AboutBlogBusiness First AIFounder FreedomBook a conversation

What an AI exit clause should cover in contracts

May 17, 2026
A business owner reading a contract document at a desk with a pen in hand
TL;DR

An AI exit clause sets out what happens when your vendor relationship ends: your right to leave, how the supplier helps you migrate, what happens to your data, and who pays for the transition. For UK owner-managed firms, getting these terms right before signing is far cheaper than renegotiating them after the relationship turns.

Key takeaways

- An AI exit clause covers exit rights, transition support obligations, data export and deletion requirements, and cost allocation for the migration period. - AI tools embed quickly into workflows, leaving you with weakened negotiating power unless exit terms are agreed before you sign. - The ICO and FCA require that you can explain, audit, and remove AI-generated decisions after a contract ends, so post-termination data access is not optional for regulated activities. - Identify critical AI tools by asking what would break if the vendor disappeared tomorrow. Those contracts need detailed exit provisions, including defined transition periods and pre-agreed rates. - Adjacent terms to address in the same contract include data portability format, IP ownership of AI-generated outputs, and supplier obligations to notify you of material model changes.

A firm signs for an AI tool to run its client intake process. Twelve months later, the vendor doubles the price. The tool is now woven into every onboarding workflow, and migrating off it will take three months of staff time. The contract? Standard terms, thirty days’ notice, nothing about data export, nothing about transition support. Nothing about who owns the custom configurations the team spent weeks building inside the platform.

That is the situation an AI exit clause exists to prevent.

What is an AI exit clause?

An AI exit clause is the part of your contract that answers one question: if we stop using this AI system, what happens next? It covers your right to leave, how the supplier helps you migrate, what happens to your data, and who pays for transition support. Morgan Lewis advises treating exit as its own workstream at the contracting stage, not a clause buried in boilerplate.

The clause typically bundles four elements. First, exit rights: the specific conditions under which you can end the service, from contract expiry and termination for convenience (typically 30 to 90 days’ notice) through to termination for cause. Second, the exit process: what the supplier must do to help you leave, including timelines, handover obligations, and cooperation with any new provider you bring in. Third, data and model handling: how your input data, AI-generated outputs, logs and customisations are exported, deleted or transferred, and in what format. Fourth, cost and risk allocation: what you pay for transition support, and who carries the liability if disputes arise after the contract ends.

Why does an AI exit clause matter for your business?

The deeper an AI tool sits inside your workflows, the more disruptive it is to move. Vendors know this, and not all of them use that knowledge generously. Without clear exit terms, you may face price increases you cannot escape, data held in formats only the vendor can read, or a migration you have to fund entirely yourself at a time of your choosing.

Morgan Lewis is direct about the risk: AI agreements without clear exit mechanics can leave the customer stranded if costs increase, performance degrades, the provider’s roadmap changes, or regulatory expectations evolve. For a small services firm, “stranded” typically means paying over the odds for a tool you cannot leave, or carrying compliance exposure because you cannot cleanly extract your data.

The Competition and Markets Authority has flagged that a small number of providers control the most capable foundation models, creating lock-in risk for downstream users. A 2024 survey by the Department for Science, Innovation and Technology found that 15% of UK businesses were already using at least one form of AI. As adoption grows, so does the practical cost of weak exit terms.

For regulated firms, the stakes are higher. The FCA has made clear that financial services businesses remain responsible for outcomes when a third-party AI provider fails or exits the market, which means operational resilience planning must include a realistic exit path, not just a termination right.

Where will you actually meet an AI exit clause?

Exit clauses become relevant whenever you sign a formal agreement for AI services that involves your client data, your regulated workflows, or a meaningful operational dependency. In practice, they typically appear once a tool has moved from pilot to production: when it handles client communications, automates financial reporting, screens job applications, or shapes pricing decisions.

Four situations make them particularly important. The most common is ordinary contract renewal or vendor switch: when a term expires or you choose a different provider, you need continuity of access to your data and a managed handover window. Morgan Lewis and Berry Smith both recommend a defined transition period of 30 to 90 days, with the supplier obligated to cooperate.

Performance and cost changes are a second trigger. AI models can shift behaviour and pricing quickly. A well-drafted clause allows termination where service quality drops below agreed levels, or pricing increases become commercially unreasonable, tied to specific thresholds rather than vague language.

