State and local governments are rapidly procuring AI systems, but the contracts governing these tools overwhelmingly lack provisions for transparency, fairness, and accountability. While attention has been paid to the way the federal government procures AI, comparatively little attention has been paid to procurement by state and local governments. However, some of the most consequential AI systems spanning areas such as criminal justice, healthcare, and education are being deployed at these levels of government. Our analysis of thousands of state AI contracts across California, Florida, and Utah finds that 77% of provisions are standard boilerplate. 3.0% of these provisions address cybersecurity, 5.3% address transparency, and 2.4% address fairness and accountability. Meanwhile, these procurement decisions lock in governance choices for years, with some contracts spanning a decade or more.

Procurement is not merely an administrative function—it is how AI enters government and the first line of defense for responsible AI in the public sector. Contract language is often a relatively low friction and politically viable tool that can generate concrete governance benefits without requiring new AI legislation. State governments should adopt three reforms: (1) standardized responsible AI contract clauses aligned with the NIST AI Risk Management Framework, (2) risk-tiered procurement review processes modeled on proven approaches in San José and Colorado, and (3) mandatory AI vendor fact sheets as a condition of contract award and renewal. 

Challenge and Opportunity

Procurement is the first line of defense for responsible AI in the public sector

Governments adopt AI to save money and improve efficiency. But poorly written contracts can hard-code opacity, vendor lock-in, and weak accountability for years or decades. They also waste scarce public resources in ways that are difficult to unwind. According to our analysis of the Electronic Privacy Information Center (EPIC)’s dataset of more than 600 state contracts (2023), the median contract value is approximately $1 million. 

Although procurement may sound like a technical or unfamiliar term to many, it is not merely an administrative function. It is a core governance tool. Anyone who cares about how technology is used in government should care about procurement, because it is how technology enters government. Procurement is the first line of defense for ensuring responsible AI in the public sector. Most AI policy debates focus downstream on regulation, but some of the most consequential decisions are made upstream in contracts. Legislation and regulation of AI can be difficult, especially at the state level. AI procurement promises to be a potent tool for security, transparency, fairness, and accountability, not just compliance and cost containment.

In either case, AI-specific considerations rarely enter the process. For example, agencies may not ask about bias testing, government access to training data, or requirements for vendor to disclose how the model makes decisions. A joint National Association of Statement Procurement Officers (NASPO) and National Association of State Chief Information Officers (NASCIO) report recommended that states prioritize bias mitigation, transparency, and accountability in AI procurement. Standard procurement evaluates cost, vendor qualifications, and compliance with existing regulations, but typically lacks the government capacity to assess algorithmic risk.

There is a growing race between technological change and government capacity

State and local governments are rapidly procuring AI systems, with EPIC documenting 600 such contracts in 2023 and our analysis identifying over 1000 just in the states of California, Utah, and Florida. Governments are acquiring AI through both stand alone procurements and renewals of broader technology contracts that now embed AI features. In both cases, procurement capacity has not kept pace with technical complexity, leaving many agencies ill-equipped to evaluate performance, negotiate price and scope, and ensure these tools are used effectively and responsibly.

Cooperative procurement can save time and resources, but it can also concentrate risk by locking many jurisdictions into the same contractual terms

Because procurement takes time and resources, governments often rely on cooperative purchasing agreements (arrangements in which one state competitively bids and negotiates a contract that other states and local governments can adopt without rerunning the procurement process) to buy goods and services together and reduce administrative costs. The National Association of State Procurement Officials (NASPO) is often the institutional vehicle for this process. It was founded in 1944 during World War II, following President Franklin D. Roosevelt’s signing of the Surplus War Property Disposal Act. In the EPIC dataset, more than 4 out of 5 state AI contracts were negotiated through the NASPO ValuePoint platform (NASPO’s flagship cooperative contract program). Cooperative procurement can increase bargaining power and reduce administrative costs for participating states. Yet it also makes the initial contract especially consequential, as boilerplate language often becomes the template for all participating jurisdictions.

In our ongoing research, we analyzed AI contracts from three states—Utah (which initiated many NASPO agreements), California, and Florida—classifying 3,771 individual contract provisions across 215 contracts. 

We found that 77% of provisions are standard boilerplate, such as force majeure and indemnification clauses. Transparency provisions (audit rights, reporting obligations) are the most common substantive category at 5.3%. Cybersecurity provisions (data encryption, breach notification, access controls) account for 3.0%, and fairness and accountability provisions (non-discrimination, bias testing algorithmic accountability) are about 2.4%. 

Long term contracts are often poorly suited to rapidly evolving technologies and governance norms

Contract terms may also be lengthy. In the EPIC data, the average contract length was seven years. Some contracts even span a decade. When governments experience a failed AI implementation, they often respond by signing longer, not shorter, contracts. In the aftermath of failure, agencies may turn to more established vendors that appear credible and reliable, even if they are more expensive.

In 2013, Michigan’s Unemployment Insurance Agency entered into a $47 million contract with Fast Enterprises to design and run the Michigan Integrated Data Automated System, or MiDAS. The system incorporated algorithm-based fraud detection tools. From 2013 to 2015, MiDAS wrongly accused more than 34,000 unemployed individuals of fraud. In 2022, the state replaced it with the Deloitte-developed Unemployment Framework for Automated Claim and Tax Services, known as uFACTS. It is projected to cost about $78 million over a 10 year contract. Throughout this fiasco, little attention was paid to how the original contract was negotiated and structured. Nor was there meaningful scrutiny of whether procurement practices improved when the state later signed an even larger contract with Deloitte.

