The three buckets of AI exposure

We were in a conversation with a client, an SME of about three hundred people, about something else entirely. Someone in the room mentioned, in passing, a tool they used to compare two versions of a policy document. Useful little thing. Anytime the policy changed, the changes had to ripple through a stack of associated documents, and the tool made it easier to see what had moved.

It was the kind of detail that would normally have got a nod and moved on. We pressed on it instead. Where had the tool come from. Who else used it. What kind of files went through it. Casual questions. Not a formal session, just a conversation that took an interested turn.

Back at the desk, we audited the tool. Read the documentation. Read the small print everyone accepts blindly when they install something free. The tool was routing the files it compared to a processor based in the United States. As far as anyone in the business knew, one person had been using it. It might have been more people. It might have been longer than a year. Nobody had a list.

In this particular case, the policies weren't sensitive. No customer data, no payroll, no commercial terms. So the harm was hypothetical rather than actual, this time. But that wasn't the point. The point was that nobody had known. And if a free document comparison tool could sit unaccounted for, so could the next one, on a worse document.

The conversation was useful for another reason. It made visible something we now ask in some form with every client: when you say you know what AI is running in your business, how much of the business have you actually looked at?

Three questions, in order, slower than they sound.

The first is where you know AI is being used. The tools you chose, paid for, configured. The licences on the procurement list, the chatbot somebody signed off on, the agent a developer wrote last quarter. This is the bucket everyone starts with, and it is almost always the bucket they can answer confidently.

The second is where you think AI might be used. A feature a team turned on without a conversation. A free tool a colleague picked up because it did a useful small thing. A plugin installed in a browser. An extension on the CRM. These are the items that showed up without a purchase order. They exist. Someone knows about each one. But no single person has the list.

The third is where you are unsure whether AI is being used at all. The software updates that quietly added AI features this year. The SaaS products that flipped a setting on by default and sent an email you didn't read. Google's own search. The browser. The email client. The operating system. The note-taking app on the phone. The meeting tool that now offers to summarise every call.

The document comparison tool sat in the third bucket. It was the bucket we'd never have asked about in a procurement review, because it had never been procured.

For most of the small and medium businesses we work with, the third bucket is the largest, by some distance. It is also the one that quietly undoes any policy written about the first two. You cannot write a useful policy on AI use for ground you haven't walked. You can write sentences about it. The sentences will not survive contact with the first piece of software that started sending documents abroad six months ago without anyone noticing.

That's the shape of the risk. It is rarely dramatic. It is almost always quiet.

What to do with the map is the interesting part, and it is duller than most strategy decks would like it to be.

Walk through the business, function by function. Sales, finance, operations, HR, engineering, the people who run the website. For each, fill the three buckets as honestly as you can. Where you are sure. Where you suspect. Where you have no idea.

Then, item by item, decide three things. Is this AI use actually needed for the work. Is it compliant with the commitments you have already made to customers, to staff, to regulators. And is it logged somewhere a future version of you can find it.

Most items, in our experience, will quietly come off the list. They were a free trial nobody renewed, or a feature nobody used, or a default that could be turned back off without anyone noticing. A smaller number will need attention: a conversation with the vendor, a setting changed, a contract looked at properly. A very small number will turn out to matter more than anyone thought, and those are the ones worth the quarter you will spend on them.

That is the work. A Tuesday with a pen and a cup of coffee, walked function by function, is usually the most useful hour a cautious business can spend on AI this year.