State of AI Vendor Risk 2026
Annual report on the AI vendor risk landscape — 162 vendors across 10+ countries, scored against 8 risk dimensions, with compliance posture, jurisdictional concentration, and the year in incidents.
Updated June 20, 2026 · Live data from the TrustAtlas catalog
TL;DR
- 162 AI vendors are in the catalog as of mid-2026, 129 (80%) with analyst-verified risk profiles backed by 956 cited sources.
- United States-headquartered vendors dominate the catalog (125 vendors, 77%) — concentration that creates jurisdictional exposure for non-US buyers.
- 120 of 162 vendors (74%) hold SOC 2 Type II — table stakes for U.S. enterprise procurement, but lower than buyers commonly assume.
- 8 vendors hold ISO 42001 (the new AI management system standard) — adoption is early but accelerating among mature labs.
- 26 incidents are logged across the catalog; 12+ are classified critical or high severity.
Catalog coverage
The catalog spans frontier-model labs, application-layer integrators, and hybrids that play both sides. Distribution is what you'd expect — a long tail of integrators built on a small number of frontier models, with hybrids growing fastest as labs ship API-first products.
| Taxonomy | Count | Share |
|---|---|---|
| Integrator | 95 | 59% |
| Hybrid | 39 | 24% |
| Frontier Builder | 28 | 17% |
Geographic concentration
Top-10 headquarters jurisdictions account for the bulk of the catalog. The concentration in a single jurisdiction creates real exposure for buyers operating in regions with stricter data residency or supply-chain requirements — the EU, government, and several APAC markets.
| HQ Country | Vendors | Share |
|---|---|---|
| United States | 125 | 77% |
| China | 6 | 4% |
| United Kingdom | 6 | 4% |
| Germany | 5 | 3% |
| France | 3 | 2% |
| Israel | 3 | 2% |
| Australia | 2 | 1% |
| Canada | 2 | 1% |
| India | 2 | 1% |
| Japan | 2 | 1% |
Drill in on jurisdictional risk: United States · China · United Kingdom · Germany · France
Risk distribution under default-balanced weights
Latest composite scores grouped by tier. Most vendors cluster in moderate (a function of the weighting rather than the underlying data — most vendors have at least one weak dimension). Few earn low overall, and elevated/high are concentrated in vendors with material disclosure gaps or dependency risk.
| Tier | Distribution | Count | Share |
|---|---|---|---|
| Moderate | 108 | 67% | |
| Elevated | 37 | 23% | |
| Low | 12 | 7% | |
| High | 5 | 3% |
Want different weights? Build your own profile in two minutes — healthcare, finance, legal, and government presets are available.
Compliance posture
Self-attested or publicly verifiable certifications across the catalog. SOC 2 Type II remains the most common attestation; ISO 42001 (the new AI management system standard) is the fastest-growing among mature vendors but still small in absolute terms.
The year in incidents
26 logged incidents across the catalog. Sources include vendor disclosure pages, regulatory actions, and public reporting; severity is assigned by the analyst team based on impact framework consistent across categories.
- High: 12 (46%)
- Medium: 9 (35%)
- Low: 3 (12%)
- Critical: 2 (8%)
Subscribe to /feed/incidents.xml for push updates as new incidents are logged.
The AI vendor wave by founding decade
When the catalog's vendors were incorporated. The 2020s bar is the visible AI wave — companies founded after the generative-AI inflection point — but the 2010s bar shows that a meaningful slice of today's AI vendors are pre-existing software businesses that pivoted into the category. Older decades capture incumbents (Microsoft, IBM, Oracle, SAP) that bolted AI onto established platforms.
