Procurement · Market Analysis

AI certification in enterprise procurement. How vendor qualification requirements are shifting in 2026 and what AI vendors must prepare.

Q: Which enterprise sectors are moving fastest on AI certification requirements?

Financial services are the most advanced. DORA (Regulation (EU) 2022/2554), which applied from 17 January 2025, mandates third-party risk management frameworks that explicitly cover AI tools in critical and important functions. Banks and investment firms regulated by ECB, EBA, and national competent authorities have begun adding AI governance documentation requirements to vendor qualification questionnaires. Healthcare and the public sector are the second tier: EU AI Act Annex III classifies several medical and public-sector AI use cases as high-risk, creating deployer obligations that flow back into vendor selection. Enterprise technology procurement (SaaS, analytics, workflow automation) is the third tier, where AI governance certification is becoming a differentiator in competitive procurement rather than a threshold qualification.

Q: What documentation do enterprise procurement teams require from AI vendors?

Based on current procurement requirements in financial services and healthcare, the documentation typically required from AI vendors includes: technical documentation equivalent to Annex IV of Regulation (EU) 2024/1689 (system architecture, training data provenance, testing methodology, accuracy benchmarks); a risk management summary covering known failure modes and mitigation measures, aligned with Article 9 of the EU AI Act or NIST AI RMF documentation; evidence of governance arrangements including a named accountability structure and an AI risk policy; human oversight design specifying what the system does autonomously and what requires human review; incident response procedures covering how failures are detected, reported, and remediated; and, increasingly, a third-party certification or assessment report from a recognised framework such as ISO/IEC 42001, AIUC-1, or Agent Certified.

Q: How does Agent Certified map to enterprise procurement requirements?

Agent Certified's seven-dimension framework covers the primary evidence categories enterprise procurement teams request. The Trust and Safety dimension generates evidence on guardrails, incident response, and adversarial robustness. The Governance dimension generates evidence on accountability structures, risk policy, and audit trails that directly maps to DORA's ICT third-party risk documentation requirements. The Autonomy Envelope dimension generates evidence on what the system does autonomously versus with human oversight, which maps to Article 14 and Article 26(2) of the EU AI Act. The Context Integrity dimension generates evidence on data governance and training data provenance, which maps to Article 10 of the EU AI Act. A completed Agent Certified assessment report provides a structured reference document that procurement teams can evaluate in hours rather than requesting dozens of ad hoc documentation items.

Q: Does ISO 42001 certification satisfy enterprise AI procurement requirements?

ISO/IEC 42001:2023 certification establishes that an organisation has a documented AI management system meeting the Standard's requirements. It is a management system standard, comparable in structure to ISO 9001 for quality management. Enterprise procurement teams in financial services and public sector increasingly reference ISO 42001 as a threshold qualification for AI system vendors. However, ISO 42001 is an organisation-level standard and does not certify individual AI systems or agents. A vendor certified to ISO 42001 has demonstrated AI management system governance but has not necessarily produced agent-level documentation of the specific system's capabilities, autonomy envelope, and testing methodology. A complete procurement response typically requires both organisation-level governance (addressed by ISO 42001) and system-specific documentation (addressed by frameworks like Agent Certified or AIUC-1).

Enterprise buyers in financial services, healthcare, and the public sector are changing how they qualify AI vendors. Governance certification, third-party assessment reports, and system-specific technical documentation are moving from "nice to have" to threshold qualifications. This analysis explains which sectors are moving fastest, what documentation they require, and how AI vendors can use the Agent Certified framework to prepare a procurement-ready evidence package.

