reasonably object to being asked to demonstrate the operational reality of statements it has already made in writing.

Analytical method: the strongest vendor objection was stress-tested against the regulatory text and the named-contributor record using the GraQle reasoning substrate (synthesis confidence 86 % over 50 activated corpus nodes, single round). The substrate held the full text of the Articles cited, the verbatim contributor record, and the editorial constraints binding this series. The analytical conclusion is the author's; the robustness check is GraQle's.

The right framing for an enterprise procurement team using the diagnostic is therefore: this is a buyer-side verification test, not a restatement of the statutory floor. The test exists because the operational reality of a 2027 high-risk inspection will demand stronger evidence than the page of Regulation 2024/1689 literally requires, and procurement is the moment when the buyer establishes whether the vendor has built towards that operational reality or only towards the page.

5. The Second-Order Procurement Pattern: Evidence-Portability

The five-question diagnostic, taken on its own, produces a yes/no answer about one vendor at one point in time. That is useful. What is more useful, and harder to see from inside any single procurement, is the pattern that emerges when the diagnostic is composed with what an EU national competent authority will actually do under Articles 26(5), 72 and 79(1) in 2027 inspections.

Second-order observation

Not raised on the public LinkedIn thread · surfaces only when the diagnostic is composed with Articles 26(5), 72 and 79(1)

At fleet scale, the vendor that prevails in EU procurement is not the vendor with the most persuasive governance narrative. It is the vendor whose evidentiary output survives the two stresses a 2027 national competent authority will actually apply: comparative sampling across implementations, and continuity across organisational turnover at the deployer.

The mechanism is structural. Article 72 (post-market monitoring) obliges the provider to maintain a continuing evidentiary process; Article 26(5) places a parallel monitoring duty on the deployer. Article 79(1) gives the national competent authority the power to take measures whenever it has reason to believe a high-risk AI system presents a risk at national or Union level — a power that, by its terms, contemplates risk identification across multiple deployments rather than within any single one.

The procurement consequence does not appear inside any one vendor selection. It appears when the same authority, running inspections at portfolio scale across a national economy, requires that evidence from different vendors be comparable in form, readable without vendor-specific tooling, and unattached to any single employee at the deployer. The procurement test that anticipates this regime is therefore not “does the vendor have governance” but does the vendor produce evidence that exports, that travels, and that does not collapse when the named director leaves the company.

Analytical method: the composition of Articles 26(5), 72 and 79(1) at fleet scale was surfaced through GraQle's reasoning substrate (synthesis confidence 91 % over 50 activated nodes). No contributor on the public LinkedIn thread of 11–17 May 2026 had raised this composition.

The procurement pattern that emerges from that composition has three practical requirements that should appear in any 2026 AI governance vendor contract written for European deployment:

1. Exportable evidence bundles. The deployer can take its complete audit trail with it when it changes vendors. The format is regulator-readable and does not require the vendor's tooling to inspect. The bundle is signed and cryptographically anchored to an external commitment.
2. Continuity across personnel turnover. The personal-attestation artefacts the named director relies on (Question 4) are held in a form that survives the director's departure from the company. This is currently a gap in every vendor's product; the contract is what closes it until a market product exists.
3. Portability across vendor transitions. The deployer's historical audit trail with the outgoing vendor is migratable into a replacement vendor's evidence chain without breaking the original signature chain. This is the supply-chain property regulators will sample across at fleet scale.

None of the three is required by the literal text of the AI Act. All three become operationally necessary once the buyer takes seriously what Articles 72 and 79(1) actually authorise a competent authority to demand once the inspection regime is at fleet scale across thousands of deployments and dozens of vendors.

6. The One Question a Vendor Can Legitimately Decline

The five-question diagnostic treats every question as a vendor-side test. There is one question in the five where the sophisticated answer from a vendor is to return the question to the deployer, and where the vendor doing so is correctly respecting EU AI Act value-chain role allocation rather than exhibiting a weak architecture.

Value-chain reading

Where a vendor's refusal is the correct EU AI Act answer, not the failing one

Question 5 is the single point in the diagnostic where a vendor's refusal to produce the artefact can be legally correct rather than diagnostically fatal. The procurement team that fails to recognise this is the procurement team that disqualifies the right vendor for the wrong reason.

The EU AI Act draws the relevant boundary explicitly. Article 16 binds the provider; Article 26 binds the deployer. Operational logs from a live high-risk deployment — the substance of Question 5 — are records of how the system is being used, and Article 26(1) and 26(5) place that use, and the monitoring of it, on the deployer. Article 16 does not oblige the provider to hold the deployer's live transaction record; Article 25 (value-chain) reinforces the same allocation by limiting upstream-provider duties to information the deployer needs in order to discharge its own obligations.

A vendor that is not also the operator of any production deployment is, in this reading, respecting the EU AI Act's value-chain allocation when it returns Question 5 to the deployer rather than producing a sample log it has no contractual right to hold. The defensible vendor answer in that case is not silence; it is a working alternative: the audit-log schema, the retention policy, the export tooling, and a reference log from any deployment in which the vendor is also the operator (typically a vendor-managed SaaS reference instance).

Confusing the provider-side and deployer-side answer to Question 5 is one of the most common sources of procurement misalignment under the AI Act — and one of the most common sources of contractual exposure for both parties when the system later enters an inspection.

Analytical method: the legitimacy of refusal under Article 26 was tested through GraQle's reasoning substrate (synthesis confidence 81 % over 50 activated nodes). The legal conclusion is the author's reading of the Regulation; the substrate's contribution was to isolate Question 5 as the unique deployer-side item among the five.

