The governance problem in NZ professional services
Eighty-seven percent of NZ organisations now use some form of AI. That number has nearly doubled in two years. But only 12% have scaled AI across their whole business, and only 29% have formal ethics or safety guidelines. The gap between use and governed use is where the risk lives.
For professional services firms, that gap has a specific shape. It's not about large-scale AI deployments or enterprise model risk. It's about an accountant drafting a tax summary in ChatGPT using a personal account. It's an architect uploading a client brief to try out a generative tool. It's a lawyer using a free AI to research case law without knowing that the citations it returns may not exist. These aren't edge cases. They're the normal pattern of AI use in NZ professional services right now.
52%
of NZ leaders say shadow AI is already a problem in their organisation
46%
of NZ employees have made mistakes at work due to AI
34%
have already used AI in ways that contravene their organisation's policies
The same KPMG research found that 51% of NZ workers have relied on AI output without evaluating its accuracy, and 43% have presented AI-generated content as their own work. These are self-reported figures from the current NZ workforce, not risk scenarios from a future state.
The pattern holds globally. A Cyberhaven analysis of three million workers found that the volume of corporate data pasted into AI tools rose 485% between March 2023 and March 2024. Nearly three quarters of that use happened on personal accounts, not enterprise accounts with data retention controls. In NZ, Microsoft's 2024 research found 81% of NZ AI users bring their own AI tools to work.
The governance problem is not that AI is dangerous. It's that ungoverned AI use is happening in your firm right now, in ways that may expose client data, breach your professional obligations, and undermine the quality of your work, without anyone having made a deliberate decision to allow it.
What AI governance actually means for a firm like yours
AI governance is not about regulating in-house model development. For a professional services firm with 10 to 100 staff, it means something much more specific: controlling everyday staff use of third-party AI tools inside client work.
Which tools are allowed. What data can go into them. Who reviews the outputs before they reach a client. How clients are informed. What happens when something goes wrong. That's it. Governance at this scale doesn't require a dedicated team, a risk management platform, or a 30-page policy document. It requires clarity and consistency on a small number of decisions that your firm hasn't made yet.
MBIE's position: New Zealand's AI Strategy (July 2025) and MBIE's Responsible AI Guidance for Businesses both emphasise a proportionate, context-based approach. Smaller firms need governance that is lighter in structure but not lighter in discipline. The guidance is written for all NZ businesses, including sole traders and individual professionals.
Enterprise AI governance. The kind described in consultancy white papers and vendor case studies, is built for organisations with central AI platforms, model-risk functions, procurement teams, and specialised legal resources. That's not your context. The principles are the same. The scale is completely different.
Professional services also face a different risk mix from general business use. Your obligations run to clients who have shared confidential information in trust. You operate inside professional regulatory regimes that hold individual practitioners, not corporate entities, personally accountable for competence and confidentiality. A Privacy Act breach or a piece of AI-generated advice that turns out to be wrong doesn't just cost the firm. It can cost the practitioner their registration.
Your Privacy Act 2020 obligations
The Office of the Privacy Commissioner is explicit: the Privacy Act 2020 is technology-neutral. The same privacy rights and protections apply to AI tools that apply to any other activity involving personal information. There is no AI exemption. The Act binds every agency regardless of size, and it applies extraterritorially, meaning overseas AI vendors carrying on business in NZ are also bound.
Before deploying any generative AI tool that touches personal information, the OPC recommends a Privacy Impact Assessment. That process involves senior leadership, and it produces a documented position on whether the tool is appropriate for the data it will process. Most firms haven't done this for any of the tools their staff are currently using.