| Decade founded | Distribution | Vendors | Share |
|---|---|---|---|
| 2020s | 64 | 40% | |
| 2010s | 71 | 44% | |
| 2000s | 14 | 9% | |
| 1990s | 5 | 3% | |
| 1980s | 2 | 1% | |
| 1970s | 4 | 2% | |
| 1960s | 1 | 1% | |
| 1910s | 1 | 1% |
Funding concentration
Disclosed venture and growth funding totals across the catalog sum to roughly $105.2B. The capital is heavily concentrated at the top — the ten best-funded vendors below account for the majority of disclosed totals. Public companies (Tempus AI, IBM, Microsoft, Oracle) are excluded from "funding total" where the relevant figure is market cap rather than VC raised.
| Rank | Vendor | Disclosed funding |
|---|---|---|
| 1 | OpenAI | $17.9B |
| 2 | Anthropic | $15.0B |
| 3 | CoreWeave | $12.7B |
| 4 | xAI | $12.0B |
| 5 | Stripe | $9.4B |
| 6 | Databricks | $4.6B |
| 7 | Mistral AI | $2.1B |
| 8 | Sierra | $1.6B |
| 9 | Inflection AI | $1.5B |
| 10 | Tempus AI | $1.4B |
Why this matters: capital concentration upstream forces a small number of frontier labs to support an enormous downstream surface of integrators. The dependency-chain dimension in the TrustAtlas score is designed to surface that exposure for each integrator that consumes those models.
What the industry is talking about (last 90 days)
Top ten vendors by tracked news volume across the catalog's RSS feeds (Hacker News, TechCrunch AI, vendor blogs, regulatory sources). News velocity is a leading indicator — when a vendor gets unusually loud it usually means a launch, a raise, a hire, an outage, or a regulatory action.
| Rank | Vendor | News items (90d) |
|---|---|---|
| 1 | Anthropic | 656 |
| 2 | Meta AI | 484 |
| 3 | Bloomberg | 472 |
| 4 | Nvidia | 438 |
| 5 | Palantir | 408 |
| 6 | xAI | 328 |
| 7 | Oracle | 322 |
| 8 | Microsoft | 311 |
| 9 | OpenAI | 308 |
| 10 | ServiceNow | 289 |
Subscribe to /feed/news.xml or browse the public news feed for the full stream.
Open weights versus proprietary access
Of the 153 vendors with at least one recorded capability, 34 (22%) ship at least one open-weight model. The rest are proprietary-API only. Open weights matter for two reasons: jurisdiction-sensitive deployments can self-host (eliminating cross-border data flow on inference), and procurement risk on a single foundation-model provider can be hedged by retaining a runnable fallback.
Methodology
All risk scores in this report use the default-balanced weight profile: 25% data handling, 20% IP exposure, 15% jurisdiction, 15% security, 10% regulatory compliance, 8% transparency, 5% business stability, 2% dependency chain. Full methodology covers the dimension definitions, scoring rubric, and how dependency-chain risk inherits upstream from frontier model providers.
Data sources: vendor trust centers, public attestation registries (AICPA SOC, ISO certificate registries, FedRAMP marketplace), regulatory filings, news monitoring across Hacker News and TechCrunch AI, plus per-vendor RSS feeds.
Trends to watch in 2027
- ISO 42001 adoption. Currently low single-digits of the catalog; expect rapid growth as enterprise buyers ask for it specifically and certification bodies scale capacity.
- EU AI Act high-risk obligations apply in full from August 2026. Vendors selling into regulated EU use cases (credit scoring, insurance pricing, employment) will need conformity assessment evidence.
- Sub-processor disclosure is becoming the procurement question. Expect more vendors to publish full sub-processor lists with notice mechanisms; expect more buyers to verify them before contract.
- Custom domains and trust centers. Vendors that consolidate compliance documentation onto a single trust-center URL pass procurement reviews faster than those that scatter it across PDFs and blog posts.
- Open-weight model dependency. Watch the dependency-chain dimension — applications building on a small number of frontier APIs concentrate risk; open-weight self-hosted alternatives change the calculus for jurisdiction-sensitive deployments.