.svg)
Claude Fable 5 Deepens Vendor Lock-In Fears And The Case For A Control Plane
A new tier of AI capability arrived this week. So did a new set of questions about who controls what.
Anthropic shipped Claude Fable 5 on Tuesday, and by most benchmarks it is the most capable model the company has ever made publicly available. Early-access customers across finance, legal, and software development called it a meaningful step forward.
Who Decides Which Model Responds?
Underneath the benchmark scores is a design decision that has caught CIO attention: Fable 5 does not always respond as Fable 5. When its classifiers detect a malicious request, a request related to cybersecurity, biology and chemistry, or distillation (attempting to glean insights on the model's internal workings to train competitive models), the response is refused, or automatically handled by Claude Opus 4.8 instead. Anthropic acknowledged that sometimes benign requests will trigger its classifiers, and says it recognizes this will be frustrating to some users.
That admission is drawing pointed attention from investors, analysts, and enterprise architects who argue the problem extends well beyond occasional frustration.
"We are moving from 'how smart is the model?' to 'what version of intelligence are you allowed to access, under what controls, for which job?'" wrote Saanya Ojha, a principal at Bain, in a LinkedIn post. "One model for general availability, one for trusted access."
Technology research firm SemiAnalysis put a sharper point on it, posting that Fable 5 "will secretly degrade its IQ so that the average engineer won't notice."
There is concern that the decision criteria are not transparent, and enterprises have no mechanism to predict it, route around it, or audit which outputs came from which model. For compliance teams building explainability and reproducibility requirements into their AI programs, the classifier approach in Fable 5 is a concern. Security leaders have learned to distrust this kind of opacity in the vendors they already run, lamenting a lack of visibility and changing behavior without the customer's say. Fable 5 moves that same uncertainty into the model layer itself.
What makes that uncertainty hard to manage is that it need not show up as an error. Pradeep Sanyal, a Chief AI Officer and former enterprise CIO and CTO, drew the line between the failures you can see and the ones you cannot on LinkedIn writing, "A refusal is governable. A fallback is governable. A visible routing decision is governable," but "a confident answer from a selectively constrained model is much harder to govern." He put that exposure in a category of its own, "not cloud dependency", "not infrastructure dependency", "cognitive dependency," and asked how much of an organization's judgment now depends on intelligence owned, governed, and modified by someone else.
Investor and venture capitalist Chamath Palihapitiya spelled out the longer-term business risk on X: "The business continuity risk will become more obvious as companies accidentally trip over Anthropic's ToS [terms of service] and have to decide if they will subsume their business viability to them by doubling down on Anthropic models or find open source alternatives where they are in control." Palihapitiya identifies one key enterprise response: "Get ready to be inundated with the term 'control plane,' which is the natural solution to this problem."
Building The Layer You Own
For most, a control and execution plane is a neutral layer that sits above any individual model and handles orchestration, governance, policy enforcement, auditing, role-based access control, security, and more. This can also include any actions an agent takes on enterprise data, and a registry for all agents across the organization. Last month CIOnews spoke with Bijit Ghosh who was most recently a Managing Director for AI, Data, and Cloud at Wells Fargo and current Advisor at Kubex. He gave that layer a shape a CIO can hold onto, advising teams to build control planes like a bank ledger. "Most importantly, it should be precise, it should be immutable, it should be trusted, and leverage your orchestration like infrastructure. The control plane is the root, and orchestration is more like the engine."
An enterprise running a control plane strategy would orchestrate agents and models, the actions that AI takes in the organization, the access that AI has to enterprise data, and log the result in an auditable way the enterprise owns. The ultimate vision is for CIOs to keep the options open, regardless of if one LLM vendor changes its pricing structure, suddenly falls behind in the AI race, or offers features like Fable 5 that are untenable for the organization. Some buyers already write that ownership into the contract itself. In another conversation with CIOnews, Robert Fulk, the CIO for Indiana's Secretary of State, said he keeps the source code and the systems on the state's side of every vendor deal, because, he said, "I'm not going to have vendor lock-in with the government." "The state owns everything" is the rule he negotiates from, and he holds to it with zero tolerance.
That framing is increasingly what enterprise architects are pushing CIOs toward. Andrew Ng also made the case recently on LinkedIn, "In this moment when it's hard to predict which AI service will be the best one in a year's time, optionality (the ability to pick whatever vendor turns out to fit best in the future) is very valuable."
The Forces Pulling Toward One Vendor
The Fable 5 classifier debate is, in some ways, just another expression of a dynamic that has been building for months.
That dynamic is compounded by Anthropic's and OpenAI's IPO ambitions. Both companies recently filed S-1s for a proposed public offering. This is leading some to advise CIOs to consider the implications, including analysts at Forrester: "Resist long-term contracts to limit vendor lock-in and identify where you're exposed to usage-based cost increases," the firm wrote. The broader recommendation: reevaluate all AI options and consider a multimodel approach.
Forrester's reasoning is rooted in IPO economics. Going public forces discipline: Anthropic will need to decide whether to prioritize its innovation roadmap or deliver results to public investors, and may optimize for cost efficiency over capability growth in the near term. A control and execution plane gives CIOs the architecture to absorb that kind of vendor-side shift.
Another example is Claude Managed Agents, which offers firms the chance to embed orchestration logic in the AI model layer itself. A recent VentureBeat article noted a similar enterprise CIO concern: "it also turns more control over the enterprise's AI agent deployments and operations to the model provider, in this case, Anthropic, potentially resulting in greater "lock in" for the enterprise customer," leaving organizations more subject to their terms, conditions, and subsequent platform changes.
Where The Advantage Actually Lives
A control and execution plane inverts that dynamic. Instead of embedding orchestration inside Claude, the enterprise owns the orchestration layer and plugs Claude in as one of several execution options. Governance, auditability, and the ability to swap models live at the layer the enterprise controls, not inside the runtime of any one vendor. What that layer ultimately protects is not the model but everything the enterprise brings to it. "AI is actually not the superpower," DeVry University CIO Chris Campbell told CIOnews. "The superpower is the context and knowledge of my ecosystem, my business, my customer." A model the company can swap is a commodity; the context it runs on is the asset worth governing.
Taken together, the classifier system, Managed Agents, and a pending IPO each offer genuine value and each pull enterprise AI strategy deeper into a single vendor's orbit. For CIOs who have spent the past two years building AI programs on frontier models, the architectural question that follows is the same one in every case: does the governance layer sit with you, or with the vendor?
