SME Business Leaders should read this article to:
- Reframe AI as strategic capital
- Learn to monetize AI investments
- Understand IP protections for AI assets
- Improve investor confidence and valuation
- Implement a 90-day AI governance plan
Legal Advisors should read this article to:
- Build layered AI IP strategies
- Draft enforceable AI licensing contracts
- Guide SMEs on IP audits and filings
- Navigate AI-related legal risk exposure
- Align governance with evolving regulations
Expert Voices
- James E. Malackowski
James leverages his role as J.S. Held’s Chief Intellectual Property Officer and decades of experience valuing intangible assets to frame AI systems as recognizable capital on SME balance sheets. He connects IP strategy, accounting standards, and investor expectations to define the AI Capital Stack™ and the governance structures needed to turn AI spend into enterprise value. - Eric Carnick
Eric draws on his background quantifying IP-related economic damages and structuring licensing arrangements to translate the AI as IP™ framework into practical filing, contracting, and monetization strategies for SMEs. He highlights how disciplined portfolio design and risk allocation can protect AI assets while supporting scalable revenue models. - David Ngo
David leverages his experience building financial models for IP valuation to operationalize the article’s AI asset register, audit process, and 90-day implementation roadmap. He illustrates how rigorous data, market, and financial statement analysis can help SMEs measure, report, and communicate the value of their AI portfolios.
Executive Summary
Artificial Intelligence (AI) serves as a double-edged sword, presenting economic risks and the potential to disrupt and harm various industries, while simultaneously enabling significant innovation and growth across many sectors. Yet for small and mid-sized enterprises (SMEs), the economic value of AI systems is often invisible in financial reporting, lacks legal protections, and is under-leveraged in financing and valuation efforts. This practical guide builds on earlier articles in the AI as IP™ series and provides SMEs with a step-by-step framework for identifying, classifying, protecting, and monetizing AI assets.
AI assets can be grouped into five primary categories: Training Data, Model Assets, Algorithmic Frameworks, Computational Infrastructure, and Deployed Applications. In the following sections, we explain how to recognize the asset, protect it under appropriate IP strategies, and extract measurable economic returns. We conclude by positioning AI as a new form of enterprise capital—an identifiable, controllable, and monetizable intangible asset that should be listed on balance sheets—and by providing SME executives with a “how-to” manual for converting AI innovation into defensible value and investor confidence.
Introduction: Turning AI from Expense into Capital
In recent years, AI has changed how businesses create, deliver, and capture value.1 And yet most SMEs continue to treat AI investments as an operational expense rather than strategic capital.2 This mindset obscures the true value of AI projects, limits their protection under law, and diminishes access to financing or M&A acquisitions.
Larger corporations have the capital to retain IP attorneys, accountants, and data scientists with the express purpose of managing AI assets as a part of their broader intangible capital portfolio. SMEs rarely have this luxury.3 Instead, they need to adopt a focused, efficient approach towards keeping track of AI assets, securing appropriate protections, and establishing systems for ongoing valuation and governance.
When properly classified and protected, AI assets can meet international accounting standards for recognition as intangible property under IAS 38, satisfying the tests of identifiability, control, and future economic benefit.4 AI systems can then be amortized, insured, licensed, and sold, thereby capitalizing on innovation from a sunk cost into balance-sheet strength. This shift also enables SMEs to speak the same financial language as investors, acquirers, and regulators, bridging the current AI recognition gap between market value and book value.5
AI Asset Framework for SMEs
AI components should be classified into discrete, ownable categories. Without a standardized taxonomy, protection and valuation can be inconsistent and incomplete. The following tables can serve as a practical “AI Asset Framework” for SMEs, comprised of five primary categories and supported by five secondary categories:
Table 1: Primary Asset Categories
| Training Data Assets | Curated datasets, inputs, and data pipelines forming the raw material of AI. |
| Model Assets | Trained architectures, weights, embeddings, and fine-tuned networks that convert data into value. |
| Algorithmic Frameworks | Reusable code logic, optimization routines, and orchestration layers that define how AI operates. |
| Computational Infrastructure | Hardware, middleware, and orchestration systems that enable scalable AI performance. |
| Deployed Applications | User-facing implementations that deliver AI-driven value to customers, employees, or partners. |
Table 2: Secondary Asset Categories
| Synthetic Data Generators | AI systems that create privacy-preserving or domain-balanced datasets. |
| Prompt Libraries and Retrieval-Augmented Generation (RAG) Architectures |
Retrieval and interaction layers linking language models with knowledge bases. |
| Evaluation and Benchmarking Systems |
Mechanisms for measuring model accuracy, fairness, and explainability. |
| Autonomous Agent Frameworks | An orchestration system enabling AI to act independently or collaborate with other agents. |
| AI Governance and Risk Models | Protocols ensuring responsible and compliant AI development and deployment. |
These ten categories, when combined, can constitute an AI Capital Stack™, a conceptual model for organizing the technological, legal, and financial layers of AI enterprise value. Each layer supports the succeeding layer: data feeds models, models rely on algorithms, algorithms that require infrastructure, and all converge into products deployed for business and consumers.