Five Information Privacy Principles matter most in the AI context:
| Principle | What it means for your firm |
|---|---|
| IPP 1Purpose of collection | Personal information can only be used for the purpose for which it was collected. Entering client data into a public AI tool to draft a document or test a capability is only lawful if it's connected to the purpose for which the firm holds that data. |
| IPP 5Storage security | Agencies must use reasonable security safeguards. The more sensitive the personal information, the higher the standard. Pasting client financial, health, legal, or personal information into a free consumer AI account, where inputs may be retained and used to train future models, almost certainly does not meet a reasonable standard for professional services work. |
| IPP 8Accuracy before use | Before using personal information in client-facing advice, take reasonable steps to ensure it is accurate. AI hallucinations create a direct IPP 8 exposure wherever AI output is used without adequate human review. |
| IPP 10Limits on use | Information must not be used for purposes other than those for which it was collected without authorisation. The OPC has specifically flagged that allowing an AI provider to use inputs for training can breach the original purpose of collection. |
| IPP 11 & 12Disclosure and cross-border | Sending personal information to an AI provider whose servers are offshore is a disclosure outside New Zealand. Under IPP 12, the firm must take reasonable steps to ensure the overseas recipient will protect the information with safeguards comparable to the Privacy Act. |
New from 1 May 2026, IPP 3A: The Privacy Amendment Act 2025 introduced IPP 3A, which extends notification obligations to personal information collected indirectly from another source. This affects firms that pull counterparty details or third-party information into AI workflows without the subject's direct involvement.
What happens when a breach occurs
Failing to notify the Privacy Commissioner of a notifiable privacy breach is a criminal offence, with a maximum fine of NZ$10,000. The Human Rights Review Tribunal can award compensation up to NZ$350,000. Those are the statutory floors. The indirect consequences, client loss, professional disciplinary referral, reputational damage, increased PI insurance premiums, typically exceed the statutory exposure substantially.
Buddle Findlay's summary of the OPC's position is a useful practical test: only share confidential or personal information with an AI tool where there is an express commitment from the provider that the information will not be retained or disclosed. For most free consumer AI tools, that commitment doesn't exist.
What your professional body already requires
The governance framework your firm needs isn't a new obligation. It's the operationalisation of duties that already exist under your professional code. Every relevant professional body in NZ has either published guidance on AI or has existing standards that apply directly to AI use. Here's what that means for each sector.
CA ANZ, Accounting and advisory
The NZICA Code of Ethics specifies that confidentiality applies across the full information lifecycle: collection, use, transfer, storage, dissemination, and lawful destruction. It explicitly requires authorisation before confidential client information is used for training, product development, or benchmarking, which means consumer-grade AI tools with permissive data defaults are likely a Code breach regardless of intent.
2025 resource:
CA ANZ launched its AI Fluency Playbook in August 2025, with practical guidance on governance, implementation, risk management, and an AI readiness self-assessment.
AI Fluency Playbook →NZLS, Legal
The March 2024 NZLS guidance ties generative AI use to specific obligations under the Lawyers and Conveyancers Act Rules: competence (Rule 3), supervision (Rule 11), duty not to mislead (Rule 10.9), and duty of fidelity to the court (Rule 13.1). Lawyers must understand the tools they use, verify outputs, and must not file AI-generated content, including citations, that they haven't independently verified.
Critical obligation:
NZLS specifically requires lawyers to consider amending letters of engagement to address AI use. This is a disclosure obligation that most NZ firms have not yet acted on.
NZLS guidance →Engineering NZ, Engineering
Engineers remain personally liable for outputs under the Building Act 2004 and the Health and Safety at Work Act 2015. AI cannot provide a Producer Statement or substitute for an engineer's professional sign-off. Engineering NZ has published its own AI acceptable-use policy as a worked example for member firms.
NZ-specific issue:
NZS standards may not be uploaded to any AI tool, including private internal tools, without a specific licence from Standards NZ. Joint AS/NZS standards are also not approved for AI upload. This is a copyright obligation, not a privacy one.
Engineering NZ AI programme →NZRAB, Architecture
As of May 2026, NZIA / Te Kāhui Whaihanga has not published formal AI guidance. The enforceable obligations sit with the NZRAB Code: skill, care and diligence (Rule 49), no misrepresentation (Rule 51), competence and supervision (Rule 58), and client confidentiality (Rule 58C).
Practical position:
Architecture firms should apply MBIE's Responsible AI Guidance for Businesses and the OPC's Privacy Act guidance directly until sector-specific guidance is published. The NZRAB Code obligations are clear enough to derive workable AI rules from.
MBIE business guidance →Building a minimum viable framework
A minimum viable governance framework for a 10 to 100 person professional services firm has five components. It does not require a dedicated AI team. It does not require expensive software. It requires about 20 hours of work spread across two months, and the willingness to make a small number of clear decisions.
