The board is not going to ask whether AI is interesting. They are going to ask whether it is working, what it costs, and whether you know what you are doing with both. If you cannot answer those questions clearly in the next thirty days, the conversation is going to go badly.

Warren Buffett has managed hundreds of companies across wildly different industries. He is not an expert in any of them. What he is expert at is a specific governance structure: decentralized operations, centralized finances. Subsidiary CEOs get almost total operational autonomy. They run their businesses however they choose. But they cannot make large capital commitments without escalation, they report financials on a standard schedule, and they have clear limits on what they can spend without Buffett's approval.

He called this the model that lets him sleep at night. Operations vary. Financial controls do not.

That is the model for controlling AI spend. Engineering teams should choose their own models, build their own agent architectures, and move at whatever speed the business requires. Finance should have complete visibility into what that costs, at the team level, in real time, with automatic alerts when limits are approached. The autonomy stays with the people who know the work. The controls stay with the people who own the budget.

The CFO's 30-Day AI Spend Control Playbook

Thirty days is enough time to build a defensible governance foundation. It is not enough time to build a perfect system. But a foundation that can be presented to a board with confidence is more valuable right now than perfection that arrives after the meeting. Here is the sequence for controlling AI spend in a month.

  1. Day 1-7: Map current spend. Pull AI spend by vendor and by team. Reconcile against your general ledger. Identify every contract, every API key, every credit commitment. Catalog shadow usage that is not captured in the main dashboard. Document your methodology -- you cannot defend numbers you cannot explain. Most finance teams discover during this exercise that actual spend is higher than the dashboard shows and that attribution to teams is incomplete.
  2. Day 8-14: Set team-level budgets. Work with engineering leads to identify the five to ten highest-cost AI workflows in production. For each workflow, document expected cost per unit of work and actual cost over the past 30 days. Flag unexplained variance. Convert vendor-level spend into team-level budgets that individual engineering leaders can be held accountable for. This is where spend becomes governable -- at the team level, not the vendor level.
  3. Day 15-21: Implement alerts. Configure automated alerts for every significant AI workflow. Each alert needs three components: a baseline (what the workflow is expected to cost), a threshold (how far actual can deviate before an alert fires), and a response protocol (exactly what happens when the alert fires). Start with conservative thresholds. You will refine them as you understand normal variance patterns. The goal is a system that fires before the month-end invoice, not after it.
  4. Day 22-30: First weekly review cycle. Run your first structured weekly review of AI spend variance. Review actual versus plan for each major workflow. Investigate unexplained variance. Connect cost deviations to outcome data wherever possible -- a model switch that raised token costs by 30 percent may be justified if it improved outcomes proportionally. Establish this review as a standing meeting. It is the operating mechanism that keeps controlling AI spend from being a one-time project.

Week One: Get Visibility You Can Actually Stand Behind

The first thing a CFO needs before a board conversation about AI is numbers they are confident in. Not dashboard numbers. Numbers with a methodology attached.

Pull your current AI spend by vendor and by team. Reconcile it against your general ledger. Identify every contract, every API key, every credit commitment. Most finance teams that do this exercise for the first time discover three things: spend is higher than the dashboard shows because shadow usage is not captured, attribution to teams is incomplete, and there is no documented methodology for how the numbers were produced.

You cannot defend numbers you cannot explain. Week one is about building the foundation of explainability, not about optimizing spend. Optimization comes after you understand what you are looking at. Controlling AI spend starts with knowing what you actually have.

Week Two: Establish Baselines by Workflow

Cost at the vendor level tells you nothing useful for governance. You need cost at the workflow level: what each AI-powered process costs to run, and what it is supposed to cost based on its design parameters.

Work with your engineering leads to identify the five to ten highest-cost AI workflows in production. For each one, document the expected cost per unit of work, the actual cost per unit of work over the past 30 days, and whether variance is explained or unexplained.

Explained variance is fine. The model was upgraded. Inputs grew because the user base scaled. Unexplained variance is a control problem. It means something changed in a way that nobody documented, and it will happen again. Identifying unexplained variance in week two is one of the highest-value activities in any program for controlling AI spend -- it reveals gaps in your engineering change management before they produce board-meeting surprises.

Controlling AI Spend: Implementing Automated Alerts

A governance program that requires a human to notice something is wrong is not a governance program. It is a hope.

By week three, you need automated alerts configured for every significant AI workflow. Each alert has three components: a baseline, a threshold, and a response protocol. When spend deviates from baseline by more than the threshold, something happens automatically without anyone deciding to check the dashboard.