Understanding this hierarchy of assets can help SMEs map each technical component to specific IP protections. For example, copyright for code, patents for innovations, trade secrets for proprietary processes, trademarks for deployed products, and contracts for legal enforcement. The following sections describe each primary AI asset category in detail and with examples, supporting relationships, and recommended protection strategies.
Training Data Assets
Definition and Strategic Importance
Training Data is the foundational layer of any AI system: it defines the boundaries of what a model can learn, predict, or create.6 Data quality and exclusivity often represent the single most defensible differentiator for SMEs. Proprietary datasets, which are often collected from business operations, customers, and partners, can constitute an enduring competitive advantage with the proper protections and utilization.
Data becomes commercially valuable in three ways: uniqueness, curation, and continuity.7 Uniqueness differentiates proprietary data from legally accessible sources. Good curation can help ensure the data is clean, labeled, and relevant. Continuity refers to collecting and updating data, which can help to maintain its relevance and economic value over time. Together, these qualities can meet the accounting tests of identifiability and control required under IAS 38, thereby qualifying Training Data as a recognizable intangible asset.
Table 3: Training Data, Practical SME Examples
| Retail Analytics SME | A mid-sized retail data firm compiles multi-year point-of-sale data across independent stores, cleaning and labeling it to reveal hyperlocal purchasing trends. The dataset is then licensed to national chains. |
| Healthcare Startup | A diagnostic firm builds anonymized patient datasets that integrate radiology and genomic data under the Health Insurance Portability and Accountability Act (HIPAA) compliant governance. This dataset serves as the foundation for an AI disease prediction engine. |
| Manufacturing Company |
A family-owned manufacturer deploys IoT sensors to collect equipment telemetry data. The dataset supports predictive maintenance analytics, reducing downtime and enabling future licensing to other facilities. |
Table 4: Training Data, Supporting Categories
| Synthetic data generators may be carefully considered for augmenting sparse or sensitive datasets while preserving privacy. |
| Prompt Libraries and RAG Architectures enable better data retrieval for model retraining. |
| AI Governance Models document compliance, audit trails, and consent provenance. |
Table 5: Training Data, Protection Strategies
| Copyright | Protects creative labeling schemas, annotations, and expressive database organization. |
| Trade Secrets | Safeguards proprietary curation processes, preprocessing pipelines, and data lineage documentation. |
| Contracts | Data-sharing agreements and non-disclosure agreements (NDAs) restrict unauthorized replication or derivative use. |
| Patents (Limited) |
Occasionally applies to novel data processing systems or anonymization techniques. |
Practical Advice for SMEs
SMEs should treat Training Data as an owned asset; maintain metadata logs, version histories, and a chain-of-custody record to establish provenance. Use restricted-access repositories with encryption and watermarking, and require third-party contributors to sign data contribution and confidentiality agreements with respect to ownership rights. Whenever feasible, secure data insurance or indemnity coverage for breach of contract or misuse exposures.
Model Assets
Definition and Strategic Importance
Model Assets include trained neural networks, embeddings, weights, and architectures that apply data to provide actionable insight.8 They embody both creative design and empirical learning, representing a hybrid of software and proprietary know-how. For some SMEs, these assets can represent high revenue potential through licensing opportunities, SaaS platforming, and embedded analytics for client products.
