Vendor and third-party risk

Every commercial LLM API Bizzi uses ships under an enterprise agreement guaranteeing the vendor does not retain your data and does not train their models on it. This is one of the ten public customer commitments published in the Executive Summary. It is enforced by signed contract, not a click-through checkbox.

Context

A B2B finance AI platform letting vendor LLMs retain or train on customer data has effectively re-exported the customer’s most sensitive records to an offshore third party. The single most consequential vendor lever you have is the Zero Data Retention clause. You refuse to ship a feature in production behind a vendor unable to sign it.

Principle: Zero Data Retention is non-negotiable

A vendor unable to sign a Zero Data Retention clause does not enter production. Period. Exceptions require the CPTO and the Head of Legal to co-sign. The exception is logged in the vendor risk register.

Vendor selection criteria

Six criteria gate every commercial LLM vendor before production.

1. Zero Data Retention in a signed enterprise agreement, not a terms checkbox.
2. Region pinning capability. The vendor pins inference to a region you name.
3. Standard DPA. Data Processing Addendum with a complete sub-processor list.
4. SLA on latency and uptime. Must clear the B2B operating thresholds.
5. Reasonable liability terms. No exclusions for vendor-caused security breaches.
6. Audit rights. You request SOC 2 or ISO 27001 attestations on a defined cadence.

A vendor failing any of the six is not approved. Exceptions are rare, require CPTO and Legal sign-off, and live in the vendor risk register.

Open-source models. The license matrix

When Bizzi deploys an open-source model, Legal reviews the license terms to ensure commercial use is valid. Common licenses and the Bizzi position on each.

License	Commercial use	Must open derivative code?	Bizzi position
Apache 2.0	Yes	No	Approved
MIT	Yes	No	Approved
BSD-3-Clause	Yes	No	Approved
Llama Community License	Conditional	No	Legal reviews per version
CC BY-NC	No (non-commercial)	No	Not approved for production
AGPL-3.0	Yes	Must release modifications	Approved only without modification, or with explicit decision to open-source
SSPL	Restricted (server-side use triggers)	Network use triggers	Avoided in production
Custom research-only	No	Not applicable	Not approved

Every fine-tuned and deployed OSS model has a license attestation document stored alongside the model registry entry.

The sub-processor list

You maintain a sub-processor list, available to contracted customers, covering.

• Current LLM vendors and the regions they operate in.
• Cloud infrastructure providers.
• Observability vendors (the layer hosting your logs).
• Specialist vendors (cloud OCR, managed vector DB).

When you add a sub-processor, you notify customers at least 30 days before production cut-over and provide an objection window.

Quarterly review

Legal and the CPTO review every vendor and sub-processor each quarter.

• Have any terms changed?
• Was there a security incident in the quarter?
• Performance against SLA?
• Vendor financial stability?

Vendors failing review are escalated and replaced if needed. The AI Gateway with fallback routing is the technical control making a vendor swap operationally feasible.

Standards mapping

Standards Mapping

ISO/IEC 42001 A.6.3 (roles for AI systems), A.7.4 (suppliers and acquirers). ISO/IEC 27001 A.15 (supplier relationships). NIST AI RMF GOVERN-6 (third-party risk).