Post 1 of this series named the compliance illusion: the governance frameworks enterprises are building assume substrate access the enterprise no longer independently holds. Every operational requirement in NIST AI RMF, the EU AI Act, and GDPR depends on the enterprise reaching a compliance substrate — the execution environment that holds agent working state, tool connections, permission contexts, and the decision record. On a closed stack, that substrate is provider-native. The compliance posture is real. Its operational function is contingent. This post names the structural reason the gap is harder to close than the GDPR cloud parallel suggests: the providers who drew the substrate are now writing the standards compliance tooling must implement. By the time regulators arrive to close the gap, the vocabulary they use will be the provider’s vocabulary.
The Great Compression series documented four absorption mechanisms: acquisition converting independent vendors into provider-native capabilities, open-source protocol control establishing the standards that orchestration tooling must implement, managed runtime integration creating the infrastructure layer that everything else sits on, and definitional engineering drawing new infrastructure categories before governance frameworks had mapped them. The first three mechanisms absorbed the operational substrate. The fourth absorbed the vocabulary. This post documents the consequence: when the vocabulary of infrastructure becomes the vocabulary of regulation, compliance with regulatory requirements becomes compliance with provider specifications. The absorption of the standards layer is not a future risk. It is already underway.
The Standard Is Not the Substrate — Until It Becomes the Substrate
The Model Context Protocol exceeded 300 million monthly SDK downloads before most enterprise governance frameworks had a category for agent-to-tool communication standards. That adoption rate is not incidental. MCP solved a real problem — the fragmentation of tool integration interfaces across model providers and enterprise systems — and solved it well enough that the market converged on it faster than any prior developer protocol in adjacent infrastructure categories. The adoption is legitimate. The structural consequence of that adoption is what this post names.
A standard at 300 million monthly SDK downloads is not optional infrastructure for enterprises building on agentic AI. It is the de facto interface layer for agent-to-tool communication. When a regulatory body — the EU AI Act’s implementing authority, a national data protection regulator, the SEC — specifies that enterprises must demonstrate audit capability over agent-to-tool communications for high-risk AI deployments, the enterprise satisfies that requirement by implementing MCP-compliant logging and monitoring. Which means satisfying a standard Anthropic defined. The regulatory requirement is legitimate. Its operational satisfaction flows through provider infrastructure. The compliance posture is real. The substrate beneath it is provider-owned.
The standard is not the substrate — until the regulator requires what the standard implements. At that moment, the standard becomes the compliance surface, and the provider who defined the standard owns the compliance surface.
This is the standards absorption move: the mechanism by which a provider achieves compliance infrastructure control through open-source protocol dominance rather than acquisition or managed runtime integration. It does not require regulatory capture in the political sense — no lobbying, no revolving doors, no intentional manipulation of the regulatory process. It requires only that the provider’s standard achieves dominant adoption before the regulatory vocabulary is written. The regulatory guidance then works with the infrastructure that exists, using the vocabulary that exists, which is the provider’s vocabulary.
The Four Absorption Mechanisms, Extended
The Great Compression series documented three absorption mechanisms that operated on the execution substrate directly. The standards absorption move is the fourth, and it operates on a different layer — not the infrastructure the enterprise runs agents on, but the vocabulary that regulators will use to govern that infrastructure.
-
Acquisition
Independent harness-layer vendors converted into provider-native capabilities. OpenAI’s eight harness-layer acquisitions, each removing an independent governance option from the market and absorbing its function into the provider’s platform. The enterprise that built on those vendors found its governance infrastructure suddenly provider-aligned.
-
Open-Source Protocol Control
MCP at 300 million monthly SDK downloads. Google Agent Development Kit at seven million. The provider establishes the standard that orchestration and tool integration must implement. Independent tooling built to the standard is functionally dependent on the provider’s specification decisions. The standard is open. The specification authority is provider-held.
