The three buckets of AI exposure

Sit with enough owners and directors, and a pattern emerges. Ask them where AI is running in the business and the first answer comes quickly. Most can tell you, to the pound, what they're paying for. The Copilot seats. The chatbot the marketing team built. The transcription tool the sales team put on expenses. There is usually a spreadsheet, or at least a sense of what was signed for.

Then ask what else in the business might be using AI, and the room slows down.

Most companies think they know what their AI exposure looks like. Most have mapped the smallest part of it. This isn't a failure of governance. It's a failure of the map.

When a company asks us to help it get its head around its AI exposure, we run the same diagnostic. Three questions, in order, slower than they sound.

The first is where you know AI is being used. The tools you chose, paid for, configured. The licences on the procurement list, the chatbot somebody signed off on, the agent a developer wrote last quarter. This is the bucket everyone starts with, and it is almost always the bucket they can answer confidently.

The second is where you think AI might be used. A feature a team turned on without a conversation. A free tool a colleague picked up because it did a useful small thing. A plugin installed in a browser. An extension on the CRM. These are the items that showed up without a purchase order. They exist. Someone knows about each one. But no single person has the list.

The third is where you are unsure whether AI is being used at all. The software updates that quietly added AI features this year. The SaaS products that flipped a setting on by default and sent an email you didn't read. Google's own search. The browser. The email client. The operating system. The note-taking app on the phone. The meeting tool that now offers to summarise every call.

For most of the small and medium businesses we work with, the third bucket is the largest. By some distance. And it is the one that creates the compliance, IP, and policy risk you cannot write your way out of.

You cannot write a policy about AI use for ground you have not mapped. You can write sentences about it. The sentences will not survive contact with the first piece of software that silently started sending documents to a third-party processor six months ago. We recently helped a client find one of these in bucket three: a free document comparison tool, installed by one person, quietly routing files to a US processor for over a year. Nobody had signed anything. Nobody had lied. Nobody had looked.

That's the shape of the risk. It is rarely dramatic. It is almost always quiet.

What to do with the map is the interesting part, and it is duller than most strategy decks would like it to be.

Walk through the business, function by function. Sales, finance, operations, HR, engineering, the people who run the website. For each, fill the three buckets as honestly as you can. Where you are sure. Where you suspect. Where you have no idea.

Then, item by item, decide three things. Is this AI use actually needed for the work. Is it compliant with the commitments you have already made to customers, to staff, to regulators. And is it logged somewhere a future version of you can find it.

Most items, in our experience, will quietly come off the list. They were a free trial nobody renewed, or a feature nobody used, or a default that could be turned back off without anyone noticing. A smaller number will need attention: a conversation with the vendor, a setting changed, a contract looked at properly. A very small number will turn out to matter more than anyone thought, and those are the ones worth the quarter you will spend on them.

That is the job. It is not an AI strategy. It is a Tuesday with a pen and a cup of coffee, and it is almost always the most useful hour a cautious business can spend on AI this year.