Regulatory pressure is a third. Bird & Bird advise that customers should have a right to terminate where continuing to use the AI service would put the customer in regulatory breach, even if the supplier has not technically violated its own contractual obligations. A&L Goodbody recommend including AI-specific triggers such as failure to correct documented bias within a defined period, or a data protection breach linked to the AI system itself.

The fourth is cessation of an underlying service. Many AI products depend on third-party foundation models. A&L Goodbody advise including a migration right if the underlying platform becomes unavailable or its licensing terms change materially.

When should you push for detailed exit terms, and when is a lighter approach enough?

You need detailed exit provisions wherever the AI tool materially affects your revenue, your compliance obligations, or your client outcomes. For a tool that touches personal data, financial decisions, or regulated processes, a weak exit clause is a liability. For a low-stakes internal tool with no client data and no regulatory dimension, a basic data-export provision and a short notice period may be sufficient.

Start by identifying which of your AI tools are critical. A straightforward test: if the vendor disappeared tomorrow, what would stop working? Anything affecting client delivery, regulatory reporting, or financial decisions is critical. Those contracts need detailed exit rights, defined transition support, and data portability provisions.

For critical tools, five things are worth pressing for before you sign. First, a plain-English exit and transition schedule as its own named section. Second, defined timelines: how long does the supplier have to export your data, and how long do you retain read-only access to reports and history during the migration window? The ICO expects organisations to be able to evidence past AI decisions, which can mean needing log access for months post-exit. Third, pre-agreed rates for transition support, so you cannot be held to emergency consultancy fees when you try to leave. Fourth, clear IP terms confirming that you own the outputs the AI generated under your contract, and that the supplier’s right to train on your data ends when the contract does. Fifth, a regulatory-change termination right, allowing you to exit if new ICO or FCA guidance makes continued use legally uncomfortable.

A short-term pilot with no custom integration and no client data in scope does not need the same level of negotiation. The time and effort spent on exit terms should scale with what you would lose if the exit went badly.

What sits alongside an AI exit clause in a well-drafted contract?

An exit clause does its best work when the surrounding contract is consistent. Data ownership provisions, IP terms covering AI-generated outputs, UK GDPR processing obligations, and supplier notification requirements around model changes all affect how clean your exit will be. An exit clause negotiated in isolation will often find itself undermined by vague terms elsewhere in the same agreement.

Data portability is the starting point. Your contract should specify the format in which data is exported, not just that it will be returned. Structured, machine-readable exports matter because raw data in a proprietary format may be unusable without the vendor’s own tools to interpret it.

IP in AI-generated outputs also needs addressing. Under the Copyright, Designs and Patents Act 1988, computer-generated works receive special treatment in UK law, making contractual allocation of rights important. Ensure your contract confirms that outputs generated from your inputs belong to you, with no ongoing licence to the supplier after the relationship ends.

UK GDPR storage limitation applies on exit too. The ICO expects post-termination deletion of personal data to be documented in writing, consistent with Article 5’s storage limitation principle. Building a deletion certification requirement into the exit clause itself is more reliable than relying on the general data processing addendum.

If your product depends on a foundation model, require advance notice of material changes from the supplier. The Competition and Markets Authority has noted that foundation model providers exercise significant influence over downstream products, creating switching risk that downstream contracts should address.

For regulated firms, the FCA’s operational resilience expectations and the EU AI Act’s obligations on deployers add further considerations. High-risk AI applications covering hiring, credit decisions, or insurance carry documentation and human oversight obligations that your exit terms need to be able to support.

