Free Smart Go/No-Go Scorecard | Stop bidding on work you were never going to win. →

Governance Considerations for AI in Procurement

By Tendl and Unimarket
Governance Considerations for AI in Procurement

AI has moved through the tendering process faster than the norms meant to govern it. Suppliers draft with it and buyers evaluate alongside it, yet few on either side operate under a settled framework for responsible use. This closing article in the series sets out the governance questions both buyers and suppliers now have to answer, and what a workable position looks like for each.

Why AI governance is a procurement problem, not only a technology one

Over five articles, this series has tracked how AI is changing behaviour on both sides of the tender. Submission volumes rose as drafting costs fell. New questions surfaced about risk and accountability when a response is machine-assisted, and about whether and how AI use should be disclosed. Qualification discipline and question design have both come under pressure in a faster market.

Each of those shifts has the same thing underneath it. The technology has arrived quickly before the industry has had a chance to catch up. Suppliers adopted AI because it was useful, buyers met its effects in their inboxes, and the shared norms that would tell either side what good practice looks like are still forming.

That makes AI a procurement governance question rather than a matter to be handed to an IT team. The issues it raises, fairness between suppliers, the integrity of evaluation, the reliability of evidence, and the security of confidential information, sit at the centre of what procurement is responsible for.

What AI use looks like across the tender lifecycle now

On the supplier side, AI is used to draft, assemble content, check compliance, and increasingly to inform the bid or no-bid decision. On the buyer side, it is being turned on question design, the summarising of long submissions, variance analysis across responses, and routine compliance checks.

The visible effect is a market that produces more, and more uniformly. Responses arrive faster and in greater number, in some cases they read more alike, and the cues evaluators once relied on to tell them apart have weakened. That is the operational backdrop against which governance decisions are now being made, and it is why those decisions carry more weight than they did when the cost of responding kept volume in check.

None of that is inherently a problem. The difficulty is that most of it happens without an agreed position on what is acceptable. A supplier using a free public chatbot to rewrite a confidential client reference, and an evaluator pasting a draft assessment into an unsecured tool, are both governance events. Neither is visible until something goes wrong.

The governance questions buyers are left holding

The first is data security, and the real exposure is narrower than it is often assumed to be. As discussed in the recent webinar held with Unimarket, the primary risk is not enterprise platforms. It is shadow AI: staff pasting sensitive material into consumer tools because no sanctioned alternative exists. Blanket bans tend to drive the behaviour underground. The more durable response is to provide secure tools that do not train on the organisation’s data, support data residency, and carry recognised certifications, then train teams on what may be shared.

The second is evaluation integrity. AI can speed assessment, but it works best on focused, comparable units rather than dense, context-heavy documents, and the weighing of trade-offs belongs with human reviewers. Every assisted step needs to be logged, because a public buyer has to be able to defend how a decision was reached. Consistency, fairness between suppliers, and a clear audit trail are not optional refinements of evaluation; they are its legal foundation.

The third is fairness. AI applied unevenly across submissions, or trained on patterns that quietly favour incumbents and larger suppliers, can tilt an outcome that has to be defensible to everyone who bid. Equal treatment is a standing obligation in public procurement, and it now extends to how any assisting tool is used: the same process, the same scrutiny, and the same standard of evidence applied to every response in the field.

Buyers do not have to build this from nothing. Australia’s Commonwealth Procurement Rules already frame procurement around value for money and the ethical use of resources. The Australian Government’s policy on the responsible use of AI, the NSW AI Assurance Framework, and New Zealand’s Algorithm Charter each supply governance vocabulary that applies directly to how AI is used in assessment.

The governance questions suppliers cannot ignore

For suppliers, accountability comes first. A response carries the supplier’s name regardless of how it was produced. AI is fluent enough to generate confident claims that are inaccurate, and an evaluator who finds one unsupported statement will reasonably doubt the rest. The earlier article on risk and accountability set this out plainly: the obligation to be truthful does not transfer to the tool.

Disclosure comes second. Where buyers ask how AI was used, and more are starting to, a supplier needs a consistent and honest position rather than an improvised one. Evidence comes third. Claims have to be verifiable, which is exactly what well-designed tenders are now built to test. A claim that cannot be substantiated is more exposed than it used to be, because the buyer’s own tooling is increasingly able to check consistency across a submission and flag where an assertion has nothing behind it.

Underneath all three is internal governance. AI that operates inside a structure, governed content, approved evidence, and human review before submission, is an asset. AI used as an unmanaged shortcut is a liability waiting to be discovered. The discipline is the same one that defines good bid practice without AI: judgement stays with people, and the system exists to support it.

What a workable governance position looks like

The shape of a sensible position is becoming clear, and it is broadly the same for buyers and suppliers.

Human accountability for the final output is the fixed point. AI is confined to defined tasks where its speed helps and its errors are catchable. Confidential information goes only into tools that are secure and do not train on it. Transparency is set in proportion to the risk involved. An audit trail records what was assisted and how. Throughout, evidence is valued above fluency, because fluency is now cheap and evidence is not.

Governance framed this way is enabling. It is what allows an organisation to adopt AI with confidence instead of tolerating it quietly and hoping nothing surfaces. The frameworks that already exist in public administration point in this direction. The work is to apply them to the specific conditions of tendering rather than wait for a bespoke rulebook that may never arrive.

Where this leaves the procurement ecosystem

This series opened with the volume that AI created and closes with the governance that volume now demands, because that is the real arc. Lowering the cost of producing and processing tenders was the straightforward part. Keeping the process fair, secure, and credible while that happens is the harder and more consequential one.

Shared norms for AI in public tendering will evolve. The open question is whether they are set deliberately, by buyers and suppliers who treat governance as infrastructure, or by default, after the first avoidable failure makes the case for them. The organisations that choose the first path will be the ones still trusted when the rules finally settle.

Get your unfair advantage.