The current structural shift centers on the transfer of accountability for AI risk from vendors and regulators to managed service providers (MSPs). Vendors such as Anthropic and Microsoft are expanding their enterprise-focused AI channel programs and services tracks, while regulators pull back from enforcement, leaving MSPs as the de facto accountable parties for AI deployments. Reports and data indicate that vendor-driven channel expansion and regulatory laxity are converging to make service providers the liable layer in AI delivery.
Anthropic is broadening its CLAUDE partner network from around 100 to several thousand partners, organized in tiers with outcome-based incentives and a dedicated services track targeting MSPs and system integrators. Microsoft, responding to low Copilot adoption rates (reported at 3.3% of eligible users), is allowing full removal of Copilot from systems. An IDC/Expereo survey of 800 companies found 70% are budgeting for AI, but investment is driven more by competitive anxiety than proven results. Additionally, a concentrated group—top 5% of users—accounts for the bulk of enterprise AI-related risk, according to a separate analysis.
Supporting developments include the emergence of Lemhi, an early-stage platform aimed at enabling MSPs to package and sell AI transformation as a recurring service, and warnings from lawmakers about cuts to CISA that undermine federal cyber defense capacity. The episode also highlights a consistent theme: government agencies such as the White House and NIST are shifting toward voluntary measures and measurement frameworks, declining to create enforceable accountability standards for AI in production environments.
For MSPs and IT leaders, these developments translate to increased contract and operational risk. Without renegotiated agreements specifying usage ceilings, approval workflows, and liability terms, providers may inherit unpredictable financial exposure and compliance gaps. The absence of effective governance requirements from both vendors and authorities places the operational burden on MSPs to define, monitor, and enforce safe use of AI, including recurring governance services such as data boundary enforcement and audit evidence. Failure to address these issues may result in MSPs acting as uninsured support for unmanaged AI deployments they cannot fully control or price.
04:24 AI's Accountability Gap
06:50 MSP Risk Transfer
09:49 Why Do We Care?
Supported by:
💼 All Our Sponsors
Support the vendors who support the show:
👉 https://businessof.tech/sponsors/
🚀 Join Business of Tech Plus
Get exclusive access to investigative reports, vendor analysis, leadership briefings, and more.
👉 https://businessof.tech/plus
🎧 Subscribe to the Business of Tech
Want the show on your favorite podcast app or prefer the written versions of each story?
📲 https://www.businessof.tech/subscribe
📰 Story Links & Sources
Looking for the links from today’s stories?
Every episode script — with full source links — is posted at:
🎙 Want to Be a Guest?
Pitch your story or appear on Business of Tech: Daily 10-Minute IT Services Insights:
💬 https://www.podmatch.com/hostdetailpreview/businessoftech
🔗 Follow Business of Tech
LinkedIn: https://www.linkedin.com/company/28908079
YouTube: https://youtube.com/mspradio
Bluesky: https://bsky.app/profile/businessof.tech
Instagram: https://www.instagram.com/mspradio
TikTok: https://www.tiktok.com/@businessoftech
Facebook: https://www.facebook.com/mspradionews
Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
[00:00:02] AI is being franchised. Vendors will supply platforms, Washington will supply vague rules, and MSPs will supply accountability. So either you sell governed deployments at a premium, or you become the uninsured workbench for everyone else's hype. This is the Business of Tech. I'm Dave Sobel.
[00:00:24] Let's start with Anthropic. The company has been building one of the more structured enterprise partner programs in the AI space. CRN confirmed that Anthropic is formally expanding its clawed partner network, from roughly 100 initial partners to a target of several thousand, organized into a four-tier structure with outcome-based incentives attached to each level.
[00:00:47] A separate announcement detailed a dedicated services track aimed explicitly at solution providers, system integrators, and managed service firms that can take AI projects from scope to enterprise deployment. The recruitment and enrollment is already underway. At the same time, Microsoft is showing something significant about how its own AI rollout is actually landing with users. The company announced it will allow Windows and Office users to fully remove Copilot from their systems.
