Open Source AI Governance: When Your AI Runs on Models Anyone Can Modify

Open source AI governance covers the policies and oversight mechanisms that organisations need when they use, fine-tune, or deploy AI models released under open-source or open-weight licences — including Meta's Llama, Mistral's models, Stability AI's Stable Diffusion, Falcon, and hundreds of models available through Hugging Face and similar platforms. The EU AI Act provides a limited exemption for open-source GPAI models from certain obligations (Article 53), but this exemption does not apply if the model presents systemic risk or if the organisation deploys the model in a high-risk context. The practical governance challenge is that open-source models shift the responsibility for safety, bias testing, security, and compliance from the model provider to the deploying organisation — and most organisations using open-source AI have not built governance frameworks to match this responsibility.

How the EU AI Act treats open source

The EU AI Act provides a targeted exemption for open-source GPAI models. Providers of GPAI models released under open-source licences are exempt from certain transparency and documentation obligations — unless the model is classified as having systemic risk (based on cumulative compute thresholds) or is used in high-risk AI systems. Critically, the exemption applies to the model provider, not the deployer. An organisation that takes an open-source model and deploys it in a high-risk context (employment decisions, credit scoring, healthcare) is fully subject to the AI Act's high-risk obligations regardless of the model's licence.

Governance challenges specific to open source

Licence compliance: open-source AI licences vary significantly. Some (Apache 2.0, MIT) are permissive. Others (Llama's community licence, RAIL licences) include acceptable use restrictions, commercial limitations, or derivative work requirements that create legal obligations. Model provenance: open-source models may be fine-tuned, merged, or modified by multiple parties. Understanding what training data was used, what modifications were made, and what safety testing was performed requires governance that most organisations do not apply. Security: open-source models are subject to supply chain attacks, model poisoning, and backdoors. Unlike proprietary models where the vendor is responsible for security, open-source deployments put the security burden on the deploying organisation. Accountability: when an open-source model produces a biased, inaccurate, or harmful output, there is no vendor to hold accountable. The deploying organisation bears full responsibility.

Practical governance framework

Maintain an inventory of all open-source AI models in use, their licence terms, their provenance, and their deployment context. Conduct security assessment of models before deployment — including checking for known vulnerabilities, reviewing community security findings, and implementing appropriate sandboxing. Perform bias testing and safety evaluation appropriate to the deployment context — the model provider may not have tested for your specific use case or demographic context. Document the human oversight, monitoring, and incident response mechanisms in place. Review licence compliance regularly, particularly for models with acceptable use restrictions that may be updated.

Further reading: EU AI Act — GPAI provisions | ISO 42001

Related reading

• Agentic AI Governance
• AI Vendor Contracts Guide
• AI Compliance Checklist 2026