M-26-10 Is FITARA for AI, and the Hardest Part Won't Show Up in a Contract Search

Your CIO buyer's first M-26-10 reporting deadline is Saturday. OMB Memo M-26-10, issued March 31, requires agency CIOs at CFO Act agencies to submit details on all IT contracts they personally approve, plus contracts approved by a delegee that touch public-facing digital services. Reports go to OMB by the 10th of each month, starting this month, through October 2026. The first is due May 10.

The memo covers IT broadly. AI isn't singled out. There's no AI-specific reporting category, no field in the submission that forces the CIO to flag which contracts contain AI capabilities versus conventional IT. That matters. AI is where the inventory problem gets structurally hard, and the reporting template itself won't make the CIO confront it. The hardest part connects to the identity layer in a way your buyer almost certainly hasn't mapped yet.

You've sold through this movie before

FITARA forced CIOs to assert authority over IT spending that had drifted to component offices and program managers buying technology without CIO visibility. The mechanism was simple: if the CIO doesn't know about the contract, the CIO can't govern the spend.

M-26-10 is the same structural play. Emily Murphy, former GSA administrator and now a senior fellow at George Mason's Baroni Center, told Federal News Network in April that the memo's first part:

Murphy is characterizing the memo's implied intent, not quoting it. Worth noting because it's the same reasoning your buyer is doing right now. Federal News Network is the most reliable beat source for federal acquisition policy; Murphy's reading carries weight given her GSA tenure.

The FITARA precedent is useful because it's quantified. GAO reviewed fiscal 2016 contracts at 22 agencies and found agencies missed $4.5 billion in IT contract obligations across 31,493 contracts they hadn't identified as IT-related. Eight agencies failed to identify over 40% of their IT contract obligations. The miss rate was highest where program offices were responsible for self-identifying whether a procurement was IT-related. (That's a decade-old benchmark, not a current number. But the structural finding holds: self-identification by program offices is the weakest link in IT contract visibility, and FITARA proved it empirically.)

Your buyer has been here before. You can't govern what you can't see, and the people closest to the purchase are the worst at categorizing it.

Where the bridge stops bearing weight

This is where your FITARA intuition helps. This is where it starts to mislead you.

FITARA's visibility gap was about contracts the CIO didn't know existed. Standalone IT purchases made by component offices, outside the CIO's approval chain. The fix was procedural: route the contracts through the CIO. Hard to implement, conceptually clean.

The AI version is harder because the contracts already exist, the CIO already approved them, and the AI showed up later.

Three examples from the past year:

Microsoft 365 Copilot. GSA brokered a OneGov agreement with Microsoft giving existing G5 license holders access to Copilot at no cost for up to 12 months. An agency that opts in accesses AI through its existing Enterprise Agreement. No new contract for "artificial intelligence services." As of April 2026, Microsoft continues expanding Copilot capabilities across GCC, GCC-High, and DoD via platform updates, including new Analyst and Researcher agents. Microsoft's own framing: "Delivering Copilot to U.S. Government clouds is a journey, not a single moment." No separate procurement action per update.

ServiceNow Now Assist. GSA's OneGov deal with ServiceNow offers agencies up to 70% off upgrades to ITSM Pro Plus, which bundles Now Assist — ServiceNow's agentic AI layer — into the upgrade. The procurement record shows an ITSM contract modification. Not an AI services procurement.

Salesforce Agentforce. Salesforce launched its Einstein 1 AI platform for government in 2024, then renamed Einstein Copilot to Agentforce in January 2025 with no functionality changes. (The rename is documented in Salesforce's own release notes; the federal launch was reported by FedScoop.) Federal agencies with existing CRM contracts had AI features embedded in their deployments. Subsequent platform releases added more capabilities. No new contract action required.

A CIO searching contracts for "artificial intelligence" will find standalone AI procurement vehicles. They will not find AI embedded in an ITSM upgrade, a collaboration suite rollout, or a CRM platform update. Brookings examined the structural reason: federal authorization frameworks — FedRAMP, ATO processes, FAR — were designed around static software, and the rapid pace of AI development strains all three. The implication I'd draw from their analysis, though Brookings doesn't state it this directly: the original ATO was granted for the platform, and AI features arriving via continuous updates often don't rise to the level of a "major change" that would trigger a new authorization or contract action.

The CIO's M-26-10 inventory will have a hole in it. Nobody's hiding anything. The procurement system simply wasn't designed to surface capabilities that arrive as feature updates to already-authorized platforms.

The access inventory nobody asked for

The contract inventory problem has a twin that lives in the identity layer, and this is where you can actually move the conversation forward.

When Copilot activates inside M365, it accesses email, calendar, Teams, and SharePoint data through Microsoft Graph API permissions that were already granted to the M365 service. Those permissions were provisioned for the collaboration suite, not for an AI capability that reads across all of it. When Now Assist activates inside ServiceNow ITSM, it accesses workflow data through service account permissions granted to the ITSM platform. The access path predates the AI feature.

The CIO's office may be building a contract inventory to satisfy M-26-10 while having zero visibility into which AI-related API scopes and OAuth grants exist at the component level. The contract search misses the AI. The access review also misses it, because the service account or OAuth grant was provisioned for the underlying platform, which happens to now include AI.

CISA's joint guidance on agentic AI, released April 30 with NSA and Five Eyes partners, names this risk explicitly:

(This is a Five Eyes consensus document co-authored by CISA and NSA. It carries real weight for federal buyers.)

The guidance is good. But here's what I couldn't find, and I looked: no federal source has connected the M-26-10 contract reporting obligation to an access inventory for OAuth grants, API scopes, or service account permissions. OMB's memo doesn't mention access governance. CISA's guidance doesn't reference CIO reporting obligations. The GAO report on AI acquisitions from April identifies procurement challenges but doesn't address embedded-AI visibility or connect contract documentation to access governance.

Two workstreams running in parallel, unlinked. Contract inventory on one track. Access governance on another. The AI capabilities that are hardest to find in the contract search are the same ones whose access permissions are hardest to find in an identity review, for the same structural reason: they inherited their access from a platform the agency already trusted.

The tooling to connect these workstreams is starting to exist. Okta's Identity Security Posture Management can discover AI agents operating within managed and unmanaged apps, including detection of OAuth signals from tools like Salesforce Agentforce, and assess their permissions and impacted resources. That's the right category of capability. Whether it covers every platform and every embedded-AI scenario your buyer faces is a conversation worth having honestly.

The question for your next conversation

If you're talking to a CIO or CAIO working on M-26-10 compliance:

The answer is almost certainly that they're separate. Which makes sense, given how the federal guidance is structured right now. But the CIO who connects those two workstreams has something the CIO who doesn't will eventually need: a way to govern AI capabilities that don't look like AI purchases and don't surface in access reviews designed for the pre-AI version of the platform.

The contract inventory tells OMB what the agency bought. The access inventory tells the CIO what the agency actually turned on. M-26-10 requires the first. The second is where identity infrastructure does governance work. Right now, nobody's memo requires it.