// 1 July 2026

A Government Switched Off a Frontier Model for Every Customer. Model Risk Isn’t a Vendor Problem Any More.

For years, picking an AI model was a commercial decision. In June it became a question of who holds the switch, and increasingly that is a government rather than a vendor.

On 12 June, at 5:21pm US Eastern time, a leading AI developer was ordered to turn off its two most powerful models. Not for one customer. For all of them.

The directive came from the US Commerce Department, citing national security, and it barred access for any foreign national, anywhere in the world. Because no provider can tell a foreign national from a US citizen in real time across hundreds of millions of users, the practical result was a hard global shutoff of both models for every customer at once. The company disputed the basis for the order and moved to challenge it, and access to one model was partially restored a couple of weeks later. For anyone running an AI programme, the specific dispute is not the point. The point is that it can happen at all.

This is new. For the first time, a frontier model that businesses were building on was switched off overnight, worldwide, by government order rather than an outage or a commercial decision.

A government security checkpoint gating AI models on a conveyor belt while businesses queue for approval

One Event, or a Pattern?

Set it next to two other moves from the same month and a pattern appears. On 2 June, an executive order asked AI labs to hand their most capable “covered frontier models” to federal agencies for review up to 30 days before any public release, with the National Security Agency deciding which models qualify. On 26 June, the most powerful new model from another major lab launched not to the public but to roughly 20 organisations approved by the government. The most capable models are starting to ship through a government gate, not a public launch.

Whether you think that is sensible security policy or regulatory overreach is beside the point for a technology leader. What matters is that the terms on which you can use the best models are now set, in part, by decisions no vendor contract can predict or control.

Why This Lands on Your Desk, Not Just the Vendor’s

For years, model risk was a procurement question: price, performance, data terms, roadmap. Those still matter. What changed is that a new failure mode now sits above all of them, and no contract covers it. As one compliance analysis of the June order put it, third-party AI risk is now a government enforcement risk, not just a vendor management risk, and businesses relying on those models face a service disruption that no SLA can fully address.

If a model can be switched off for every customer with no notice and no appeal, the question stops being which model is best. It becomes what happens to your operations if the one you chose goes dark. And this is unlikely to stay voluntary. Lawyers advising on the June order expect its “voluntary” provisions to migrate into procurement standards, sectoral guidance, and contract terms over time, especially in regulated industries and anything touching government work.

The Concentration You Didn’t Know You Had

Most enterprises have quietly standardised on one frontier provider. It made sense at the time: pick the strongest model, build against its API, move fast. June exposed the cost buried in that tidy decision. A single provider is now a single point of failure with a geopolitical dimension bolted on. Model concentration is a new version of a risk your business already understands from cloud and from suppliers: too much depends on one source you don’t control.

The reaction in Europe was immediate. A member of the European Parliament put it plainly, arguing the continent cannot keep building its tech stack on access that a foreign government can switch off overnight. Whether or not you operate in the EU, that sentiment is a fair preview of where procurement and regulation are heading.

A resilient model strategy cycle: multiple AI providers, an abstraction layer over APIs, self-hosted infrastructure, and continuity governance

What a Serious Model Strategy Looks Like Now

The answer is not panic, and it is not swearing off frontier models, which remain the most capable tools available for a great deal of work. The move is to treat model choice as an architecture decision with a continuity plan attached. A few principles hold up:

  • Run a model portfolio, not a monogamy. Know which workloads run on which provider, and make sure every critical path has a tested fallback to a different model.
  • Put an abstraction layer between your applications and any single model. If switching provider means rewriting your applications, you don’t have a strategy, you have a dependency wearing a strategy’s clothes.
  • Evaluate open-weight, self-hosted models properly. This is the sharpest shift of the month. Gating the leading US models has pushed builders toward open-weight models that anyone can download and run without asking permission, and for workloads that genuinely cannot tolerate a plug being pulled, a self-hosted model on infrastructure you control is now a legitimate option rather than a fringe one.
  • Put model continuity in your risk register. Ask the question compliance teams have started asking: what happens to this process if the model behind it disappears for two weeks?

The Trade-Offs Are Real

Being straight about it: none of this is free. A portfolio means integrating and evaluating more than one model. An abstraction layer is engineering effort that delivers nothing visible until the day you actually need it. Self-hosting an open-weight model means running infrastructure and taking on the tuning, safety, and maintenance a frontier vendor otherwise handles for you. The question isn’t whether resilience costs something. It’s whether that cost is smaller than a critical model going dark with no notice. For a growing number of businesses, it now is.

Q&A: Building a Model Strategy That Survives a Shutoff

Should we stop using frontier models from a single provider?
No. They are the most capable tools available for a lot of work, and dropping them would cost you more than it saves. The change is to stop depending on one with no fallback. Keep using the best model, but make sure you can move a critical workload to another if you have to.

Isn’t this a US-specific political problem we can safely ignore?
No. The June order reached every customer worldwide, and the gating rules explicitly cover access outside the US. If your AI runs on a US frontier provider, a US policy decision is now part of your operational risk, wherever your business happens to sit.

Are open-weight models actually good enough for enterprise use?
For a growing set of workloads, yes, and the gap is closing quickly. They won’t beat the top frontier model on every task, but for many production jobs they are more than capable, and running one on infrastructure you control removes the switch-off risk entirely. The trade is that you own the tuning, safety, and upkeep that a vendor would otherwise handle.

We’ve built everything against one provider’s API. How exposed are we?
More than you would like. If moving providers means rewriting applications, your continuity plan is really a rewrite under pressure, which is no plan at all. The fix is an abstraction layer between your applications and the model, so switching becomes a configuration change rather than a project.

What’s the first practical step?
Inventory which business processes depend on which model, and mark the ones that would genuinely hurt if the model vanished for a fortnight. Start your resilience work there. Most teams have never drawn that map, and are surprised by how concentrated it turns out to be.

Working Through This With Vertex Agility

Deciding which models to trust, how to keep them swappable, and what to do when the switch is held by someone other than your vendor is exactly the work our AI Consultancy practice takes on. Most AI deployments are performance theatre. We integrate AI where it demonstrably pays back, and we will tell you directly when a single-provider shortcut is quietly building a continuity risk into your business.

That means designing a model strategy rather than a model habit: the portfolio, the abstraction layer that keeps you portable, the governance and third-party risk view that treats a model as critical infrastructure, and an honest assessment of where open-weight, self-hosted models earn their place. Our Data Consultancy practice supports that directly, building the AI-ready data platforms, governance, and lineage that a self-hosted or multi-model setup depends on, so the foundation under your AI is one you control.

Because we work across Microsoft, AWS, Google, and the open-model world rather than for any single provider, the advice you get is built around your resilience, not one vendor’s roadmap. Architecture comes first, which is the only way a continuity plan survives contact with a real incident.

If you want a clear read on how exposed your AI programme is to a provider being gated, suspended, or switched off, our free AI Readiness Mini-Audit covers the governance and risk ground this article is about. For a direct conversation about model continuity and building a portable AI strategy, get in touch with us below.