1. Named accountability
One partner, director, or general manager owns the AI governance framework. Not "the firm." One person. The Privacy Act already requires every agency to have a named Privacy Officer under section 201. AI governance ownership should sit with the same person or be explicitly delegated alongside it. Without a named owner, every governance obligation becomes everyone's problem and therefore no one's priority.
2. An acceptable-use policy, 2 to 4 pages
The AUP should cover five things and nothing else: who may use AI tools and for which types of tasks; the rule that no client-identifying or commercially sensitive information may enter a non-approved tool; disclosure obligations to clients; the requirement for human review before any AI output is used in client work; and the consequences of breach, stated plainly. Annual signature. Partners sign first.
Engineering NZ's publicly available AUP is a good model, it's concise, uses plain language, combines encouragement with clear prohibition, and states consequences. It can be adapted for accounting, legal, or architecture practice in under two hours.
3. Three-tier data classification
Five-tier classification schemes fail in small firms because staff can't apply them quickly under time pressure. Three tiers work:
| Tier | What it covers | AI tools permitted |
|---|---|---|
| Green | Public or generic information, no personal data, no confidential client material, no firm IP | Any tool, including personal accounts |
| Amber | Internal firm information, de-identified, no client names, no project-identifiable data | Enterprise accounts only |
| Red | Client data, personal information, privileged or commercially sensitive material, safety-critical data | Never enters any non-approved tool. Enterprise tools only after a PIA. |
The default for anything touching client work is Red unless explicitly reclassified. That default position matters because it means staff who are unsure err on the side of caution rather than convenience.
4. An approved-tools list, updated quarterly
The single biggest driver of shadow AI is the absence of sanctioned alternatives. A Cybernews survey of over 1,000 employees found that 85% of employees with approved tools still also used unapproved ones, but 69% of employees without approved tools had not used outside AI at all. Providing a sanctioned alternative channels use into controllable systems.
The approved list should name the specific tools the firm has procured, state which data tier each tool is approved for, and name who maintains the list. When evaluating any tool, the NZLS procurement checklist applies to any professional services firm: what data can the tool access, how is it trained, how are inputs used after submission, where is data stored, who owns the output, and what contractual commitment exists on retention and disclosure.
5. Pre-written incident response
When a potential breach occurs, improvised decisions under pressure are how mistakes get compounded. The plan should include: a defined trigger for escalation; a 24-hour path to a named partner; a standing decision tree for assessing whether the incident meets the Privacy Act's serious harm test under section 113; a template notification for the OPC's NotifyUs portal; a client notification template; and a post-incident review. Pre-write it once, update it annually, and hope you never use it.
Need help building these five components?
The AIpex AI Capability Workshop includes governance framework co-creation with your team.
Why governance documents fail, and what makes them work
The governance gap in NZ professional services isn't mainly a technical problem. It's a behavioural one. The Datacom data shows that only 29% of NZ organisations have formal AI ethics or safety guidelines. The KPMG data shows that 34% of NZ workers have already used AI in ways that contravene their organisation's policies. That means policies exist, and people are ignoring them. Understanding why is the precondition for building something that actually changes behaviour.
The ban without an alternative
The dominant NZ pattern post-2023 was prohibiting ChatGPT without providing a sanctioned equivalent. The result is the BYOAI pattern Microsoft recorded at 81% of NZ AI users. When staff can't do their work without AI but have no approved option, the prohibition fails immediately.
The 30-page legal-style policy nobody reads
Long documents written for liability protection rather than behavioural change. A policy that takes 45 minutes to read will not be read. The AUP needs to fit on two to four pages. If it can't be summarised in a five-minute induction, it won't change how anyone works.
No data classification, or one too complex to apply
Without a practical Green/Amber/Red heuristic, staff cannot make consistent judgements quickly. The KPMG finding that 51% of NZ workers relied on AI output without checking it suggests that the absence of practical decision rules is already producing complacent use.
No named owner
The policy belongs to "the firm" and therefore no individual feels accountable when an incident occurs. The Privacy Act already requires a named Privacy Officer. AI governance needs the same structure. A named person who is responsible for maintaining the framework and accountable if it fails.
No visible consequences
TELUS Digital's 2025 research found 42% of employees globally face no repercussions for breaking AI rules. In NZ, where enforcement action specifically targeting small-firm AI hasn't yet produced published cases, the absence of visible consequence reinforces complacency. Consequences need to be stated plainly and applied consistently, starting with partners.