Model Assets can meet all four accounting criteria for intangible recognition: they are identifiable (distinct from hardware), controlled (via access credentials or hosting environments), measurable (based on reproducible performance), and yield future economic benefit (through use or licensing). The value of Model Assets can scale exponentially when integrated with proprietary data or domain-specific tuning.9
Table 6: Model Assets, Practical SME Examples
| FinTech Company |
A regional lender develops an AI model that predicts creditworthiness based on behavioral and transactional data, outperforming conventional FICO scoring. |
| Legal Technology |
Builds a Natural Language (NLP) Model for automatic contract clause comparison, fine-tuned on proprietary case data. |
| Logistics SME | Trains a predictive model that forecasts delivery delays using weather and GPS inputs, later licensed to multiple courier partners. |
Table 7: Model Assets, Supporting Categories
| Evaluation Systems benchmark accuracy, latency, and robustness. |
| Prompt Libraries enhance interpretability and explainability. |
| Governance Models document retraining protocols, performance thresholds, and ethical use policies. |
Table 8: Model Assets, Protection Strategies
| Patents | Protects model code and documentation. |
| Trade Secrets | Covers model weights, hyperparameter tuning, and fine-tuning datasets. |
| Copyright | Protects model code and documentation. |
| Contracts | Used for API-based access licensing, inference-as-a-service, and model performance Service Level Agreements (SLAs). |
Practical Advice for SMEs
SMEs should retain internal ownership of trained model weights and deploy them via secure APIs or on-premise containers, rather than through direct code transfers; file provisional patents for new model architectures or inference efficiencies to preserve early rights and defer costs; and document version control using reproducible training logs. If models are fine-tuned from open-source bases, SMEs should maintain compliance records to provide derivative legitimacy.
Algorithmic Frameworks
Definition and Strategic Importance
Algorithmic Frameworks represent the “logic layer” behind AI: the reusable code, optimization engines, and orchestration modules that determine how models are trained and deployed.10 For SMEs, frameworks may be the most scalable and licensable form of IP because they have the potential to be applied across multiple industries.
These frameworks are often the foundation for Software as a Service (SaaS) offerings, enabling modular configuration and integration with client systems. They can also embody operational experience—the heuristics, efficiency improvements, and workflows refined through years of practice and development. As such, they can be technically and economically defensible as tangible assets.
Table 9: Algorithmic Frameworks, Practical SME Examples
| Quantitative Trading |
Develops a proprietary reinforcement learning engine that autonomously adjusts investment weights in real-time. |
| E-Commerce | Utilizes an adaptive pricing algorithm that balances profitability with customer retention. |
| Energy Technology |
Implements an AI control system for smart grid load management, reducing energy volatility through predictive modeling. |
Table 10: Algorithmic Frameworks, Supporting Categories
| Evaluation Systems validate algorithm performance, speed, and interpretability. |
| Autonomous Agent Frameworks extend the logic to dynamic multi-agent systems. |
| Governance Models ensure transparency and compliance with explainability standards. |
Table 11: Algorithmic Frameworks, Protection Strategies
| Copyright | Safeguards source code implementations and related documentation. |
| Trade Secrets | Protects unique parameter-tuning processes, heuristics, and efficiency improvements. |
| Contracts | Defines ownership in collaborative development and restricts redistribution in SaaS models. |
| Patents | Secures novel algorithmic methods, optimization strategies, and orchestrations. |
Practical Advice for SMEs
Document an algorithm’s evolution: the inputs, outputs, revisions, and responsible engineers. Apply version control with immutable audit trails. For complex systems, file defensive patents covering key methods and preserve undisclosed elements as trade secrets. Use clear employment IP assignment agreements to ensure company ownership of algorithms. To maximize return on investment (ROI), periodically assess algorithmic frameworks for potential reuse across new products.
Computational Infrastructure
Definition and Strategic Importance
Computational Infrastructure encompasses the full technology environment that enables AI functionality—from physical hardware to the orchestration layers that manage deployment and deliver results.11 This can represent a hidden yet critical asset for SMEs: proprietary configurations, cost optimization architecture, or security mechanisms that distinguish their AI capabilities from commodity solutions.
Unlike general IT systems, AI infrastructure includes data pipelines, model serving frameworks, GPU orchestration, and edge deployment architectures.12 Each can contribute directly to the operational value and performance of AI solutions. When properly documented, such systems can meet the accounting tests of identifiability and control under IAS 3813, and can thereby qualify as intangible assets.
SMEs may be prone to underappreciating their infrastructure value because they are embedded in technical operations rather than IP filings. Yet distinctive systems architecture—when it enables new levels of efficiency, compliance, or performance—can be protected and monetized.