By Future Proof Intelligence Published 14 June 2026 Reading time 13 minutes

Key takeaways

Enterprise AI procurement is in the early stages of a structural shift. AI governance certification, previously a voluntary differentiator, is becoming a threshold qualification for vendor approval in regulated sectors. The first movers are financial services enterprises under DORA, followed by healthcare and public sector under EU AI Act Annex III obligations.
The documentation that enterprise procurement teams require from AI vendors maps directly to the evidence that EU AI Act compliance, DORA third-party risk management, and AI insurance underwriting each require independently. A vendor who builds this evidence package once can reuse it across three separate commercial and regulatory processes.
ISO/IEC 42001:2023 is becoming the organisation-level governance threshold. But ISO 42001 certifies a management system, not individual AI systems. Procurement teams that have moved past the ISO 42001 threshold are now asking for system-specific documentation: autonomy envelope, testing methodology, human oversight design, and incident response. Agent Certified addresses this second layer.
Financial services procurement under DORA is the most advanced. DORA Article 28 requires institutions to maintain a register of all ICT third-party service providers, with a risk assessment for each. AI tools are ICT services. The documentation requirements for that risk assessment are generating specific vendor qualification criteria that banks and investment firms are now enforcing.
The certification-to-coverage pathway creates a compounding advantage for pre-certified vendors. A vendor with a documented Agent Certified assessment is in a stronger position for AI insurance underwriting as well as procurement qualification, because both require the same underlying evidence of governance, testing, and oversight design.

The structural shift in enterprise AI procurement

Until mid-2025, AI governance certification in enterprise procurement was primarily a differentiator: a vendor who could produce evidence of structured AI governance stood out from competitors who could not. By mid-2026, the dynamic in regulated sectors has begun to shift. Threshold qualification rather than differentiation is the operative frame for financial services, healthcare, and public sector buyers who have been pushed by DORA, the EU AI Act, and the revised Product Liability Directive to formalise their AI third-party risk management.

The mechanism driving this shift is simple. An enterprise deploying an AI vendor's product in a regulated context becomes the deployer of that system under the EU AI Act and the ICT services customer under DORA. The enterprise's own regulatory obligations require it to verify the AI system's governance, testing, and oversight arrangements before deployment. If the vendor cannot provide that evidence, the enterprise faces a compliance gap it cannot fill from its own side. Refusing to approve vendors who cannot document their AI governance is not virtue signalling: it is the only rational response to an enterprise's own compliance obligations flowing back into vendor selection.

This dynamic is most mature in financial services. It is approximately twelve to eighteen months behind in healthcare and the public sector. It is emerging, but not yet formalised, in enterprise SaaS and technology procurement.

Financial services: DORA as the procurement driver

DORA, Regulation (EU) 2022/2554 on digital operational resilience for the financial sector, applied from 17 January 2025. It requires banks, investment firms, insurance companies, and other financial entities within its scope to implement a comprehensive ICT risk management framework that includes specific requirements for third-party ICT service providers.

Article 28 of DORA requires financial entities to maintain a register of all ICT third-party service providers with a risk assessment for each, distinguishing between providers of critical or important functions and other providers. AI tools used in credit decisioning, risk modelling, fraud detection, algorithmic trading, and customer service in financial services are ICT services under DORA. A bank that deploys a vendor's AI credit decisioning model must maintain a documented risk assessment of that vendor and that model as part of its DORA compliance.

The risk assessment content DORA requires maps to the documentation AI governance certification produces. The European Banking Authority's guidelines on ICT and security risk management under DORA specify that risk assessments should cover the provider's security arrangements, data governance, business continuity, change management, and exit procedures. For AI-specific tools, banks are extending this assessment to cover the AI system's testing methodology, known failure modes and mitigations, data provenance, and human oversight design.

The practical effect is a DORA-driven vendor qualification questionnaire that is, in substance, an AI governance assessment. Banks are sending these questionnaires to AI vendors before renewal and before new procurement decisions. Vendors who cannot answer them from pre-existing documentation face a disproportionate burden of ad hoc documentation work for each customer. Vendors who have completed a structured AI governance assessment against a recognised framework can provide a single reference document that answers the questionnaire with material reuse.

The European Central Bank's supervisory priorities for 2026 include ICT and operational resilience as a primary focus area, with specific attention to third-party risk and AI governance. ECB-supervised banks can therefore expect active supervisory inquiry into how they manage AI vendor risk, which reinforces the procurement pressure that DORA creates independently. For detailed analysis of how EU AI Act operator obligations interact with coverage, see the Article 26 deployer obligations guide at agentliability.eu.