-
Managed Runtime Integration
The OpenAI–AWS stateful runtime on Amazon Bedrock AgentCore, jointly owned and contractually coupled to a $35B contingent investment commitment. Microsoft Agent Framework. Google Vertex AI Agent Engine. The execution substrate itself is provider-native. Governance tooling built on top reads what the provider exposes.
-
Standards Absorption
Provider-defined terms — “stateful runtime,” “MCP server,” “agent identity,” “AgentCore” — become the vocabulary of regulatory guidance because they are the vocabulary of the infrastructure the regulation must govern. The provider who defines the vocabulary draws the compliance surface the same way they drew the execution surface. By the time the regulation is written, the vocabulary is already the provider’s vocabulary.
The Vocabulary Problem
Regulatory guidance must use vocabulary that corresponds to the infrastructure being regulated. There is no alternative — a regulation that uses invented vocabulary disconnected from actual infrastructure is unenforceable, because the enterprises and auditors applying it cannot map the regulatory terms to the systems they are evaluating. The EU AI Act’s implementing guidance for agentic AI will use the vocabulary of agentic AI infrastructure. That vocabulary is being written now — not by regulators, but by providers deploying at scale.
“Stateful runtime.” “Agent memory.” “Tool connection.” “Permission context.” “AgentCore.” These are not neutral technical terms that any infrastructure vendor might have coined. They are specific terms defined by specific providers in specific technical documentation that enterprises are already using as their operational vocabulary. When the EU AI Act’s delegated acts for general-purpose AI systems reach agentic deployment — a process that will take years, during which provider infrastructure will have become further entrenched — the vocabulary those acts use will be the vocabulary providers have already normalized.
Vocabulary Developed Alongside Infrastructure
Cloud computing regulatory frameworks were developed over years as cloud infrastructure matured. Terms like “data residency,” “shared responsibility model,” and “cloud service provider” were shaped by ongoing dialogue between providers, regulators, and standards bodies. The vocabulary was contested.
Enterprises had some ability to influence the regulatory vocabulary through standards participation and early compliance engagement.
Contested vocabularyVocabulary Defined Before Regulation Arrives
Provider-defined terms are already the operational vocabulary of agentic AI at 300 million monthly SDK downloads. The regulatory vocabulary will be written after dominant adoption has already normalized provider terminology. Regulators will work with the vocabulary that exists.
Enterprises adopting provider vocabulary now are adopting the vocabulary the regulation will eventually use — which means their compliance posture will be expressed in provider-defined terms.
Provider-defined vocabularyThe GDPR Cloud Precedent — Applied More Precisely
Post 1 introduced the GDPR cloud parallel as a structural precedent. Applied to the standards absorption move, it becomes more precise and more instructive. GDPR was not merely complicated by cloud architecture — it was eventually operationalized through cloud provider compliance frameworks. AWS GDPR compliance documentation. Azure data residency controls. Google Cloud’s data processing terms. The regulation’s requirements were satisfied, in practice, through mechanisms the cloud providers designed and documented. The GDPR requirement was legitimate. Its operational satisfaction was mediated by provider frameworks.
That mediation was not the result of regulatory capture. It was the result of regulators and enterprises discovering that the infrastructure the regulation needed to govern was cloud infrastructure, and the most operationally coherent way to satisfy regulatory requirements was to use the compliance mechanisms the cloud providers had built. Enterprises that built their GDPR compliance posture on top of AWS compliance controls discovered that their regulatory posture was a function of their AWS relationship. The compliance was real. The independence was assumed.
Monthly SDK downloads for Anthropic’s Model Context Protocol — the emerging standard for agent-to-tool communication. At this adoption rate, MCP is not an optional integration approach for enterprises building on agentic AI. It is the de facto interface layer. Any regulatory requirement that specifies audit, monitoring, or control of agent-to-tool communications will be satisfied, in practice, by implementing MCP-compliant tooling — which means satisfying a standard Anthropic defined.
