I am rooting for the use of AI in government. Every day, I read about a new and exciting government use case. I write about procurement governance and risk because I want federal AI deployment to succeed—so it brings me no joy to write this piece.
When OMB M-25-21 and M-25-22 were released in April 2025, the governance expectations for agency AI use looked reasonable—Chief Artificial Intelligence Officers (CAIOs), inventories, risk management, Authorizations to Operate (ATOs), generative AI policies, impact assessments, etc. Yet by mid-2025, the administration’s deregulatory posture on AI policy appeared to extend to the federal government’s procurement and deployment of AI. Across multiple policies, programs, and public statements, the administration signaled that agencies were expected to accelerate AI adoption, even as governance structures and technical capacity struggled to keep pace.
In my article, Buying Blind: Corruption Risk and the Erosion of Oversight in Federal AI Procurement, I warned about exactly this dynamic:
The deregulatory trajectory has narrowed pathways for implementing [government AI procurement] safeguards. Commercial acquisition preferences direct agencies toward procurement methods least compatible with governance protections, while simultaneous workforce cuts leave fewer acquisition professionals with less AI-specific expertise to implement whatever safeguards remain available.
M-25-22 articulates principles for responsible AI procurement while the post-AI Action Plan environment removes the regulatory authority and workforce capacity necessary to implement them. Without binding regulations or agency-wide policies, M-25-22’s safeguards exist as aspirations rather than obligations.
And in my article, Governance as a“Blocker”: How the Pentagon’s New AI Strategy Trades Oversight for Speed, I addressed the broader leadership and adoption dynamic:
[T]one at the top matters. When leadership frames safeguards as barriers, the organization comes to see compliance as an obstacle rather than a risk-management tool. Adoption metrics measure whether AI capabilities are being used and at what pace, not whether the governance infrastructure underlying those deployments is sound. The practical effect is to shift risk downstream, where it can surface as security incidents, performance failures, bid protests, or mission impact.
We now have new evidence of what governance failure looks like in practice. On May 12, the United States Department of Agriculture’s Inspector General (IG) released a report, Cybersecurity of Artificial Intelligence Technology at USDA, determining that USDA has not fully implemented cybersecurity and governance controls within AI systems in compliance with federal standards, leaving the agency at risk of data breaches or reputational harm.
Specifically, the IG found:
- No security authorization for 89% of AI use cases. OIG found that 73 of 82 operational AI use cases lacked a required system ATO prior to operation and were not recorded in CSAM. An ATO is effectively a security sign-off: someone in charge must review a computer system for risks and approve it before it can run on a federal network. The Federal Information Security Modernization Act (FISMA) and USDA’s own departmental regulations require it for any federal IT system.
- No generative AI policy, despite widespread GenAI use. USDA missed the December 29, 2025 OMB M-25-21 deadlines to update agency IT policies and to develop a generative AI (GenAI) policy. The Office of the Chief Information Officer (OCIO) told OIG it has not updated or developed any AI policies or procedures.
- No documented impact reviews for high-impact AI. OIG sampled eight AI use cases against the high-impact criteria: civil rights, access to government resources, public safety, and critical infrastructure. USDA’s own AI inventory separately marks facial-recognition surveillance and AI tools for cover crop mapping, planting date detection, and acreage and crop type validation as high-impact. OIG found OCIO had not performed or documented the required impact reviews.
- No reliable AI inventory. USDA’s AI inventory relies entirely on an annual self-report data call. OIG examined 82 operational use cases and concluded that the inventory cannot be verified as complete or accurate.
Beyond these findings, OIG flagged a deeper problem: shadow AI. Shadow AI is the unsanctioned use of AI tools by employees without the formal approval or oversight of the information technology (IT) department. With an inventory built on annual self-reporting and no policy governing GenAI use, USDA cannot know what AI tools its workforce is running on departmental data. The OIG concluded that the methodology itself produces this risk.
Although shadow AI is a significant concern, it is equally alarming that even sanctioned AI can create major risks when agency-level governance is missing—no generative AI policy, no ATOs, no impact assessments, no reliable inventory.
The USDA report does not establish that these use cases came through GSA’s AI offerings through its OneGov program. That distinction is important. The report documents an agency-level governance failure, not a OneGov procurement failure. But OneGov is still relevant because it shows the adoption environment in which those failures now operate: AI tools are being made available across government quickly and cheaply, through centralized contracting channels, while responsibility for inventories, ATOs, impact assessments, and internal use policies remains with the ordering or deploying agency.
OneGov has reached 3.4 million federal users with AI tools at near-zero cost: OpenAI’s ChatGPT Enterprise and Anthropic’s Claude Enterprise at $1 per agency for one year, Google’s Gemini at $0.47 per agency through 2026, xAI’s Grok at $0.42 per agency for eighteen months, and Perplexity at $0.25 per agency for eighteen months. As I wrote in Buying Blind, “below-market pricing drives widespread adoption across the federal government, locking in dependencies before agencies understand costs, develop expertise, establish governance, or build exit strategies.”
GSA may be thinking about AI governance, but we cannot say the same for USDA. Centralized purchasing does not solve the problem of decentralized governance. Whether USDA employees are using centrally procured tools, agency-procured tools, embedded AI features, or unsanctioned AI accessed off the books, USDA still needs the controls OIG found missing.
That’s the most critical point: the procurement channel may vary, but the governance obligation does not.
None of this has produced the kind of high-profile government AI debacle that captures public attention—at least, not that we know of. But the conditions described in this report are exactly the kind that produce one.
The structural separation between centralized procurement and decentralized governance is the downstream consequence that Buying Blind warned about. USDA, by itself, is what happens when AI adoption outpaces governance and capacity.
The conditions producing these failures are present across the federal government. Whether other agencies have built governance to match those conditions is a question we will answer only through additional IG evaluations. USDA may be an outlier, or it may be one of the clearest looks so far at agency-wide AI governance. With AI adoption continuing to outrun governance and capacity, USDA is what we can see. The more troubling concern is what we can’t.