MSP AI Play
Start with Anthropic. The company has been building one of the more structured enterprise partner programs in the AI space. CRN confirmed that Anthropic is formally expanding its Claude Partner Network — from roughly one hundred initial partners to a target of several thousand — organized into a four-tier structure with outcome-based incentives attached to each level. A separate announcement detailed a dedicated services track aimed explicitly at solution providers, systems integrators, and managed service firms that can take AI projects from scope to enterprise deployment. The recruitment and enrollment is already underway.
At the same time, Microsoft is showing something significant about how its own AI rollout is actually landing with users. The company announced it will allow Windows and Office users to fully remove Copilot from their systems — and the data behind that decision is worth noting. Microsoft’s own reporting puts Copilot adoption at approximately three point three percent of eligible users.
The picture looks similar when you zoom out to enterprise investment broadly. A survey of eight hundred organizations worldwide, conducted by IDC and commissioned by the network services firm Expereo, found that roughly seventy percent of companies are currently allocating budget to artificial intelligence. The survey’s primary finding: the dominant driver is fear of falling behind competitors — not documented results from deployments already in place.
Where AI is actively in use inside organizations, the risk exposure is not distributed evenly. A separate report analyzing enterprise AI activity found that the top five percent of users inside companies are each generating at least one hundred and forty-four AI conversations, and that small cohort accounts for a disproportionate share of total AI-related risk exposure across the enterprise.
On the government side, the direction is consistent. Lawmakers from both parties have warned that cuts to CISA — the federal agency responsible for protecting civilian networks — have materially weakened its capacity. The government declining to enforce AI accountability is simultaneously pulling back on its own cyber defense infrastructure.
A startup called Lemhi emerged from stealth with pre-seed funding and a specific platform built for managed service providers: a product that enables MSPs to package, sell, and manage AI transformation as a recurring service, with the stated goal of converting one-off AI projects into scalable, ongoing managed service engagements.
AI’s Accountability Gap
Those signals — vendor channel buildout, enterprise budgets driven by competitive fear, governance capacity thinning — aren’t coincidental. They’re being pushed by the same underlying dynamic.
The pressure begins with the financial clock. Anthropic has officially filed a confidential registration statement with the SEC, beginning its IPO process while carrying a valuation of roughly nine hundred billion dollars — recently surpassing OpenAI as the highest-valued AI startup in the world. At Microsoft Build, OpenAI and Microsoft jointly reported that AI-related services now account for roughly forty percent of their combined enterprise revenue. Numbers at that level create a specific investor expectation: enterprise deployment at scale. The fastest path to that proof is a channel showing thousands of simultaneous client deployments, not a direct sales force building them one at a time.
The demand side of that equation is real, though it comes with a gap underneath it. TechCrunch documented what executives are calling AI psychosis — a measurable disconnect between what leadership believes AI will accomplish and what their organizations can actually operationalize. CEOs want the output. They are not, in most cases, managing the implementation. The timing is not accidental: Sam Altman of OpenAI and Dario Amodei of Anthropic both publicly reversed earlier warnings about AI-driven job displacement, shifting emphasis to productivity and adoption. And Microsoft expanded the surface area of that demand at Build, where executives described Scout — its new AI assistant embedded across the M365 suite — as, in their words, the first real personal assistant the company has offered customers.
What is not filling that gap is the government — and its posture has been consistent across every front. The White House issued an executive order requiring AI companies to voluntarily submit frontier models for a thirty-day pre-release review — with no enforcement mechanism and no binding accountability framework attached. NIST simultaneously rebranded its AI oversight consortium around measurement, innovation, and adoption rather than enforcement standards. Both moves point the same direction: the regulatory layer that would otherwise define accountability for AI in production has, by deliberate design, declined to do so.
MSP Risk Transfer
The accountability transfer is already showing up in contracts. When a client’s AI usage spikes — an agent runs more queries than expected, a workflow triggers at scale, a Copilot session runs long — the variable cost under consumption-based billing doesn’t land with the vendor. It lands with whoever holds the service agreement. MSPs that haven’t renegotiated their contracts to account for consumption variability are already carrying financial risk they didn’t price.
That gap shows up in the compliance picture. A report on data sanitization practices across organizations found that ninety-four percent of compliance and sustainability leaders say they are confident in their organization’s ability to handle sensitive data correctly. In the same survey, more than one-third of those same organizations reported a data leak within the past year, with one in eight breaches traced to sensitive information left on retired or disposed devices. That confidence-to-breach ratio is not a data quality problem. It is a structural feature of how organizations assess their own posture — which is to say, they routinely can’t. The MSP is, in most cases, the only party positioned to deliver an accurate, independent view of what is actually happening in a client environment.
The fork those two data points describe is the same one. An MSP that treats AI implementation as a reseller motion — moving products, collecting margin, and inheriting whatever the engagement produces — will eventually be the party explaining a variable invoice the client didn’t expect, or a compliance failure the client didn’t know was coming. The MSP that positions as the governed layer — defining scope, setting contractual limits, and treating data handling and usage controls as the product — is selling something the vendor cannot provide, and the government will not require.
Why Do We Care?
Because your clients are not asking you about AI governance — they are hearing from vendors, and the vendors have already answered by writing you into the delivery layer. The conversation that needs to happen is not a technical briefing. It is a reframe of the relationship: who in this engagement is responsible for what AI does in your environment, and does what we’ve signed actually reflect that? That conversation is the product — and it is the one none of your clients have had yet.
What to Consider
Contract surgery before channel enrollment. Before joining any AI vendor partner program — Anthropic, Microsoft, or otherwise — audit every existing MSA for consumption variability language. Consumption-based billing for AI workloads means a single agentic workflow running at scale can generate an invoice the client never anticipated. If the contract doesn’t define usage ceilings, approval workflows, and cost-escalation notification requirements, the MSP is carrying that exposure. Fix the contract first; enroll in the program second.
Separate the governance layer from the deployment layer — and price them independently. Deployment without governance is the default state. An MSP that offers AI usage monitoring, data boundary enforcement, and audit evidence as a distinct recurring line item is selling something the vendor doesn’t provide and the client demonstrably needs.
Evaluate Lemhi with appropriate skepticism. The platform addresses a real problem — converting AI projects into recurring managed services But pre-seed stage from a $2 million venture studio means the product is early and the liability architecture is unproven. Before building a service practice on top of any AI-as-a-service platform, MSPs need to understand what contractual protections the platform provides when an AI-assisted recommendation causes client harm. If the answer is “none,” the MSP is the indemnification layer by default.
Run the accountability question with top accounts now. In the next 30 days, ask each top client directly: when an AI tool in your environment makes a decision that costs you money or surfaces a compliance problem, who in our current agreement is responsible for making it right?
If this trend continues, within eighteen months serious MSPs will stop selling “AI implementation” as a project and start selling AI governance operations as a recurring service — including usage controls, data boundary enforcement, workflow approval, audit evidence, and liability language. Providers that fail to make that shift will be treated by clients as general support for AI systems they did not design, cannot fully control, and did not price correctly.