- Shadow AI — employees using public AI tools like ChatGPT or Gemini with client data — is now the primary unmanaged risk in regulated firms.
- Every unlogged prompt that contains client data is a potential GDPR Art. 28 violation, a DORA gap, and an audit trail failure.
- The solution is not to ban AI. It is to replace uncontrolled AI with governed AI that provides the same productivity inside a compliant, audited environment.
- Firms that govern AI now will have a structural advantage when regulators start auditing AI usage in 2026 and beyond.
Your compliance team is doing something right now that your data protection officer does not know about. A paralegal is pasting a client’s financial history into ChatGPT to draft a summary memo. An accountant is using Gemini to classify transactions in a spreadsheet containing real client names and account numbers. A junior compliance analyst is feeding a suspicious activity report narrative into Claude to improve the writing before it gets filed.
None of these employees are acting maliciously. They are being productive. The tools are powerful, fast, and free. The problem is that no one in the organisation has authorised this data processing, no Data Processing Agreement (DPA) has been signed for this use case, no audit log captures what was sent, and no retention or deletion policy governs what the AI provider does with the data.
This is shadow AI — and in 2026, it is the compliance blind spot that matters most.
What shadow AI actually looks like inside a regulated firm
Shadow AI is not a single tool or a single behaviour. It is a pattern: employees adopting capable AI tools for legitimate work purposes, outside any governance structure. The defining characteristic is not that employees are using AI — it is that the organisation has no visibility, no control, and no record of it happening.
In a typical law firm, accounting practice, or financial services firm with 50–200 employees, shadow AI usage commonly includes:
- Document drafting: Pasting client correspondence, contracts, or case notes into a consumer AI tool to get a draft or improve existing text.
- Research and summarisation: Uploading PDF documents — including documents containing personal data — to AI tools for analysis or summary.
- Data classification: Feeding spreadsheets, transaction records, or client registers into AI tools to categorise or label data.
- SAR and report drafting: Using AI to improve the narrative or structure of regulatory filings, which by definition contain sensitive client and transaction data.
- Email and communication drafting: Writing client-facing communications with AI assistance, where the prompt includes client context that identifies the individual.
Each of these use cases involves personal data being transferred to a third-party system without explicit authorisation, without a lawful basis documented for that specific transfer, and without a record that it happened. In aggregate across a 100-person firm, this represents hundreds of undocumented data transfers per week.
The three compliance risks that matter most
GDPR Article 28 — processor relationships
When your employees use a public AI tool with personal data, that AI provider becomes a data processor. GDPR Art. 28 requires a signed Data Processing Agreement before this relationship begins. Without one, every prompt containing personal data is a compliance violation — regardless of whether a breach occurred.
Audit trail gaps
Regulators expect to be able to reconstruct decision-making for key compliance actions: AML determinations, KYC assessments, risk scoring, SAR filing decisions. If AI assisted those decisions but there is no log of what was sent or what came back, the audit trail is broken. This is a problem under every major regulatory framework, not just GDPR.
DORA — ICT risk management
For financial entities in scope of DORA (which took effect January 2025), unmanaged AI tool usage is an ICT risk management failure. DORA requires firms to identify, classify, and manage third-party ICT dependencies. An unregistered AI provider dependency is a DORA gap — and regulators have begun including AI tools in ICT asset inventories.
NIS2 — supply chain security
NIS2, which requires member states to transpose by October 2024, includes supply chain security obligations for essential and important entities. Using unvetted AI tools as part of operational workflows without security assessment is a supply chain risk management failure under NIS2 Art. 21, specifically the provisions on ICT supply chain security.
Beyond these specific frameworks, there is a broader audit readiness problem. If a regulator or auditor asks “what AI tools does your firm use in compliance workflows, and how are they governed?” — a question that is now standard in some regulatory examinations — shadow AI means you cannot answer it accurately.
Why banning AI does not work
The instinctive response from many compliance leaders is to issue a policy prohibiting the use of consumer AI tools with client data. Some firms have done this. The evidence from industries that have tried it is discouraging.
The productivity gap between an employee who has access to AI assistance and one who does not is now significant enough that bans create real pressure to work around them. When employees believe that using AI is the only way to keep up with their workload, a policy prohibition becomes a rule that is widely violated and rarely enforced — which is worse than having no policy at all, because it creates a false sense of control.
Bans also fail because the tools are accessible from personal devices. An employee who cannot use ChatGPT on their work laptop will use it on their phone. The data still leaves the organisation. The audit trail is still missing. The DPA is still unsigned. The policy has accomplished nothing except pushing the behaviour off managed infrastructure.
