AI Risk Debt: The Accumulation Problem No One Tracks

AI risk debt is the slow accumulation of compliance gaps, security exposures and unmanaged model dependencies that compound as deployment scales. Fourteen technology executives who spoke to Forbes this month identified a common pattern: organizations are embedding AI faster than they are governing it. The gap is invisible to traditional risk dashboards, and it crosses every industry.

Healthcare carries some of the heaviest load. Venus Garg, vice president of AI at Elevance Health (ELV), described a specific hazard: AI models that continue running on outdated or biased patient data. "It slowly affects diagnosis quality, treatment recommendations and fairness across different patient groups without being immediately visible," Garg said. She called for regular audits of clinical accuracy and fairness metrics. Elevance Health carries an Alpha Score of 47 out of 100, with a Mixed label in the Healthcare sector. That score reflects the balancing act between AI-driven efficiency and the regulatory risk of deploying models in a highly audited industry. See the ELV stock page for more.

Other executives focused on different nodes of the same problem. Manas Chaudhari, a director at Meta, flagged prompt injection in agentic workflows as the fastest-growing threat. "When AI agents read emails, documents or web content to take action, adversarial instructions embedded in that content can silently redirect the agent," Chaudhari said. Most enterprises deploying agents today have no detection layer for this, he added.

Bruno Billy of APGAR offered a sharper framing. The real risk, he said, is not shadow usage or model drift but "organizational workflows being rebuilt around models you don't own, can't inspect and can't roll back." He advised treating every external model like a third-party dependency – know where it is load-bearing and have a plan to replace, replicate or unwind it if the provider changes terms.

Several executives warned that the speed of deployment has outpaced the speed of controls. Jenny Larsson of Intact Insurance Specialty Solutions compared an AI agent to a new employee. "You wouldn't onboard a new employee and give them full autonomy on day one. An agent is no different," she said. That discipline – defining what "good" looks like before deployment – is where most companies are exposed, she added.

Lihong Wang of Freeport Markets noted that OpenAI and Anthropic each run at roughly 99% uptime. "Sounds fine until you realize that's 3.6 days of outage a year," Wang said. For some products that downtime is trivial; for others it is catastrophic. Leaders should ask explicitly what the business does during those hours, he added. If the answer is "we stop working," the debt is accruing quietly.

Dmitry Panenkov of emma described a testing failure that is widespread: teams set benchmarks at launch and never revisit them. Models change, prompts change, data changes, and the benchmark keeps passing. It stopped measuring anything real months ago. The fix, Panenkov said, is to re-baseline on production data, write thresholds before running the test, and treat drift like a security incident.

Gaurav Chodwadia of Walmart warned that production prompts are often written by someone who has since left, tuned for a deprecated model version with no tests. When the model updates or someone reworks a line, behavior shifts until a customer complains. Prompts need version control and real review, he said.

The most exposed firms share traits: heavy reliance on external API-based models for core workflows, decentralized AI adoption without a central governance layer, and thin audit trails for model-driven decisions. A confirming signal would be a regulatory inquiry or customer lawsuit that forces a company to reconstruct an AI-assisted decision chain and find the audit trail missing. A weakening signal would be a wave of disclosures around model governance frameworks, especially from firms in healthcare and financial services where regulators are watching.

Anthony Oren of Nero Consulting put it bluntly: "When a customer eventually asks whether their data has touched a model, the missing audit trail becomes the liability."