Italy’s Multiplicity Principle: Moving Away From Model-Centric AI Governance

While the European Union’s AI Act has sparked intense debate over high‑risk models and mandatory audits, most national strategies still treat the model as the sole point of control. Italy’s Agency for Digital Italy (AGID) is breaking from that convention with a full‑stack governance blueprint that evaluates energy consumption, chip supply, infrastructure resilience, and application contexts alongside algorithmic risk. By expanding the regulatory perimeter, the framework acknowledges that vulnerabilities often arise from the supporting hardware and cloud services, not just the code itself. This broader lens aligns AI oversight with the realities of complex, multi‑layered deployments in the public sector.

The centerpiece of AGID’s policy is the “multiplicity principle,” which obliges public bodies to keep options open across proprietary, open‑weight, cloud‑based, on‑premise, and hybrid solutions. Coupled with an autonomy taxonomy ranging from L0 to L5, the guidelines trigger progressively stricter traceability and governance requirements as systems become more self‑directing. A novel “Levelized Cost of AI” (LCOAI) metric forces procurement officers to factor in ongoing expenses such as retraining, cloud usage, and migration fees, shifting focus from short‑term performance to long‑term fiscal sustainability. Together, these tools aim to curb vendor lock‑in and reinforce technological sovereignty.

Implementing a full‑stack, multiplicity‑driven model will demand new skill sets within ministries, from lifecycle cost modeling to cross‑domain risk assessment. Yet the payoff could be significant: greater bargaining power, reduced exposure to supply‑chain shocks, and clearer accountability for AI outcomes. If other EU members adopt similar standards, the continent may see a coordinated move away from a few dominant AI providers toward a more diversified ecosystem. For businesses supplying AI services, the shift signals a need to demonstrate portability, explainability, and operational flexibility, while governments gain a clearer roadmap for responsible, resilient AI adoption.