Healthcare: EU AI Act Annex III as the procurement driver

Healthcare is the sector with the most clearly defined AI risk categories under the EU AI Act. Annex III point 5 of Regulation (EU) 2024/1689 classifies AI systems intended to be used as safety components of medical devices, AI intended for medical triage in emergency rooms, and AI intended to assist in determining treatment decisions as high-risk AI systems subject to the full Article 26 deployer obligation set and, for providers, the full Chapter III obligation set including conformity assessment.

Healthcare procurement of AI is therefore not just a commercial decision but a regulatory one. A hospital or health system deploying an AI clinical decision support tool that is classified as a high-risk medical device AI is the deployer of a high-risk AI system. Its Article 26 obligations, including use in accordance with provider instructions, human oversight implementation, and serious incident reporting, cannot be satisfied unless the AI vendor provides the provider-level technical documentation and instructions for use that Article 13 and Annex IV require.

Healthcare procurement teams are responding to this obligation by adding AI Act compliance evidence requests to their technology vendor assessments. The documentation they request includes technical documentation of the AI system's intended purpose and performance characteristics, validation studies and accuracy benchmarks on the relevant clinical population, human oversight design specifications, and incident response procedures. These requirements align with what the Medical Device Regulation and the In Vitro Diagnostic Medical Devices Regulation already require for software classified as medical devices, which creates a documentation overlap that experienced healthcare AI vendors are beginning to manage with reusable evidence packages.

The revised EU Product Liability Directive (Directive 2024/2853), which applies from 9 December 2026, adds a strict liability dimension to healthcare AI procurement. Under Article 8 of the Directive, multiple economic operators in the supply chain can be jointly and severally liable for damage caused by a defective product including AI software. A healthcare provider that procures and deploys a vendor's AI system that later causes harm to a patient is jointly liable with the vendor for that harm regardless of fault. Healthcare procurement teams are using this joint liability exposure as an additional justification for requiring vendor certification before procurement approval.

Public sector: EU AI Act high-risk categories and procurement obligations

Public sector procurement of AI faces the highest concentration of Annex III high-risk categories in the EU AI Act. AI used in critical infrastructure (point 2), AI for education and vocational training decisions (point 3), AI in employment and worker management (point 4), AI in access to essential public services and benefits (point 5), and AI in law enforcement, migration, and justice administration (points 6, 7, and 8) are all Annex III categories with a high public sector prevalence.

Public sector deployers of these categories face the full Article 26 obligation set. They also face the Article 26(9) fundamental rights impact assessment obligation, which requires a FRIA before deploying high-risk AI in the specific contexts listed in that provision, several of which are characteristic public sector deployments: employment decisions, access to essential public services, and biometric categorisation.

European public procurement law is beginning to formalise these requirements into tender specifications. Several member state public procurement bodies have issued guidance recommending or requiring AI governance certification evidence from AI vendors tendering for public contracts involving Annex III high-risk AI. The Netherlands' National AI Strategy and the German Federal Government's AI Action Plan both reference AI governance certification as a procurement quality criterion. In France, the ANSSI (Agence nationale de la securite des systemes d'information) has published guidance for public sector technology procurement that addresses AI security requirements aligned with NIST AI RMF controls.

What documentation enterprise procurement teams require from AI vendors

Based on procurement questionnaires currently in circulation in financial services and healthcare, the documentation typically required from AI vendors includes seven categories of evidence. Understanding these categories allows vendors to structure a reusable evidence package rather than responding to each procurement request from scratch.

The first category is system-level technical documentation. This describes what the AI system does, the data it was trained on and its provenance, the testing methodology used to validate performance, accuracy benchmarks achieved in relevant test populations, and known limitations and failure modes. This corresponds directly to Annex IV of the EU AI Act's technical documentation requirements for high-risk AI systems.

