Shadow AI isn't a people problem. It's a policy vacuum. And policy vacuums fill themselves — just not in ways you'd choose


⬡ New Series · Shadow AI & Building Your Policy · Issue 1 of 5

Monday · July 6, 2026 · Issue #038

I want to start this week by naming something that's almost certainly already happening inside your firm right now — and that most firm leaders have been slow to address because addressing it feels awkward.

Your team is using AI tools you haven't approved. Not because they're reckless. Because they found something that makes their work faster and nobody told them not to.

That's shadow AI. And it's the most common source of AI-related compliance and data exposure in professional services firms today — not a cyberattack, not a bad vendor, not a technical failure. Just people doing their jobs, using the tool that helps them do it faster, without a policy to guide them or a governed alternative to use instead.

This week we're going to deal with it directly. The problem Monday through Wednesday. The fix Thursday and Friday — specifically, how to write an AI policy that actually works, step by step, in plain language your whole team can follow.

⬡ What the Data Actually Says · With Sources

I want to be careful here. There are a lot of shadow AI statistics circulating right now, and they don't always agree with each other. The ones I'm comfortable citing because I can trace them to named sources:

78% of AI users at work are bringing their own tools outside IT approval, according to Microsoft's 2025 Work Trend Index. That's not a fringe behavior anymore — it's the dominant pattern.

More than 80% of workers use unapproved AI tools, with nearly 90% of security professionals doing so, according to an UpGuard report published November 2025. Notably, UpGuard also found that executives had the highest rates of regular unauthorized AI use — which means the people setting policy are often the people ignoring it.

According to IBM's 2025 Cost of a Data Breach Report, AI-related breaches carried a significant cost premium over standard breaches. The report found shadow AI incidents were a contributing factor in approximately 20% of breaches. I'd recommend verifying the exact premium figures directly from IBM's report before citing them, as secondary sources have quoted different numbers.

In professional services specifically: according to a 2024 Salesforce report (cited by Airia), 72% of financial services employees use at least one unsanctioned AI tool. A 2024 Thomson Reuters report found 45% of legal professionals use consumer AI tools for work tasks. I'd treat these as directionally accurate and recommend verifying before including them in any client-facing document.

⬡ What Shadow AI Actually Is — And Why It's Different From Shadow IT

Shadow IT has been around for years — employees using Dropbox, personal email, or unauthorized apps for work tasks. IT departments learned to monitor and manage it. Shadow AI is different in a way that matters.

When someone uses unauthorized Dropbox, they store files in an uncontrolled location. That's a risk, but a bounded one. When someone uses unauthorized AI, they're actively sending data to a third-party model — and the data flowing in is often far more sensitive than a file name. A client email. A contract under negotiation. A conversation about a difficult personnel situation. A financial projection that isn't public. It goes in as a prompt. What happens to it after that depends entirely on the tool's data practices — practices most employees have never read and most firms have never reviewed.

There's a second difference. With shadow IT, the risk is mostly about where data is stored. With shadow AI, the risk also includes what the tool does with data — whether it stores prompts, whether it uses them for training, whether it can be queried in ways that surface information from other users' inputs. These aren't hypothetical risks. Samsung famously had an internal code leak when engineers used ChatGPT for work tasks in 2023. The risk profile hasn't shrunk since then — it's grown, as tools have become more capable and more embedded in daily workflows.

And there's the third difference: the prompt itself is intelligence. "Summarize this contract and flag the terms most unfavorable to us" tells the AI — and its operator — not just what the contract says, but what your negotiating concerns are. The question reveals strategy that the document alone doesn't.

⬡ Why It Keeps Happening — And Why Banning Tools Doesn't Fix It

Here's what the UpGuard data revealed that I think is the most useful insight for firm leaders: employees who use unapproved tools tend to believe they understand the security requirements well enough to manage the risk themselves. The unauthorized use isn't happening despite awareness — it's happening because people think they know what they're doing.

That changes the management response entirely. If people were circumventing policy out of carelessness, you'd train on risk awareness. But when people believe they're already managing the risk adequately, the problem is that they're using a personal risk tolerance as a substitute for an organizational policy. The fix isn't awareness training. It's giving them a better governed alternative — and making it easier to use than the unauthorized one.

