You take on the AI mandate and assume you’re starting from nothing. No tools deployed, no programmes running, a blank slate to build from. Then, in the first fortnight, a conversation with the account team reveals that three people have been pasting client briefs into a consumer chatbot to prep for calls. Finance has been running board summaries through ChatGPT. Someone in operations built a prompt template that circulates informally among five colleagues. The AI footprint was already there. Nobody had mapped it.
Analysis of how organisations actually deploy AI day-to-day puts the share of employees already using personal AI tools for work at over 90%. Nearly every delegate handed an AI mandate is inheriting an existing footprint, not building on blank ground. The task in week one is a survey.
What is shadow AI?
Shadow AI is any AI tool an employee uses for work without formal approval from IT or leadership. It covers personal chatbot subscriptions, browser extensions with built-in AI, and AI features added to existing apps without anyone reviewing the data terms. The tools vary widely in what they can do and what risk they carry. What links them is that no one has checked what company data goes into them.
The label has a precedent. Shadow IT, the personal Dropboxes, unauthorised productivity apps, and consumer tools staff have always reached for when official systems were too slow, has been a governance concern for IT departments for decades. Shadow AI follows the same pattern with a sharper data-risk profile. A personal Dropbox is a file-sharing concern. A consumer AI tool may retain inputs, use them for training, or share data with third parties, potentially placing personal data, client information, or commercially sensitive content outside the scope of your UK GDPR obligations.
Why does this gap matter for your business?
The gap between officially approved and actually used creates two distinct problems. Employees pasting client data or internal financials into consumer tools may already have breached your data processing obligations under UK GDPR, even if no one intended to. The same gap is also your clearest signal of where AI would genuinely help. The tools people reach for without permission are the ones solving real workflow pain.
On the compliance side, UK GDPR requires your business to know where personal data is processed, who processes it, and under what legal basis. The ICO’s guidance on AI and data protection is explicit about what applies when employee tools are in scope. If a team member has been pasting a client’s personal details into a free-tier chatbot, you may have a reportable breach with no awareness it happened.
On the opportunity side, unofficial adoption is diagnostic data. When three account managers independently reach for the same workaround, that tells you the official process for that workflow is too slow. The tool may carry risk; the need it fills is real. A well-run audit surfaces both at once, which is why it belongs in week one, before any tools are deployed or any strategy is presented to the board.
Where will you actually meet it?
Shadow AI typically turns up in three places in an owner-managed business. First, copy-paste workflows, where someone opens a consumer chatbot and pastes in a client email, a contract clause, or a draft document to get a quicker result. Second, browser extensions with AI built in, often installed for personal reasons and used for work without a second thought. Third, peer recommendation, where one useful tool spreads informally before anyone in leadership knows it exists.
Beyond those three, watch for AI features embedded in SaaS tools the business already pays for. Salesforce, HubSpot, Microsoft 365, and Notion all ship AI functionality that activates by default or requires only a settings toggle. These are not consumer tools in the traditional sense, but if nobody reviewed the AI data-handling terms before the feature went live, the compliance exposure is similar.
The useful question for each department is simple: what do people reach for when they need a task done faster than the official process allows? That question, asked honestly, nearly always surfaces at least one AI tool the business had not counted.
How do you run the audit without it feeling like a crackdown?
Frame the audit as a mapping exercise. Tell your team you are learning how AI is already being used so you can resource it properly, sanction what is working, and fill the gaps where people lack good tools. People are far more willing to share when they think the outcome will help them. Curiosity builds better results here than any compliance review would.
In practice, a short anonymous survey gets better responses than an email asking people to list the AI tools they use. The framing matters: “Help us understand how AI is already supporting your work” lands better than “Please disclose any unauthorised software.” If you share your own AI use at the start of a team session, it usually shifts the conversation from disclosure to discussion.
Korn Ferry’s research on AI readiness in organisations notes that leaders who engage with AI alongside their teams build more honest adoption data than those who audit from a distance. That applies here. The shadow AI audit is one of the governance exercises that works better when it is led openly.
What you are listening for, across these conversations, is patterns. Which workflows does every team find slow or limiting? Which tools keep coming up? Where is informal AI use concentrating? Those patterns are the draft brief for your first round of sanctioned tool decisions.
What do you do with what you find?
Every tool or pattern the audit surfaces calls for a decision. Sanction it with appropriate guardrails, replace it with a governed alternative that does the same job more safely, or stop it entirely and explain clearly enough that the team understands the reasoning. The aim is to close the gap between the business’s official AI position and what it actually uses day to day.
For tools that appear genuinely useful and low-risk, the fastest path is often to adopt and govern rather than ban and replace. Sanctioning a tool means agreeing what data goes into it and what stays out, confirming the service terms meet your legal obligations, and documenting the decision so it gets reviewed as conditions change.
For tools that carry real data risk, the conversation is harder but necessary. If a platform retains user inputs, processes personal data outside the UK’s regulatory framework, or sits on terms the business has not reviewed, it has to stop regardless of how much the team values it. The audit gives you the evidence to have that conversation from a position of information rather than assumption.
What this produces, in practical terms, is the first version of an AI inventory, a documented list of what the business uses, who approved it, and what the data-handling ground rules are. That inventory is the foundation of any governance framework worth the name. How to manage ongoing use, set standards for new tools, and build the policies that govern what you have found is a separate step. That step starts here, with knowing what you actually have.