Critically, neither the original $52 million MiDAS contract nor the replacement $78 million uFACTS agreement included meaningful provisions for algorithmic transparency, bias testing, or independent performance auditing—precisely the types of clauses that could have flagged the system’s 93% false-positive rate before it devastated tens of thousands of families. The MiDAS debacle cost the state over $125 million across two contracts, falsely accused 40,000 residents, and resulted in a $20 million class-action settlement. In short, the absence of responsible AI contract provisions creates real-world harm.

Locking in AI governance decisions for years, or even a decade, leaves little room to adapt. It places states and local governments in a vulnerable position, as the underlying models and risks can evolve dramatically within just a few years. Once a contract is signed, the window for negotiating transparency, fairness, or accountability provisions largely closes. Revisiting core terms mid-contract is costly and legally complex, which means the initial procurement decision effectively sets the governance framework for the system’s entire operational life.

Vendor lock-in compounds these risks. Once an AI system is deployed under a long-term contract, governments may lose meaningful control over the data the system processes. Vendors may retain proprietary rights over training data, model architectures, or performance analytics, making it difficult for the government to audit system behavior or switch providers. When institutional knowledge becomes embedded in vendor-controlled platforms—as happened when Arkansas could not explain the details of a model used to determine Medicaid benefits—the dependency becomes nearly irreversible. In Idaho, a state agency refused to disclose its benefits allocation formula, claiming it was a vendor trade secret, effectively shielding a public decision-making system from public accountability.

Contracts are an underutilized policy lever

Although state governments rarely include responsible AI provisions in their contracts, these clauses represent an important policy lever. Based on the EPIC data, all 50 states, as well as DC and Guam, have entered into AI related contracts. 

Contract language is often a relatively low friction and politically viable tool that can generate concrete governance benefits without requiring new AI legislation. Moreover, vendors tend to be repeat players, with companies such as Deloitte, Accenture, and Pondera providing various types of government technology. This fact creates opportunities to negotiate principles across various AI products. Clearer contract language standards also benefit smaller companies and new entrants by demystifying expectations and lowering the barrier for bidders that lack dedicated government affairs teams.

Nonetheless, a contract’s leverage is time sensitive. Once it is signed, the window of opportunity largely closes. Revisiting or unwinding core terms can be difficult and costly. Governments therefore need to use the negotiation process to exercise their purchasing power to reduce risk and strengthen transparency and accountability. The cost of failing to do so is substantial. These agreements are often sticky and are frequently reused as boilerplate language, allowing weaknesses to persist across agencies and over time.

What role do policy networks play in AI procurement reform?There are growing AI communities within state and local governments that view procurement as an underutilized governance tool. The GovAI Coalition, launched by San José in 2023, has expanded to more than 3,000 members across 900 government agencies. In April 1976, the San José City Council approved the Coalition’s transition into an independent nonprofit organization. Within the coalition, procurement is one of the core committees, and vendors are not permitted to serve on it. There are also networks such as the National Association of State Chief Information Officers and the Beeck Center for Social Impact and Innovation’s State Chief Data Officers Network, where best practice sharing, information gathering, and coalition building are active. These networks enable state and local governments to use their collective purchasing power more strategically in their dealings with vendors.

Plan of Action

State governments have both the authority and the practical tools to strengthen AI procurement today. The following three recommendations can be implemented through existing procurement authority, without requiring new legislation, and draw on proven models already in use.

Recommendation 1. State procurement offices should adopt standardized responsible AI contract clauses aligned with the NIST AI Risk Management Framework.

AI procurement should not rely solely on traditional cost benefit analysis, but also incorporate a systematic risk benefit assessment. The EU’s AI Act, which entered into force in 2024, distinguishes between high and low risk AI systems and is accompanied by model contractual clauses tailored to different risk categories. In the U.S, the National Institute of Standards and Technology (NIST) has developed the AI Risk Management Framework (2023), a cross sector tool to guide risk evaluation and mitigation. Aligning these risk assessment frameworks with standardized contract clauses would substantially improve responsible AI procurement practices across state and local governments, while also reducing administrative burdens. Even if adoption is not mandatory, such resources can encourage more proactive engagement with responsible AI provisions by lowering the cost of asking the right questions, identifying relevant information, and translating risk considerations into clear contractual language.

IEEE Standard 3119-2025, an international standard specifically for AI procurement, provides a ready-made framework covering problem definition, solicitation, vendor evaluation, and contract monitoring. A multi-state working group convened through NASPO—building on its existing collaboration with NASCIO on AI procurement—could adapt these standards into model contract clauses within 12 months. At minimum, clauses should address: data governance and retention, algorithmic bias testing, explainability requirements for high-risk decisions, breach notification procedures specific to AI systems, and performance benchmarks with renewal contingencies. Canada’s Algorithmic Impact Assessment and the EU’s model contractual clauses for AI offer proven international templates.

Recommendation 2. States should implement risk-tiered AI procurement review processes, modeled on San José’s Digital Privacy Office approach.

The City of San José, located in the heart of Silicon Valley, has alreadyadopted this risk analysis approach. When a city department submits a procurement request, the Digital Privacy Office assesses its risk level. If the system is deemed low risk, the request is approved without creating a backlog. If it is classified as high risk, the office conducts an impact assessment and requires the vendor to complete a structuredAI FactSheet. This simple document helps government officials know what questions to ask and how to communicate with vendors about them. It covers training and test data, model characteristics, update procedures, performance metrics, and related information. These materials are then reviewed by cybersecurity and privacy teams, followed by testing and ongoing monitoring.