Table 12: Computational Infrastructure, Practical SME Examples
| Edge AI Integration | A mid-sized manufacturer develops an edge inference pipeline running machine-vision models locally on IoT devices, reducing latency and bandwidth costs. |
| Hybrid Cloud Architecture |
A health analytics SME builds a privacy-preserving cloud platform ensuring that patient data never leaves its secure domain while still supporting AI model training. |
| Energy Optimization Platform |
A data center management company uses AI-driven GPU orchestration to balance computational load and reduce energy consumption. |
Table 13: Computational Infrastructure, Supporting Categories
| Autonomous Agent Frameworks automate workload scheduling and scaling. |
| Evaluation Systems benchmark throughput, latency, and resilience. |
| AI Governance and Risk Models oversee system reliability and data security compliance. |
Table 14: Computational Infrastructure, Protection Strategies
| Copyright | Protects infrastructure code, orchestration scripts, and system design documentation. |
| Trade Secrets | Safeguards architecture diagrams, scaling algorithms, and performance tuning parameters. |
| Contracts | Cloud service agreements, uptime SLAs, and cybersecurity clauses define rights and liabilities. |
| Patents | Protects innovations in orchestration methods, containerization workflows, or system performance optimizations. |
Practical Advice for SMEs
SMEs should document every infrastructure component as part of an “AI Architecture Register” to ensure systematic documentation and inventory of AI assets.14 This can include diagrams, data flows, and deployment methods. SMEs should also access logs and cybersecurity protocols as evidence of trade secret diligence, and file provisional patents for proprietary orchestration or automation tools that demonstrably improve efficiency or compliance.
SMEs should also consider insurance coverage for business interruptions or cyber liabilities to protect against outages or breaches that could compromise AI operations. To further support Environmental, Social, and Governance (ESG) reporting, SMEs can also establish monitoring dashboards that track performance, cost, and environmental impact.
Computational Infrastructure, when treated as an IP asset, enables reliable AI delivery and can signal to investors that the organization possesses mature operational control, which can be a key indicator of scalability and valuation readiness.15
Deployed Applications
Definition and Strategic Importance
Deployed Applications are the visible interfaces through which users utilize AI.16 They apply the upstream components—the data, algorithms, and infrastructure—into commercial outcomes. These applications can often be the primary source of revenue for SMEs and the most publicly recognizable form of IP.
Examples of Deployed Applications can include conversational bots, predictive dashboards, generative design tools, and embedded AI modules. These products embody not just code but also brand identity, user experience, and data-driven differentiation. Therefore, Deployed Applications can often meet all IP protections tests and be commercially licensed.
Table 15: Deployed Applications, Practical SME Examples
| Conversational Interface | A consulting firm develops an AI chatbot that provides regulatory compliance guidance to clients in real time. |
| Generative Design Tool | An architecture SME deploys an AI system that creates adaptive building layouts based on site and client preferences. |
| Predictive Dashboard | A logistics analytics company offers a subscription-based interface forecasting delivery delays and route risks. |
Table 16: Deployed Applications, Supporting Categories
| Prompt Libraries and RAG Architectures supply context for user queries and improve response precision. |
| Autonomous Agent Frameworks enable actions such as automatic reporting, alerting, or workflow triggers. |
| AI Governance Models monitor user interaction quality, safety, and compliance with ethical guidelines. |
Table 17: Deployed Applications, Protection Strategies
| Copyright | Protects user interface design, code, and graphical layout. |
| Trade Secrets | Protects backend integration logic, deployment processes, and performance data. |
| Contracts | Governs licensing, API access, and terms of use. |
| Patents | Covers novel user interaction methods, automation flows, or technical integration processes. |
| Trademark | Safeguards product names, logos, and taglines, reinforcing customer trust. |
Practical Advice for SMEs
SMEs should register trademarks for any branded AI products to preempt competition, create End-User License Agreements (EULAs), and formalize their Terms of Service to define acceptable AI use, user data handling, and liability limitations. Feedback loops should also be established to collect performance data and enable iterative improvements to the model. SMEs can then implement usage monitoring systems to detect misuse or unauthorized reselling. Finally, all Deployed Applications should be tied to trademarks and corporate brand narratives to link their technology to identity.
