What happens when your AI systems act up? Who is liable when these AI systems are violating AI regulations that you’re in scope for? Who is answerable when the regulators knock at the door? Is it the vendor that designed, trained, and provided the AI system, or the company that implemented those systems for their business contexts and presented the outputs to customers, employees, constituents, or the public? The short answer, I’m sorry, is the latter.
The relationship between AI developers and AI deployers is becoming increasingly important amid an aggressive AI push in the competitive market. Third-party AI tools are being employed to make or support business decisions, drive high-end operations, improve service to customers, and more. While vendors can and should be held accountable under contractual obligations, it is the deployers, who present AI-driven products and services directly to consumers and constituents, who are ultimately held liable by regulators. Given that, let’s explore the relationship between deployers and developers, examine the accountability expected of each, and identify steps that can be taken to ensure that accountability is upheld.
The recent Mobley v. Workday case is one of the most striking illustrations of the developer-deployer dynamic in the context of AI governance. The case revolves around allegations of biased AI outputs. What makes it especially significant is the question it raises. When an algorithm drives outcomes, can the vendor be held liable under anti-discrimination laws? The court allowed the case to proceed under an “agent” theory of liability, finding that Workday’s software was not simply implementing a criterion in a rote way, but was instead actively participating in the decision-making process. In other words, both the developer (Workday) and the deploying organization share accountability, but the burden of regulatory and legal exposure falls most heavily on those who put the AI’s outputs in front of real people, with real consequences.
Firstly, it is important to accept the liability so that you can prepare accordingly. While deploying an AI system into your digital infrastructure, you need to be mindful of the accountability that regulators expect from your business. Here’s what to do next:
The developer builds the AI systems, but it is the deployers who put it to work. That distinction carries the real legal, financial, and human weight. Accepting that accountability will help businesses take the foundational steps towards responsible AI. The organizations that get this right won’t just stay out of trouble but lead the way.