City of San José website (2026)

This approach can be elevated to the state level by establishing a similar risk analysis procedure within the procurement process. The Colorado Office of Information Technology (OIT) already uses a NIST-based risk assessment framework to evaluate all generative AI use cases and ensure that procurement complies with state law and data security requirements, providing a state-level proof of concept.

States with existing AI governance infrastructure are natural pilots. California’s Governor issued an executive order in 2023 directing the development of AI procurement guidelines, and the state has since published purchasing rules for generative AI. Colorado’s AI Act (SB 24-205) already requires reasonable care for high-risk AI systems. These states, alongside jurisdictions active in the GovAI Coalition could pilot risk-tiered review processes within existing procurement office budgets. San José’s Digital Privacy Office operates within the city’s IT department without a dedicated budget line, demonstrating that this model can be implemented by designating existing staff rather than creating new offices. NASCIO, which has made AI governance a top priority for 2026.

Recommendation 3. State governments should require AI vendors to complete structured AI fact sheets as a condition of contract award and renewal.

One relatively easy to implement reform is to adopt shorter term contracts with built in opportunities for revision or modification after a clearly defined period of use and evaluation. This recommendation aligns with the call to avoid rigid procurement cycles and embrace more modular, outcome-driven buys by Lewis and Pahlka (2025). Renewal should be contingent on demonstrated performance. The guiding principle is simple: no test, no renewal. As part of contract negotiations, vendors should be required to provide an AI fact sheet and update it as needed. No high-risk, high-impact, high-stakes AI system should be launched or renewed without appropriate testing and ongoing monitoring.

The AI fact sheet can serve as a condition of contract award and renewal. It should function as a “nutrition label” for government AI systems, modeled on San Josés vendor-facing template and inspired by IBM Research’s AI FactSheets 360. At minimum, the template should capture: training data provenance and representativeness, model performance metrics and known limitations, bias audit results across protected classes, update and versioning procedures, data retention and deletion policies, and human oversight mechanisms. Fact sheets should be updated whenever the model is retrained or its scope of use changes, and must be submitted as a condition of both initial contract award and each renewal cycle. New York City’s Local Law 144 demonstrates that mandatory AI disclosure requirements are implementable, though its enforcement challenges underscore the importance of tying disclosure to the procurement process itself—where the government has direct leverage—rather than relying solely on post-deployment regulation.

There is a role for the federal government

The federal government can also reinforce and scale these organic, though still scattered, reform efforts. The AI in Government Act of 2020 and Office of Management and Budget Memorandum M-25-21 offer a federal-level template that states can adapt to their own procurement contexts. Perhaps the most effective thing the federal government can do in this space is avoid preempting state efforts to innovate. Recent legislation and executive orders, including proposed moratoriums on state AI rulemaking advanced in federal budget and regulatory packages, have attempted to create regulatory ceilings on state efforts. Such efforts could prematurely stunt useful state innovation. 

Conclusion

Procurement is how technology, including AI, enters government. It is the first line of defense for responsible AI in the public sector. When procurement fails, the downstream consequences can be significant and long-lasting.AI procurement is not a narrow technical issue. It is the mechanism through which governments quietly govern AI at scale. Strengthening procurement today will shape AI outcomes for decades. By adopting standardized contract clauses, risk-tiered review processes, and mandatory vendor fact sheets, state governments can use their existing procurement authority to build transparency, fairness, and accountability into AI systems from the outset.

Frequently Asked Questions

How does government procurement actually work?

When a state agency needs an AI system, it follows one of three paths: issuing a competitive request for proposals (RFP), using an exemption (for emergencies or sole-source purchases), or purchasing through a cooperative agreement like those administered by NASPO ValuePoint, where a single “lead state” negotiates terms that dozens of other states can adopt. In competitive bidding, agencies define the problem, draft an RFP specifying scope and terms, evaluate vendor bids on cost and technical merit, negotiate final contract terms, and monitor vendor performance through the contract’s life. However, as EPIC’s report documents, many AI systems enter government through cooperative purchasing agreements or emergency exemptions that bypass competitive bidding entirely — meaning AI-specific considerations like bias testing and data governance never get evaluated. EPIC identified 621 AI contracts across all 50 states, finding that the top ten vendors alone accounted for over $715 million in potential contract value.

read more

What is cooperative procurement and why does it matter for AI?

Cooperative procurement allows multiple government entities to purchase goods and services under a single contract, reducing administrative costs and increasing bargaining power. The National Association of State Procurement Officials (NASPO) facilitates this through the ValuePoint platform. In the EPIC dataset, more than 4 out of 5 state AI contracts were negotiated through NASPO ValuePoint. While this efficiency is valuable, it means a single contract’s terms—including any gaps in AI governance provisions—can propagate across dozens of jurisdictions.

read more

What are the risks of vendor lock-in?

Once an AI system is deployed under a long-term contract, governments may lose meaningful control over the data the system processes and the decisions it produces. Vendors may retain proprietary rights over training data, model architectures, or performance analytics, making it difficult for the government to audit system behavior or switch providers. Over time, institutional knowledge becomes embedded in vendor-controlled platforms — staff learn the vendor’s system rather than the underlying process, and the data needed to transition to a new provider may not be readily exportable. These dynamics create high switching costs and reduce the government’s bargaining power at renewal. Shorter contract terms with performance-contingent renewal clauses (Recommendation 3) help mitigate these risks by preserving the government’s ability to reassess and, if necessary, change course.

read more

Will these requirements slow down procurement?

