AboutBlogBusiness First AIFounder FreedomBook a conversation

How businesses protect themselves from AI risks and mistakes

May 18, 2026
Business owner reviewing a checklist at a desk with a pen in hand
TL;DR

UK businesses using AI face two types of risk: operational (errors that waste time) and regulatory (exposure to the ICO, FCA, and NCSC). The right response depends on the use case. Lightweight controls cover everyday drafting, summarising, and analysis tasks. Formal governance, including Data Protection Impact Assessments and documented human oversight, is required when AI handles personal data, profiling, automated decisions, or regulated content. Getting the category wrong is expensive.

Key takeaways

- AI use in a business falls into two risk categories: operational risk (errors that waste time) and regulatory risk (ICO, FCA, and NCSC exposure), and the right level of control depends on which category applies. - The ICO requires a Data Protection Impact Assessment where AI processing is likely to result in high risk to individuals, covering credit scoring, hiring tools, eligibility decisions, and automated profiling. - Regulated firms remain responsible for AI outputs even when the model comes from a third-party vendor; delegating a decision to an AI tool does not transfer liability to the vendor. - The NCSC has warned that AI is lowering the barrier for phishing and business-email-compromise attacks on SMEs, and Microsoft's analysis found 93% of ransomware attacks use basic techniques that better security hygiene can address. - Before adopting any AI tool, ask where your data is stored, whether it will be used to train models, what certifications the vendor holds, what audit trail exists, and who carries liability if the AI makes a consequential error.

A founder running a small professional services firm pastes client names, contract terms, and financial details into a popular AI drafting tool. The proposal it generates is good. Three weeks later, the client’s procurement team asks for a data processing agreement, and it becomes clear the founder agreed to terms they never read, covering data that wasn’t theirs to share.

The tool performed as expected. The problem was in governance.

The discovery usually comes after the fact. This guide answers one question: which type of risk does your AI use carry, and what level of control does that actually require?

What choice are you actually facing?

For owner-managed businesses already using AI, the relevant question is which type of risk applies to each specific use case. Drafting content, summarising documents, and internal analysis carry mainly operational risk: a wrong answer wastes time. Processing personal data, automating decisions that affect someone’s rights, or producing regulated content carries regulatory and legal exposure that reaches SMEs directly through the ICO, FCA, and NCSC.

Two broad options sit on either side of that line. Lightweight controls cover a wide range of everyday AI use: a short internal policy, a business-grade tool subscription with a data processing agreement, and staff trained to verify outputs before acting on them. Formal governance applies where the stakes are higher, including Data Protection Impact Assessments, documented human oversight, compliance review workflows, and legal advice where exposure is material.

Getting clear on which side each use case sits on is the practical goal.

When lightweight controls are enough

Lightweight controls are appropriate when AI handles low-stakes tasks where an error causes inconvenience rather than regulatory exposure. Writing marketing copy, generating internal meeting summaries, drafting initial supplier emails, and producing a first cut of a document for human review all fall into this category, provided the tool carries a data processing agreement and no sensitive personal data is entered.

Three things cover most of what you need: a list of approved tools using business accounts with proper data terms (Microsoft 365 Copilot, Google Workspace, or similar enterprise options), a clear staff understanding that AI outputs must be verified before use, and a simple register noting which tools you use and what for. The ICO recommends keeping some form of processing record even for routine AI use, because demonstrating that you considered data handling is itself a form of protection if questions arise later.

One exception to watch for: even nominally routine tools become a different proposition when staff start entering client names, financial figures, or sensitive details into them. At that point, the use case has moved into a different risk category regardless of how the tool is classified by the vendor.

When formal governance is required

Formal governance is required when AI handles profiling, automated decisions with legal or significant effects, or regulated outputs such as financial promotions or medical claims. The ICO’s guidance is explicit: where AI processing is likely to result in high risk to individuals, a Data Protection Impact Assessment is mandatory. Credit scoring tools, hiring algorithms, and eligibility screening all fall into this category.

The FCA applies a parallel principle in financial services: regulated firms remain responsible for AI outputs even when the model comes from a third-party vendor. If you operate in a regulated sector and use AI to generate promotions, shape recommendations, or screen customers, the compliance review workflow sits with your firm, not with the tool provider.