Blanket bans don't work for the same reason. According to a Healthcare Brew survey cited by Unseen Security, providing approved AI alternatives reduced unauthorized AI usage by a significant percentage. (I'm not citing the exact figure because I couldn't verify the primary source directly — but the directional finding is consistent with how shadow IT has historically been managed: access beats restriction.)

The formula that works: a clear policy about what's allowed and what isn't, paired with approved tools that are as easy to use as the unauthorized alternatives. This week we'll build both.

⬡ Jordan · AI Solutions Director · thepromptory.com

Free · No account required · No sales call after

G

I'm the operations lead at a 20-person accounting firm. I've started to suspect some of our staff are using personal ChatGPT accounts to help with client work. I don't have proof, and I'm not even sure what questions to ask to figure out the scope of it. Where do I start?

J

Your instinct is right, and the way to start isn't surveillance — it's an honest conversation framed as a positive one. Ask your team: "We're building out our AI toolkit and I want to know what's actually useful to you. What AI tools have you tried in the last 30 days, for any kind of work?" Frame it as gathering intelligence for improvement, not investigating violations. You'll get a more complete picture, and you'll signal that the goal is to give people better tools — not to catch them doing something wrong. What happens after that conversation depends on what you find.

Jordan · thepromptory.com →

Not sure where your firm's shadow AI exposure sits? Jordan will walk through it → thepromptory.com

⬡ This Week · Issue #038

TUESDAY · The Anatomy of a Shadow AI Incident

What actually goes wrong — and how it usually starts with one person doing something completely reasonable.

WEDNESDAY · The Shadow AI Audit

Five questions that tell you your firm's real exposure — before anyone external asks them first.

THURSDAY · Building Your AI Policy, Part 1

The four sections every AI policy needs. Why most firms get section two completely wrong. How to write it so people actually follow it.

FRIDAY · Building Your AI Policy, Part 2 + The One-Page Template

The complete one-page AI policy template you can adapt and use this week. Plain language. No legal team required to draft the first version.

💡 The One Thing

Shadow AI isn't a people problem. It's a policy vacuum. And policy vacuums fill themselves — just not in ways you'd choose.

Most firms haven't written an AI policy because it feels like a complex legal undertaking. It isn't. It's a clear set of answers to questions your team is already asking informally — what can I use, for what, with which data, and when do I need to check with someone first. You can answer those questions in one page. We'll build that page together Thursday and Friday.

Want to know your firm's shadow AI exposure before we get there? Start with Jordan → thepromptory.com

The Promptory Daily

Stay ahead of AI .Curated AI news, tool spotlights, tips & real-world use cases — delivered every weekday morning in 5 minutes or less.

Read more from The Promptory Daily

!-- FRIDAY · VAULT DROP — ⬡ Shadow AI & Building Your Policy · Issue 5 of 5 · The Template Friday · July 10, 2026 · Issue #038 Happy Friday. We close the week where we said we would — with something concrete you can use. Today you get the one-page AI policy template. Below that, you'll find three things that make AI policies fail after they're published — because writing the policy is only half the job. Getting people to follow it is the other half, and it's the part most firms skip. One...

⬡ Shadow AI & Building Your Policy · Issue 4 of 5 Thursday · July 9, 2026 · Issue #038 Today we start building. Before I get into the framework, one thing I want to be clear about: an AI policy is not a legal document. It doesn't need to be reviewed by a lawyer before it exists. It needs to be reviewed by a lawyer before it becomes binding on employees or clients in high-stakes ways — but the version you write this week is a governance starting point, not a legal instrument. Treat it that way...

⬡ Shadow AI & Building Your Policy · Issue 3 of 5 Wednesday · July 8, 2026 · Issue #038 Before you can write a policy, you need to know what you're governing. Most firms that decide to address AI governance skip straight to the policy document — and end up writing rules around tools they think their team uses, for workflows they assume are the risky ones, based on data they've never actually collected. The policy looks fine on paper. It governs a business that doesn't quite exist. Today's...