Risk-tiered review ensures low-risk AI systems are approved quickly—San José’s model only triggers full review for high-risk systems, avoiding bottlenecks. Standardized contract clauses and fact sheet templates actually reduce negotiation time by providing ready-made language that procurement officers can adopt rather than draft from scratch. Also, the cost of upfront review is far less than the cost of failure downstream: Cooperative procurement means the review investment is shared across participating jurisdictions.

read more

How does this relate to existing federal AI policy?

Several federal frameworks support the recommendations in this memo. The AI in Government Act of 2020 established requirements for federal AI governance. OMB Memorandum M-25-21 emphasizes structured governance, accountability, and public trust in federal AI use. The NIST AI Risk Management Framework provides a cross-sector tool for risk evaluation. While procurement is primarily a state and local function, federal guidance can reinforce state-level reforms by encouraging contract transparency and model standards.

read more

What would implementation cost?

OIT AI governance framework was implemented by designating existing staff rather than creating a new office. A NASPO-convened working group could develop model contract clauses once for shared use across all member states, amortizing development costs across dozens of jurisdictions. IEEE 3119-2025 provides a ready-made procurement framework that reduces the need for states to develop standards independently. The cost of inaction—failed AI deployments, legal liability, and harm to constituents—far exceeds the cost of reform. AI initiative failure rates in government settings reach 70-85%, and the federal government already spends 80% of its $100 billion IT budget maintaining legacy systems.

Finally, implementation costs should be understood not only as personnel expenses but also as internal coordination burdens created by fragmented procurement processes. Clear ownership across agencies is essential to manage these risks and ensure accountable, responsible AI procurement from start to finish.

read more

Streamlining the procurement process for more equitable, safe, and innovative government use of AI

The federal government’s approach to procuring AI systems serves two critical purposes: it not only shapes industry and academic standards but also determines how effectively AI can enhance public services. By leveraging its substantial purchasing power responsibly, the government can encourage high-quality, inclusive AI solutions that address diverse citizen needs while setting a strong precedent for innovation and accountability. Guidance issued in October 2024 by the White House’s Office of Management and Budget (OMB) gives recommendations on how agencies should use AI systems, focusing on public trust and data transparency. However, it is unclear how these guidelines align with general procurement regulations like the Federal Acquisition Regulation (FAR).

To reduce bureaucratic hurdles and encourage safe government innovation, the General Services Administration (GSA) should develop a digital platform that guides federal agencies through an “acquisition journey” for AI procurement. This recommendation is for streamlining guidance for procuring AI systems and should not be confused with the use of AI to simplify the procurement process.  The platform should be intuitive and easy to navigate by clearly outlining the necessary information, requirements, and resources at each process stage, helping users understand what they need at any point in the procurement lifecycle. Such a platform would help agencies safely procure and implement AI technologies while staying informed on the latest guidelines and adhering to existing federal procurement rules. GSA should take inspiration from Brazil’s well-regarded Public Procurement Platform for Innovation (CPIN). CPIN helps public servants navigate the procurement process by offering best practices, risk assessments, and contract guidance, ensuring transparency and fairness at each stage of the procurement process.

Challenges and Opportunities

The federal government’s approach to AI systems is a crucial societal benchmark, shaping standards that ripple through industries, academia, and public discourse. Along with shaping the market, the government also faces a delicate balancing act when it comes to its own use of AI: it must harness AI’s potential to dramatically enhance efficiency and effectiveness in public service delivery while simultaneously adhering to the highest AI safety and equity standards. As such, the government’s handling of AI technologies carries immense responsibility and opportunity. 

The U.S. federal government procures AI for numerous different tasks—from analyzing weather hazards and expediting benefits claims to processing veteran feedback. Positive impacts could potentially include faster and more accurate public services, cost savings, better resource allocation, improved decision-making based on data insights, and enhanced safety and security for citizens. However, risks can include privacy breaches, algorithmic bias leading to unfair treatment of certain groups, over-reliance on AI for critical decisions, lack of transparency in AI-driven processes, and cybersecurity vulnerabilities. These issues could erode public trust, inhibit the adoption of beneficial AI, and exacerbate existing social inequalities.

The federal government has recently published several guidelines on the acquisition and use of AI systems within the federal government, specifically how to identify and mitigate systems that may impact public trust in these systems. For example:

• OMB Memo M-24-10 (2024): Guides federal agencies on the use of artificial intelligence. It emphasizes responsible AI development and deployment, focusing on key principles such as safety, security, fairness, and transparency. The memo outlines requirements for AI governance, risk management, and public transparency in federal AI applications.
• OMB Memo M-24-18 (2024): Provides Guidance on AI acquisitions, such as transparency, continued guidance for incident reporting on rights and safety impacting AI, data management, and specific advice for AI-based biometrics.
• Agency Memos (2024): Per M-24-10, many U.S. agencies have published their internal strategies for AI use.
• AI Use Case Inventory (2024): Requires agencies to perform an annual inventory of AI systems with information on Procurement Instrument Identifiers and potential for rights or safety impacts. 
• Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (2023) This requires agencies to adopt trustworthy and responsible AI practices. It mandates using AI safety standards, including rigorous testing, auditing, and privacy protections across federal systems.
• Executive Order 13960 (2020) promotes the use of trustworthy artificial intelligence in government and outlines the responsibilities of agencies to ensure their AI use is ethical, transparent, and accountable. It includes the need for agencies to consider risks, fairness, and bias in AI systems.

This guidance, coupled with the already extensive set of general procurement regulations such as the Federal Acquisition Regulation (FAR ), can be overwhelming for public servants. In conversations with the author of this memo, stakeholders, including agency personnel and vendors, frequently noted that they needed clarification about when impact and risk assessments should occur in the FAR process.

