
Shadow AI is the unsanctioned use of AI tools on personal logins, outside any policy or oversight. For directors, it's a live liability issue because your existing duties of care and diligence still apply, even when staff use AI you can't see. Banning AI doesn't remove that risk, it pushes it into consumer tools where your business IP leaks and there's no audit trail. The fix is a secure, sanctioned AI layer with the visibility and guardrails a board can stand behind.
Shadow AI is any use of AI tools that sits outside your organisation's sanctioned platforms and policies. In practice, it's your people pasting client details into a personal ChatGPT login, or asking a free tool to summarise a contract, with no shared context and no record of what happened.
Directors should care because the risk doesn't stay with the individual. When work flows through ungoverned tools, confidential information, brand voice, and legal watch-outs all travel with it, invisibly. There's no audit trail and no guardrail.
This isn't a fringe habit. UpGuard (2025) found that more than 80% of workers use unapproved AI tools, and a Cybernews survey (2025) found that 59% of employees hide their AI use from their managers. If most of your team already uses AI, and more than half hide it, then shadow AI is already inside your business.
| Dimension | Shadow AI (personal logins) | Sanctioned AI layer |
|---|---|---|
| Context | None. Every prompt starts from a blank page. | Your brand, product, and process built in. |
| Guardrails | None. No rules, limits, or required disclaimers. | Rules and legal watch-outs baked in. |
| Audit trail | Invisible. Nothing is logged. | Visible. Use happens where you can see it. |
| Business IP | Leaks into consumer tools. | Stays inside a controlled environment. |
The Chief Justice of NSW, the Hon. Andrew Bell AC, addressed shadow AI directly in his 2026 Harold Ford Memorial Lecture at the University of Melbourne on 21 May 2026. He framed AI use as a matter of directors' duties, not a passing IT concern.
His most quoted warning was about the technology's tone. He said AI "produces output with great confidence and clarity of language, features which it has in common with the most accomplished of fraudsters" (Chief Justice Bell, 2026, para 80). That confidence, he warned, breeds over-reliance and can chip away at healthy debate.
The line that matters most for shadow AI came later. He warned that directors and officers "without access to secure and sanctioned AI platforms offering embedded controls, may revert to 'shadow' AI use", which he called an "already widespread behaviour" bringing "increased risks in relation to fraud, cybersecurity, confidentiality and even national security" (Chief Justice Bell, 2026, para 96).
Banning AI makes the risk worse because it hides it rather than removing it. When there's no sanctioned place to work, people don't stop using AI. They move it out of sight, onto personal accounts you can't govern.
Think about what actually happens when a policy says no. A busy account manager still has a proposal due, so they paste the client brief into a free tool at home. The work gets done, but your business IP now sits in a system you don't control, with no context and no guardrails.
That's the trap. A ban feels like control, but it produces the opposite. The Chief Justice's point in 2026 was precisely this: the absence of sanctioned platforms is what drives people to shadow use (Chief Justice Bell, 2026, para 96). The safer path isn't prohibition, it's a governed alternative that's genuinely better to use.
Director liability applies to AI use because your existing duties don't pause when a tool changes. The duty of care and diligence still governs the decisions you make and the systems you're responsible for, whether or not an AI helped produce the work.
This matters because directors sometimes assume AI creates a new legal grey zone. It doesn't, in the sense that no new statute is needed for the risk to apply. The Chief Justice's 2026 lecture made clear that the analysis sits within directors' existing duties, and that a director can't simply defer to a machine's output and treat that as diligence (Chief Justice Bell, 2026).
So the governance question is practical, not theoretical. If your people are using AI in ways you can't see, you can't demonstrate the oversight your duties assume. AI governance for directors starts with making that use visible. This is context, not legal advice, and AI supports rather than replaces proper legal review.
A sanctioned AI platform is a secure, governed place to work where your team's AI use happens in the open, with your context and rules already built in. It's the "visibility mechanisms and guardrails" the Chief Justice described, made real.
At Utilaa, that layer is Context Intelligence: a governed source of truth that sits underneath your AI, so every tool and person works from the same brand, product knowledge, and legal limits. Because the context is shared, the output is consistent, and because the environment is controlled, the use is auditable.
This maps directly onto the Australian Government's Voluntary AI Safety Standard (Department of Industry, Science and Resources, 2024), whose ten guardrails include meaningful human oversight and control, data governance, record-keeping and accountability, and transparency. A sanctioned layer is how those guardrails stop being a document and start being how the work happens: oversight because a human reviews and signs off, records because use is logged in one place, and accountability because it's clear who owns each output.
The result reframes the whole debate. Your people get faster, because the AI starts from your business instead of a blank page. Your risk drops, because the work is visible and the guardrails are baked in. Governance and productivity stop being opposites. A human still signs off before anything goes out.
| Director concern | How a sanctioned AI layer answers it |
|---|---|
| "I can't see how AI is being used." | Use happens in one governed place, with a record. |
| "Our IP is leaking into consumer tools." | Context and work stay inside a controlled environment. |
| "Output is inconsistent and off-brand." | One shared context layer produces consistent results. |
| "Who's accountable for what AI produces?" | A human reviews and signs off every time. |
A director should start by making the invisible visible. Before any policy, ask one direct question: if everyone on the team is already using AI, where are they doing it, and what are they feeding into it?
The answer maps your real exposure. It usually shows client data in personal tools, brand voice drifting across a dozen logins, and no record of any of it. That picture is uncomfortable, and it's also the beginning of the fix.
From there, the practical steps are straightforward:
This is the shift the Chief Justice pointed to in 2026: deliberate governance over informal shadow use (Chief Justice Bell, 2026, para 96). It's also the more productive path, which is what makes it stick.
Shadow AI is unsanctioned use on personal accounts, with no shared context, guardrails, or logging. Sanctioned AI runs on a governed platform your organisation controls, with your brand, rules, and legal limits built in and use recorded. The work is the same; the visibility and safety are not.
Using AI is not a breach in itself. Your existing duty of care and diligence still applies to how AI is used and overseen. Risk arises when directors defer to AI output without genuine judgement, or can't see how AI is used across the business. This is general context, not legal advice.
No. A ban tends to hide the risk rather than remove it, because staff continue using AI on personal logins you can't govern. The Chief Justice of NSW noted in 2026 that the absence of sanctioned platforms is exactly what drives people to shadow use.
No. A sanctioned AI layer improves visibility and consistency, and keeps a human in the loop. It supports legal review by making AI use auditable and rule-bound, but it does not replace qualified legal advice on your specific obligations.
A named human remains accountable. AI produces a draft; a person reviews, corrects, and signs off before anything is used or published. A governed layer supports this by keeping the work in one place with guardrails, so accountability is clear rather than scattered.
Faster than most directors expect, because the first step is small: audit where AI is already used, then give people one governed place to work. The context layer grows from there, built once and reused everywhere, with legal and human review kept in the loop throughout.
If you'd like to see what a sanctioned, governed AI layer looks like for your business, book a call.
A note on legal matters: this article is general in nature and conversational in tone. It isn't legal advice. Before you implement AI in your business, involve your own security and legal teams and get advice suited to your situation.