Aside from generating revenue, Deployed Applications can also carry reputational significance for a firm by being the tangible proof of AI maturity, and the bridge between technical innovation and user trust. Protecting these assets with layered IP and brand strategies is becoming increasingly essential for both monetization and market credibility.
Building an AI IP Portfolio for SMEs
Overview and Strategic Objective
A well-structured AI IP portfolio should be made with the aim of applying a firm’s innovations into measurable enterprise value. For SMEs, this means systematically identifying, documenting, protecting, and valuing AI assets using a disciplined combination of legal and accounting tools. Unlike with large corporations, which can fund dedicated legal teams to manage complex patent estates, SMEs may need to deploy leaner strategies to achieve coverage without unnecessary costs or delays.
An effective IP portfolio should be layered, dynamic, and aligned: layered in that each AI component is protected under multiple IP regimes; dynamic17, where protections evolve as technologies are refined; and aligned with both commercial strategies and investor expectations.
Conducting an AI IP Audit
The first step is to create an inventory and map of all AI-related assets. SMEs should use a structured audit template that lists the following:
- Data sources and ownership status
- Models and codebases
- Algorithmic components and dependencies
- Deployment environments
- Customer-facing applications
Each of these line items should specify whether IP protection exists and whether additional filings or controls are needed. This can also serve to help identify orphan assets—such as technical outputs with no formal protections—and other forms of underutilized or under-documented IP assets.18
Establishing IP Filing Hierarchy
Once inventoried, assets should be prioritized based on commercial impact and risks of imitation. For most SMEs, the following hierarchy may apply:
Table 18: IP Filing Hierarchy
| Patents | Can protect differentiating technical methods or architectures that confer market advantage. |
| Trade Secrets |
Can protect training data, model weights, and process pipelines that lose value if disclosed. |
| Copyrights | Can protect code, interfaces, and documentation. |
| Trademarks | Can build trust and consumer recognition for deployed AI products |
| Contracts | Can govern collaboration, access, and enforcement, often acting as the glue between all other rights. |
IP Valuation: Accounting and Market Approaches
AI asset valuation should integrate both accounting recognition and market comparables. Under IAS 38 / ASC 350, internally developed AI assets can be capitalized if they meet tests for identifiability, control, and future economic benefit.19 Development costs can be amortized over their expected lifespan. Market valuation methodologies, comparable licensing transactions, or contribution margins from deployed applications may further help to establish fair market value.20
Conducting this form of hybrid valuation model can provide SMEs with defensible figures for financial statements, insurance, and M&A negotiations.
Continuous IP Portfolio Management
AI IP management is an iterative process. SMEs should review their portfolio quarterly, retire obsolete patents, refresh trade secrets documentation, and align filings with new releases. IP should also be integrated with business development and support commercial growth. By treating IP as an internal ecosystem rather than a static set of filings, SMEs can sustain a competitive advantage in an environment where AI continues to evolve.
Contractual Architecture and Licensing Models
Contracts are the operational infrastructure of IP strategy; they ensure that AI assets are properly licensed, controlled, and monetized while managing legal exposure. Strong contract frameworks can provide practical enforceability at minimal costs. A coherent contractual architecture should encompass data rights, model access, joint development, and commercial licensing. Each would need to be built upon clear definitions with respect to ownership, confidentiality, and liability.
Data Use and Access Agreements
Data agreements should explicitly define the following:
- Ownership of raw and derived data
- Permitted use (e.g., for training, testing, or commercialization)
- Duration of access
- Obligations for deletion or anonymization
Sample Clause:
“All data shared under this Agreement remains the exclusive property of the Disclosing Party. The Receiving Party shall not use the data, in whole or in part, for purposes other than model training and validation as expressly permitted herein. Any derivative models trained using the data shall remain the sole property of the Disclosing Party unless otherwise stated.”
For SMEs, standardized templates can simplify deal execution while preserving legal enforceability.
Model and API Licensing Agreements
AI modeling can typically take on one of the following three forms:
- Inference Licensing: The licensee calls the model through an API and pays for each use, or through a subscription.
- Model Transfer Licensing: The licensee receives a full model (the weights and code) under strict restrictions
- Embedded Licensing: The model is embedded into a larger solution or device.
Joint Development and Collaboration Agreements
In co-development settings, such as SMEs partnering with clients or spun off from university settings, a clear allocation of ownership can help prevent future disputes.