How can government agencies adequately follow their mandate to provide safe and trustworthy AI for public services while reducing the bureaucratic burden that can result in an aversion to government innovation? A compelling example comes from Brazil. The Public Procurement Platform for Innovation (CPIN), managed by the Brazilian Ministry of Development, Industry, Commerce, and Services (MDIC), is an open resource designed to share knowledge and best practices on public procurement for innovation. In 2023, the platform was recognized by the Federal Court of Auditors (TCU—the agency that oversees federal procurement) as an essential new asset in facilitating public service. The CPIN helps public servants navigate the procurement process by diagnosing needs and selecting suitable contracting methods through questionnaires. Then, it orients agencies through a procurement journey, identifying what procurement process should be used, what kinds of dialogue the agency should have with potential vendors and other stakeholders, guidance for risk assessments, and contract language. The platform is meant to guide public servants through each stage of the procurement process, ensuring they know their obligations for transparency, fairness, and risk mitigation at any given time. CPIN is open to the public and is meant to be a resource, not new requirements that supplant existing mandates by Brazilian authorities. 

Here in the U.S., the Office of Federal Procurement (OFFP) within the Office of Management and Budget (OMB) in partnership with the General Services Administration (GSA) and the Council of Chief AI Officers (CAIO), should develop a similar centralized resource to help federal agencies procure AI technologies safely and effectively. This platform would ensure agencies have up-to-date guidelines on AI acquisition integrated with existing procurement frameworks.

This approach is beneficial because:

• Public-facing access reduces information gaps between government entities, vendors, and stakeholders, fostering transparency and leveling the playing field for mid- and small-sized vendors. 
• Streamlined processes alleviate complexity, making it easier for agencies to procure AI technologies.
• Clear guidance for agencies throughout each step of the procurement process ensures that they complete essential tasks such as impact evaluations and risk assessments within the appropriate time frame. 

GSA has created similar tools before. For example, the Generative AI Acquisition Resource Guide assists federal buyers in procuring and implementing generative AI technologies by describing key considerations, best practices, and potential challenges associated with acquiring generative AI solutions. However, this digital platform would go one step further and align best practices, recommendations, and other AI considerations within the processes outlined in the FAR and other procurement methods. 

Plan of Action

Recommendation 1. Establish a Working Group led by the OMB OFPP, with participation from GSA, OSTP, and the CAIO Council, tasked with systematically mapping all processes and policies influencing public sector AI procurement.

This includes direct AI-related guidance and tangential policies such as IT, data management, and cybersecurity regulations. The primary objective is identifying and addressing existing AI procurement guidance gaps, ensuring that the forthcoming platform can provide clear, actionable information to federal agencies. To achieve this, the working group should:

Conduct a thorough review of current mandates (see the FAQ for a non-exhaustive list of current mandates), executive orders, OMB guidance, and federal guidelines that pertain to AI procurement. This includes mapping out the requirements and obligations agencies must meet during acquisition. Evaluate if these mandates come with explicit deadlines or milestones that need to be integrated into the procurement timeline (e.g., AI risk assessments, ethics reviews, security checks)

Conduct a gap analysis to identify areas where existing AI procurement guidance needs to be clarified, completed, or updated. Prioritize gaps that can be addressed by clarifying existing rules or providing additional resources like best practices rather than creating new mandates to avoid unnecessary regulatory burdens. For example, guidance on handling personally identifiable information within commercially available information, guidance on data ownership between government and vendors, and the level of detail required for risk assessments. 

Categorize federal guidance into two main buckets: general federal procurement guidance (e.g., Federal Acquisition Regulation [FAR]) and agency-specific guidelines (e.g., individual AI policies from agencies such as DoD’s AI Memos or NASA’s Other Transaction Authorities [OTAs]). Ensure that agency-specific rules are clearly distinguished on the platform, allowing agencies to understand when general AI acquisition rules apply and when specialized guidance takes precedence. Since the FAR may take years to update to reflect agency best practices, this could help give visibility to potential gaps. 

Recommendation 2. The OMB OFPP-GSA-CAIO Council Working Group should convene a series of structured engagements with government and external stakeholders to co-create non-binding, practical guidance addressing gaps in AI procurement to be included in the platform.

These stakeholders should include government agency departments (e.g., project leads, procurement officers, IT departments) and external partners (vendors, academics, civil society organizations). The working group’s recommendations should focus on providing agencies with the tools, content, and resources they need to navigate AI procurement efficiently. Key focus areas would include risk management, ethical considerations, and compliance with cybersecurity policies throughout the procurement process. The guidance should also highlight areas where more frequent updates will be required, particularly in response to rapid developments in AI technologies and federal policies.

Topics that these stakeholder convenings could cover include: 

Procurement Process

• Acquisition Pathways: What acquisition methods (e.g., FAR, Other Transaction Authorities [OTA], and joint acquisition programs) can be leveraged for procuring AI? Identify the most appropriate mechanisms for different AI use cases. For example, agencies looking to develop an advanced AI system with the help of external researchers may want to consider OTA if that is available to them. 
• Integrating New Guidance: How can recent AI-related guidance from OMB memos (like M-24-10 and M-24-18) be incorporated into existing procurement frameworks, especially within the FAR?
• Stakeholder Responsibilities: Clearly define the roles and obligations of each party in the AI procurement process, from agency departments (such as project teams, procurement offices, and IT) to vendors and contractors. Determine who manages AI-related risks, evaluates AI systems, and ensures compliance with relevant policies.
• NIST AI Risk Management Framework (RMF): Explore how the NIST AI RMF can be integrated into the acquisition process and ensure agencies are equipped to assess AI risks effectively within procurement.