The AI governance parallel is structurally identical and arrives faster. Enterprises building GDPR compliance on AWS had years before GDPR enforcement normalized cloud-mediated compliance. Enterprises building AI governance compliance on MCP-native tooling are building it now, before the AI governance regulatory vocabulary is written. When that vocabulary is written — using terms like “agent-to-tool communication audit,” “permission scope monitoring,” and “execution state logging” — it will be satisfied by the same MCP-native tooling enterprises are deploying today. The compliance posture will be provider-mediated from the start, not as a discovered consequence but as a structural property of the vocabulary the regulation uses.
The Avanade Compliance Precedent
The Never Just About Middleware post introduced the Avanade precedent — the 2000 Microsoft–Accenture joint venture — as a structural parallel for the implementation relationship absorption. Applied to the standards layer, the precedent takes a more historically specific form: Microsoft’s enterprise technology became so embedded in US government procurement requirements and compliance frameworks that satisfying government IT standards was, for much of the federal government, effectively satisfying Microsoft’s architecture specifications. Active Directory. Windows Server. The Microsoft compliance ecosystem did not capture the regulatory process. It became the infrastructure the regulatory process had to accommodate.
The model provider trajectory follows the same structural mechanism at greater speed and deeper substrate penetration. The providers defining MCP, AgentCore, and stateful runtime architecture are not lobbying for regulatory outcomes. They are deploying at scale, achieving dominant adoption, and normalizing vocabulary that regulators will eventually work with. The compliance infrastructure regulators will require enterprises to implement will be built on the standards those providers have already defined. That is not a conspiracy. It is the natural outcome of infrastructure moving faster than regulation — and it is the specific outcome that alignment-grade compliance is designed to survive.
The provider who defines the vocabulary draws the compliance surface the same way they drew the execution surface — not through regulatory capture, but through the simpler mechanism of arriving first.
— Tom M. Gomez, Luminity DigitalWhat Enterprise Architects Should Understand Now
The standards absorption move has three specific implications for enterprise architects building AI governance infrastructure today — before the regulatory vocabulary is finalized.
First, MCP compliance is not governance independence. An enterprise that builds its agent-to-tool governance posture on MCP-compliant monitoring and audit tooling has built a real compliance capability. It has not built a substrate-independent compliance capability. When Anthropic updates MCP’s specification — as any evolving standard will be updated — the enterprise’s compliance posture updates with it, whether the enterprise chooses that update or not. The compliance is real. The independence is assumed.
Second, the regulatory vocabulary will arrive after the adoption patterns are set. The EU AI Act’s implementing guidance for agentic AI systems will be written after MCP has achieved the adoption level at which the standard is the infrastructure. Enterprises that wait for regulatory clarity before making governance infrastructure decisions will make those decisions after the vocabulary has been fixed — in provider-defined terms, against provider-defined standards, through provider-mediated compliance mechanisms. The window to build governance infrastructure with a different vocabulary is open now.
Third, audit rights provisions in provider contracts are the early warning system. The specific contractual terms that govern what the enterprise can independently audit — what data it can access without provider cooperation, what logs it can retrieve independently, what permission structures it can examine directly — are the terms that determine whether the enterprise’s regulatory compliance posture is operational or contingent. Those terms are being written in current enterprise AI deployment contracts. They will be harder to renegotiate after the implementation relationship is established.
The AI implementation contracts being signed today are being signed before the regulatory vocabulary that will govern those implementations has been written. The enterprises with the most durable compliance posture are those that negotiate audit rights, data access terms, and governance infrastructure portability provisions now — in contracts that precede the regulatory requirements those contracts will eventually need to satisfy.
What Post 3 Builds
Two posts have now named two failure modes: compliance frameworks built on substrate assumptions the compression has invalidated, and standards being written by the providers who drew the substrate. Post 3 closes the series with the affirmative case — what alignment-grade compliance actually requires, and why the architecture that survives the standards absorption move is the same architecture that survives the closed stack. The compliance substrate, the five operational requirements, and the specific infrastructure properties that make regulatory satisfaction independent of provider relationships. The regulatory surface is being drawn now. The architecture that survives it has been available since before the drawing started.