Sample Clause:
“All Background IP shall remain the property of the respective Party. Foreground IP developed jointly shall be owned equally unless a Party provides more than 50% of funding or technical contribution, in which case ownership shall be proportionate to contribution as agreed in writing.”
Risk Allocation: Warranties, Indemnities, and Liability
Contracts must allocate risk explicitly. Key provisions can include:
- Performance Warranties: Define what is (and is not) guaranteed.
- Indemnification: Require the supplier to defend against third-party IP infringement claims.
- Limitation of Liability: Caps damages to a predictable amount.
Sample Clause:
“Licensor’s total aggregate liability under this Agreement shall not exceed the total fees paid in the preceding twelve (12) months. Licensor disclaims any warranty of uninterrupted or error-free operation.”
When outputs from AI systems are probabilistic, such disclaimers are essential to maintaining commercial viability.
Commercial Licensing Models for SMEs
Licensing is the bridge between IP protection and monetization. Common SME models include:
- Enterprise Licensing: Fixed-fee internal use with scalability clauses.
- Original Equipment Manufacturer (OEM) / White Label Licensing: Embedded model licensing for third-party resale.
The chosen licensing model should align with IP protection strategies. Trade secrets can support SaaS, patents can enable OEM, and trademarks can contribute to white-label branding.
Contract Governance and Enforcement
All agreements should be indexed to an AI Contract Register that is cross-referenced with IP audits. Enforcement mechanisms, such as termination clauses, monitoring rights, and auditing provisions, should become a standard practice of business. SMEs can use automated contract lifecycle management software to maintain compliance efficiently.21
Practical Takeaways
Contracts are more than mere legal formalities. A disciplined contractual ecosystem, developed from modular and standardized templates, can enable SMEs to scale AI monetization while also protecting core assets from leakage or misuse.
Governance, Risk, and Compliance
The Need for AI Governance
AI governance is the final layer of the AI capital stack. This refers to ensuring that every AI asset is managed responsibly, transparently, and in accordance with the law and business ethics. For SMEs, governance may sound like a burden reserved for larger enterprises, but it can be one of the most cost-effective forms of risk insurance an emerging company can consider.
Governance structures do not need to be complex. Developing a hierarchy of responsibilities—Board Oversight, Executive Management, and Technical Stewardship—should be sufficient and scalable for most SMEs. The board sets AI policies and risk tolerance; executives allocate resources and ensure compliance; and technical leaders monitor performance, bias, and data integrity. These three aspects of AI leadership within a firm can ensure accountability without excessive bureaucracy or overhead costs.
The Governance Architecture for SMEs
A practical SME framework can be structured as follows:
Table 19: Levels of Governance for SMEs
| Executive Board | Establishes an “AI and Data Governance Committee” responsible for reviewing ethical implications, regulatory exposure, and major IP filings. |
| Management | The CEO, CTO, or Chief IP Officer (CIPO) oversees AI asset registers, compliance with data laws, and ESG reporting. |
| Operations | Engineers and data scientists implement internal controls, e.g., model versions, data lineage tracking, and validation logs. |
Key Compliance Domains
AI governance intersects with multiple regulatory and ethical domains:
- Data Privacy: Compliance with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), HIPAA, and sector-specific confidentiality rules.
- Explainability and Fairness: Meeting the European Union’s AI Act and National Institute of Standards and Technology Risk Management Framework (NIST RMF) guidelines for transparency and bias detection.
- Cybersecurity: Ensuring the integrity and security of AI pipelines and cloud infrastructure.
- Sustainability and ESG: Measuring environmental efficiency and social responsibility in AI operations.
Adherence to these frameworks will become increasingly essential for SMEs as government agencies and market conditions continue to adopt and fine-tune their standards for compliance.22
AI Risk Taxonomy and Mitigation
AI risks can be grouped into a practical framework for integrating governance into day-to-day operations, each with corresponding mitigation strategies:
Table 20: AI Risks and Mitigation Strategies
| Risk Category | Description | Mitigation Strategies |
| Data Risk | Unauthorized use, bias, or corruption of training data. | Data lineage tracking, access controls, and anonymization. |
| Model Risk | Overfitting, bias, or opacity in model behavior. | Independent validation, benchmarking, and model interpretability tools. |
| Operational Risk |
System failure, downtime, or cyberattack. | Redundant infrastructure, SLAs, cyber-insurance. |
| Legal Risk | IP infringement, liability for AI decisions. | Layered IP protection, contractual indemnities, and regulatory audits. |
| Reputational Risk |
Public backlash, ethical concerns. | Transparent communication, ethics statements, and third-party review. |
ESG Integration
Embedding ESG alignments into AI governance can also mitigate risk, enhance brand trust, and maintain investor confidence.
