AboutBlogBusiness First AIFounder FreedomBook a conversation

Your AI policy a year on: what survived, what got rewritten

May 16, 2026
A woman at her office desk marking up a printed policy document with a pen, laptop open beside her, mug of tea nearby.
TL;DR

Twelve months after most UK small firms wrote their first AI policy, the picture is clearer. Basic data-handling rules and the no-client-data-into-free-tools line held up. Customer disclosure clauses, training opt-outs and IP language needed rewriting after fresh case law and EU AI Act milestones. Formal committees, complex approval workflows and exhaustive audit mandates quietly died. Year two is shorter, sharper and closer to what staff actually do.

Key takeaways

- The simplest rules survived: no client data in free-tier tools, paid tiers for anything sensitive, a named incident contact - Customer disclosure, training opt-outs and IP ownership clauses all needed rewriting after 2025 case law and EU AI Act timelines - Formal AI committees, five-stage approval workflows and exhaustive audit-trail mandates were quietly ignored, and there is no point pretending otherwise - Shadow AI is the gap version two has to close: 71 per cent of UK employees used unapproved tools, and a stricter policy on paper does not change that - The credible year-two policy is one page, names an accountable owner, funds paid tiers for staff who need them, and is defensible to an insurer

The owner of a twenty-person professional-services firm wrote her first AI policy in spring 2025. Two pages, drafted from a law-firm template, ran past the team in a thirty-minute briefing, saved to the shared drive. Twelve months on, three things have happened. ChatGPT use across the team is now universal but mostly invisible to her. Two clients have asked whether their data is being used to train AI. And her insurance broker has flagged a new professional-indemnity exclusion around AI-generated work.

The document on the shared drive is at its review point. The question is not whether it should exist, it should, the question is which parts of it are still doing useful work, which need rewriting in light of the past year, and which were quietly ignored from week one. Writing a policy in 2024 or early 2025 was the right move. Pretending the year-one document is fine as it stands is not.

What survived the first year

Three sections held up across firms that wrote sensible year-one policies, and they tend to be the shortest sections in the document.

The first is the basic data-handling rule. Do not paste client personal data into free-tier consumer AI tools. Use the paid tier of the approved tool for anything sensitive. Treat AI prompts and outputs as if you were emailing them to an external supplier. The ICO’s AI and UK GDPR guidance backs this directly, and the NCSC’s 2025 Code of Practice for the Cyber Security of AI reinforces it from the security side. Microsoft’s UK Work Trend Index research found that even where shadow AI use was widespread, the no-client-data rule was the single rule most staff actually knew and followed.

The second is the acceptable-use line. AI for low-risk internal drafting, summarising, brainstorming and first drafts. Not for unsupervised legal advice, medical interpretation, financial product recommendations or final contract wording. The Court of Appeal’s 2025 judgment in Ayinde v Haringey reinforced this by name for advisory work, holding that generative AI tools are not capable of reliable legal research and that inadvertent reliance on hallucinated citations can amount to gross negligence.

The third is the named incident-response contact. One person, named in the document, responsible for AI-related concerns. Easy to find, easy to escalate to. Year-one policies that had this still have it. The ones that buried it inside a generic IT-incident clause tended to rewrite it.

What got rewritten

The customer disclosure clause is where year-one language has dated fastest. The 2024 default was vague: “we may use AI in delivering services.” That phrasing does not survive 2025. Moffatt v Air Canada made AI statements directly attributable to the firm. Ayinde made unverified AI output a professional failing. The EU AI Act’s transparency rules, in force from August 2026, require that users be told when they are interacting with an AI system. The Solicitors Regulation Authority and ICAEW have issued sector-specific disclosure expectations. The rewrite is not subtle: clauses now name when the firm will tell a client AI was involved, what the bot is and is not allowed to say, and how the client gets to a human.

