One says "spoken words cannot be trusted," the other says "the tool in use may disappear at any time"—trust is broken on both ends.
Two things happened this week, each seemingly minor on its own, but together they are somewhat unsettling.
One is that KPMG withdrew an AI report—because the collaborative cases claimed in the report were collectively denied by the involved institutions, and GPTZero detected that the content was AI-generated. The other is that Anthropic's Fable 5 and Mythos 5 models were issued an export control order by the U.S. government on the grounds of "national security," making them inaccessible to non-U.S. users worldwide within hours.
One is AI "lying," and the other is AI "could be taken away at any time." Both threads point to the same thing—the foundation of trust in enterprise AI. One trusts the content, the other trusts the availability. And since both threads are problematic at the same time, I think it's worth a serious discussion.
1. KPMG Withdrawal Report: System was written, but acceptance was not maintained
Let's start with the KPMG matter. Last October, KPMG released a report titled "Redefining excellence in the age of agentic AI," which sounds quite impressive. The report stated that four institutions—UBS, the UK's NHS, Swiss Federal Railways, and Transport for London—were using a certain AI solution. But this week, all four institutions came forward to deny it: we never used this, what exactly did you write?
GPTZero detected the report and determined that multiple sections were AI-generated.
KPMG's response is "under investigation," while emphasizing that there are internal AI usage guidelines.
But that's the problem—the system was in place, yet the report was still sent out. What does that mean? It means the verification process has essentially failed. You can have a hundred-page AI usage policy, but if the final deliverables are not fact-checked—especially for external cases—then the policy is just something hanging on the wall.
And this is truly not an isolated case. Last month, EY also withdrew a report, likewise due to suspected AI hallucinations and false footnotes. Two of the Big Four have already been affected.
You might say, this is just a problem for consulting firms—what does it have to do with me? It has a lot to do with you. Many companies' strategic planning, market research, and supplier evaluations all reference these reports. If even the Big Four can't control AI hallucinations, how confident are you that the plans, summaries, and client reports written by AI in your team don't have the same issues?
My judgment on this matter is: This is not a problem of "AI being unreliable," but a problem of "people not providing a safety net at critical points." That AI can hallucinate is something everyone has known for a long time. The real issue is—in your workflow, is there a step specifically designed to verify the key facts produced by AI? If not, then no matter whether your AI is GPT-4, Claude, or Gemini, it's only a matter of time before something goes wrong.
2. Fable 5 Banned: The Tools You Use May Disappear Overnight
If the KPMG incident was about "AI-generated content being untrustworthy," then the Fable 5 incident is on another level—"the AI tool you rely on itself may become unavailable at any time."
On June 12, the U.S. government issued an export control order on grounds of "national security," requiring the suspension of all foreign access to the Anthropic Fable 5 and Mythos 5 models. The reason given was the discovery of a "jailbreak" method that could potentially be used to obtain cyberattack information.
Anthropic immediately issued a lengthy rebuttal but had to comply. Within hours, non-U.S. users worldwide—including enterprise customers in Europe and Asia—were unable to access these two models.
Another detail: According to reports, Amazon CEO Andy Jassy directly raised this matter with the Treasury Secretary, which triggered this control order. The CEO of a cloud provider pushed for export controls on the model of another AI company—this scenario itself is quite worth pondering.
The actual impact on businesses is this: If you are a European or Asian company, and one of your core business processes has already been integrated with Fable 5—such as automated contract review, customer service, or data analysis—then you open the system that morning and find that the interface is reporting errors. It's not a slowdown, not rate limiting, but directly unavailable. And you don't know when it will be restored, or even if it will be restored.
This is what is truly unsettling. It’s not that a specific model has been blocked, but that you suddenly realize—your most core AI capabilities are not truly under your control. They reside on someone else’s servers, governed by someone else’s policies, and you are merely a “user.”
3. Trust is broken on both sides
Putting these two things together, you will find that the trust chain of enterprise AI has cracks at both ends.
On one end is content trust—can AI-generated content actually be reliable? The KPMG case shows that even large companies with systems and review processes in place can still let AI hallucinations slip through all the way to the client. You think your organization wouldn't make this mistake? KPMG thought so too.
On the other end is trust in tools—how reliable is the AI service you rely on? The case of Fable 5 shows that even if the provider itself wants to offer you service, a single geopolitical order can instantly cut off the service. You think signing an enterprise contract guarantees security? Contracts cannot override national security reviews.
When both ends are unstable, any business process you build in the middle will have a shaky foundation.
I think this is the signal truly worth paying attention to this week. It’s not that AI has another bug, nor that some government has imposed sanctions again—it’s that the trust infrastructure for enterprise AI is not yet ready to support production-grade applications. Right now, many enterprises adopting AI is like building a skyscraper on the beach—the building goes up, but what happens when the tide comes in?
Practical advice for Odoo users and SME managers
After all this discussion, let's talk about something actionable. If you are an Odoo user or a manager of a small or medium-sized enterprise, and you are integrating AI into your business processes, I suggest you do these things right now:
First, add a "fact-checking gate" to all AI-generated content. There's no need for complex processes—start with the most important content: client-facing proposals, externally published reports, and data involving third parties. The rule is simple: any key statement generated by AI regarding external organizations or external data must be verified against the original source by a human. If the original source cannot be found, delete it or mark it as "pending verification." This single rule can prevent 90% of KPMG-style mishaps.
Second, core business processes must never rely on just one AI vendor. The Fable 5 shutdown incident teaches us that a single point of dependency on an AI service is a single point of failure. If your ERP automation process only connects to Claude, and Claude goes down, your entire operation stops. In practice, prepare at least two options: use one as the primary and another as a backup, ensuring the switching cost is within your acceptable range. In Odoo, this means your AI integration module should be designed to be replaceable—using a unified interface layer rather than hardcoding calls to a specific model into the business logic.
Third, establish your own "AI availability monitoring". You monitor server uptime, and you should also monitor the availability of AI services. The simplest approach: run a test request every day, recording response time and success/failure status. Once an anomaly occurs, your alerts should precede user tickets. If your Odoo system integrates AI features—such as smart search, automatic classification, report generation—the availability of these features should be monitored just like database availability.
Fourth, review all AI-related contract terms again. Focus on three things: whether the Service Level Agreement (SLA) includes a "force majeure" fallback clause, which jurisdiction the data is stored in, and whether there are any commitments regarding model availability. If none of these are present, then your relationship with the supplier is essentially "best effort"—if something goes wrong, you'll have to bear the consequences on your own.
Four things boil down to one core word: check. Check facts, check alternatives, check availability, check contracts. Enterprise AI has now passed the stage of "just being usable." Whether it can be trusted and whether it can be stable are far more important than whether it can be used.