Start with the highest-cost workflows. Set conservative thresholds to start. You will refine them over time as you understand the normal variance patterns for each workflow. The goal in week three is not a perfect system. The goal is a system that fires before the month-end invoice instead of after it. That shift -- from reactive discovery to proactive signal -- is the fundamental transition in controlling AI spend.

Week Four: Build the Board Narrative

The board does not want a cost report. They want evidence of governance capability. There is a difference.

A cost report tells them what AI spent last quarter. Evidence of governance capability tells them that you know what AI is supposed to cost, you know when it deviates from plan, and you have a system that catches problems before they compound. That evidence is far more valuable to a board than a precise spending number, because it answers the underlying question they are actually asking: are you in control of this?

The narrative structure that works: here is what we spent, here is what we expected to spend, here is why the variance exists, here is the system we have built to catch future variance. Four sentences. Then you can spend the rest of the time talking about outcomes.

The Guardrail Principle

Buffett's genius was not micromanagement. It was guardrail design. The guardrails were clear enough that subsidiary CEOs could operate without asking permission for everything, because they knew exactly where the lines were.

Good AI spend governance works the same way. Engineers should not need to request approval every time they want to experiment with a new model. They should know what their quarterly AI budget is, what the alert threshold is, and what happens when they approach it. That clarity enables speed, not constraint. It removes the ambiguity that slows teams down and creates the shadow spending that surprises finance at quarter end.

Controlling AI spend at scale is not primarily a technology problem. It is a clarity problem. Clear budgets, clear thresholds, clear response protocols, and clear ownership. The technology to implement those controls exists. The discipline to define them clearly is what separates organizations that are genuinely in control from organizations that are watching.

Frequently Asked Questions

What should a CFO do first when controlling AI spend?

The first step is producing numbers you can stand behind. Pull AI spend by vendor and by team, reconcile against the general ledger, identify every contract and API key, and document the methodology used to produce each number. Most CFOs who do this exercise for the first time find that actual spend is higher than reported, attribution to teams is incomplete, and there is no documented methodology. You cannot govern what you cannot explain, and you cannot defend numbers whose provenance you do not know.

How do you set AI spend budgets by team?

Start with the five to ten highest-cost AI workflows in production. For each workflow, document expected cost per unit of work based on its design parameters (model, context size, expected call volume). Compare against actual cost over the past 30 days. Flag unexplained variance. Roll those workflow-level cost profiles up to team-level budgets that engineering leads can own. Team-level budgets create accountability that vendor-level spend totals never can, because they connect cost to the people who make the decisions that drive it.

What metrics should a CFO track for controlling AI spend?

The five metrics that matter most: cost per unit of work for each major workflow (not cost per API call or total vendor spend), variance from baseline for each workflow, time to detect variance (how long before the alert fires), unexplained variance as a percentage of total (this should trend toward zero as your governance matures), and cost-to-outcome ratio for high-value workflows (spending more on AI that produces better outcomes is a good investment; spending more that produces no improvement is a governance failure).

How do you explain AI spend governance to the board?

The narrative that works is four sentences: here is what we spent, here is what we expected to spend, here is why the variance exists (explained variances are fine), and here is the system we have built to catch future variance automatically. That structure tells the board you have a methodology, you have baselines, you have alerts, and you are not relying on end-of-month invoice reconciliation to learn about problems. That is the governance story they need to hear -- not a precise spending number, but evidence that you are in control of the number.

What does good AI spend control look like at scale?

At scale, controlling AI spend looks like this: every significant workflow has a documented cost baseline, automated alerts that fire in hours not weeks, team-level budgets that engineering leads own, a weekly variance review that connects cost deviations to outcome data, and a model selection framework that treats the cost-capability tradeoff as an economic decision rather than a technical preference. The finance team can answer any question about AI economics without waiting for a billing cycle to close. Engineering teams know their budgets without having to ask. The board conversation is about outcomes, not about whether the numbers are reliable.

Putting the Playbook Into Action

Thirty days is enough time to build the foundation of this system. It is not enough time to build a perfect system. But a foundation that can be presented to a board with confidence is more valuable right now than perfection that arrives after the meeting.

Oberhahn provides the instrumentation and workflow attribution that makes this thirty-day sequence executable, including baseline measurement, automated alert configuration, and the team-level spend visibility that makes the board narrative defensible.