The AI vendor demo finished well. The interface was clean, the use cases were familiar, and the pricing looked manageable for a ten-person firm. What the demo did not include was a straight answer to the question that matters most: where does our data go, and who bears the consequences if something goes wrong?
That gap is where owner-managed businesses commonly give ground on AI, and it surfaces more often than the vendor demo suggests. The fix is a clear set of questions, asked before you sign, applied to every vendor conversation regardless of how polished the product looks.
What five areas should every AI vendor conversation cover?
Any AI vendor conversation worth having should cover five areas: business fit and measurable outcomes, data handling and storage location, the model and how it is governed, security certifications and contract terms, and implementation plus exit options. Vendors who struggle to answer any of these five clearly are telling you something useful before you commit.
The question worth asking first is this: would this still matter to us if it did not use AI? If the answer is no, you have an experiment, not a strategy. McKinsey’s 2023 State of AI survey found that AI pilots frequently fail to scale when they are not mapped to a specific, defined workflow. For an owner-managed firm with ten to fifty staff, that typically means picking one to three high-value processes, such as proposal drafting, client email responses, or internal knowledge search, and asking the vendor to demonstrate measurable impact on those specific tasks.
Productivity gains of 20 to 30 per cent in specific functions are documented in professional services, but only when AI is tightly integrated into defined processes rather than used ad hoc. Microsoft’s early Copilot research found that 70 per cent of users reported improved productivity, but also that effective use required training and workflow redesign, not simply activating the feature. A Stanford and MIT field experiment on customer support found agents using an AI assistant improved productivity by 14 per cent on average, with larger gains for less experienced workers. The lesson is that outcome claims are testable. Ask to see them applied to your actual work before you decide.
Why does the data question matter more than the demo?
Under UK GDPR, your firm is the data controller for any personal data a vendor processes on your behalf. If the vendor handles client data unlawfully, the accountability sits with you. The ICO’s enforcement against Clearview AI, fined an initial £17 million for processing images of UK residents without a lawful basis, illustrates clearly where liability lands when vendor practices fall short of their legal obligations.
The ICO’s guidance on AI and data protection makes clear that organisations must identify a lawful basis for processing personal data through AI, understand where that data goes including any onward transfers to subprocessors, and conduct data protection impact assessments for high-risk uses. Three questions every owner should put to any vendor: in which countries is our data stored and processed; will our prompts or outputs be used to train a shared or public model, and can we opt out contractually; and how long are logs, prompts, and outputs retained before deletion?
The FCA has been equally clear that outsourcing a critical function to an AI vendor does not dilute a regulated firm’s responsibilities. If you operate in financial services, legal, or healthcare, the compliance obligations sit with you regardless of whose technology you are using.
Where do owner-managed businesses most often get caught out?
The most common mistake is treating an AI feature as though it sits outside your existing compliance obligations. An AI-enabled CRM that processes client data is still subject to UK GDPR, equality law, and any sector-specific rules, just as its non-AI predecessor was. Adding the word “AI” to a product does not create a compliance-free zone, and the UK’s 2023 AI White Paper is explicit on this point.
Three specific risks tend to catch owner-managed businesses out. First, the shared model problem: many general-purpose AI tools run on shared infrastructure, which means your prompts may feed a model that other clients also benefit from. Ask the vendor whether the model is tenant-specific or whether your data trains a shared system. Second, jurisdictional risk: when ChatGPT was temporarily suspended in Italy in March 2023 following a ruling by the Italian data protection authority, firms relying on it for client work faced sudden service disruption. If your vendor’s hosting jurisdiction acts, you feel the consequences. Third, IP exposure: ongoing litigation in US courts over GitHub Copilot’s use of publicly scraped code illustrates that IP ownership in AI-generated output is genuinely unsettled in some areas. Know the vendor’s legal position on output ownership before you start relying on their product in commercial work.
The Equality and Human Rights Commission has also cautioned that AI-assisted recruitment and HR tools may produce discriminatory outcomes that reproduce historical bias, and that employers remain liable under equality law. If you use AI in hiring or performance management, ask the vendor how bias monitoring works and who is responsible for reviewing it.
When does proportionate due diligence mean light-touch?
The ICO encourages a risk-based approach, which means your effort should match the actual risk rather than a fixed checklist applied to every tool. If a use case involves no personal data, no automated decisions affecting clients, and no regulated activity, the due diligence can reasonably be lighter. Drafting internal reports with no client data in the prompt carries a very different compliance position from using AI to assess client eligibility for a financial product.
The practical test is three questions: does this use case involve personal data; does it include automated decisions with a material effect on individuals; and does it touch a regulated activity such as financial advice, legal work, or clinical care? If the answer to all three is no, a lighter approach is proportionate. The ICO is clear that governance should scale to risk, and that over-engineering controls for low-risk use delays real value without adding genuine protection.
For owner-managed businesses, this means you can use AI tools for internal drafting, research summarising, and administrative tasks without heavy governance overhead, as long as no client personal data enters the system. The discipline is knowing where your firm draws those lines before you start, not after the first compliance question arrives.
What documentation should you hold alongside the tool?
Three documents make a vendor relationship far more defensible. A written data processing agreement, required by UK GDPR whenever a vendor processes personal data on your behalf. Evidence of security certifications, at minimum ISO 27001. And a brief record of how you assessed the risks before the tool went live with client data. A short, signed version of each, in place before go-live, is the defensible starting point.
Beyond these three, a vendor’s AI governance framework summary is worth requesting. The NCSC has warned that generative AI systems are vulnerable to prompt injection, data exfiltration, and supply-chain attacks, and recommends that organisations assess vendor security practices including monitoring and incident response capabilities. For any service that handles client data, a well-governed firm asks for evidence of independent penetration testing before go-live, and AI tools are no exception.
For businesses in regulated sectors, the expectation goes further. The FCA’s discussion paper DP5/22 on AI in financial services makes clear that firms using third-party AI for customer-facing work must be able to justify outcomes, demonstrate human oversight, and treat vendor risk as an operational resilience matter. The documentation you hold is your evidence that you thought about it before deploying, not in response to a regulator’s question later.
If you want to work through your vendor shortlist with someone who has no stake in which tool you choose, Book a conversation.
