Every business runs on outside vendors, and the discipline of vetting and monitoring them — third-party risk management — has been reshaped by each wave of technological disruption. At the bare minimum, third-party risk management depends on knowing who those third-parties are. With AI providing even more allure for employees to bypass company controls, accessible via the web and mobile, and embedded as fourth-parties in services that aren’t obviously “AI” companies, the majority of the digital supply chain is composed of these shadow vendors.
The erosion of the inventory
Saying that we need to know who our vendors are before we can assess them is so obvious it sounds comical, yet this is the challenge that has slowly been eating away at the foundation of the discipline. Third-party risk management has its roots in twentieth-century manufacturing, and as production increased in scale and complexity, supply chain management became a meaningful contributor to a business’ success or failure. Fast-forward a hundred years and it’s a lot less obvious that an employee is using Zoom than that they ordered a shipment of steel. Information technology creates a world where vendors can be business-critical without being business-visible.
This problem, often called “shadow IT,” has been growing for decades. You’re likely guilty of it yourself; the vast majority of employees freely admit that they are. Prior studies have surveyed employees and found 60-80% say they use unapproved tools. To augment those self-reported findings, UpGuard conducted the first research study to measure web application usage against those tracked as part of organizations’ vendor risk management programs.
Our findings corroborate what surveys of self-reported shadow IT have suggested: when we compared the applications used by employees to their official company vendor inventories, 72.9% of vendors were not in the inventory. While vendor management repositories are vital for collating documents and data about vendors, current vendor intake methods mean those benefits–and really, those protections–are confined to a fraction of the supplier exposure.
Detecting AI vendors
The expansion and implications of unmanaged vendors in the context of AI-enabled services deepen the need for TPRM to realign its vendor discovery process. In many ways, AI services are the same as other SaaS applications: often accessed via a web browser, allowing unregistered users free access, and with standard concerns about data flows of sensitive and confidential information. At the same time, data shows they are even more likely to be used in the shadows, and for them to have their own fourth- and nth-party supply chains.
Compared to other types of digital vendors, organizations are actually pretty good at registering chatbots like ChatGPT. This might be because of top-down initiatives for AI adoption or because these are the most obvious kinds of AI–what most people think of as “AI companies.”
Still, 64% of organizations where employees used ChatGPT did not register ChatGTP/OpenAI as an approved vendor. That’s better than the 72.9% of unmanaged vendors overall, but still a massive amount of data exposed to the unique risks of large language models–especially when using these tools without an enterprise agreement means inputs are used as inputs to train the models in the future.
AI in the supply chain
While companies fared better than average with flagship chatbots, they did much worse where AI capabilities were embedded in the product. From a risk management perspective, that creates a double blindspot, as missing out on the third-party vendor also means lacking visibility into the foundation model provider actually doing the inference.
The most striking class of shadow AI tool was meeting assistants. Now ubiquitous, these tools monitor, transcribe, process the essential operational decisions of the business, and pass all that data along a supply chain to a foundation model–and 93.8% of them were used without appearing in the vendor management inventory.
Organizations have moved beyond the experimentation phase of AI applications into a time when they are deeply integrated with official processes, systems and data. The ubiquity of AI also makes it prone to surfacing amongst unapproved vendors in use. Seemingly harmless vendors–spellcheckers, for example–now have supply chains that make every vendor an AI vendor.
Discovery is the new perimeter
The central challenge for third-party risk management has shifted from the rigor of our assessments to the sheer volume of vendors we fail to identify. With 72.9% of the supplier ecosystem existing outside official inventories, and 64% of ChatGPT instances remaining invisible to procurement, the standard assessment process has become secondary to the crisis of visibility.
The traditional TPRM framework designed for a world of signed contracts and transparent paper trails has been scoped to a dangerously small slice of the supply chain. To effectively apply controls where they are needed, our approach must pivot to a new point of origin: discovery. Until our inventories accurately map the actual digital supply chain—accounting for shadow tools and the fourth-party models embedded within them—our controls will continue to address only a fraction of the true enterprise exposure.
