Enterprise AI
The compliance problem with individual AI licenses
Nolan Di Mare Sullivan
June 25, 2026 - 5 min read
Speakeasy pays for individual Claude and ChatGPT licenses on top of our enterprise plans. Our team leans on agents hard enough to hit the usage limits on managed seats, and the individual Max and Pro plans give us the headroom to keep working without throttling. Some of our “tokenmaxxing” engineers even have multiple individual licenses. We are not an edge case: if your team builds with AI coding tools, you very likely have a proliferation of AI licenses, whether or not leadership is aware.
Individual licenses are a great deal, but they’re also a compliance blind spot. Everything an agent does on a personal Claude Pro account is invisible to the platforms’ admin consoles and compliance APIs. This post covers how individual and enterprise licenses differ, why individual plans are so attractive, why they are so hard to govern, and what we did about ours.
How individual and enterprise AI licenses differ
Anthropic and OpenAI each sell two families of plan, and the line between them matters more for compliance than for features.
The individual tiers are the consumer plans: Claude Free, Pro, and Max , and ChatGPT Free, Plus, and Pro . Anyone can buy them with a personal card in a minute. They have no admin console, no SSO, no audit export, and no central control over retention. The account belongs to the person, not the company.
The managed tiers are built for organizations: Claude Team and Enterprise , and ChatGPT Team, Enterprise, and Edu. These add an admin console, SSO and SCIM, and, at the enterprise level, a compliance API (Claude , ChatGPT ) that can export the conversation record. They also flip the data defaults. On the commercial tiers, every major vendor excludes customer data from training by default, while on the consumer plans the default runs the other way. Anthropic updated its consumer terms in 2025 so that Free, Pro, and Max conversations are used for training unless the user opts out, with retention extended to five years.
Same vendor, two doors
Why individual licenses are everywhere: the tokens are subsidized
The reason individuals, and teams like ours, reach for personal plans is plain economic incentive. A flat monthly subscription buys far more inference than the same money spent at metered API prices, especially for the high-call-volume agentic workflows that coding tools generate.
The vendors have said so themselves. In January 2025, Sam Altman posted that OpenAI was “currently losing money on openai pro subscriptions” because “people use it much more than we expected,” and floated usage-based pricing as the fix (Fortune ). Cursor hit the same wall from the reseller side. In June 2025 it replaced flat request pricing with usage-based credits because, as more users leaned on frontier models, the hardest requests cost an order of magnitude more than a flat fee could cover.
For a heavy user, an individual Max or Pro plan is the cheapest way to get a large, fast budget of frontier-model inference, and it sidesteps the rate limits that managed seats and API keys run into under sustained agent load. That is exactly why our engineers run them alongside our enterprise plan. The subsidy is the incentive, and the incentive pulls usage onto accounts the company cannot see.
Why individual licenses are a compliance blind spot
The evidence an organization can produce about its AI use is bounded by the licenses it centrally manages. Every action performed by an agent via an individual license sits outside that boundary.
For usage on a personal account, there is:
- No admin console or user roster, so the account never appears in an access review.
- No compliance API, so there is no export of what the model saw or produced.
- No audit log of the tool calls an agent made into your systems.
- No retention or data-residency control, and training on by default.
Frameworks like ISO 42001 ask for a reconstructable record of how an AI system operated: what it was given, what it produced, and what it did. For work done on an individual license, that record was never created, because the activity lives in a tenant the company does not own. The compliance API you bought at the enterprise tier sees none of it.
When a meaningful share of AI usage runs on personal accounts, you cannot answer the basic questions AI governance depends on: which tools are in use, on what data, by whom, and to what end. This is the core of shadow AI, and it is the part of agent compliance that the vendor APIs and GRC connectors leave untouched.
Choosing either speed or compliance is deeply unappealing. So we set out to address the individual license blind spot.
What we did: a device agent
The one place you can see usage regardless of license is the device. The account lives in someone else’s tenant, but the laptop is yours.
So we run a device agent on the endpoint that records AI usage at the machine. A personal ChatGPT Plus session or a Claude Pro coding run is captured the same way a managed enterprise seat would be, so the evidence we can produce is no longer bounded by which licenses we centrally manage. Because most consumer AI runs in the browser, the same agent watches web AI usage too, including the long tail of assistants that never show up in procurement or identity. Delivered through the MDM the fleet already runs, it is in place before anyone opens their laptop.
The output is the thing the GRC platform cannot auto-collect: an identity-attributed, append-only log of agent activity that exports into the rest of the compliance program. The device agent generates the runtime evidence, the GRC platform maps it to ISO 42001, SOC 2, and the EU AI Act, and the auditor attests.
For the full map of where agent evidence lives and where it goes missing across vendors, we wrote it up in what is agent compliance. The device agent is one capability of the broader AI control plane we are building at Speakeasy.