The second category is risk management documentation. This covers the risks the AI system presents, the probability and severity of those risks, and the mitigations in place. A risk management summary structured around NIST AI RMF categories (Govern, Map, Measure, Manage) or ISO/IEC 42001 controls is increasingly acceptable to procurement teams familiar with those frameworks.

The third category is governance and accountability. This covers who in the vendor organisation is responsible for the AI system's ongoing performance, what policies govern its use, what audit trail exists for decisions about the system's development and deployment, and how the vendor's board is informed of material AI risks.

The fourth category is human oversight design. This specifies what the AI system does autonomously without human review, what triggers human oversight, and who in the deploying organisation will be assigned oversight responsibility. This category maps directly to Article 14 and Article 26(2) of the EU AI Act and is the category procurement teams find most difficult to assess without a structured framework reference.

The fifth category is incident response procedures. This covers how the vendor detects failures in the AI system's operation, how failures are communicated to deployers, and how remediation is managed. Post-market monitoring obligations under Article 72 of the EU AI Act and serious incident reporting under Article 73 are the regulatory drivers for this category.

The sixth category is data protection and privacy. This covers how the AI system handles personal data, what data subjects can access, and how data minimisation is implemented. This category is driven by GDPR obligations and intersects with Article 10 of the EU AI Act on data governance.

The seventh category is third-party assessment evidence. Increasingly, procurement teams are requiring evidence of external validation rather than vendor self-attestation for the first six categories. ISO/IEC 42001 certification covers the organisation-level governance evidence. System-specific frameworks such as Agent Certified and AIUC-1 cover the system-level technical and oversight evidence. A vendor who can provide both organisation-level and system-level third-party assessment evidence is in the strongest procurement position.

How Agent Certified maps to procurement documentation requirements

Agent Certified's seven-dimension framework produces evidence that maps directly to the procurement documentation categories above. The mapping is not incidental: the framework was designed to produce the evidence that insurers, regulators, and enterprise counterparties each need, which overlap substantially because all three are addressing the same underlying question of whether an AI system is safe to rely on.

The Trust and Safety dimension generates evidence on guardrails, adversarial robustness, incident playbooks, and the kill switch, which feeds the risk management documentation, incident response, and technical documentation categories. The Governance dimension generates evidence on accountability structures, risk policy, and audit trails, which feeds the governance and accountability category and maps to ISO 42001 Clause 5 (Leadership) and Clause 9 (Performance evaluation). The Autonomy Envelope dimension generates evidence on human oversight design, which feeds the human oversight category and maps to EU AI Act Articles 14 and 26(2). The Context Integrity dimension generates evidence on data governance and training data provenance, which feeds the data protection category and maps to EU AI Act Article 10.

An Agent Certified assessment report structured around these seven dimensions provides a single reference document that addresses six of the seven procurement documentation categories with a consistent evidence base. The seventh category, third-party assessment evidence, is the assessment report itself. For a full description of the assessment process and what the report contains, see the request assessment page and the full methodology.

The connection to insurance coverage amplifies the commercial value of pre-certification. Munich Re's aiSure product and Armilla's Lloyd's-backed AI liability coverage both use pre-underwriting assessment processes that draw on similar evidence to what procurement teams require. A vendor who has completed Agent Certified certification has documentation that serves procurement qualification, EU AI Act compliance evidence, and insurance underwriting evidence simultaneously. For the link between certification evidence and insurance coverage, see the certification and insurance eligibility analysis at agentinsured.eu.

Frequently asked questions

Why are enterprises now requiring AI governance certification from vendors?

Enterprise procurement requirements for AI governance certification are driven by DORA's ICT third-party risk management obligations (financial services, from January 2025), EU AI Act deployer obligations that require enterprises to verify AI system governance before deployment, and the Product Liability Directive's joint liability framework that exposes deployers alongside vendors to liability for defective AI. Requiring vendor certification is the mechanism enterprises use to satisfy their own compliance obligations while managing the liability they share with their AI suppliers.

Which enterprise sectors are moving fastest on AI certification requirements?

