Why Copilot Alone Could Not Govern AI at a Global Investment Group

A global investment group had deployed Microsoft Copilot across the business, written an AI policy, and still had no visibility into how AI was actually being used. Because Copilot was not the only tool in use.

The Starting Position

Deploying Microsoft Copilot is, for many organizations, the moment they believe they have resolved the AI governance problem. 

One approved platform. A Data Processing Agreement. Enterprise licensing that restricts how Microsoft can use the data submitted to it. An IT rollout that gives staff an AI tool they are permitted to use.

The assumption works until it meets the reality of how people actually work.

For teams doing sophisticated financial analysis across a complex and diverse set of holdings, a single AI interface does not cover the full range of what they need. The tasks are varied, the data inputs are layered, and the outputs required go beyond what a single general-purpose assistant can reliably produce. Staff doing this kind of work tend to find and use the tools that work best for their specific cases, regardless of what the approved list says.

This organization had deployed Copilot broadly. The policy was clear. What the security team did not know, with no way to find out from the tools they had, was whether staff were using anything else, what data was flowing through those alternative tools, and whether the firm's most sensitive information was reaching platforms that offered none of the protection the Copilot deployment provided.

The Gap in Plain Terms

The security team's visibility stopped at the domain level. Their web filtering infrastructure could confirm that staff were visiting AI platforms and apply access controls at the URL level. What it could not see was which accounts users were logged into, what was being typed into prompts, or whether the content included material that the firm had a strong interest in keeping out of systems it did not control.

Investment management professionals work with acutely sensitive information all day long. Deal data, portfolio company financials, market analysis built on proprietary research, strategic assessments prepared in confidence: this is the information that the firm's processes are designed to protect. It flows through email systems with DLP controls, through document management with access restrictions, through collaboration platforms with governance policies. But it also flows through the minds of the people whose job is to work with it daily, and those people were reaching for AI tools to help them do that work faster.

The gap was between where the governance framework stopped and where the actual usage was happening.

What the Deployment Found

Harmonic was deployed via browser extension across the workforce, with an initial silent monitoring period that gave the security team a complete and unfiltered picture of AI activity before any policy controls were applied.

Shadow AI usage was confirmed to be material, and it was concentrated in the functions where information sensitivity is highest. Teams in the private equity and listed equities functions, the groups whose work involves the most confidential financial and strategic content, were among those using alternative AI tools most actively. This is consistent with what Harmonic observes across financial services deployments. The users who most need AI tend to be the users most likely to look beyond the approved platform when that platform falls short of their requirements.

The platforms in use ranged across the major AI providers, largely in free and personal account tiers where enterprise data processing terms do not apply, alongside a range of specialist tools with no formal agreements in place. Account-level visibility revealed that personal account usage was present even on platforms where the organization held enterprise licenses, which removed the contractual data protection that the enterprise tier provides.

The data categories detected in prompts were consistent with the nature of the work: financial analysis, portfolio company information, strategic and transactional content at varying levels of sensitivity. Much of it was specific enough that access to it would have been of direct value to parties outside the organization.

Shadow AI usage confirmed across highest-sensitivity investment functions

Personal account usage present on enterprise-licensed platforms, removing enterprise agreement coverage

Financial, strategic, and transactional content categories detected across non-approved tools

Why Restricting Staff to One Tool Was Not the Answer

The organization had already tried operating a Copilot-only policy. The result was not that staff stopped using other tools, but that usage moved to places where it was even harder to see. Personal devices, personal accounts, tools accessed from outside the managed environment. Mandating a single approved platform without the visibility to enforce it consistently produces shadow AI usage that is harder to detect.

The right response to the findings was to bring the actual usage landscaped under governance.

Harmonic's position, consistent across the customers in its deployment base, is that effective AI governance starts with an accurate picture of what is actually happening. Policies written against assumed usage patterns are frequently out of touch with how AI is really used. The Harmonic deployment gave this organization the accurate picture first, and the policy framework followed from that.

Moving to a Governed Multi-Tool Environment

Following the proof of value, the organization moved from a single approved platform to a structured set of approved tools: a broader list that reflected the genuine diversity of what investment professionals need, governed by a consistent control framework rather than a policy that was being regularly circumvented.

Approved platforms were extended to include a defined set of AI tools beyond Copilot, all accessed under enterprise or professional accounts carrying acceptable data processing agreements. Harmonic provided the monitoring layer across all of them, giving the security team visibility into usage and data categories regardless of which tool was in use.

Prompt-level controls were applied to intercept sensitive data categories before submission across both approved and unapproved platforms. For the highest-sensitivity content categories (specific financial terms, portfolio company references, transactional data) interventions were configured to require user acknowledgment before submission, creating an audit trail as well as a control.

Unapproved platform access was restricted at the browser level for personal account usage on platforms where enterprise agreements could not be confirmed, with clear policy communications to staff explaining the boundaries and the rationale.

The Outcome

The organization closed the gap between its AI policy and its true AI landscape. Staff gained access to a broader set of approved tools than before, reflecting their actual working needs. The security team gained visibility and controls that applied to the full usage environment.

For investment teams whose work depends on the integrity and confidentiality of the information they work with, AI governance that reflects how that work actually happens is a crucial foundation for effective governance.

To find out more or discuss how this could apply to your organization, visit harmonic.security or get in touch with the team directly.