Most of the conversation about shadow AI risk in small businesses focuses on internal employees: staff members using unauthorized AI tools with company data, consumer AI accounts processing client information without appropriate vendor agreements, the gap between what the IT policy says and what employees actually do. This is a real and significant risk, and addressing it is an important part of any AI governance program. But there is a parallel shadow AI risk that receives far less attention, that most businesses haven’t assessed, and that may actually represent a larger exposure than the internal risk they’re focused on.
The risk is vendor shadow AI — the unauthorized or ungoverned use of AI tools by the third parties your business shares data with. Your accounting firm processing your financial records through an AI tool without a compliant data processing agreement. Your marketing agency running client information through an AI content platform under consumer terms. Your legal counsel using an AI research or document drafting tool that processes confidential client communications. Your IT provider deploying AI monitoring tools that analyze business data streams without appropriate contractual protections. Each of these scenarios involves your data, processed by a third party, through AI systems that may not have the governance infrastructure that your compliance obligations require.
The shadow AI risk for small business extends well beyond internal employees — and for regulated businesses especially, the vendor shadow AI risk may carry greater regulatory exposure than the internal version, because the data shared with professional service vendors often includes the most sensitive, most regulated information in the business.
Why Vendor Shadow AI Is Different From Internal Shadow AI
Internal shadow AI — employees using unauthorized tools — is a governance failure within the business’s own organizational boundary. The business has the authority to set and enforce AI policies for its employees, to implement technical controls that shape employee behavior, and to create the approved AI alternative that makes unauthorized tool use unnecessary. The problem exists inside a perimeter the business controls, which means the solutions — policy, training, approved tooling — are within reach.
Vendor shadow AI operates outside that perimeter, in organizations the business doesn’t control, through employees the business doesn’t supervise, using tools the business didn’t select. A small business owner who has built a comprehensive internal AI governance program — acceptable use policies, employee training, approved enterprise AI tools — may be entirely unaware that the vendors handling the business’s most sensitive data are running that data through consumer AI tools with no governance protections whatsoever. The business has no visibility into vendor AI practices unless it asks, and most businesses have never asked.
The regulatory implications of vendor shadow AI are particularly significant for businesses in regulated industries. HIPAA’s Business Associate Agreement framework requires covered entities to ensure that all business associates that handle Protected Health Information implement appropriate safeguards — and those safeguards extend to the AI tools the business associate uses. If a covered entity’s billing company uses an AI coding assistant that processes PHI without a BAA and without HIPAA-compliant data handling, the covered entity bears compliance exposure from the business associate’s ungoverned AI use, not just from its own. The regulatory accountability follows the data, not the organizational boundary.
The FTC Safeguards Rule imposes a similar service provider management obligation on financial institutions: businesses subject to the Safeguards Rule must select service providers that maintain appropriate safeguards, require those safeguards contractually, and oversee service provider compliance. An accounting firm’s use of an AI tool that processes client financial data outside compliant vendor agreements is a Safeguards Rule exposure for the clients of that accounting firm who are themselves subject to the rule. The chain of accountability runs through the vendor relationship, and the regulator will evaluate whether the business exercised appropriate vendor oversight — regardless of whether the AI tool at issue was the business’s own or its vendor’s.
The Vendors Most Likely to Be Running Shadow AI With Your Data
Understanding which vendor categories pose the highest vendor shadow AI risk helps prioritize the assessment effort. The risk is highest where three factors converge: the vendor handles sensitive or regulated data categories, AI adoption in the vendor’s industry is occurring faster than governance infrastructure is being built, and the business relationship doesn’t currently include AI-specific contractual protections.
Professional services firms — accounting, legal, consulting, HR advisory — are the highest-risk vendor category for most small businesses. These firms handle extraordinarily sensitive data: financial records, legal strategy and communications, HR records including compensation and disciplinary history, and business intelligence that represents competitive assets. They also operate in industries that have been among the most enthusiastic early AI adopters, with AI tools for document drafting, research, analysis, and client communication spreading rapidly through these sectors. The combination of high data sensitivity and fast AI adoption without proportionate governance maturity makes professional services vendors the vendor category most likely to be processing client data through ungoverned AI tools right now.
Marketing and communications agencies are the second high-risk category. Marketing agencies that develop content, manage social channels, or run advertising campaigns on behalf of clients routinely work with client branding assets, audience data, customer communication history, and in some cases customer contact information. AI content generation, AI audience analysis, and AI-assisted campaign optimization tools have become widespread in the marketing industry, and many of these tools are accessed through consumer or standard subscription accounts rather than enterprise agreements with appropriate data handling protections. Client data submitted to AI tools for campaign personalization or content generation may be subject to model training provisions the agency hasn’t reviewed and the client doesn’t know about.
IT and managed service providers are the third category — particularly relevant for small businesses in regulated industries, where the MSP often has deep access to business systems and the data they contain. MSPs are deploying AI tools for network monitoring, security operations, documentation, and client communication management at an accelerating rate. When an MSP with administrative access to a healthcare practice’s systems deploys an AI monitoring tool that analyzes network traffic including patient data flows, without a BAA and without the practice’s knowledge, the exposure is both the practice’s and the MSP’s. Assessing the AI governance practices of the business’s IT provider is as important as assessing any other high-access vendor — and in many cases more important, because the IT provider’s access is broader than most other vendor relationships.