What effective governance looks like instead
The behavioural evidence is consistent on what works: short, plain-language documents; at least one approved tool for every common task; visible peer norms (partners signing the AUP first); a safe route for reporting near-misses without fear of blame; named accountability; and annual recommitment. Microsoft's 2024 research identified that 52% of AI users hesitate to disclose AI use to their managers because they fear it makes them look replaceable. In professional services, that fear is heightened. Policies that punish disclosure entrench the hiding behaviour that creates the risk in the first place.
The language that lands best connects AI governance to professional identity, not to legal compliance. "You remain professionally responsible for the advice or design." "AI cannot sign off work on your behalf." "Never input confidential client data into a public AI tool." Those statements work because they describe how professional services practitioners already think about their obligations. They don't require new values. They apply existing values to a new context.
90-day implementation guide
This is a realistic timeline for a firm of 10 to 100 people with no dedicated IT function and no existing AI governance. It requires partner-level commitment and approximately 20 hours of work across the three months.
Days 0–30
Diagnose what's actually happening
- Survey staff anonymously on which AI tools they use, on what categories of data, and whether via personal or firm-managed accounts. Expect the BYOAI pattern to be close to 80%.
- Map your actual workflows against the three data tiers. Where does client-identifying information appear most often? That's where the exposure is.
- Name a partner-level AI policy owner and confirm your Privacy Officer under section 201 of the Privacy Act.
- Read your three key guidance documents: the OPC's generative AI guidance, the MBIE Responsible AI Guidance for Businesses, and your professional body's current AI stance. Between them you have the full picture of your obligations. OPC guidance → MBIE guidance →
Days 30–60
Decide, procure, and document
- Choose one enterprise-grade general AI tool and, if relevant, one domain-specific tool. Negotiate contracts confirming data is not used for training and addressing cross-border transfer under IPP 12.
- Draft a 2–4 page Acceptable Use Policy and the three-tier data classification. Engineering NZ's publicly available AUP is a well-structured starting template that adapts easily to any professional services sector. Engineering NZ AUP →
- Run a Privacy Impact Assessment on each approved tool before deployment. The OPC's generative AI guidance includes a PIA checklist specifically for AI use. OPC PIA guidance →
- Pre-write the incident response procedure now, before you need it. You need two documents ready: a notification for the OPC's NotifyUs portal and a client notification template. Pre-write both while there's no pressure. OPC breach reporting →
Days 60–90
Embed it into how the firm works
- Deliver mandatory 30-minute role-based training and a short scenario test for all staff. Each sector has a distinctive example: lawyers get hallucinated case law, accountants get IRD data scenarios, engineers get the NZS copyright scenario, architects get client brief confidentiality examples.
- Publish the approved-tools list and AUP. Partners sign first. Publicly. The visible norm matters as much as the document.
- Schedule a quarterly partner-level AI governance review, 30 minutes, standing agenda item.
- For legal firms: review letters of engagement and consider whether AI disclosure language is required. The NZLS March 2024 guidance is explicit on this obligation. NZLS AI guidance →
Triggers that should accelerate this timeline
If your staff survey shows more than 25% using personal AI accounts on client data, treat it as a near-incident and move immediately to the Days 30–60 phase. If a notifiable privacy breach occurs, the framework converts from good practice to the minimum defensible position. If your PI insurer adds explicit AI questions at renewal, which is increasingly common, treat that as a trigger for a formal annual AI governance attestation. And when the NZLS/LexisNexis NZ lawyer AI adoption survey (launched in 2025, results pending) publishes, re-baseline your assumptions if you're a legal practice.
Related reading
Go deeper on specific topics
Shadow AI in NZ accounting firms: what your staff are doing and how to get ahead of it
The specific tools, the typical data exposure, and the practical steps to bring ungoverned AI use into the open.
Read article → Policy templateAn AI governance policy template for NZ professional services firms
A ready-to-adapt AUP template with the Green/Amber/Red data classification built in and guidance notes for each section.
Read article → Privacy ActThe NZ Privacy Act and AI: what professional services firms need to know
IPP by IPP, what the Act requires in the AI context, with practical examples from accounting, legal, and engineering practice.
Read article →Common questions
What managing partners ask most often about AI governance.