Training-data opt-out language needed rewriting too. The year-one promise to opt out “wherever possible” was made before owners understood how limited those levers actually were. OpenAI’s promised Media Manager opt-out has been delayed. Robots.txt blocks work prospectively only. Different vendors honour different signals. Year-two language is more careful: a commitment not to expose confidential client data to external training, a separate stance on the firm’s own published content, and a cross-reference to vendor due diligence rather than an absolute promise the firm cannot keep.

IP ownership clauses needed work after Getty Images v Stability AI and the UK’s licensing-first copyright stance in 2026. Year-one statements that the firm owned everything AI produced and that everything was safe to use have looked increasingly thin.

What nobody used

The formal AI committee. The five-stage AI request approval workflow. The exhaustive audit-trail mandate that every prompt and output be logged and retained for seven years. The detailed RACI chart copied from a law-firm template.

These were the ambitious sections, written in good faith, and twelve months on they are mostly dormant. Pacific AI’s 2025 governance survey, summarised by Kiteworks, found that only 36 per cent of small firms had any AI-governance roles at all, that 9 per cent of small firms monitored their AI systems for accuracy or drift, and that 29 per cent monitored their AI systems at all. The numbers are not a failure of intent. They reflect what a twenty-person firm with no full-time compliance lead can sustain.

The honest move at the year-two review is to retire these sections rather than restate them. A standing committee that has not met deserves to be deleted. A five-stage approval workflow that staff routed around in week three was not enforceable. The point is not to lower the bar. The point is to write a policy that describes how the firm actually operates, then strengthen the parts that matter.

The shadow AI gap

The single biggest gap between year-one policy and year-one practice is shadow AI. Microsoft’s UK research found that 71 per cent of employees had used unapproved consumer AI tools at work, and 51 per cent continued to do so weekly. McKinsey’s 2025 State of AI survey reports the pattern internationally. Staff use what works for them, often what they already use at home, and a stricter policy on paper does not close that gap.

The year-two response is not to write a sterner version of the year-one ban. It is to combine clear red lines, no client or restricted data in unapproved tools, no credentials in any AI prompt, with a funded approved-tool list. If staff need a paid-tier copilot or assistant to do the job, the firm pays for it. The cheapest year-two intervention is often to license the paid version of the tool the team is already using on personal accounts, then make using it the path of least resistance. That, plus a short list of named no-go data categories, does more for actual behaviour than another paragraph of acceptable-use language.

What the year-two policy looks like

One page. A named accountable owner, usually the managing director or operations lead. A short approved-tool list with paid tiers funded for the staff who need them. A named no-go data list: regulated data, client-identifying data, financial data, health data, credentials, source code. A named verification step before AI-generated work reaches a client. A named disclosure approach for when and how the firm tells clients AI was involved. A named incident-response contact. A review date twelve months out.

The audit-trail discipline is light-touch and pragmatic. A logged exception register for the things that go wrong, focused logs on the few high-impact systems that touch customers or significant decisions, not a comprehensive event log the firm cannot maintain. Decision rights are clear: who can approve a new tool, who can override the no-go list, who decides when a use case requires escalation.

The document should be defensible to an insurer asking at renewal and useful to a new joiner reading it on day one. If it is neither, it is the year-one document with extra paragraphs, not a year-two policy.