[00:01:17] And the data behind that decision is worth noting. Microsoft's own reporting puts Copilot adoption at approximately 3.3% of eligible users. The picture looks similar when you zoom out to enterprise investment broadly. A survey of 800 organizations worldwide, conducted by IDC and commissioned by the network services firm Xperio, found that roughly 70% of companies are currently allocating budget to artificial intelligence.
[00:01:45] The survey's primary finding, the dominant driver is fear of falling behind competitors, not documented results from deployments already in place.
[00:01:54] Where AI is actively in use inside organizations, the risk exposure is not distributed evenly. A separate report analyzing enterprise AI activity found that the top 5% of users inside companies are each generating at least 144 AI conversations, and that small cohort accounts for a disproportionate share of total AI-related risk exposure across the enterprise.
[00:02:21] On the government side, the direction is consistent. Lawmakers from both parties have warned that cuts to CISA, federal agency responsible for protecting civilian networks, have materially weakened its capacity. The government, declining to enforce AI accountability, is simultaneously pulling back on its own cyber defense infrastructure.
[00:02:42] A startup called Lemmy emerged from stealth with pre-seed funding and a specific platform built for managed service providers, a product that enables MSPs to package, sell, and manage AI transformation as a recurring service, with the stated goal of converting one-off AI projects into scalable, ongoing managed service engagements. If you're listening to this and haven't hit follow yet on Apple Podcasts, search Business of Tech. It takes 5 seconds, and you'll get the next episode automatically.
[00:03:52] The SMB Online Conference is June 23rd through 25th, and registration is open now. Three days of practitioner-focused sessions. Pricing, M&A, AI, private equity, service delivery. No vendor speakers, no fluff. The theme is, profitable is enough. If that resonates, you should be there.
[00:04:15] Small Biz Thoughts community members get in free. Everyone else, $399 at smbonlineconference.com. Those signals, vendor channel build-out, enterprise budgets driven by competitive fear, governance capacity thinning, they aren't coincidental. They're being pushed by the same underlying dynamic. The pressure begins with the financial clock.
[00:04:40] Anthropic has officially filed a confidential registration statement with the SEC, beginning its IPO process while carrying a valuation of roughly $900 billion. Recently surpassing OpenAI is the highest-value AI startup in the world. At Microsoft Build, OpenAI and Microsoft jointly reported that AI-related services now account for roughly 40% of their combined enterprise revenue. Numbers at that level create a specific investor expectation, enterprise deployment at scale.
[00:05:09] The fastest path to that proof is a channel showing thousands of simultaneous client deployment, not a direct sales force building them one at a time. The demand side of that equation is real, though it comes with a gap underneath it. TechCrunch documented what executives are calling AI psychosis, a measurable disconnect between what leadership believes AI will accomplish and what their organizations can actually operationalize. CEOs want the output.
[00:05:38] They are not, in most cases, managing the implementation. The timing is not accidental. Sam Altman of OpenAI and Dario Amadei of Anthropic both publicly reversed earlier warnings about AI-driven job displacement, shifting emphasis to productivity and adoption. And Microsoft expanded the surface area of that demand at Build where executives described Scout, its new AI assistant embedded across the M365 suite as, in their words,
[00:06:07] the first real personal assistant the company has offered customers. What is not filling that gap is the government, and its posture has been consistent across every front. The White House issued an executive order requiring AI companies to voluntarily submit frontier models for a 30-day pre-release review, with no enforcement mechanism and no binding accountability framework attached.
[00:06:31] NIST simultaneously rebranded its AI oversight consortium around measurement, innovation, and adoption, rather than enforcement standards. Both moves point the same direction. The regulatory layer that would otherwise define accountability for AI in production has, by deliberate design, declined to do so. The accountability transfer is going to show up in contracts.
[00:06:56] When a client's AI usage spikes, an agent runs more queries than expected, a workflow triggers at scale, a co-pilot session runs long, the variable cost under consumption-based billing doesn't land with a vendor. It lands with whoever holds the service agreement. MSPs that haven't renegotiated their contracts to account for consumption variability are already carrying financial risk they didn't price. That gap shows up in the compliance picture.
