AboutBlogBusiness First AIFounder FreedomBook a conversation

AI supplier risk assessment: a checklist for UK services firms

May 17, 2026
Person reviewing a printed checklist at a desk with a laptop open beside them
TL;DR

UK services firms are legally responsible for what their AI suppliers do with personal data and operational decisions, regardless of whose platform the processing happens on. A structured AI supplier risk assessment covers your obligations under UK GDPR, NCSC security guidance, and the EU AI Act where applicable. Match the depth of the check to the risk: a full assessment for client-facing or decision-support tools, a shorter check for internal tools with no personal data involved.

Key takeaways

- UK GDPR, ICO guidelines, and FCA rules place the compliance burden on you as the deployer; using a third-party AI tool does not transfer your legal responsibility to the supplier. - Triage your AI tools by impact: apply a full 30-plus-question check to any tool that processes personal data, supports regulated decisions, or contributes to professional advice; use a lighter check for internal tools with no personal data. - A pre-contract questionnaire should cover where data is processed, whether prompts are used to train the model, what security certifications the supplier holds, and how model updates are communicated. - The EU AI Act applies to UK firms serving EU clients; as a deployer under Article 26, you carry obligations around human oversight and may need to conduct a Fundamental Rights Impact Assessment. - Supplier due diligence is a continuous process: the ICO treats AI deployment as ongoing, AI systems change faster than conventional software, and a meaningful model update restarts the review clock.

A technology consultant drops a demo in your inbox. The AI reads incoming contracts, flags key renewal dates, and logs everything to your CRM automatically. It looks useful. You ask about pricing and how it integrates with your systems. What you probably do not ask is whether your client data is used to train the model, where the inference happens, or what the supplier’s security certifications cover.

That gap, between a compelling demo and a safe deployment, is what a structured AI supplier risk assessment is designed to close.

What is an AI supplier risk assessment?

An AI supplier risk assessment is a structured check you run before committing to any AI tool that will touch your data, your clients, or your operational decisions. It covers the supplier’s data handling practices, security controls, and regulatory compliance, as well as how they handle model updates and contractual obligations. In a UK context, this connects your buying decision to your obligations under UK GDPR and ICO guidance on AI systems.

Specialist frameworks now exist for this work. Knowlee’s AI Vendor Risk Assessment Checklist covers 35 questions split across four stages: pre-contract checks, EU AI Act compliance, contractual terms, and ongoing monitoring. It maps each question to specific EU AI Act articles and to ISO/IEC 42001, the international standard for AI management systems, so small firms are not inventing the process from scratch.

The key difference between an AI-specific checklist and a standard IT security review is the dynamic nature of AI systems. Conventional software behaves predictably after an update. AI models can shift their outputs after retraining, sometimes significantly, without the buyer being notified. That makes supplier risk assessment a continuous obligation through the contract, not a one-time hurdle at the buying stage.

Why does it matter for your business?

The ICO, FCA, and NCSC have each been clear that using a third-party AI tool does not transfer your legal responsibility for what it does. If a supplier’s AI processes personal data in a way that breaches UK GDPR, the ICO looks at you as the data controller, not at the supplier. The obligation to vet the supplier before signing is yours, and regulators have shown they will not accept delegation as a defence.

The ICO made this concrete in October 2023 when it issued an enforcement notice against the Home Office over a visa decision-making algorithm operated by a third party. The Home Office, as the data controller, was found liable for bias and insufficient transparency. The supplier was not the named party in the enforcement notice.

For FCA-regulated firms, the FCA has told boards directly that deploying AI through a third-party platform does not reduce responsibilities around operational resilience and consumer outcomes. JLT Specialty’s £7.88 million FCA fine in 2022, for failing to manage outsourcing and cybersecurity risks that led to unauthorised data access, illustrates what poor third-party oversight costs in a regulated sector.

The EU AI Act adds a further dimension for any UK firm serving EU clients. Under Article 26, you are treated as a “deployer” and carry obligations including following the supplier’s instructions for use, assigning human oversight, and in some cases conducting a Fundamental Rights Impact Assessment. Penalties for certain breaches can reach the higher of €35 million or 7% of global annual turnover.

Even setting aside regulation, the operational exposure is real. In 2023, Samsung employees accidentally uploaded proprietary source code and internal meeting notes to ChatGPT. Samsung had no policy governing what staff could share with public AI tools, and no supplier assessment had identified that particular risk before the incident.

Where will you actually meet this risk?

