Shadow AI: the compliance risk hiding in your business
Someone in your organisation is probably using ChatGPT right now with data they shouldn’t be. Not a threat actor. An analyst under deadline pressure. A clinician who worked out that pasting notes into an AI chatbot saves forty minutes. A lawyer who found that an AI writing tool cuts summary drafting from an hour to ten minutes.
That’s shadow AI. Not malice. People doing their jobs, using tools that work.
In most businesses, that’s a security headache. In regulated industries, it’s a regulatory event. The gap between those two outcomes is where the real problem sits. This article explains what shadow AI is, why the existing response to it fails, and why private AI infrastructure is how regulated businesses are solving it in 2026.
What shadow AI is
Shadow AI is the use of AI tools — chatbots, writing assistants, document summarisers, coding tools, AI-powered browser plugins — without approval or oversight from IT, legal, or compliance. It’s a subset of shadow IT, but the risk profile is different enough to deserve its own category.
When an employee uses unsanctioned cloud storage, data sits somewhere it shouldn’t. Recoverable. When they use an unsanctioned AI tool, that data is actively processed by a model running on a third-party server, often in another country, often without a data processing agreement, often under terms that let the provider use your input data for further training.
GDPR’s Article 28 requires documented data processing agreements with any third party that handles personal data. Shadow AI creates the processing. The agreement doesn’t exist. The regulatory liability lands anyway.
Unlike shadow IT, unmanaged AI doesn’t just store data outside your perimeter. It reads, processes, and in many cases retains it. That’s a different class of exposure.
How common is shadow AI? Worse than most IT teams know
IDC’s 2025 research found that 56% of employees use unauthorised AI tools at work. Only 23% use tools their organisation has actually approved and governs. The majority of AI activity in most businesses is already running outside compliance controls.
Microsoft found that 71% of UK employees admitted to using unapproved AI at work, with more than half doing so at least once a week. Reco’s 2025 State of Shadow AI Report found that 86% of organisations have no visibility into how data flows to and from the AI tools staff use.
The figure that cuts through in board conversations: 40% of employees keep using prohibited AI tools even after being explicitly told not to.
IBM’s 2025 Cost of a Data Breach Report put money against this AI governance gap. Breaches involving shadow AI cost an average of $670,000 more than standard incidents. They expose customer PII in 65% of cases and intellectual property in 40%. And 97% of AI-related breaches occurred in organisations with no proper AI access controls. One in five organisations has already had a shadow AI breach. That’s not a future risk. It’s a current one.
Is shadow AI already in your organisation? Most businesses don’t know until it’s too late. Our shadow AI guide helps regulated businesses identify exposure across people, process, and infrastructure in under 30 minutes. Download the guide →
Why regulated industries face more exposure
Every business has shadow AI risk. In regulated industries, the consequences extend into personal accountability, mandatory disclosure, and direct enforcement.
Security and compliance is the top factor in enterprise workload placement, cited by 32% of IT leaders as the single most important consideration in where AI runs. The two biggest new demands AI places on IT infrastructure are data protection and privacy, at 37%, and security and control, at 36%. Those aren’t preferences. They’re obligations regulated businesses already carry under existing law.
In UK financial services, the FCA’s Senior Managers and Certification Regime creates personal accountability for governance failures. The FCA launched its Mills Review in January 2026 following a Treasury Select Committee report concluding that regulators aren’t doing enough to manage AI risks. When shadow AI causes a data breach, two questions follow: what the organisation did wrong, and what the named senior manager knew and when.
Healthcare is the most expensive sector for data breaches for the fourteenth consecutive year, averaging $7.42 million per incident and taking 279 days to identify and contain. In clinical settings, shadow AI means patient data processed without Business Associate Agreements, no audit trail, and AI outputs potentially influencing clinical decisions.
Four out of five IT leaders now say geopolitical and regulatory factors affect their IT strategy. Data sovereignty and residency requirements have become the top concern, cited by 54% — overtaking traditional compliance as the primary driver.
That figure matters because of the US CLOUD Act. Any AI provider headquartered in the US can be compelled to hand over data regardless of where the servers physically sit. Microsoft Azure OpenAI, Google Vertex, Amazon Bedrock — all subject to it. For UK and EU businesses, every prompt sent to those platforms carries extraterritorial exposure that no data residency clause resolves. The EU AI Act reached its main application date on 2 August 2026, with penalties of up to 7% of global annual turnover for prohibited practices.
Securing AI in a regulated environment isn’t just about locking tools down. It’s about controlling where data is processed, proving it to an auditor, and doing that consistently across every user, every day.
Last month, shadow AI caused the first ever SEC cybersecurity disclosure of its kind
In May 2026, CB Financial Services became the first public company to file an SEC Form 8-K specifically because of an unauthorised AI tool. Not an external attack. An employee at a Pennsylvania community bank used an unsanctioned application that exposed customer names, social security numbers, and dates of birth. The company notified regulators and affected customers.
One employee. One unsanctioned tool. A compliance architecture with no visibility into either.
This is what an AI-related data breach looks like in practice. It doesn’t require a sophisticated attack. It requires a gap between what staff are allowed to use and what they actually use — and no way to detect the difference.
See what a governed private AI workspace looks like in practice SafeChat runs entirely on your own infrastructure. No data leaves your perimeter. Full audit logging. GDPR-compliant by architecture, not by policy. See how SafeChat works →
Why banning it doesn’t work
The usual response when shadow AI is discovered is to block it. Add it to the prohibited tools list, send the warning email, update the acceptable use policy.
It doesn’t work.
Forty percent of employees keep using prohibited AI tools even after being told not to. When bans do stick, the productivity staff had built into their daily work disappears overnight. Backlogs build. Pressure to find workarounds grows. The shadow use moves somewhere harder to see, not somewhere it stops happening.