[00:07:25] A report on data sanitization practices across organizations found that 94% of compliance and sustainability leaders say they are confident in their organization's ability to handle sensitive data correctly. In the same survey, more than one-third of those same organizations reported a data leak within the past year, with one in eight breaches traced to sensitive information left on retired or disposed devices. That confidence-to-breech ratio is not a data quality problem.
[00:07:54] It's a structural feature of how organizations assess their own posture, which is to say they routinely can't. The MSP is, in most cases, the only party positioned to deliver an accurate, independent view of what is actually happening in a client environment. The fork those two data points describe is the same one. An MSP that treats AI implementation as a reseller motion, moving products, collecting margin, and inheriting whatever the engagement produces,
[00:08:24] will eventually be the party explaining a variable invoice the client didn't expect, or a compliance failure the client didn't know was coming. The MSP that positions as the governed layer, defining scope, setting contractual limits, and treating data handling and usage controls as the product, is selling something the vendor cannot provide and the government will not require. One of the hardest problems in managed services isn't technology.
[00:08:53] It's delivering projects predictably and profitably. Every MSP has lived this moment. You estimate a project at 40 hours, and it ends up taking night. Not because your team isn't capable, but because projects have dependency, shared engineers, shifting priorities, and timelines that change constantly. That's where Movala comes in. Movala uses automation and AI-driven scheduling to build accurate project timelines and continuously adjust them as conditions change.
[00:09:22] That means you know with certainty when a project will actually finish, when engineers will become available, and when you can safely take on new work. For MSPs trying to run a more mature, predictable operation, kind of visibility is a big deal. If you want to deliver projects without the constant overruns, visit Movala.com slash MSP Radio. That's M-O-O-V-I-L-A dot com slash MSP Radio to learn more.
[00:09:52] Why do we care? Because your clients are not asking you about AI governance. They're hearing from vendors, and the vendors are already answering by writing you into the delivery layer. The conversation that needs to happen is not a technical briefing. It's a reframe of the relationship. Who in this engagement is responsible for what AI does in your environment, and does what we've actually signed reflect that?
[00:10:19] That conversation is the product, and it's one none of your clients have had yet. So what to consider? Contract surgery before channel enrollment. Before joining any AI vendor partner program, Anthropic, Microsoft, or otherwise, audit every existing master services agreement for consumption variability language.
[00:10:40] Consumption-based billing for AI workloads means a single agentic workflow running at scale can generate an invoice the client never anticipated. If the contract doesn't define usage ceilings, approval workflows, and cost escalation notification requirements, the MSP is carrying that exposure. Fix the contract first. Enroll in the program second. Separate the governance layer from the deployment layer, and price them independently.
[00:11:11] Deployment without governance is the default state. An MSP that offers AI usage monitoring, data boundary enforcement, and audit evidence as a distinct recurring line item is selling something the vendor doesn't provide and the client demonstrably needs. Evaluate Lemmy with appropriate skepticism. The platform addresses a real problem, converting AI projects into recurring managed services.
[00:11:35] But pre-seed stage from a $2 million venture studio means the product is early and the liability architecture is unproven. Before building a service practice on top of any AI-as-a-service platform, MSPs need to understand what contractual protections the platform provides when an AI-assisted recommendation causes client harm. If the answer is none, the MSP is the indemnification layer by default.
[00:12:04] And run the accountability question with your top accounts now. In the next 30 days, ask each top client directly. When an AI tool in your environment makes a decision that costs you money or surfaces a compliance problem, who in our current agreement is responsible for making it right?
[00:12:24] If this trend continues, within 18 months, serious MSPs will stop selling AI implementation as a project and start selling AI governance operations as a recurring service. That's including usage controls, data boundary enforcement, workflow approval, audit evidence, and liability language. Providers that fail to make this shift will be treated by clients as general support for AI systems they did not design, cannot fully control, and did not price correctly.
[00:12:53] This is the Business of Tech.
[00:13:35] Thanks for listening. I'll see you on the next episode.