Operationally, this means the procurement team should phrase Question 5 with the value-chain split explicit on the page:

• If you are the operator of a reference deployment, show me a redacted audit log from that deployment.
• If you are not the operator of any deployment of the system, show me the audit-log schema, retention policy, and export tooling so that the deployer's own operations team can produce the equivalent artefact internally.

A vendor that can answer one of these two truthfully passes the question. A vendor that can answer neither is in the third category Ali's framing identified: governance without forensic ground truth, the paper-shield case.

7. Composing the Diagnostic Into the Procurement Workflow

The five-question diagnostic is most useful when it is run once, in the first hour of vendor evaluation, before the buyer commits any other procurement resource. The placement in the workflow matters: too late and the buyer's sunk cost biases the result; too early and the vendor has no material context to respond against.

A defensible placement is: after the buyer has filtered the longlist to a shortlist of three to five vendors on the basis of capability fit, but before any vendor has been invited to a paid pilot, a security review, or a contract negotiation. At that point the buyer has a written statement of what the AI governance tooling is meant to do; the vendor has had time to prepare a serious response; and neither party has committed enough cost to bias the outcome.

The cost of running the diagnostic is roughly one hour per vendor of senior buyer time (a CRO, CISO, Head of AI Risk or equivalent) and roughly one hour per vendor of senior vendor time. The output is a yes/no/conditional rating per question per vendor, with the conditional category reserved for Question 5 in the value-chain-split case above. The cumulative output across a three-to-five-vendor shortlist is roughly four hours of buyer time and produces a procurement decision the buyer can defend internally to the board, externally to the regulator, and forward in time to the procurement team that runs the next AI governance vendor selection eighteen months later.

For a working procurement template that incorporates the five questions as the first hour of vendor evaluation, see the AI vendor risk assessment template. For a deeper account of why the diagnostic exposes the architecture layer specifically (Question 2), see Cluster 1 on recall vs verifiability. For the underlying analysis of why the methodology layer (Question 1) cannot be back-filled, see Cluster 4 on methodology, architecture and standards.

8. What Is Still Unsolved

Three operational gaps remain in the five-question procurement diagnostic that the public thread has not yet closed, and that no vendor on the European market answers cleanly today.

First, the paid-pilot-as-discovery problem. The five-question diagnostic is designed to be run before a paid pilot. Several vendors will reasonably argue that some of the artefacts the diagnostic asks for — particularly the bit-exact replay of Question 2 and the offline-verifiable bundle of Question 3 — can only be demonstrated against the buyer's own production data, which is impossible without a paid pilot. The defensible compromise is a short, fixed-fee discovery engagement (typically two to four weeks) that produces the artefacts against either a public reference dataset or a small slice of the buyer's non-sensitive production data. This is engineering work, not a procurement question, and the structure of such an engagement is itself a procurement decision the buyer should treat carefully.

Second, the small-vendor-honesty problem. The five-question diagnostic is harder for small vendors to answer than for large vendors, but small vendors are more likely to give the honest answer when they cannot answer. A buyer should calibrate the diagnostic accordingly: a small vendor with no production deployment but a clear architectural roadmap and a candid statement of which questions it cannot answer today may be a better long-horizon choice than a large vendor with confident marketing material and an inability to produce the artefacts under inspection. The diagnostic exposes the second condition more easily than the first; the buyer's judgement is what closes the gap.

Third, the agentic-systems gap. The five-question diagnostic concerns single decisions. High-risk agentic AI systems — those that take multi-step actions over time, with behavioural drift across the action chain — require a different audit unit than a single decision. The April 2026 working paper by Nannini, Smith, Maggini, Panai, Feliciano, Tiulkanov, Maran, Gealy, and Bisconti (“AI Agents Under EU Law”, arXiv:2604.04604) makes the assessment unambiguous: high-risk agentic systems with untraceable behavioural drift cannot currently satisfy the AI Act's essential requirements. No procurement diagnostic, including this one, fully addresses that gap in 2026. The honest statement to the procurement team is that the diagnostic addresses the single-decision case; the agentic case is a research problem the architecture layer of the audit-trail stack has not yet solved.

9. The Procurement Hour That Compounds

The five-question diagnostic is one of the cheapest pieces of procurement discipline available to an enterprise running an AI governance vendor selection in mid-2026. It costs an hour. It exposes the difference between vendors who have built the audit-trail architecture the post-Omnibus inspection regime will actually demand and vendors who have built only the marketing material that anticipates it. It does not replace the rest of the procurement process; it ensures that the rest of the procurement process is evaluating the vendors that can survive a 2027 inspection.

The cumulative value of running it well is harder to see from inside one procurement decision than across many. The first time a buyer runs the diagnostic, the output is a yes/no answer about three vendors. The fifth time the same procurement team runs it, the output is a sharpening of what the buyer's organisation expects of any AI governance vendor regardless of which one wins this particular cycle. By the second time around, the buyer is no longer using the diagnostic to filter vendors; the buyer is using it to define what the buyer's own operations team needs to be able to produce internally if the vendor ever fails to deliver.

That is the procurement-discipline value of the diagnostic at fleet scale. The one-hour test produces a one-hour answer per vendor; the cumulative effect, run consistently across an enterprise's AI vendor portfolio over the eighteen-month Omnibus runway, is a procurement organisation that knows what good looks like before the regulator arrives to assess it.

Frequently Asked Questions