Switched Off
Here’s a pairing that almost nobody put side by side.
Start with Anthropic. The company released the most capable model it has ever made generally available — a system it’s calling Fable 5 — and the launch numbers backed up the hype: on Anthropic’s own published benchmarks it beat OpenAI’s GPT 5.5 across the board, and it topped at least one major independent intelligence ranking. Out of the gate, it looked like the new model to beat. Then, three days after launch, it disappeared. The U.S. government, through a Commerce Department export-control directive, ordered Anthropic to cut off all access to Fable 5 and a sister model called Mythos 5 for any foreign national, citing national security. Anthropic complied and disabled the models — while publicly disputing the order, arguing the risk the government cited was narrow and already sitting in other tools anyone can use today. Strip away the back-and-forth and the observable fact is stark: the most capable model Anthropic had ever shipped to the public went dark, by government order, seventy-two hours after it went live. And the order applied specifically to foreign nationals.
Now the second half of the pairing. While that was unfolding, the channel kept doing exactly what it’s been doing — packaging AI into products and selling it to you. Pax8 brought a company called Inforcer into its Marketplace, giving partners a standardized, AI-driven way to govern Microsoft 365 and Copilot across all their SMB clients. And CloudRadial, a platform built for MSPs, took its AI chat product to general availability — an agent it calls Tier 0 triage, running intake and writing tickets before a human ever opens the queue.
So look at the two together. The most capable model Anthropic had ever shipped — switched off in three days by one government directive. And in that same window, vendor after vendor handing MSPs new AI-powered frameworks to build their business on.
Painted Over
The reason you can’t see the dependency is simple: nobody ever sold you the model. They sold you a feature.
Think about why every vendor is racing to do that right now. SuperOps — one of the platform companies serving MSPs — said the quiet part out loud this month: the traditional moats are eroding. The thing that used to separate one PSA or RMM or security product from another — the feature set, the integrations, the workflow — is collapsing, because everyone can build the same thing now. So AI becomes the differentiator. The only way to stand out is to be the platform that does something intelligent the other guy can’t. And the fastest path to “intelligent” is to take a frontier model — somebody else’s — wire it into your product, put your brand on the output, and ship it. That’s not a knock on any one vendor. It’s the rational move when your old advantages are gone. But notice what it does: the model — the actual engine — disappears inside the product. You’re not buying Claude or GPT. You’re buying Copilot readiness, or a governed Microsoft 365, or an AI service desk. The dependency is real. It’s just been painted over.
And here’s how far down it goes. Proofpoint — a major security and compliance vendor — just announced it’s integrating directly with Anthropic’s Claude Compliance API, so companies can extend their data-governance and oversight controls onto AI-generated content. Listen to that carefully: the thing sold as the answer to AI risk is itself built on the model’s own API. So when the governance tool depends on the same model you were trying to insulate yourself from, you haven’t escaped the dependency — you’ve just added one more thing that breaks when the model does.
So this isn’t a procurement choice you can revisit at renewal. By the time it’s a product in your stack, the dependency is already structural — and structural risk that nobody named lands on whoever signed the client agreement.
Govern or Absorb
So what does that actually cost you? Go back to the piece of the Anthropic order that’s easy to skip past — it applied to foreign nationals. The New York Times reported it plainly: the United States barred foreign individuals from using Anthropic’s most advanced models. Now run that through your own business. If you have an offshore or nearshore delivery team — engineers in the Philippines, analysts in India, a help desk in Latin America — and any part of their workflow touches that model, even when it’s buried inside a vendor product you bought for something else, then for those people, in those countries, the tool stopped working overnight. Not because you did anything. Because a directive in Washington redrew the line, and your delivery capacity was on the wrong side of it. That’s not a hypothetical. It’s a continuity event you never wrote into a contract, never priced, and couldn’t have seen coming — because you didn’t even know which model was under the hood.
Here’s why that should worry you more than it does. Netrio surveyed four hundred and one mid-market IT leaders and found that eighty-two percent already have AI running in production — but only twenty-six percent have it scaled and governed across the organization. Sit with that gap. More than eight in ten are running AI for real, and fewer than three in ten can actually account for it. Which means the overwhelming majority of MSPs and their clients right now cannot answer a basic question: which model is touching which client’s data, and what happens to us if it disappears? The dependency is everywhere. The visibility into it, almost nowhere.
And here’s what makes this bigger than your own shop. The whole channel is quietly standardizing on the same short list of frontier models — your tools, your competitor’s tools, your vendor’s tools, all reaching back to a handful of the same engines. So a directive like that one doesn’t take out one MSP. It takes out everyone wired to that model at the same moment. This isn’t isolated risk you can dodge by being careful — it’s correlated risk the whole channel is holding at once, and the only thing separating you from the shop next door is whether you saw it coming.
So the choice is clean. You can be the MSP that governs this on purpose — that knows exactly which models run inside each client environment, can swap one out when Washington or a vendor pulls the rug, and prices that resilience as the service it is. Or you can be the MSP that finds out which model you depended on at the moment it goes dark — absorbing the outage, the cleanup, and the client’s questions, without ever having been paid to carry the risk.
Why Do We Care?
Because before this is ever a client conversation or a line item, it’s a question about your own shop: right now, could you list every model your own tools and your own delivery team quietly depend on? Most MSPs can’t — and that exposes the real mistake underneath all of this: treating the vendor you bought from as the risk you’ve already handled. Picking the vendor is procurement. Knowing what runs underneath it — and what you’d do the day it’s pulled — is operational resilience, and confusing the two is how a shop ends up exposed without knowing it.
What to Consider
Inventory your own model dependencies before you sell the service. Go through your own toolset and identify which products are running on which frontier model — and accept that for a lot of them, the vendor never told you. Make “which model powers this, and can it be swapped” a standing procurement question for every AI feature you buy, so the map stays current instead of going stale the next time you add a tool.
Map your delivery team’s exposure, not just your clients’. Find every place your offshore or nearshore staff lean on an AI tool that a directive like the Anthropic one could geo-restrict overnight. Identify which delivery functions would actually degrade if a model were cut off for foreign nationals, and pre-stage a fallback — a second provider, or a non-AI path — so a policy change in Washington never turns into a staffing outage you have to explain after the fact.
Write a model-down runbook and treat it like any other major-outage plan. Build the internal procedure for “the model our stack depends on just went dark”: who gets notified, which clients are affected, what the swap or workaround is, and how fast you can execute it. Run it the way you’d run an RMM compromise or a key-vendor outage — documented and tested, not improvised at the moment it happens.
If this trend continues, within the next year or two model-independence stops being internal hygiene and becomes contract language — clients burned by a vendor outage will start demanding to know which models run under their stack and who’s accountable when one gets pulled, and the MSPs who can answer that in writing will have turned AI resilience into a priced managed-service category the rest of the channel hasn’t named yet.