The goal is not to stop employees using AI. The goal is to ensure that all AI usage with client data happens inside a governed, audited environment where the organisation retains visibility and control. This requires providing a better alternative to the consumer tools — not removing the consumer tools without replacement.
What governed AI looks like in practice
Governed AI is not a different type of AI. It is the same underlying capability — large language models, document analysis, summarisation, drafting assistance — deployed inside a compliance framework that satisfies the requirements shadow AI violates.
The specific requirements that a governed AI environment must meet for regulated firms are:
Complete audit log of every AI interaction involving client data
Every prompt, every response, every document uploaded — timestamped, attributed to a specific user, linked to the client or matter it relates to, and retained for the duration required by applicable regulations. This is the foundation of everything else. Without a complete log, you cannot demonstrate compliance, respond to a regulatory inquiry, or investigate a potential data incident.
Role-based access control scoped to client data
AI access must be governed by the same permissions that govern access to underlying client data. A user who cannot access a client file should not be able to use the AI to query or summarise that file. RBAC for AI is not optional — it is the mechanism that prevents AI from becoming a bypass around your existing data access controls.
Data sovereignty and no training on your data
Consumer AI tools typically include terms that allow providers to use submitted data for model improvement. For regulated firms handling client data under confidentiality obligations, this is unacceptable. Governed AI requires contractual commitments that your data is not used for training, processed only in your selected jurisdiction, and deleted on request — backed by a signed DPA that satisfies GDPR Art. 28.
Integration with compliance workflows, not bolted on top
AI that is useful enough to replace consumer tools must be embedded in the workflows where employees actually work. If governed AI requires opening a separate tool and re-entering context that already exists in your CRM or document management system, employees will not use it consistently. The AI must be in the workflow, with access to the right context, scoped by existing permissions.
The regulatory trajectory: what is coming in 2026 and 2027
The EU AI Act began applying its first provisions in February 2025, with risk classification requirements and prohibited practices taking effect. The obligations most relevant to regulated professional services firms — those involving AI systems used in credit, insurance, legal, and compliance contexts — will be fully applicable by August 2026. Firms that have not inventoried their AI tool usage will face difficulty demonstrating compliance with AI Act obligations that require documentation of AI systems deployed in high-risk use cases.
Several national regulators have already signalled that AI governance is on their examination agenda. The UK FCA included AI model risk management in its supervisory priorities for 2025–2026. The European Banking Authority has issued guidance on AI use in credit risk models. The French CNIL has published enforcement guidance specifically addressing AI tools and GDPR compliance — including the use of consumer AI tools by employees.
The pattern is consistent: regulators are moving from issuing guidance to conducting examinations. Firms that have shadow AI problems in 2026 will have regulatory problems in 2027.
A practical starting point: Before you can govern AI, you need to know what you are governing. Start with an internal survey: ask each team to list the AI tools they use regularly, for what purposes, and whether any client data is involved. Most firms are surprised by the breadth and depth of usage they uncover. That inventory becomes the basis of your governance programme — you cannot mitigate risk you have not mapped.
Building the case internally: what your board needs to hear
Compliance leaders who understand the shadow AI problem often find that the hardest part is not solving it technically — it is getting internal buy-in for the investment required to solve it properly. The board-level framing that tends to cut through is not the technical detail of GDPR Art. 28 or DORA ICT risk classification. It is the question of what a regulatory examination finding on AI governance would cost in remediation, management time, and reputational damage compared to the cost of implementing governed AI now.
The answer is consistently asymmetric. A GDPR enforcement action for systematic undocumented data transfers to third-party processors can result in fines up to 4% of global annual turnover. A DORA finding on unmanaged ICT dependencies can trigger mandatory remediation plans with regulator oversight. Against those downside scenarios, the cost of implementing governed AI is modest — and it provides a competitive advantage in client conversations about data handling and security standards.
The firms that will win regulated market share over the next three years are those that can credibly say to clients: we use AI in our workflows, and here is exactly how it is governed, audited, and scoped so that your data is protected. That is not a statement any firm can make if their AI usage is happening in shadow.
AI that is governed from day one
HubSecure’s AI Operator is purpose-built for regulated teams — full audit logs, RBAC-scoped access, EU data sovereignty, and zero training on your client data. Replace shadow AI with governed AI that satisfies GDPR, DORA, and NIS2 requirements.
See a demo