Table 21: Levels of Governance for SMEs
| Environmental | Energy efficiency of data centers and model training. |
| Social | Fairness, accessibility, and diversity in AI outcomes. |
| Governance | Transparency in data usage and decision logic. |
The AI Governance Checklist
SME boards and executives can follow the checklist below as a roadmap towards robust AI governance:
Table 22: AI Governance Checklist
| Inventory | Have all AI assets been classified and registered? |
| Ownership | Are IP rights and data licenses documented and enforceable? |
| Accountability | Is there clear assignment of AI oversight roles? |
| Compliance | Are privacy, export control, and ethics frameworks met? |
| Testing | Are models periodically validated and bias-tested? |
| Security | Are access, storage, and incident response systems adequate? |
| Transparency | Is AI use being disclosed to customers and employees? |
| Documentation | Are policies, training logs, and governance records retained? |
| Auditability | Can the organization demonstrate control during due diligence? |
| ESG Reporting | Are AI metrics integrated into sustainability reports? |
Conclusion
AI is the new intangible capital of the global economy.23 According to the Boston Consulting Group, AI future-built companies can achieve up to five times the revenue increases and three times the cost reductions from AI implementation—but only 60% of such companies have obtained measurable benefits relative to their investments.24 For SMEs, the challenge is not an issue of technology, but rather effective and proactive management. Applying the proper IP regimes—copyright for creative expression, patents for innovation, trade secrets for know-how, trademarks for identity, and contracts for control—can provide the legal mechanisms by which abstract technologies are recognized as property.
When layered with valuation methods drawn from IAS 38 and market knowledge, this approach can convert AI into capital; when reinforced by governance, it ensures ethics and compliance are aligned with ESG principles. Together, these actions have the capacity to form a sustainable, competitive advantage.
SMEs can aim for a 90-day plan for AI governance, with the first three months focused on transitioning from informal innovations to a structured, monetizable AI capital framework.
The 90-Day Implementation Plan
Days 1–30 – Asset Inventory and Stewardship
- Conduct a comprehensive AI IP audit.
- Assign asset stewardship roles (Data, Model, Algorithm, Infrastructure, Application).
- Create a preliminary AI Asset Register and cross-reference contracts.
Days 31–60 – Protection and Monetization
- File provisional patents or copyright registrations where appropriate.
- Execute NDAs and IP assignment agreements with all contributors.
- Develop model licensing or API monetization plans.
Days 61–90 – Governance and Reporting
- Establish an AI oversight committee or designate a responsible executive.
- Implement the AI Governance Checklist as a recurring process.
- Prepare ESG-aligned AI performance and compliance summary for investors or board review.
AI is not merely code; it is capital. It can be recognized, protected, insured, and monetized like other corporate assets. Organizations that internalize this discipline of AI governance and capitalization will define the next generation of value creation.
