State of AI Vendor Risk 2026
Annual report on the AI vendor risk landscape — 153 vendors across 10+ countries, scored against 8 risk dimensions, with compliance posture, jurisdictional concentration, and the year in incidents.
Updated May 6, 2026 · Live data from the TrustAtlas catalog
TL;DR
- 153 AI vendors are in the catalog as of mid-2026, 110 (72%) with analyst-verified risk profiles backed by 864 cited sources.
- United States-headquartered vendors dominate the catalog (121 vendors, 79%) — concentration that creates jurisdictional exposure for non-US buyers.
- 114 of 153 vendors (75%) hold SOC 2 Type II — table stakes for U.S. enterprise procurement, but lower than buyers commonly assume.
- 8 vendors hold ISO 42001 (the new AI management system standard) — adoption is early but accelerating among mature labs.
- 26 incidents are logged across the catalog; 12+ are classified critical or high severity.
Catalog coverage
The catalog spans frontier-model labs, application-layer integrators, and hybrids that play both sides. Distribution is what you'd expect — a long tail of integrators built on a small number of frontier models, with hybrids growing fastest as labs ship API-first products.
| Taxonomy | Count | Share |
|---|---|---|
| Integrator | 92 | 60% |
| Hybrid | 35 | 23% |
| Frontier Builder | 26 | 17% |
Geographic concentration
Top-10 headquarters jurisdictions account for the bulk of the catalog. The concentration in a single jurisdiction creates real exposure for buyers operating in regions with stricter data residency or supply-chain requirements — the EU, government, and several APAC markets.
| HQ Country | Vendors | Share |
|---|---|---|
| United States | 121 | 79% |
| China | 6 | 4% |
| United Kingdom | 5 | 3% |
| Germany | 4 | 3% |
| France | 3 | 2% |
| Israel | 3 | 2% |
| Australia | 2 | 1% |
| Canada | 2 | 1% |
| Japan | 2 | 1% |
| South Korea | 2 | 1% |
Drill in on jurisdictional risk: United States · China · United Kingdom · Germany · France
Risk distribution under default-balanced weights
Latest composite scores grouped by tier. Most vendors cluster in moderate (a function of the weighting rather than the underlying data — most vendors have at least one weak dimension). Few earn low overall, and elevated/high are concentrated in vendors with material disclosure gaps or dependency risk.
| Tier | Distribution | Count | Share |
|---|---|---|---|
| Moderate | 106 | 69% | |
| Elevated | 31 | 20% | |
| Low | 12 | 8% | |
| High | 4 | 3% |
Want different weights? Build your own profile in two minutes — healthcare, finance, legal, and government presets are available.
Compliance posture
Self-attested or publicly verifiable certifications across the catalog. SOC 2 Type II remains the most common attestation; ISO 42001 (the new AI management system standard) is the fastest-growing among mature vendors but still small in absolute terms.
The year in incidents
26 logged incidents across the catalog. Sources include vendor disclosure pages, regulatory actions, and public reporting; severity is assigned by the analyst team based on impact framework consistent across categories.
- High: 12 (46%)
- Medium: 9 (35%)
- Low: 3 (12%)
- Critical: 2 (8%)
Subscribe to /feed/incidents.xml for push updates as new incidents are logged.
Methodology
All risk scores in this report use the default-balanced weight profile: 25% data handling, 20% IP exposure, 15% jurisdiction, 15% security, 10% regulatory compliance, 8% transparency, 5% business stability, 2% dependency chain. Full methodology covers the dimension definitions, scoring rubric, and how dependency-chain risk inherits upstream from frontier model providers.
Data sources: vendor trust centers, public attestation registries (AICPA SOC, ISO certificate registries, FedRAMP marketplace), regulatory filings, news monitoring across Hacker News and TechCrunch AI, plus per-vendor RSS feeds.
Trends to watch in 2027
- ISO 42001 adoption. Currently low single-digits of the catalog; expect rapid growth as enterprise buyers ask for it specifically and certification bodies scale capacity.
- EU AI Act high-risk obligations apply in full from August 2026. Vendors selling into regulated EU use cases (credit scoring, insurance pricing, employment) will need conformity assessment evidence.
- Sub-processor disclosure is becoming the procurement question. Expect more vendors to publish full sub-processor lists with notice mechanisms; expect more buyers to verify them before contract.
- Custom domains and trust centers. Vendors that consolidate compliance documentation onto a single trust-center URL pass procurement reviews faster than those that scatter it across PDFs and blog posts.
- Open-weight model dependency. Watch the dependency-chain dimension — applications building on a small number of frontier APIs concentrate risk; open-weight self-hosted alternatives change the calculus for jurisdiction-sensitive deployments.