Sources

- Morgan Lewis (2026). Building Exit Rights and Portability into AI Deals. Recommends treating exit as its own workstream with defined transition periods and pre-agreed migration rates. https://www.morganlewis.com/blogs/sourcingatmorganlewis/2026/02/building-exit-rights-and-portability-into-ai-deals - A&L Goodbody (2025). Eight Essential Clauses for AI Contracts. Recommends AI-specific termination triggers including bias remediation failure and cessation of underlying model access. https://www.algoodbody.com/insights-publications/eight-essential-clauses-for-ai-contracts-a-guide-for-vendors-and-customers-in-northern-ireland - Bird & Bird (2025). The AI Contract Conundrum: Beyond Standard Terms. Advises that customers should have termination rights where continued AI use would place the customer in regulatory breach. https://www.twobirds.com/en/insights/2025/the-ai-contract-conundrum-beyond-standard-terms - Berry Smith LLP (2024). AI Clauses in Commercial Contracts. Covers data ownership, liability allocation, and post-termination data deletion at contract end. https://www.berrysmith.com/news/ai-clauses-in-commercial-contracts/ - ICO (2023). Explaining Decisions Made with AI. Sets out obligations for organisations using AI to explain and audit automated decisions, underpinning the case for post-termination log access. https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/artificial-intelligence/explaining-decisions-made-with-artificial-intelligence/ - NCSC (2025). Deploying AI Systems Securely. Includes guidance on safe decommissioning, credential revocation, and secure data deletion as part of AI lifecycle management. https://www.ncsc.gov.uk/collection/deploying-ai-systems-securely - Competition and Markets Authority (2024). AI Foundation Models: Update Paper. Warns of lock-in risk from foundation model concentration and recommends switching mechanisms in downstream contracts. https://www.gov.uk/government/publications/ai-foundation-models-update-paper - Financial Conduct Authority (2023). Artificial Intelligence in UK Financial Services (FS23/4). States that regulated firms remain responsible for outcomes when using third-party AI, with implications for exit planning. https://www.fca.org.uk/publications/feedback-statements/fs23-4-artificial-intelligence-uk-financial-services - Department for Science, Innovation & Technology (2024). UK Business Adoption of Artificial Intelligence Technologies. Reports 15% of UK businesses using at least one form of AI, contextualising the scale of vendor lock-in risk. https://www.gov.uk/government/statistics/uk-business-adoption-of-artificial-intelligence-technologies - UK GDPR (Data Protection Act 2018). Articles 5 and 28 set out storage limitation and processor obligations relevant to data deletion and export on contract termination. https://www.legislation.gov.uk/eur/2016/679/contents

Frequently asked questions

Does a standard termination clause cover AI tools?

Standard termination clauses set out when and how you can end the relationship, but they rarely address data export, migration support, or transition costs. AI tools create additional obligations because your data and customisations are embedded in the platform. A standard clause without an AI-specific exit schedule leaves those questions unanswered, typically at your expense when you finally try to leave.

What data should my AI vendor return to me on exit?

At minimum: all input data you provided, AI-generated outputs, logs showing model versions and parameters used, and any custom configurations you built. Format matters as much as completeness. Request structured, machine-readable exports rather than PDFs. The ICO expects organisations to be able to evidence past AI decisions, so log access during a post-termination run-off window is worth negotiating explicitly.

Can I terminate an AI contract if the regulator changes the rules?

You should be able to, and well-drafted contracts give you this right explicitly. Bird & Bird advise that customers should have a termination right where continuing to use the AI service would put the customer in regulatory breach, even if the supplier has not violated its own contractual obligations. Include this trigger explicitly, particularly for tools touching financial services, HR, or credit decisions.

Written by Dr Dave Heath, AI consultant and business strategist.

This post is general information and education only, not legal, regulatory, financial, or other professional advice. Regulations evolve, fee benchmarks shift, and every situation is different, so please take qualified professional advice before acting on anything you read here. See the Terms of Use for the full position.

Ready to talk it through?

Book a free 30 minute conversation. No pitch, no pressure, just a useful chat about where AI fits in your business.

Book a conversation

Related reading

Business owner at a desk reviewing content on a laptop with a notepad open beside them

Is AI worth the time and cost for a small firm?

A decision guide for owner-managers on when AI is worth the investment, when to hold back, and what to ask before committing.

Two people in a business discussion at a meeting table, reviewing documents together

When it makes sense to bring in an AI consultant

How to tell whether your AI project needs external consultancy, when to keep it internal, and what to ask before you make the call.

Business owner seated at a desk reviewing a printed contract document with a pen in hand

How to select the right AI supplier for your business

Three supplier shapes, five due diligence questions, and what UK law says about your accountability when you hand data to an AI vendor.

If any of this sounds familiar, let's talk.

The next step is a conversation. No pitch, no pressure. Just an honest discussion about where you are and whether I can help.

Book a conversation
AboutBlogBusiness First AIFounder FreedomContactBook a conversation
Privacy PolicyTermsCookie Policy

© 2026 Larocca Consulting Ltd