How to Assess Your Vendors for Shadow AI Risk
Assessing vendor shadow AI risk requires a structured inquiry process that goes beyond the standard vendor security questionnaire most businesses use. Traditional vendor security questionnaires focus on infrastructure security — encryption, access controls, incident response — and were developed before AI data handling became a material vendor risk. Extending that assessment to AI requires specific, targeted questions about AI tool use and governance that most vendors have never been asked before.
The AI-specific vendor assessment questions that provide the most useful signal are direct and specific rather than broad. Does the vendor use AI tools in any work performed on behalf of the client, including work involving client data? If so, what specific AI tools or platforms are used? Are those tools accessed through enterprise accounts with zero data retention and Data Processing Agreements, or through consumer or standard subscription accounts? Has the vendor executed a DPA or BAA with each AI platform that handles client data? What is the vendor’s AI acceptable use policy, and has the relevant staff been trained on it? Does the vendor’s incident response plan address AI-related data incidents specifically?
These questions will produce one of three responses. The best response is a vendor with a mature AI governance program who can answer each question specifically and produce documentation on request — a vendor whose AI practices are as well-governed as the business’s own, or better. The acceptable response is a vendor who is AI governance-aware, can describe what they’re doing, and has the basic infrastructure in place even if it’s not fully mature. The concerning response is a vendor who is unfamiliar with the questions, cannot describe their AI tool use specifically, or acknowledges using AI without having considered the governance implications — a vendor whose shadow AI exposure may be substantial and whose practices create risk for the business’s data.
According to the Federal Trade Commission’s data security guidance, a business’s obligation to maintain reasonable security over the data it handles extends to requiring appropriate safeguards from the service providers it uses. The FTC’s enforcement history makes clear that “we didn’t know our vendor was handling data that way” is not a defense — the reasonable security obligation includes exercising oversight of vendor data handling practices, which means knowing what those practices are. Vendor shadow AI assessment is the specific application of this oversight obligation to the AI layer of vendor operations.
What to Do When You Find Shadow AI in Your Vendor Relationships
The vendor shadow AI assessment process will likely surface a range from mature AI governance (a small minority of vendors, for most businesses assessing this for the first time) to complete unawareness (a significant minority, particularly among smaller professional services firms). The response to each finding requires a calibrated approach that accounts for the relationship value, the data sensitivity, and the vendor’s apparent capacity and willingness to address the gap.
For high-priority vendors — those handling regulated data categories with high sensitivity — the response to an inadequate AI governance finding is a direct conversation about what needs to change and a timeline for change. The business should provide the vendor with specific requirements: what contractual protections are needed for any AI platforms handling client data, what training the vendor needs to demonstrate has been provided to staff, and what documentation the vendor needs to be able to produce on request. This conversation may feel uncomfortable, particularly with long-standing professional relationships, but it is exactly the oversight conversation that the business’s own compliance obligations require it to have.
For medium-priority vendors, the approach can be a standard AI governance addendum to the existing service agreement — a contractual provision that requires the vendor to use only enterprise AI tools with appropriate DPAs for any work involving client data, prohibits the submission of client data to consumer AI accounts, and requires notification if a vendor AI tool is involved in a data incident. This addendum doesn’t require the vendor to have a mature AI program immediately; it establishes the contractual minimum and puts the compliance accountability for vendor AI practices where it belongs — on the vendor.
For vendors who are unable or unwilling to address shadow AI governance concerns after a reasonable engagement, the business faces a vendor risk decision: accept the exposure with documented management rationale, or transition to an alternative vendor whose AI governance practices are adequate. This decision should be made explicitly, with documentation of the risk assessment and the business judgment made, rather than by default through inaction. A regulator evaluating a data incident that involved a vendor’s ungoverned AI use will assess whether the business knew about the vendor’s practices and what it did — and “we assessed the risk and made a documented decision to continue the relationship while pursuing governance improvements” is a meaningfully better answer than “we didn’t know.”
According to the National Institute of Standards and Technology’s AI Risk Management Framework, managing AI risk in an organizational context requires attention to the full ecosystem in which AI operates — including the AI practices of vendors and partners whose systems interact with the organization’s data. The NIST framework’s emphasis on mapping AI risk across organizational boundaries, not just within them, reflects the same insight that vendor shadow AI risk illustrates: the exposure that matters is the exposure to your data, wherever it occurs, not just the exposure that occurs inside your own systems.
Building Vendor AI Governance Into Your Overall AI Program
Addressing vendor shadow AI risk is not a one-time assessment project — it is an ongoing vendor management discipline that needs to be integrated into the business’s broader AI governance program. New vendors come on board without being assessed. Existing vendors adopt new AI tools without notifying clients. Vendor staff changes mean that AI governance training that was in place when the relationship began may not have been maintained. The vendor AI risk landscape is as dynamic as the internal AI risk landscape, and it requires the same ongoing attention.
A managed AI services program that includes vendor governance as a core component — building AI-specific provisions into standard vendor agreement templates, conducting periodic vendor AI governance reviews for high-priority relationships, and providing guidance when vendor assessment findings require a response — gives the business a systematic approach to managing vendor shadow AI risk rather than leaving it unaddressed until a data incident makes it visible. The businesses most exposed to vendor shadow AI risk today are the ones that have built strong internal AI governance programs while leaving their vendor relationships entirely unaddressed. The complete picture of AI data security includes both — and both are achievable with the right program and the right partner.