Transparency 

• Public Disclosure: Define what information must be shared with the public at various stages of the AI acquisition process. Ensure there is a balance between transparency and protecting sensitive information.
• Data Sharing and Protection: Identify resources to help agencies understand their obligations regarding data sharing and protection under OMB Memo M-24-18 or forthcoming memos from the new administration to ensure compliance with any data security and privacy requirements.
• Risk Communication: Establish when and how to communicate to relevant stakeholders (e.g., the public and civil society) that a potential AI acquisition could impact public trust in AI technologies. Outline the types of transparency that should accompany AI systems that carry such risks.

Resources:

• External Best Practices: Gather and share civil society toolkits, industry best practices, and academic evaluations that can help agencies ensure the trustworthy use of AI. This would provide agencies with access to external expertise to complement federal guidelines and standards. The stakeholder convening should deliberate on whether these best practices will just be linked to the platform or if they need some kind of endorsement from government agencies. 

Recommendation 3. The OPPF, in collaboration with GSA and the United States Digital Service (USDS) should then develop an intuitive, easy-to-navigate digital platform that guides federal agencies through an “acquisition journey” for AI procurement.

While the focus of this memo is on the broader procurement of AI systems, this digital platform could also benefit from the incorporation of AI, for example, by using a chatbot that is able to refer government users to the specific regulations governing their use cases. At each process stage, the platform should clearly outline the necessary information collected during the previous phases of this project to help users understand exactly what is needed at any given point in the procurement lifecycle.

The platform should serve as a central repository that unites all relevant AI procurement requirements, guidance from federal regulations (e.g., FAR, OMB memos), and insights from stakeholder convenings (e.g., vendors, academics, civil society). Each procurement stage should feature the most up-to-date guidance, ensuring a comprehensive and organized resource for federal employees.

The system should be designed for ease of navigation, potentially modeled after Brazil’s CPIN, which is organized like a city subway map. Users can begin with a simple questionnaire recommending a specific “subway line” or procurement process. Each “stop” along the line would represent a key stage in the procurement journey, offering relevant guidance, requirements, and best practices for that phase. 

OPPF and GSA must regularly update the platform to reflect the latest federal AI and procurement policies and evolving best practices from government, civil society, and industry sources. Regular updates ensure that agencies use the most current information, especially as AI technologies and policies evolve rapidly.

The Federal Acquisition Institute within OFPP should create robust training programs to familiarize public servants with the new platform and how to use it effectively. These programs should explain how the platform supports AI acquisition and links to broader agency AI strategies.

1. Roll out the platform gradually through agency-specific capacity-building sessions, demonstrating its utility for different departments. These sessions should show how the resource can help public servants meet their AI procurement needs and align with their agency’s strategic AI goals.
2. Develop specialized training modules for different government stakeholders. For example, project teams might focus on aligning AI systems with mission objectives, procurement specialists on contract compliance, and IT departments on technical evaluations and cybersecurity.
3. To ensure broad understanding and transparency, host public briefings for external stakeholders such as vendors, civil society organizations, and researchers. These sessions would clarify AI procurement requirements, fostering trust and collaboration between the public and private sectors.

Conclusion

The proposed centralized platform would represent a significant step forward in streamlining and standardizing the acquisition of AI technologies across federal agencies. By consolidating guidance, resources, and best practices into a user-friendly digital interface, this initiative would address gaps in the current AI acquisition landscape without increasing bureaucracy. This initiative supports individual agencies in their AI adoption efforts. It promotes a cohesive, government-wide approach to responsible AI implementation, ultimately benefiting both public servants and the citizens they serve.

This action-ready policy memo is part of Day One 2025 — our effort to bring forward bold policy ideas, grounded in science and evidence, that can tackle the country’s biggest challenges and bring us closer to the prosperous, equitable and safe future that we all hope for whoever takes office in 2025 and beyond.

PLEASE NOTE (February 2025): Since publication several government websites have been taken offline. We apologize for any broken links to once accessible public data.

Frequently Asked Questions

What do federal agencies have to consider when procuring AI technologies?

There are so many considerations based on a particular agency’s many needs. A non-exhaustive list of legislation, executive orders, standards and other guidance relating to innovation procurement and agency use of AI can be found here. One approach to top-level simplification and communication is to create something similar to Brazil’s city subway map, discussed above.

read more

Could this be a platform be used for other types of procurement, especially innovation procurement in general?

The original Brazilian CPIN is designed for general innovation procurement and is agnostic to specific technologies or services. However, this memo focuses on artificial intelligence (AI) in light of recent guidance from the Office of Management and Budget (OMB) and the growing interest in AI from both the Biden Administration and the incoming Trump Administration. Establishing a platform specifically for AI system procurement could serve as a pilot for developing a broader innovation procurement platform.

read more

How does this platform ensure compliance with safety, equity, and ethical standards in AI procurement?

The platform seeks to ensure responsible public sector AI by mitigating information asymmetries between government agencies and vendors, specifically by:

• Incorporating the latest OMB guidelines on AI system usage, focusing on human rights, safety, and data transparency. These guidelines are seamlessly integrated into each step of the procurement process.


• Throughout the “acquisition journey,” the platform should include clarifying checkpoints where agencies can demonstrate how their procurement plans align with established safety, equity, and ethical standards.


• Prompting agencies to consider how procured AI systems will address context-specific risks by integrating agency-specific guidance (e.g., the Department of Labor’s AI Principles) into the existing AI procurement frameworks.

read more

Extreme chronic and acute heat exposes millions of American lives to dangerous health risks and threatens our infrastructure. Yet there are many physical solutions available to mitigate the risk of heat to people and systems in our built environments. Despite clear evidence that heat exposure is a substantial challenge to human health, economic vitality, and the goals of the Justice40 initiative, very little has been done to galvanize viable markets for materials and technologies that can improve heat resilience. 