The risk shows up in four places most reliably: tools that handle client communications or advice, software integrated with your CRM or email, AI that supports decisions affecting individuals, and any tool used in activities where professional liability applies. Each of these connects personal data to a system the supplier controls, which is exactly the scenario UK and EU regulation is built around.

The NCSC has flagged specific attack paths that generative AI introduces which conventional software does not: prompt injection, where malicious content in a document manipulates the AI’s output, and data exfiltration through poorly controlled inference environments. If your AI tool processes documents your clients share with you, the security perimeter now includes the supplier’s infrastructure.

There are commercial risks here too. The CMA opened a review of AI foundation model markets in 2023, partly because so many businesses now depend on a small number of providers. If your workflows rely on a single AI stack and that provider changes its pricing or its terms, the disruption is immediate and your options are limited.

The Stability AI copyright lawsuits, brought by Getty Images and others over training data used in image generation, are a signal that provenance matters even in content creation tools. If you use AI to draft client-facing materials, asking the supplier how they source their training data and what licences they hold is a standard due diligence question, not an obscure legal nicety.

When should you do a full check?

The depth of your assessment should match the impact the tool can have on individuals. A full check, working through a specialist framework of 30-plus questions, is warranted for any AI that processes personal data, supports decisions about clients or employees, or operates in a regulated context. A lighter check is appropriate for internal tools processing only your own operational data where no personal information is involved.

The ICO’s guidance for small organisations supports this risk-based approach explicitly. The factors that push a tool into the full-check category are personal data processing, automated or partly automated decisions about individuals, the use of special category data, or any client-facing output where the firm carries professional indemnity exposure. Marsh, which advises professional services firms on liability, has noted that using generative AI in advice generation or due diligence without adequate controls creates increased negligence exposure.

For lower-impact tools, a shorter check covering data location, whether the supplier uses customer prompts to train their model, and their security certifications is typically sufficient.

One common error is treating the pre-contract assessment as the full scope of the obligation. Atlas Systems, which publishes a widely-used AI vendor questionnaire, makes this point plainly: AI systems change faster than conventional software. The ICO describes ongoing monitoring of AI deployments as an expectation, not a best practice. After significant model updates, or after any incident, the supplier relationship warrants a fresh look.

What else belongs in your AI buying process?

A supplier risk assessment sits alongside several other controls, not in place of them. Your firm needs a data processing agreement that reflects the supplier’s role under UK GDPR Articles 28 to 32, an internal policy governing what staff can share with AI tools, and a process for reviewing the arrangement when the supplier makes significant changes to the system. Supplier diligence alone will not protect you if your own governance is absent.

Where the AI system is likely to create high risk for individuals, a Data Protection Impact Assessment is required under UK GDPR before deployment. Your supplier’s cooperation in completing it is part of the process. The Knowlee checklist recommends requiring suppliers to notify you of model updates that change behaviour and to provide updated technical documentation after significant modifications. Both of those commitments belong in the contract before you sign, not as a verbal assurance during the sales call.

For firms in regulated sectors with EU clients, the EU AI Act conformity documentation adds a further layer. Providers of high-risk AI systems are required to register them in the EU database under Article 49 and to complete a conformity assessment. As the deployer, you should ask to see that documentation and confirm it reflects the actual system you are buying.

Finally, concentration risk is worth tracking. If you build operational dependency on a single AI provider and that provider changes its terms, withdraws a feature, or suffers an extended outage, your business takes the impact. Keeping a record of which AI tools you use, which processes depend on them, and what the fallback options are is ordinary business continuity planning. The first time many small firms think about it is after something goes wrong.

If you want to work through what this looks like in your specific firm, Book a conversation.

