White Paper · AI Procurement

The AI Procurement Checklist 2026

A buyer-side framework for evaluating, pricing, and contracting enterprise AI — so that pilots become production systems without becoming open-ended cost and compliance liabilities.

By Atonement Licensing Advisory Former hyperscaler & AI-vendor commercial leads Published Jan 2026 · Updated June 2026 ≈ 17 min read

Executive Summary

Enterprise AI buying has outrun enterprise AI governance. In the rush to ship copilots, agents, and model-powered features, organizations are signing contracts written almost entirely for the vendor's benefit: consumption meters with no caps, training-data and IP terms that quietly mortgage the customer's own information, and "AI premium" pricing layered on top of subscriptions the buyer already owns. The result is a class of spend that grows faster than it can be measured and a contractual position that is difficult to unwind once a workload is in production.

This checklist distils what former vendor commercial leads and buyer-side advisors look for before an AI agreement is signed. It covers vendor and model evaluation, the new pricing metrics (tokens, queries, consumption credits, per-seat copilots), data and IP protection, security and compliance diligence, and exit and portability. The governing principle is the same one that protects every other software category: treat the first proposal as an opening position, insist on caps and measurement before you scale, and never let a pilot convert to a production commitment without a contract that has been negotiated as deliberately as the technology was selected.

2–4×

Typical gap between pilot and full-rollout AI run-rate cost

20–40%

Discount range achievable on AI add-ons by prepared buyers

60%+

Of AI contracts reviewed that lack a meaningful consumption cap

90 days

Recommended pilot window before any multi-year commitment

1. Why AI Procurement Needs Its Own Playbook

Enterprise AI does not behave like the software categories procurement teams are used to buying. A traditional SaaS subscription has a knowable cost: a number of seats multiplied by a per-seat price, renewing on a predictable cycle. AI breaks that model in three ways. First, the cost driver is usage, not headcount — tokens consumed, queries served, documents processed — and usage is generated by software behaviour that the buyer often cannot forecast at signing. Second, the value exchange is asymmetric in data: the customer's prompts, documents, and outputs are exactly the raw material that makes a model more valuable, so the terms governing that data are commercially material in a way they never were for a CRM. Third, the technology is moving faster than the contracts, which means buyers are routinely asked to make multi-year commitments to capabilities, models, and pricing that will be obsolete before the term ends.

The consequence is that the most expensive mistakes in AI procurement are made not in the technical evaluation but in the commercial and contractual layer that follows it. A model can be excellent and a deal still be bad. The checklist that follows is organized to keep both in view: evaluate the capability rigorously, then contract for it as if usage, data exposure, and lock-in are the real risks — because they are.

Insider note

The "AI premium" is now the fastest-growing line item on enterprise software invoices. Much of it is added to products the customer already licenses — a copilot bolted onto an existing suite, priced per seat on top of the seat the customer already pays for. Treat every AI add-on as a separate negotiation with its own ROI test, not as an automatic extension of the underlying agreement.

2. Vendor and Model Evaluation

The evaluation stage should answer a deceptively simple question: does this vendor solve a real problem materially better than the buyer's current state, and can that advantage be sustained? Demos are engineered to impress; the diligence that matters happens against the buyer's own data, on the buyer's own use cases, with the buyer's own success metrics defined in advance. A structured proof-of-concept — time-boxed, scoped to a measurable outcome, and run before any commercial commitment — is the single highest-leverage step in the entire process.

Beyond capability, evaluate the vendor's durability and the model's provenance. Many AI products are thin layers over a third-party foundation model, which means the buyer is taking on two dependency risks at once: the application vendor and the underlying model provider. Understand which models sit beneath the product, whether the vendor can switch providers without degrading the service, and what happens to price and capability if the underlying model's terms change.

Table 1 — AI vendor evaluation scorecard
Evaluation dimension	What to verify