The EU AI Act, now law and phasing in over 2024 to 2026, classifies certain credit scoring and HR applications as high-risk, imposing governance requirements that include risk management, human oversight, and data governance. UK SMEs serving EU customers or using EU-based vendors for these tasks may be indirectly caught by these obligations.

Where UK GDPR Article 22 applies (decisions based solely on automated processing with legal or significant effects), individuals must also be given the right to human review, explanation, and challenge. A useful practical test: if an AI-generated output reached a customer unedited, could it breach a regulated promise, a contractual obligation, or a safety requirement? If yes, formal governance is the right response.

What does getting this wrong actually cost?

The ICO fined Clearview AI £7.5 million in May 2022 for scraping and processing images of UK residents without a lawful basis, and ordered the deletion of all UK data. The case shows what happens when an AI system processes personal data without transparency, legal basis, or any mechanism for individuals to exercise their rights. Headcount is not a mitigating factor in these cases.

Financial cost comes in two forms: the penalty and the remediation. The ICO’s enforcement action against Experian required years of compliance work and systems changes that ran to far more operationally than the monetary penalty suggested. Skipping a DPIA or proper contractual review saves days upfront. The remediation work can stretch to months or years and affects client relationships as well as the balance sheet.

The security exposure is equally concrete. The NCSC has warned that AI is lowering the barrier for criminals to run convincing phishing and business-email-compromise campaigns, with realistic invoices, deepfake voice instructions, and tailored messages that bypass standard awareness training. Microsoft’s analysis of ransomware attacks found that 93% used basic techniques: phishing, unsecured credentials, unpatched systems. SMEs are frequently targeted because weaker controls make them easier to reach, and AI-enabled attackers will take the path of least resistance.

What to ask before you adopt or expand an AI tool

Five questions triage the risk level of any new AI use before you commit to it. They address the areas where SMEs most commonly create exposure: data handling, security controls, audit capability, and liability when things go wrong. Running through these with whoever manages your supplier relationships will reveal whether lightweight controls are sufficient or whether formal governance is the right response.

Where is your data stored, and will it be used to train models? Enterprise tools commonly offer “no training on your data” terms for business accounts, but you need to find it in the data processing agreement rather than rely on a sales conversation.

What security certifications does the vendor hold? ISO 27001 and SOC 2 are the baseline expectation for enterprise AI tools. The NCSC’s guidance on secure AI system development recommends checking access controls, logging, and protection against prompt injection and data poisoning before committing to a tool in a sensitive context.

What audit trail is available? If an AI-assisted decision were challenged by a client or a regulator, what logs exist? For any AI use touching individuals’ rights, a meaningful audit trail is a legal requirement, not a preference.

Who carries liability if the AI is wrong? The FCA’s position is unambiguous in financial services: the regulated firm owns the outcome, regardless of which vendor supplied the model. Understand where liability sits before you rely on a tool for anything consequential.

If the AI made its worst plausible mistake, would you be comfortable explaining that decision? This is the self-check that cuts across every sector and every risk level. If the answer is no, a human needs to review before any output leaves the business.