Sources

- ICO (2024). AI and data protection. ICO guidance on how UK GDPR applies to AI systems, covering DPIAs, fairness, transparency, and the controller's responsibility when using third-party AI processors. https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/artificial-intelligence/ - ICO (2024). Artificial intelligence and small organisations. ICO guidance for small UK organisations on managing AI risks, including a risk-prioritisation approach for AI use cases involving personal data. https://ico.org.uk/for-organisations/advice-for-small-organisations/artificial-intelligence-ai-and-small-organisations/ - NCSC (2024). The cyber security implications of generative AI. NCSC whitepaper covering AI-specific attack paths including prompt injection and data exfiltration, with recommendations for supplier security assurance. https://www.ncsc.gov.uk/whitepaper/the-cyber-security-implications-of-generative-ai - FCA (2024). Governing AI effectively: a speech for decision-makers. FCA address to regulated firms confirming that deploying third-party AI tools does not reduce board responsibility for operational resilience and consumer outcomes. https://www.fca.org.uk/news/speeches/governing-ai-effectively-decision-makers - European Parliament (2024). Regulation (EU) 2024/1689, the EU AI Act. Full text including Article 26 deployer obligations, Article 49 registration requirements, and penalty provisions of up to 7% of global annual turnover. https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32024R1689 - NCSC (2023). Guidelines for secure AI system development. Co-authored with US CISA; covers secure development lifecycle requirements and AI-specific risks organisations should require suppliers to address in pre-contract checks. https://www.ncsc.gov.uk/collection/guidelines-for-secure-ai-system-development - ICO (2023). ICO issues enforcement notice to Home Office over use of algorithm. Enforcement case illustrating that the data controller, not the algorithm supplier, carries accountability under UK GDPR for third-party AI systems. https://ico.org.uk/about-the-ico/media-centre/news-and-blogs/2023/10/ico-issues-enforcement-notice-to-home-office-over-use-of-algorithm/ - Marsh (2024). Generative AI and professional indemnity risks. Marsh guidance on increased negligence exposure for professional services firms using AI in advice generation or due diligence without adequate controls. https://www.marsh.com/uk/en/industries/professional-services/insights/generative-ai-professional-indemnity-risks.html - Knowlee (2026). AI Vendor Risk Assessment Checklist. 35-question checklist aligned to EU AI Act Articles 25-26 and ISO/IEC 42001, covering pre-contract, compliance, contractual, and ongoing monitoring stages. https://www.knowlee.ai/blog/ai-vendor-risk-assessment-checklist - Atlas Systems (2026). AI Vendor Risk Questionnaire for Compliance. Questionnaire covering regulatory compliance evidence, third-party dependencies, logging, and the principle that vendor statements require independent verification rather than acceptance at face value. https://www.atlassystems.com/blog/ai-vendor-risk-questionnaire

Frequently asked questions

Does signing a supplier's data processing agreement cover all my obligations under UK GDPR when using their AI tool?

A data processing agreement is necessary but not sufficient. It confirms the supplier's role as a processor and sets out their obligations, but it does not guarantee they are meeting them. You still need to verify their security controls, understand where data is processed, confirm they are not using your inputs for model training without your consent, and review the arrangement when the supplier makes significant changes to the system.

Which AI tools actually require a formal risk assessment under UK law?

UK GDPR requires a Data Protection Impact Assessment for AI systems likely to result in high risk to individuals, which typically includes tools that make automated decisions, process special category data, or profile people at scale. Beyond that, the ICO's risk-based approach means you should also assess any AI handling client personal data, even where a full DPIA is not strictly required. The depth of the check should match the risk level.

What should I do if a supplier refuses to answer my pre-contract questionnaire?

Treat a refusal to engage as material information. A supplier who will not confirm where your data is processed, whether they hold a security certification, or how they handle model updates is giving you data about their governance culture. For tools that will process client personal data or support regulated decisions, the right response is usually to find an alternative supplier. The inability to answer basic due diligence questions is itself a risk signal.

Written by Dr Dave Heath, AI consultant and business strategist.

This post is general information and education only, not legal, regulatory, financial, or other professional advice. Regulations evolve, fee benchmarks shift, and every situation is different, so please take qualified professional advice before acting on anything you read here. See the Terms of Use for the full position.

Ready to talk it through?

Book a free 30 minute conversation. No pitch, no pressure, just a useful chat about where AI fits in your business.

Book a conversation

Related reading

Business owner at a desk reviewing content on a laptop with a notepad open beside them

Is AI worth the time and cost for a small firm?

A decision guide for owner-managers on when AI is worth the investment, when to hold back, and what to ask before committing.

Two people in a business discussion at a meeting table, reviewing documents together

When it makes sense to bring in an AI consultant

How to tell whether your AI project needs external consultancy, when to keep it internal, and what to ask before you make the call.

Business owner seated at a desk reviewing a printed contract document with a pen in hand

How to select the right AI supplier for your business

Three supplier shapes, five due diligence questions, and what UK law says about your accountability when you hand data to an AI vendor.

If any of this sounds familiar, let's talk.

The next step is a conversation. No pitch, no pressure. Just an honest discussion about where you are and whether I can help.

Book a conversation
AboutBlogBusiness First AIFounder FreedomContactBook a conversation
Privacy PolicyTermsCookie Policy

© 2026 Larocca Consulting Ltd