1https://www.mckinsey.com/capabilities/quantumblack/our-insights/the-state-of-ai, https://www.bcg.com/publications/2025/are-you-generating-value-from-ai-the-widening-gap, https://cmr.berkeley.edu/2025/08/adoption-of-ai-and-agentic-systems-value-challenges-and-pathways/
2https://news.bloombergtax.com/financial-accounting/accounting-groups-differ-on-tracking-intangible-assets-in-ai-era, https://www.datastudios.org/post/how-to-classify-and-measure-intangible-assets-under-ifrs-and-us-gaap, https://www.spglobal.com/market-intelligence/en/news-insights/research/sme-it-spending-strategies-for-2025-driven-by-ai-adoption
3https://profwurzer.com/navigating-the-labyrinth-ip-management-in-smes/, https://journals.plos.org/plosone/article?id=10.1371/journal.pone.0323249#pone.0323249.ref009
4https://oceantomo.com/insights/ai-as-ip-a-framework-for-boards-executives-and-investors/, https://www.ifrs.org/issued-standards/list-of-standards/ias-38-intangible-assets/, https://kpmg.com/mt/en/home/insights/2021/05/capitalisation-of-internally-generated-intangible-assets.html
6https://www.hitechdigital.com/blog/accurate-ai-training-data-for-machine-learning
7https://www.forbes.com/councils/forbestechcouncil/2025/06/03/the-massive-implications-of-data-becoming-a-commodity/, https://www.ainewsinternational.com/the-data-moat-nobody-talks-about-why-proprietary-curation-is-the-new-competitive-advantage/, https://research.aimultiple.com/data-curation/, https://www.ibm.com/think/topics/data-curation
8https://www.ibm.com/think/topics/neural-networks, https://www.ibm.com/think/topics/embedding
9https://www.ibm.com/think/insights/proprietary-data-gen-ai-competitive-edge
10https://ieeexplore.ieee.org/document/9036442, https://learn.microsoft.com/en-us/azure/architecture/ai-ml/guide/ai-agent-design-patterns, https://www.conductor.com/academy/ai-optimization/
11https://www.nvidia.com/en-gb/glossary/ai-infrastructure/, https://www.ibm.com/think/topics/ai-infrastructure
12https://www.nvidia.com/en-gb/glossary/ai-infrastructure/, https://www.ibm.com/think/topics/ai-infrastructure
13https://www.ifrs.org/issued-standards/list-of-standards/ias-38-intangible-assets/, https://bridgeway.com/perspectives/investing-in-the-age-of-ai-why-intangible-assets-matter-more-than-ever/, https://kpmg.com/mt/en/home/insights/2021/05/capitalisation-of-internally-generated-intangible-assets.html, https://www.pkf-l.com/insights/capitalising-ai-tools-accounting-ias-38/
14https://aign.global/wp-content/uploads/2025/08/AIGN-The-Supervisory-AI-Governance-Framework.pdf; https://www.deloitte.com/content/dam/assets-zone3/us/en/docs/services/consulting/2024/ai-governance-roadmap-accessible.pdf
15https://www.accenture.com/us-en/blogs/intelligent-operations-blog/operations-maturity, https://www.simon-kucher.com/en/insights/private-equity-operational-era-value-creation-accelerates
16https://www.truefoundry.com/blog/what-is-ai-model-deployment/
17https://www.copyright.gov/orphan/reports/orphan-works2015.pdf, https://etisc.wipo.int/news/brand-finance-79-ip-asset-value-remains-books-underutilized-corporate-balance-sheets
18https://www.copyright.gov/orphan/reports/orphan-works2015.pdf, https://etisc.wipo.int/news/brand-finance-79-ip-asset-value-remains-books-underutilized-corporate-balance-sheets
19https://www.ifrs.org/issued-standards/list-of-standards/ias-38-intangible-assets/, https://www.datastudios.org/post/how-to-classify-and-measure-intangible-assets-under-ifrs-and-us-gaap, https://www.pkf-l.com/insights/capitalising-ai-tools-accounting-ias-38/, https://kpmg.com/mt/en/home/insights/2021/05/capitalisation-of-internally-generated-intangible-assets.html
20Given the current regime surrounding LLM training data and retrieval-augmented generation (“RAG”) related to copyrighted content, adjustments under the market approach are likely necessary to understand fair market value, as the market has been significantly depressed by big tech’s willingness to take such content without compensation to copyright holders.
21https://legal.thomsonreuters.com/blog/what-is-contract-lifecycle-management/, https://aavenir.com/contract-automation/
22https://www3.weforum.org/docs/WEF_Responsible_AI_Playbook_for_Investors_2024.pdf, https://www.orrick.com/en/Insights/2025/08/AI-in-Transactions-What-Is-the-Impact-of-AI-on-Business-Transactions-AI-FAQ-Series, https://www.ey.com/content/dam/ey-unified-site/ey-com/en-gl/insights/public-policy/documents/ey-gl-eu-ai-act-07-2024.pdf, https://hai.stanford.edu/ai-index/2025-ai-index-report, https://www.deloitte.com/content/dam/assets-zone1/apac/en/docs/collections/2024/apac-ai-at-a-crossroads-report.pdf
23https://cmr.berkeley.edu/2025/08/adoption-of-ai-and-agentic-systems-value-challenges-and-pathways/
24https://www.bcg.com/publications/2025/are-you-generating-value-from-ai-the-widening-gap