Financial services are the most advanced, driven by DORA's mandatory ICT third-party risk assessment framework. Healthcare is the second tier, driven by EU AI Act Annex III high-risk classifications for medical and clinical AI. Public sector is third, driven by the concentration of Annex III high-risk categories in government AI use cases and emerging public procurement guidelines. Enterprise technology procurement (SaaS, analytics, automation) is at the emerging stage where certification is a differentiator rather than a threshold qualification.

What documentation do enterprise procurement teams require from AI vendors?

The seven primary categories are: system-level technical documentation (training data, testing methodology, accuracy benchmarks, limitations); risk management documentation aligned with NIST AI RMF or ISO 42001 controls; governance and accountability evidence (named ownership, risk policy, audit trail); human oversight design (what the system does autonomously versus under human review); incident response procedures; data protection and privacy documentation; and third-party assessment evidence from recognised frameworks such as ISO 42001, AIUC-1, or Agent Certified.

Does ISO 42001 certification satisfy enterprise AI procurement requirements?

ISO/IEC 42001:2023 certification establishes organisation-level AI management system governance. It is increasingly required as a threshold qualification. However, ISO 42001 certifies management systems, not individual AI systems. Procurement teams that have moved past the ISO 42001 threshold are asking for system-specific documentation covering autonomy envelope, testing methodology, and oversight design. A complete procurement response typically requires both ISO 42001 (organisation-level) and a framework like Agent Certified (system-level).

How does Agent Certified map to enterprise procurement requirements?

Agent Certified's seven dimensions address six of the seven primary procurement documentation categories. Trust and Safety maps to risk management and technical documentation. Governance maps to accountability evidence. Autonomy Envelope maps to human oversight design. Context Integrity maps to data governance. A completed Agent Certified assessment report provides a single reference document that procurement teams can evaluate efficiently without requiring ad hoc documentation across multiple categories.

References

Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022 on digital operational resilience for the financial sector (DORA), OJ L 333, 27.12.2022. Articles 28 (ICT third-party risk management), 30 (contractual arrangements), and 28(8) (critical third-party providers).
European Banking Authority. Guidelines on ICT and security risk management, EBA/GL/2019/04. Updated in 2025 to address AI-specific risk categories. Available at eba.europa.eu.
Regulation (EU) 2024/1689 of the European Parliament and of the Council (EU AI Act). Articles 10 (data governance), 13 (transparency), 14 (human oversight), 26 (deployer obligations), Annex III (high-risk AI categories), Annex IV (technical documentation).
Directive 2024/2853 of the European Parliament and of the Council of 23 October 2024 on liability for defective products (revised Product Liability Directive). Article 8 (multiple liable parties and joint and several liability).
European Central Bank. ECB supervisory priorities 2026-2028, published November 2025. ICT and operational resilience, including third-party AI risk, is designated a primary supervisory focus area.
Regulation (EU) 2017/745 (Medical Device Regulation) and Regulation (EU) 2017/746 (In Vitro Diagnostic Medical Devices Regulation). Both classify certain AI software as medical devices subject to conformity assessment and technical documentation requirements that parallel EU AI Act Annex IV obligations.
NIST AI Risk Management Framework (AI RMF 1.0, January 2023) and NIST AI 600-1 (Generative AI Profile, July 2024). Used as a common reference standard in financial services and healthcare procurement assessments.
ISO/IEC 42001:2023. AI Management System Standard. Increasingly referenced as a threshold qualification in enterprise AI procurement. Certifies management system governance at the organisation level.
AIUC-1 Certification Standard for AI Agents (Artificial Intelligence Underwriting Company, 2025). System-level certification standard linked to AI liability insurance coverage. First AIUC-1-backed policy: ElevenLabs, February 2026.
Agent Certified Methodology, April 2026 version. Seven dimensions covering Trust and Safety, Context Integrity, Distribution Control, Product Maturity, Governance, AI Integration, and Autonomy Envelope. Published at agentcertified.eu/methodology.html.