Artificial Intelligence (AI) is transforming all industries, and with all innovation comes responsibility. Governments are now setting clearer expectations around how AI is used in procurement, bidding and evaluation. Here’s what’s changing, and why it matters.
PPN 017
Released by the UK Cabinet Office in February 2025, PPN 017 is designed to bring greater transparency to how AI is used in public procurement.
The guidance acknowledges what most teams already know: AI is now part of the process – drafting tender documents, supporting bids, and even assisting evaluators. Its use isn’t restricted but contracting authorities are encouraged to understand and manage the risks.
To support that, PPN 017 introduces optional disclosure questions. Suppliers may be asked whether AI was used, which tools were involved, and what safeguards protected sensitive data. These questions don’t affect scoring, but they send a clear signal: ethical, transparent AI use is becoming the norm.
EU AI Act
The EU AI Act, in force since 1 August 2024, is the world’s first comprehensive AI law. It takes a risk‑based approach, classifying AI systems from unacceptable through to minimal risk.
High‑risk systems, including those used in public procurement, must meet strict requirements: risk assessments, clear documentation and meaningful human oversight.
The Act also places obligations on general‑purpose AI models, demanding transparency about training data and controls for systemic risk. And because the law applies to any organisation impacting people in the EU, location is no shield. Failure to comply can mean fines of up to €35 million or 7% of global turnover, a wake‑up call for any business using AI at scale.
What’s on the horizon?
From 2 August 2026, all high risk AI systems, including those used in procurement, must meet tightened obligations:
- Human oversight must be assigned
- Input data must be relevant and representative
- Logs must be retained for at least six months
- Serious incidents must be reported immediately.
If risks emerge, deployers must pause use and work with regulators.
Non-compliance? The same headline fines apply.
Meanwhile in the UK, a comprehensive AI Bill is expected in 2026, building on PPN 017. Likely changes include:
- Mandated disclosure of AI use in bids and evaluations
- Stronger GDPR alignment for AI tools – no uploading confidential tender data into public AI platforms.
And with procurement thresholds dropping in January 2026, more contracts will fall into regulated territory – meaning more checks, more documentation, and more accountability.
What does this mean for your team?
- Train your people: AI tools are powerful, but they need informed users. Invest in AI literacy and compliance awareness training
- Set clear policies: define when and how AI can be used in bid writing and evaluation. Avoid uploading confidential data into public AI tools
- Be transparent: if you use AI, disclose it. This builds trust and keeps you ahead of regulatory changes.
AI is moving fast, and regulation is catching up. But with the right approach, this isn’t something to fear – it’s something to harness.
If you’re ready to shape a future where people, technology and strategy work seamlessly together, let’s start the conversation. We’ll help you translate the rules into clarity, confidence and competitive edge.
Contact us today to see how we can help you on this journey: [email protected].
