Shadow AI Is Already Inside Financial Services, Whether You Like It or Not

By Kate O'Flaherty • 27 May 2026 • 6 min read

What can be done to regain control as the financial industry’s shadow AI issue gets worse?

As tools such as OpenAI’s ChatGPT become ubiquitous, shadow AI is an increasing problem for the financial industry. The tools pose multiple risks, including data leakage and hallucinations, compounded by the fact that in many cases, financial firms don’t even know they are in use.

With AI adoption happening at the edge of the organisation more quickly than governance can keep up, the sector must learn to grapple with this fast-evolving risk. How can security and compliance leaders start to regain control over shadow AI?

Exposed Sector

As a highly-regulated sector that deals with vast amounts of sensitive data, the financial industry is especially exposed to shadow AI. “The industry handles high-value, highly-regulated data under constant pressure to move fast,” according to Leslie Nielsen, CISO at Mimecast. “That combination creates conditions where employees reach for whatever tool helps them to do their job — often before the organisation has any idea it is happening.”

Yet this can also lead employees to feed highly sensitive and privileged data into AI models. Mark McClain, founder and CEO at SailPoint, cites the example of an unauthorised tool being used to handle a loan origination process. “It would be aggregating financial data, analysing credit history, preparing terms, facilitating underwriting and communicating with stakeholders.”

However, left with unrestricted access to company systems, the agent could misinterpret data, approve high-risk loans, or inadvertently expose customer information, triggering compliance violations or reputational damage, he suggests.

Multiple AI Tools

Most shadow AI use is practical and task-driven as employees turn to tools that help them save time or reduce manual effort in their day-to-day work.

Indeed, the range of tools in use in financial firms is wider than most security teams realise, says Mimecast’s Nielsen. “In financial services, employees are using general-purpose tools like ChatGPT, AI-enabled email and meeting platforms, transcription and summarisation services, and analytics copilots. They are drafting client communications, summarising documents and analysing data, managing workloads with tools their employers have never reviewed or approved.”

The behaviour driving the most risk is not sophisticated, he points out. “Employees are uploading documents to external AI tools. They are forwarding work emails to personal accounts to access AI features. They are pasting sensitive context into prompts because the tool performs better with it.”

While this type of AI use is not malicious, AI features such as those now offered in personal email accounts scan content automatically. “This means confidential business data can end up in third-party systems or training models without anyone realising,” Nielsen warns.

Not Shadow IT

The risk is concerning, but when dealing with it, shadow AI should not be confused with shadow IT. Treating them the same is “a mistake”, says Nielsen. “Shadow IT is about unauthorised applications operating outside IT oversight. The risk is largely about visibility and control of the tooling. Shadow AI introduces a second layer: The data being fed into those tools, the outputs being generated, and the ways that information can be retained, reused or exposed.”

Shadow AI is not just shadow IT with a chatbot attached, agrees Christopher Jess, senior R&D manager at Black Duck. He cites model-specific risks such as “sensitive data leakage, fabricated yet convincing output, prompt injection and embedded AI features arriving inside software that already looks approved”.

The stakes are higher in financial services because the inputs are more sensitive and the regulatory consequences of exposure are more severe, says Mimecast’s Nielsen. “When an employee submits client data into an external AI tool to generate a report faster, the risk is not just the tool itself. It is whether that data is stored, who can access it, and whether it falls within the boundaries the organisation is required to maintain under the general data protection regulation (GDPR) or other frameworks.”

There is also a broader risk that often gets overlooked: Accountability and decision integrity, says Nielsen. “When AI-generated outputs inform customer communications or operational decisions without clear oversight, organisations cannot demonstrate provenance or accuracy. That is a governance problem as much as a security one.”

Blocking AI

Blocking AI tools at work does not help. In fact, experts say it can make things worse. Employees who see clear efficiency gains will often find alternative routes to use AI tools, or turn to more dangerous methods to get results.

“Rather than using approved business tools, staff may turn to personal accounts, browser extensions or free AI platforms with even less visibility or oversight,” Callum Beckwith, software developer technical lead at Capture Expense tells IO.

At the same time a company saying, “we banned it” is not a defence the regulator will accept after the breach has happened anyway, adds Ben Jacob-Smith, founder of the Obsessed Group.

“Organisations that focus solely on restriction often increase risk, rather than reduce it.”

Regain the Balance

It might seem complex, but it’s possible to regain the balance between productivity and control by ensuring continuous oversight and using integrated management systems.

As part of this, AI governance frameworks can help, such as ISO 42001 and ISO 27001 for information security management systems.

Meanwhile, the NIST AI Risk Management Framework offers a useful starting point for thinking about AI-specific risks and controls, says Beckwith. “It provides a structured way for organisations to assess how AI systems are designed, used and governed across their lifecycle, while addressing key considerations such as data handling, reliability and accountability.”

Financial firms should also be aware of the EU AI Act, which applies to any UK company whose AI systems touches EU customers.

There’s no doubt the shadow AI challenge is growing as a surge of AI tools enter the market. But there is no way to prevent it happening. With AI tools able to increase productivity, the goal for financial sector security and compliance leaders is not to slow innovation, but to guide it safely, says Beckwith.

To help regain control, Beckwith recommends creating “structured, visible, and governed pathways” for AI use. “This starts with understanding where AI is already being used across the business. From there, organisations can define clear expectations for acceptable usage and data handling, aligned to regulatory and compliance expectations.”

He believes the core aim should be to offer employees effective tools to do their jobs. Providing approved tools removes the need for workarounds, while realistic training helps employees understand how to use AI responsibly in real-world scenarios, such as summarising internal policies, says Beckwith. “The aim here is not perfection, but managed, auditable and well-understood usage.”