fairlane.systems

People & Organisation

Shadow AI in the fiduciary firm: policy, tool approval list & staff training

How fiduciary firms control unsanctioned AI use: internal policy, approval list, training and Swiss data-protection context.

Researched & fact-checked by: · As of: 2026-06

What is shadow AI?

Shadow AI refers to the use of AI tools in everyday work that are not officially approved, tested or monitored. Staff reach for a chatbot, a browser plugin or an app on their own initiative because the tool solves in seconds a task that would otherwise take hours. This rarely happens with bad intent, but out of pragmatism.

In a fiduciary firm this is especially delicate, because the data that can end up in third-party systems is almost always worthy of protection: payroll data, tax files, client accounting, contracts, internal calculations. If such content is pasted into a freely accessible service, it leaves the firm's control - potentially onto servers outside Switzerland and with unclear reuse for training purposes.

Shadow AI is therefore not purely an IT matter, but a question of professional secrecy, data protection and client trust. The first step is to acknowledge that usage is already happening - a mere ban only drives it underground.

Why this matters

Surveys from the German-speaking region show that private AI tools are widespread at work: according to Bitkom, around four in ten German companies assume that employees use private AI tools in their everyday work; in around a quarter of firms the usage is actually known (8 percent widespread, 17 percent in individual cases). For a fiduciary firm this means it is more likely that AI is already in use than not.

The risks are concrete. If an employee enters client data into a service that processes it outside Switzerland, this can collide with the revised Data Protection Act (revDSG, in force since 1 September 2023) and with professional secrecy. There are also quality risks: AI outputs can be wrong («hallucinations»), and results adopted without review jeopardise the duty of care.

At the same time, a blanket ban is counterproductive. It removes the firm's productivity gain and drives usage into untraceable channels. A structured framework is sensible: clearly define what is permitted, provide secure alternatives and enable the workforce.

The three building blocks: policy, approval list, training

Internal AI policy (usage rules). This is the core. A usable policy regulates: purpose and scope; which data categories must never reach unsanctioned tools (client data, personal data, trade secrets); which tools are approved; the obligation to apply human final review to all AI results; transparency towards clients where necessary; and responsibilities and reporting channels. Clarity matters - one page that is actually read is worth more than twenty pages of legalese.

Tool approval list. A living document («allow-list») that records for each tool: name, provider, data location, whether personal or client data may be entered, and the approved purpose. A short positive list is more practical than an endless list of prohibitions. New tools pass through a lean approval process before being added.

Training. Staff need enough understanding to use AI responsibly: what the typical sources of error are, which data is off-limits, how to phrase requests without sensitive content, and how to check results. Training should be recurring and documented.

When an AI policy makes sense

A usage policy is worthwhile as soon as generative AI is used in the firm even occasionally - which today is the case almost everywhere. It is especially urgent where protected client or personal data is processed, where staff work on their own devices, or where the firm wants to actively introduce AI into workflows.

For the competence dimension, Article 4 of the EU AI Act serves as a reference. It has applied since 2 February 2025 and obliges providers and deployers of AI systems to ensure a sufficient level of «AI literacy» among their staff. The enforcement rules apply from 2 August 2026. For a purely Swiss fiduciary firm without an EU nexus, Art. 4 does not apply directly, but it offers useful orientation on what «adequate training» means - and becomes relevant once EU clients or EU activities come into play.

This is not legal advice; specific applicability must be assessed case by case.

What a policy cannot do

A policy is not a governance model on its own. A document that merely states a prohibition («AI tools may not be used without approval») does not solve the problem - it drives usage underground and makes it harder to trace. A policy only becomes effective together with provided, secure alternatives, with training and with lived practice.

At the same time, an internal policy does not replace technical safeguards. Where client data is processed, suitable tools with a data location in Switzerland or contractually secured commissioned processing, access controls and logging are additionally needed. The policy describes the target state; the technology must make that target state possible.

And it does not replace professional final review: AI remains an aid - responsibility for every work result lies with the human.

FAQ

Should we simply ban AI in the fiduciary firm?

A blanket ban is usually counterproductive: it forfeits productivity and pushes usage into untraceable channels. A structured framework with an approval list, secure alternatives and training works better. Sensitive data categories should, however, be clearly prohibited in unsanctioned tools.

What must not go into a freely accessible chatbot under the revDSG?

Personal data and sensitive data may not be processed without a valid legal basis and adequate security. Client data, payroll data, tax files and trade secrets do not belong in a service with an unclear data location or training use. This is not legal advice; assessment is case-by-case.

Does the EU AI Act apply to a Swiss fiduciary firm?

For a purely Swiss firm without an EU nexus, Article 4 does not apply directly. The AI literacy obligation in force since 2 February 2025 nonetheless serves as useful orientation and can become relevant once EU clients, EU establishments or activities in the EU are involved. Enforcement rules apply from 2 August 2026.

How long does the policy need to be?

Short and clear beats long and unreadable. A one- to two-page usage policy that is actually read, plus a maintained approval list, is more valuable in practice than a long document nobody opens.

Related topics

SHADOW AI · COMPLIANCEShadow AI in the enterprise: when employees use ChatGPT privately on client datarevDSG · COMPLIANCErevDSG / revFADP and AI: what the revised Swiss Data Protection Act means for LLM useLaw & ComplianceEU AI Act for Swiss SMEs 2026: Obligations, Risk Classes, Roadmap ChecklistLaw & ComplianceMay I use ChatGPT as a Swiss fiduciary? Data protection, DPA & business version (revFADP + possibly Art. 321 SCC)

Sources

  1. Bundesgesetz über den Datenschutz (revDSG), Fedlex SR 235.1 · 2026-06
  2. EU AI Act, Artikel 4 – AI literacy (artificialintelligenceact.eu) · 2026-06
  3. Verordnung (EU) 2024/1689 (KI-Verordnung), EUR-Lex · 2026-06
  4. Bitkom-Presseinformation – Beschäftigte nutzen Schatten-KI (2025) · 2026-06
  5. Eidg. Datenschutz- und Öffentlichkeitsbeauftragter (EDÖB) – Künstliche Intelligenz · 2026-06
  6. European Commission – AI literacy, Questions & Answers · 2026-06

FITS YOUR STACK?

What this looks like in your business – a 30-minute intro call.

Book a call