There’s actual evidence for what does work. One healthcare system that gave clinical staff an approved AI workspace saw unauthorised use drop 89% and staff saving 32 minutes per day. Shadow AI grows where the gap between what staff need and what IT has approved is too wide to ignore. Close that gap, and most people take the sanctioned path. Leave it open, and no acceptable use policy changes that.
The lesson from every successful shadow AI governance programme: the approved tool has to be as useful as the unsanctioned one. Anything less and staff will keep going around it.
How private AI infrastructure solves this at the architectural level
In 2026, 56% of enterprises are running or planning to run production AI inference on private cloud. Public cloud use for the same workloads dropped 15 percentage points in one year, from 56% to 41%. Intent to increase private cloud spend over three years rose from 51% to 72%. Private cloud investment is growing at more than twice the rate of public cloud.
Broadcom’s Private Cloud Outlook 2026, which surveyed 1,800 senior IT decision-makers across financial services, healthcare, and the public sector, identifies three forces driving this shift: cost, complexity, and control. Security and compliance is the top driver for AI workload repatriation, cited by 51% of organisations. AI training, LLMs, and inference now appear as a distinct repatriation category for the first time — 43% of organisations moving workloads off public cloud are specifically moving AI.
A private AI server deployed on hardware the organisation owns processes data within its own infrastructure. No API calls to third-party model providers. No data transmitted externally. The audit trail exists because the system is yours.
For a regulated business, a private AI workspace that staff actually want to use is the only intervention that durably reduces shadow AI. Policy fails because it requires every person to comply under every deadline. Architecture works because it removes the reason to go outside the perimeter. The approved tool is also the useful tool.
What that on-premises AI deployment requires in practice: full logging of every query, output, and access event, timestamped and attributed to a user. Model documentation — which model processed what data, in which version, at what time. And processing that stays inside your own infrastructure, not governed by a cloud provider’s terms of service that can change or be overridden by foreign law.
Broadcom’s research draws a distinction worth keeping. Compliance is about meeting rules. Data sovereignty is about control — where data lives, how it’s governed, what authority you actually retain. A well-deployed private AI workspace addresses both. An unsanctioned cloud chatbot addresses neither, whatever the terms and conditions say.
The regulatory window for getting ahead of this is narrowing
Gartner predicts that by 2030, more than 40% of enterprises will face security or compliance incidents from unauthorised shadow AI. Only 37% of organisations currently have governance policies that even detect it.
That gap is where the exposure sits. For a regulated business, the question isn’t whether shadow AI is happening inside the organisation. It almost certainly is. The question is whether you find out through your own detection, or through an auditor, a breach notification, or a regulator asking why you didn’t know.
Broadcom’s recommendation for IT leaders is direct: govern AI before it governs you. Build governance into the infrastructure from the start. Organisations that treat this as an infrastructure decision now have options. The ones that treat it as a later policy problem will have fewer of them, and they’ll be making those decisions under more pressure.
Run AI inside your own walls — not someone else’s SafeChat is an on-premises AI workspace built for regulated industries. Data stays on your hardware. Every query is logged. No third-party model provider ever sees your data. Book a SafeChat demo →
Frequently asked questions about shadow AI
What is shadow AI? Shadow AI is the use of AI tools — chatbots, writing assistants, coding tools, browser plugins — by employees without the knowledge or approval of their IT, legal, or compliance teams. It operates outside the organisation’s official technology stack and governance controls. The term is a subset of shadow IT, but carries distinct risks because AI tools actively process data rather than just storing it.
How is shadow AI different from shadow IT? Shadow IT involves employees using unapproved software or cloud services, storing data somewhere it shouldn’t be. Shadow AI involves employees actively sending data to AI models running on third-party servers, often in different countries, often without data processing agreements. Shadow IT creates a data storage risk. Shadow AI creates a data processing risk, which is a harder compliance problem to fix after the fact.
Is using unauthorised AI tools a GDPR violation? It can be. GDPR’s Article 28 requires documented data processing agreements with any third party that handles personal data. When an employee uses an unsanctioned AI tool to process personal data, no such agreement exists. The processing still happens. Depending on the data involved and the jurisdiction of the AI provider, this can constitute a breach of GDPR’s data processing obligations and may need to be reported to the ICO.
What regulations apply to shadow AI in the UK? Several overlap. GDPR covers data processing obligations. The FCA’s Senior Managers and Certification Regime creates personal accountability for AI governance failures in financial services. The EU AI Act, applicable from August 2026, sets risk-based requirements for AI deployment with penalties of up to 7% of global annual turnover. The ICO and sector-specific regulators including the CQC apply existing conduct and data protection frameworks to AI use.
What is a private AI server and how does it help with shadow AI? A private AI server is an AI model deployed on infrastructure owned or controlled by the organisation, rather than accessed via a third-party cloud API. Because data is processed within the organisation’s own perimeter, it never leaves the network. There are no extraterritorial data exposure risks, the audit trail is complete, and the deployment can satisfy GDPR data processing requirements by architecture rather than by contractual assurance. Giving staff access to a capable private AI workspace also removes the main reason shadow AI exists: the gap between what staff need and what IT has approved.
How can regulated businesses prevent shadow AI? Prohibition alone doesn’t work — 40% of employees use unapproved AI tools even when explicitly banned. The approaches that do work combine detection (identifying which AI services are receiving organisation data), governance (access controls, audit logging, documented data processing agreements), and supply (giving staff an approved AI workspace capable enough to replace the shadow alternatives). Private AI infrastructure addresses all three. It provides visibility over what’s being processed, a complete audit trail, and a sanctioned tool that staff are willing to use.