In order to spur demand and send a strong signal for beneficial private sector innovation and scale, the federal government can lead by example to drive the market for products and services that build heat resilience. The General Services Administration (GSA) should require new and existing public structures (e.g. buildings and parking lots), products, supplies, and service procurement to meet minimum requirements for heat adaptation. These requirements could be adapted from existing green codes (e.g., ASHRAE 189.1 and IEA’s Annex 80) that recognize some of the non-energy benefits of heat-resilient materials and products, recognized supply chain vulnerabilities due to extreme heat (e.g. specialty crops, commodity crops, livestock, pharmaceutical precursors, etc.), and best practices for workplace protections (e.g. Fair Food Program).

Challenge and Opportunity

The federal government’s market-making potential is substantial – purchasing more than $630 billion in goods and services in FY2021 alone. The GSA owns and leases over 363 million square feet of space in 8,397 buildings in more than 2,200 communities nationwide. Updating procurement requirements and solicitations to promote passive cooling and heat resilience is relatively straightforward since GSA already maintains a database for green and sustainable building materials, systems, and services that could be amended, rather than creating a new parallel standard. Further, procurement standard changes are within the purview of a relatively small number of policy actors, compared to policies that incentivize voluntary uptake or require broad enforcement to be effective. 

Even small increases in market demand, driven by policy, can significantly reduce first costs, product availability, and innovation. For example, requirements for solar reflective shingles on residential homes in Los Angeles City and County (a market of roughly 10 million people) reduced costs for high-end shingle products by two-thirds and saw the introduction of mid- and low-cost product lines throughout the country. Similarly, joint innovation around a commitment to incorporating cool pavements into Los Angeles and Phoenix road maintenance and preservation programs has driven global product innovation, improved durability and aesthetics, and more efficient application processes that benefit communities nationwide. GSA action on procurement would send a much stronger market signal to many more communities. 

Heat-resilient procurement will also benefit rapidly developing federal policy to promote reduced heat risk. In January 2024, the Federal Emergency Management Agency announced that it would fund investments in net-zero energy reconstruction in areas under a federal disaster declaration. The provisions, which explicitly highlight investments in passive cooling, apply to Public Assistance, the agency’s largest grant program; the Hazard Mitigation Grant Program; and the Building Resilient Infrastructure and Communities grant program. Heat-resilient interventions can be a net benefit to net-zero priorities, keeping buildings cooler as temperatures rise without driving up energy consumption. Further, heat-resilience procurement standards aligns with the Office of Management and Budget’s climate-smart infrastructure investments memorandum (M-24-03), which calls for incorporation of current and future climate change risk in infrastructure investments and maximizing sustainability over the system’s service life.

The regulatory groundwork and technical language required for these recommendations are already in place. Several state and model codes already have requirements that could easily be adopted or referenced by a procurement standard. For example, California’s Title 24 includes requirements for cool roofs, green roofs, and other heat-adaptive interventions for a variety of climate zones. Similarly, ASHRAE Standard 189.1, the International Energy Conservation Code, ASHRAE Standard 90.1, and the LEED voluntary program include prescriptive urban heat island mitigation or passive cooling requirements for U.S. climate zones. 

In November 2022, the Biden-Harris Administration proposed the Federal Supplier Climate Risks and Resilience Rule, which would require federal contractors receiving more than $7.5 million in annual contracts to publicly disclose their greenhouse gas emissions and climate-related financial risks and set science-based emissions reduction targets. Requiring heat resilience would further push markets toward adaptation.

Executive Order 14057 on catalyzing American clean energy industries and jobs through federal sustainability and the accompanying Federal Sustainability Plan would, in part, create a mandate and mechanism to update federal policies for sustainability, climate action, and resilience. The order includes “buy clean” provisions for low-carbon materials, with a goal of net-zero procurement by 2050, and a Net-Zero Emissions Procurement Federal Working Group and Buy Clean Task Force that is required to report semiannually on progress toward clean procurement. As heat-resilience interventions like cool surfaces can drive down energy consumption, they are aligned with net-zero priorities.

Plan of Action

A number of existing policy pathways and fora could be leveraged to develop, standardize, and include heat-resilience standards in procurement. To start, the GSA could amend its Facilities Standards for the Public Building Service (P100) for public facilities and infrastructure projects to incorporate heat resilience by adopting ASHRAE 189.1 and resilient cooling practices articulated in the International Energy Agency’s Annex 80. Supportive engagement with the Net-Zero Emissions Procurement Federal Working Group would leverage internal reporting requirements to advance heat adaptation. Further, the Environmental Protection Agency (EPA) could incorporate ASHRAE 189.1 performance requirements for highly solar-reflective and vegetated materials into Energy Star, allowing those products to be included in Green Procurement Compilation. 

To ensure heat-resilient supplies and services, the Federal Acquisition Register (FAR) could be updated to include disclosures on how those products and services improve or reduce resilience to heat. Relevant disclosures include, but are not limited to, extreme heat’s risk to: service provision, such as unsafe working conditions; 2) supply chains and key commodity provisions; and 3) infrastructure operations, such as adequate cooling of data center facilities. The FAR already recognizes the risk of climate change in its proposed implementation of section 5(b)(i) of Executive Order 14030, Climate-Related Financial Risk, to require major federal suppliers to publicly disclose greenhouse gas emissions and climate-related financial risk and to set science-based reduction targets. GSA could also increase the use of life-cycle cost assessments over the lowest first-cost procurement to recognize the broader economic and societal benefits gained from investments in sustainable and resilient products and services. 

