Company8 min read

Whose name is on the audit row? The question that splits CX-AI vendors in 30 seconds.

Every procurement evaluation of a CX-AI vendor should start with one question, and you can fit it on an index card. The vendor's answer (and how quickly they can answer it) tells you whether their architecture is operator-led or bot-first. For regulated work, only one answer is defensible. Here is what each answer sounds like and what to ask next.

VVorel EngineeringEngineeringLast updated

Procurement teams evaluating CX-AI vendors in 2026 are drowning in marketing surface. Every vendor promises autonomy, deflection, brand voice, compliance posture, CRM integration, and human-in-the-loop. After the third or fourth pitch the buyer cannot distinguish the architectural posture of one vendor from another, which is precisely what the marketing was built to do.

There is one question that cuts through it. It fits on an index card. The vendor cannot wallpaper it, because the architecture either does what the answer claims or it does not. The question is: whose name is on the audit row when your AI fires an action in production? Ask it in the first ten minutes of the first meeting. The thirty seconds of answer that follows will tell you more about the vendor than the deck you read that quarter.

Whose name is on the audit row when your AI fires an action? The vendor cannot wallpaper this question. The architecture either does what the answer claims or it does not.

Why this question works

The audit row is where marketing meets law. Every state-changing action a CX-AI vendor takes (booking, refund, refill, dispatch, claim acknowledgement) produces a row in some system of record. That row has fields, and one of them names the actor. Compliance officers query that field when something goes wrong. Auditors query it during inspections. The actor field is load-bearing for every regulated workflow the vendor's customer runs.

The marketing is downstream of that field. If the actor reads as the operator (the receptionist, the case manager, the dispatcher, the loan officer), the vendor is operator-led. If it reads as the AI, the platform, or any phrase that names a non-human, the vendor is bot-first. The architectural posture cannot lie, because the row is written by the code, not the homepage copy.

A vendor who has thought about this answers in a sentence. A vendor who has not answers in a paragraph that resolves to either (a) the AI is the actor and the operator is on a watchlist, or (b) we have a dashboard where you can see what the agent did. Neither is what the regulated buyer needs.

What an operator-led answer sounds like

The clean operator-led answer is short. The operator's name is on the actor field. The AI is the method. The reasoning trace is the explanation field; the tool call is the action field. The row lives in the operator's CRM, not in a separate dashboard the vendor keeps under their own login. Asked to demonstrate, the vendor opens a sample row in Salesforce, Epic, HubSpot, or ServiceTitan and points at the cells.

Three things are implied. The AI runs on the operator's authority: inside the operator's session, with the operator's CRM permissions, not under a vendor service account. Escalations preserve the operator as actor: when the AI hands off mid-case, the system writes the receiving operator into the row, with the AI annotated alongside as the assistive method. Overrides are first-class: the operator can decline, modify, or rewrite an AI-proposed action before it fires, and the override is the row that gets written. Vendors who answer this way have walked it through architecture, compliance, and security review. It is the data model, not an aspiration.

What a bot-first answer sounds like

The bot-first answer resolves in one of three recognizable patterns. The most common is that the actor field reads as the AI itself: Agent OS, AI Concierge, or some product-named entity. Sierra leads with Agent OS. Decagon leads with an AI Concierge. Ada ships brand-native AI Agents positioned as embodiments of the brand. Marketing and audit surface agree: the AI is the protagonist; the operator, if they appear, is a CC line.

The second pattern is the dashboard pivot. The vendor walks the buyer to a dashboard inside their own platform: a feed of cases annotated with what the agent did. Useful, but not an audit row in the buyer's system of record. The compliance officer, queried six months later, cannot subpoena it the way they can pull a row from Epic or Salesforce. It is a parallel evidence layer the buyer's audit infrastructure does not know about.

The third pattern is the made-by attribution. The actor field is the operator, technically, but every row carries a "Generated by <vendor>" suffix or an AI-authorship badge. On a low-stakes return queue this is fine. In regulated work it is worse than either cleaner answer, because the auditor cannot tell whether the operator signed off or whether the AI fired and the operator was nominal. The row has to mean one thing.

If the audit row reads as 'the AI,' 'the platform,' or 'made by <vendor>,' the vendor is bot-first regardless of what the homepage says.

Why regulated work cannot accept bot-first

The category where this matters is the one where a human carries personal legal liability. A clinic receptionist confirming a prescription refill acts under the prescribing physician's authority. A claims adjuster acknowledging coverage binds the insurer under the regulator's rules. A paralegal scheduling a court filing acts on behalf of an attorney with bar obligations. A dispatcher promising an arrival window commits the company to a contractual SLA. In every case, the law is uninterested in the AI.