Sources

- ICO, "Artificial intelligence and UK GDPR guidance": https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/artificial-intelligence/ - NCSC, "Artificial intelligence" advice and guidance: https://www.ncsc.gov.uk/section/advice-guidance/all-topics/artificial-intelligence - Microsoft UK, "Rise in shadow AI tools raising security concerns": https://ukstories.microsoft.com/features/rise-in-shadow-ai-tools-raising-security-concerns-for-uk/ - McKinsey, "The state of AI 2025": https://www.mckinsey.com/capabilities/quantumblack/our-insights/the-state-of-ai - Court of Appeal, Ayinde v London Borough of Haringey and Al-Haroun v Qatar National Bank (2025): https://www.judiciary.uk/wp-content/uploads/2025/06/Ayinde-v-London-Borough-of-Haringey-and-Al-Haroun-v-Qatar-National-Bank.pdf - McCarthy Tetrault, "Moffatt v Air Canada: misrepresentation and the AI chatbot": https://www.mccarthy.ca/en/insights/blogs/techlex/moffatt-v-air-canada-misrepresentation-ai-chatbot - EU AI Act, implementation timeline: https://artificialintelligenceact.eu/implementation-timeline/ - Kiteworks, "AI governance survey 2025: data security, compliance, privacy risks" (Pacific AI data): https://www.kiteworks.com/cybersecurity-risk-management/ai-governance-survey-2025-data-security-compliance-privacy-risks/ - Bratby Law, "UK AI regulation: what the law says": https://bratby.law/uk-ai-regulation-what-the-law-says/ - Brabners, "The UK's stance on generative AI and copyright: what businesses need to know": https://www.brabners.com/insights/intellectual-property/uks-stance-on-generative-ai-copyright-what-businesses-need-to-know

Frequently asked questions

How long should a second-year AI policy be?

One page is the right target for a firm of five to fifty staff. Most year-one policies ran to two or three pages because owners were copying law-firm templates written for larger organisations. Twelve months of lived experience shows that the sections staff actually read and apply are short and behavioural. A one-page document with a named owner, a tool list, a no-go data list, a verification step and a review date outperforms a longer document that no one opens after the briefing.

Do I still need a formal AI committee for a twenty-person firm?

Almost certainly not. Pacific AI's 2025 governance survey found only 36 per cent of small firms had any defined AI-governance role, and committees written into year-one policies have rarely met. Name a single accountable owner, usually the managing director or operations lead, give them an IT or data-protection contact for tool approvals, and assign a named owner for each significant AI system. That structure works inside a small firm without inventing meetings that nobody attends.

Will my professional indemnity insurer ask to see my AI policy?

Increasingly, yes. RPC, Beazley and Hiscox have all published 2025 to 2026 commentary signalling that insurers are tightening AI-related questions at renewal, and US carriers including Berkley and AIG have filed AI exclusions on errors-and-omissions cover effective 1 January 2026. UK proposal forms are catching up. Treat the year-two policy as a document the insurer may ask to see, which means it needs to be defensible and implemented, not aspirational and shelf-bound.

Written by Dr Dave Heath, AI consultant and business strategist.

This post is general information and education only, not legal, regulatory, financial, or other professional advice. Regulations evolve, fee benchmarks shift, and every situation is different, so please take qualified professional advice before acting on anything you read here. See the Terms of Use for the full position.

Ready to talk it through?

Book a free 30 minute conversation. No pitch, no pressure, just a useful chat about where AI fits in your business.

Book a conversation

Related reading

A business professional sitting at a desk reviewing documents on a laptop, with client folders stacked to one side

How to stop staff using ChatGPT with client and confidential data

Your team's ChatGPT habit is likely moving client data outside your legal control, and this post covers the UK GDPR obligations, practical policy, and safer alternatives to get ahead of it.

A business owner looking at documents on a meeting room table with a laptop open beside them

Does your business actually need formal AI governance?

A decision guide for owner-managed businesses on when formal AI governance is genuinely required and when lighter controls are adequate.

Person reviewing a printed document at a wooden desk with a pen, natural light from a window

UK AI copyright rules explained for business owners

What UK copyright law actually says about AI tools and outputs, and where owner-managed businesses carry the real risk.

If any of this sounds familiar, let's talk.

The next step is a conversation. No pitch, no pressure. Just an honest discussion about where you are and whether I can help.

Book a conversation
AboutBlogBusiness First AIFounder FreedomContactBook a conversation
Privacy PolicyTermsCookie Policy

© 2026 Larocca Consulting Ltd