Sources

- ICO (2022). ICO fines Clearview AI Inc £7.5m and orders it to delete UK residents' data. UK enforcement action demonstrating regulatory response to AI systems processing personal data without lawful basis or transparency. https://ico.org.uk/about-the-ico/media-centre/news-and-blogs/2022/05/ico-fines-clearview-ai-inc-75-million-and-orders-it-to-delete-uk-residents-data/ - ICO (2023). Explaining decisions made with AI. ICO guidance on Data Protection Impact Assessments for high-risk AI processing, automated decision-making obligations, and UK GDPR Article 22. https://ico.org.uk/for-organisations/guide-to-data-protection/key-dp-themes/explaining-decisions-made-with-ai/ - ICO. Automated decision-making and profiling. ICO guidance on individuals' rights to human review, explanation, and challenge where decisions are based solely on automated processing. https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/automated-decision-making-and-profiling/ - ICO (2020). ICO publishes outcome of investigation into data broking. Enforcement against Experian illustrating the operational and remediation cost of opaque automated profiling. https://ico.org.uk/about-the-ico/media-centre/news-and-blogs/2020/10/ico-publishes-outcome-of-investigation-into-data-broking/ - NCSC (2023). The impact of AI on cyber security. UK government guidance on AI-enabled phishing, business-email-compromise, and deepfake attacks targeting organisations of all sizes. https://www.ncsc.gov.uk/guidance/the-impact-of-ai-on-cyber-security - NCSC (2023). Guidelines for secure AI system development. Co-authored with 21 international cyber agencies; covers access controls, logging, red-teaming, and protection against prompt injection and data poisoning. https://www.ncsc.gov.uk/collection/guidelines-for-secure-ai-system-development - NCSC. Exercise in a Box. Free tabletop cyber incident simulation for UK organisations, now including AI-enabled attack patterns. https://www.ncsc.gov.uk/information/exercise-in-a-box - FCA (2024). AI and machine learning: update on the FCA's approach. Confirms regulated firms remain responsible for AI-generated outcomes even where models are sourced from third-party vendors. https://www.fca.org.uk/publication/correspondence/ai-and-machine-learning-update.pdf - Microsoft (2023). Cyber Signals: ransomware trends. Analysis of ransomware attacks finding 93% used basic techniques including phishing and unsecured credentials, supporting the case for AI-assisted email filtering and baseline hygiene. https://www.microsoft.com/en-us/security/blog/2023/03/13/microsoft-cyber-signals-ransomware-trends/ - European Parliament (2024). EU Artificial Intelligence Act. Classifies credit scoring and certain HR tools as high-risk, imposing governance obligations relevant to UK SMEs serving EU customers or using EU-based vendors. https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A52021PC0206

Frequently asked questions

Do I need a Data Protection Impact Assessment to use AI in my business?

A DPIA is required when AI processing is likely to result in a high risk to individuals, according to ICO guidance. This covers AI used for profiling, credit scoring, hiring decisions, and eligibility screening. General drafting tools used through business accounts with no sensitive personal data typically do not trigger the requirement, though keeping a processing register noting which tools you use and why is good practice regardless.

If I use a third-party AI tool, can that vendor be held responsible if something goes wrong?

Regulated firms remain responsible for AI outputs regardless of which vendor provided the model. The FCA has been explicit on this: responsibility for consumer outcomes stays with the firm, not the tool provider. For non-regulated businesses, liability allocation depends on how contracts are structured, which is why reviewing data processing and liability clauses before relying on any AI tool for consequential decisions is worth doing up front.

How do I protect my business from AI-enabled phishing attacks?

The NCSC recommends multi-factor authentication on email and remote access as the baseline defence. AI-enabled email filtering, built into tools such as Microsoft Defender for Business and Google Workspace, blocks many AI-generated phishing attempts automatically. Staff phishing awareness training and occasional simulations, including the NCSC's free Exercise in a Box tool, add a second layer. Businesses handling sensitive client data can also add conditional access policies and endpoint detection to reduce exposure further.

Written by Dr Dave Heath, AI consultant and business strategist.

This post is general information and education only, not legal, regulatory, financial, or other professional advice. Regulations evolve, fee benchmarks shift, and every situation is different, so please take qualified professional advice before acting on anything you read here. See the Terms of Use for the full position.

Ready to talk it through?

Book a free 30 minute conversation. No pitch, no pressure, just a useful chat about where AI fits in your business.

Book a conversation

Related reading

A business owner reviewing a document at a desk with natural daylight, pen in hand

Using AI without letting quality slip in client work

A practical guide for owner-managed services firms on keeping quality high when the team uses AI: the review steps, one-page policy, and training that actually make the difference.

two people sitting at a meeting room table, reviewing a document on a laptop together

Practical workplace guardrails for safer AI use

How to put simple, practical AI guardrails in place before your team starts experimenting with client data.

Two people reviewing a laptop screen together in a small office

How visual regression testing protects AI product changes

Visual regression testing catches layout breaks before your customers do, protecting AI-enabled products from silent failures that can cost you bookings, credibility, and compliance standing.

If any of this sounds familiar, let's talk.

The next step is a conversation. No pitch, no pressure. Just an honest discussion about where you are and whether I can help.

Book a conversation
AboutBlogBusiness First AIFounder FreedomContactBook a conversation
Privacy PolicyTermsCookie Policy

© 2026 Larocca Consulting Ltd