When the matter reaches a malpractice review, a claims dispute, a bar complaint, or an SLA arbitration, "the AI did it" is not a defense. The regulator looks for the human. If the audit row points at the AI, the buyer has to reconstruct from logs which human was supposed to be supervising and what they knew. The row that names the operator collapses that reconstruction into one cell. The row that names the AI forces it to happen in court, under oath, against a clock.

This is not hypothetical. EHR audit rows have always named the clinician of record, not the system that surfaced the order. Every regulated trade has a named trader on the ticket even when an execution algorithm placed the order. The pattern is older than this category. The vendors who pretend otherwise are betting that buyers will not push on it.

Where bot-first is the right call

Bot-first is not wrong everywhere. There is a real category of customer-facing work where the AI being the named actor is the correct decision. The shared property is that the cost of an AI error is bounded, recoverable, and outside any regulator's interest.

Consumer returns qualify. A customer asks to return a sweater, the AI confirms the order and issues a return label. If it gets it wrong, the customer is mildly frustrated and the refund is reversible. No regulator cares. No human carries liability. Sizing widgets, FAQ deflection, low-stakes social DMs, B2B lead qualification, post-purchase upsells: same shape, same carve-out. Bot-first is the right call.

The mistake is when a vendor whose stance was built for consumer returns sells the same posture to a healthcare intake team, a claims operation, a legal-ops practice, or a field dispatcher. Sierra, Decagon, Ada, and Fin all ship credible products. None of their marketing surfaces meaningfully distinguishes the two domains. The audit-row question is the buyer's tool for making the distinction themselves, before the mismatch shows up in a compliance review eighteen months into a deployment.

What to demand in the response

Follow the audit-row question with four concrete demands. Each tests a different vertebra of the same spine.

Show me a sample audit row in my CRM, not in your dashboard. An operator-led vendor can do this live, by pulling up a Salesforce or HubSpot record and pointing at the actor field. A vendor who pivots to their own platform UI is telling you, quietly, that the audit story lives in their cloud rather than in the system of record you already use. The pivot is the answer.

What CRM permissions does the AI use? Operator-led architectures run the AI on the operator's credentials, scoped to that operator's permissions. Bot-first architectures usually run the AI under a separate service account with broad permissions, which is honest about the AI being the actor. Ask the vendor whose token is on the wire when the AI hits the CRM. The answer is in the scope list.

When the AI escalates, whose name persists in the audit chain? Operator-led architectures keep the human-to-human chain unbroken, with the AI annotated alongside each handoff. Bot-first architectures often write the AI as the actor through the autonomous phase and then write a human only at the moment of intervention, with no continuity across the seam. Ask to see the row sequence for a real escalated case.

Who signs the AI-fired action? In regulated work, signature semantics matter. A pharmacist's name appears on a prescription because they signed it. The operator-led answer is that the AI proposes, the operator confirms with a one-click signature, and the row records the operator's signature as load-bearing. The bot-first answer is that the AI fires autonomously and the operator is, at most, a watcher who could have intervened. The compliance officer cares which story the row tells. The marketing surface usually does not.

The pivot to a vendor dashboard is the answer. So is the silence when you ask whose token is on the wire when the AI hits your CRM.

The operator-led litmus test

Every other architectural question in a CX-AI procurement cycle flows from this one. Data residency: if the row is in the buyer's CRM, the data lives where the buyer's compliance posture already accounts for it; if it is in the vendor's dashboard, the buyer has a second residency to defend. Model swap-ability: an operator-led architecture treats the model as a swappable layer because the operator's authority is the constant; a bot-first one is harder to migrate because switching models changes the actor. Compliance certification: SOC 2, HIPAA, and the EU AI Act all read more cleanly against an operator-led posture, because the human-in-the-loop story is what auditors are trained to evaluate.

The audit-row question is the litmus test. A vendor whose row names the operator has a data residency story, a model story, and a compliance story that hold together. A vendor whose row names the AI will eventually have to bend the other answers around the commitment they made when they decided who the protagonist was.

We expect this question to become standard in regulated-vertical procurement within a year. The vendors who answer cleanly will win those evaluations. The ones who cannot will keep selling into consumer returns, which is a real and defensible market. The buyer's job is to know which market the vendor is built for. Ask the question first, listen to the thirty seconds that follow, and the rest of the evaluation gets easier.

Read the full guide

Operator-led AI

The architectural choice to keep your team as the protagonist and the AI as their amplifier. The category lens Vorel was built around.

Read the guide

The next call doesn’t have to go to voicemail.

Book a thirty-minute demo. We point Vorel at one of your real numbers on the same call.