Interagency efforts, stewarded by the Interagency Working Group on Extreme Heat, could accelerate standards for heat-resilient building codes as well as product and services procurement. For example, the National Institute of Standards and Technology (NIST) works on other climate-related building standards through the National Windstorm Impact Reduction Program (NWIRP) and the National Construction Safety Team (NCST) Act, which authorizes NIST to investigate extreme weather events on buildings and inform the improvement of codes for the built environment. Further, the U.S. Department of Housing and Urban Development (HUD) establishes construction and safety standards, and the Department of Energy (DOE) proposes energy-efficiency standards for manufactured homes, which account for approximately 10% of single-family houses constructed in the U.S. annually and could include heat-resilient technologies. The U.S. Department of Agriculture’s federal public food procurement system (including the National School Lunch Program, Emergency Food Assistance Program, and Commodity Supplemental Food Program) could take better stock of extreme heat’s risks to the federal government’s ability to affordably procure essential food products. Finally, in alignment with the Occupational Health and Safety Administration’s National Emphasis Program on Extreme Heat, agencies that contract with high-risk industries (e.g. agriculture, construction, manufacturing, firefighters, etc.) should ask for the latest data on workplace injuries and deaths during heat season (April to October) before awarding contracts and rate contractors on heat safety upon contract completion.

Federally supported construction standards and procurement requirements can also be applied at any level of government: national, state, tribal, local, or even school districts and incentivized through federal financing of these subnational efforts. 

Non-Federal Stakeholders

This effort would greatly benefit from robust engagement with organizations outside of the public sector. National laboratories such as Lawrence Berkeley National Lab, Oak Ridge National Lab, National Renewable Energy Lab, and Pacific Northwest National Lab have deep technical experience to identify heat-resilient technologies. Organizations such as the Cool Roof Rating Council (which rates roofing and wall material surface properties) and the National Fenestration Rating Council are entry points to technical support from its industry members. Code experts such as the New Buildings Institute and Regulatory Assistance Project could identify and modify existing code language to match the needs of federal procurement. The American Public Health Association, Smart Surfaces Coalition, Institute for Policy Integrity, and others can support a broader social cost benefit to determine what performance levels to require in procurement standards.

This idea of merit originated from our Extreme Heat Ideas Challenge. Scientific and technical experts across disciplines worked with FAS to develop potential solutions in various realms: infrastructure and the built environment, workforce safety and development, public health, food security and resilience, emergency planning and response, and data indices. Review ideas to combat extreme heat here.

Frequently Asked Questions

How would the implementation of this proposal impact the federal budget?

Cool surfaces are not a monolithic product category. They encompass a huge variety of roofing, wall, and building attachment products spanning commercial, residential, multi-family, institutional, and industrial use cases. In nearly all of those contexts, there is an available, economically viable first-cost option that would promote heat resilience rather than exacerbate heat exposure.

Heat-resilient or passive-cooling procurement standards may generate net positive impacts on the budget. Looking at life-cycle costs and benefits, studies have found that $1 invested in passive cooling measures returns between $1.50 and $15.20.

Beyond the federal budget, mandatory heat-resilience policies also yield substantial social and market benefits. When procurement and codes require heat resilience at a municipal level (as they have in Los Angeles, for example), the budget impact has been negligible but has resulted in dramatically lower first costs for heat-resilient options like advanced cool roof shingles. Similarly, adding questions about heat resilience to the required responses for service procurement is not an undue or onerous burden on potential federal contractors. Heat costs American workers and businesses over $100 billion per year in lost productivity and wages. Investments in the built environment may substantially reduce that existing burden, yielding more equitable outcomes in line with Justice40 (the wage impact is felt most acutely by outdoor, agricultural, and warehouse workers) and potentially more tax revenue.

read more

Solving Market Failures & Creating Industries

Tackling the greatest national challenges facing the United States requires a redoubled commitment to innovation. The United States put astronauts on the moon, split the atom, built the Internet, and sequenced the human genome. But progress has stagnated — and will continue to stagnate if we do not diversify our national approach to innovation. We must not only make investments in emerging technologies, but also experiment with new ways of solving problems.
 
Learn more about our work to help innovate government procurement below

Procurement Primer

Market-shaping mechanisms (MSMs), also known as “demand pull” mechanisms, are excellent tools for catalyzing solutions-oriented innovation.

​Read our MSMs primer to learn more and see several examples and forward-looking use-cases to create a “marketplace of outcomes”.

Learn More

Talent Support

Looking for knowledgable, creative procurement talent? Want to learn more about flexible hiring mechanisms?

FAS’ Day One Talent Hub works to identify, match, and deploy technical talent into federal agencies to tackle pressing priorities. 

Find out More

publications

See all

Environment

day one project

Procurement as an Instrument of Policy: Novel Approaches to Climate Challenges

Our roundtable of climate and procurement experts discussed the underutilized role of the federal government as a strategic buyer to overcome market failures in scaling innovative solutions to climate change. Speakers included: Initial Perspectives The session began with remarks from Thomas Kalil (Schmidt Futures), who provided an introduction into procurement levers, or “demand-pull” mechanisms. The session then […]

02.14.22 | 8 min read

read more

Innovative Procurement Proposals

See all

Emerging Technology

day one project

Policy Memo

A National Framework for AI Procurement

As AI applications for public use have proliferated, there has been a large uptick in challenges associated with AI safety and fairness.

06.09.21 | 1 min read

read more