Yes, with guardrails, and you should assume they already are. Give your team one approved tool, a written rule that client data never goes into a public model, and a human review step on anything a client will see. That turns a real productivity gain into a governed one, instead of a shadow habit that shows up as an E&O or GLBA problem later.
Last updated: July 16, 2026
Are my CSRs already using ChatGPT without me knowing?
Almost certainly. The gap between how many people use AI at work and how many companies have a policy for it is enormous, and your agency is probably in it.
The research is blunt about how common this is. Deloitte found that 65% of employees use free external generative AI tools for work tasks, often before their organization has any policy in place (Deloitte, via Kiteworks). And the policy side has not caught up: ISACA’s 2025 work found that 29% of organizations still have no AI governance policy at all (ISACA). Put those together and you get the reality inside most agencies. Somebody on your service team is already pasting a client email into ChatGPT to make it sound nicer, and there is no rule telling them not to include the account number.
That is what “shadow AI” means in an agency. It is not hackers. It is your best CSR trying to move faster, using a personal account you cannot see, with your client’s information in the prompt. The instinct to ban it is understandable and it backfires, because a ban does not remove the tool, it just removes your visibility into it.
What is the actual risk of a CSR using AI in an agency?
Two things, and neither is speed. The first is a confidently wrong answer reaching a client. The second is client data leaving your control. Both land on you, not on the tool.
Take them one at a time. AI does not hedge. When a CSR asks it a coverage question the agency has never documented, it does not say “I am not sure.” It produces a fluent, formatted, wrong answer, and if that goes out to a client at renewal, you own it. This is the E&O landmine, and it is exactly why guardrails have to include a human review step. As we cover in AI only amplifies what it can read, the model fills the gaps in an undocumented process with plausible fiction, and in an agency the fiction has a policyholder on the other end of it.
The second risk is data. You carry Gramm-Leach-Bliley obligations to protect nonpublic client financial information, and a public AI tool is a third party you have not vetted. When client data ends up in an unmanaged tool, the cleanup is not cheap. IBM’s 2025 Cost of a Data Breach Report found that breaches involving shadow AI cost an average of $670,000 more than standard incidents (IBM, via Kiteworks). That number is for larger organizations, but the mechanism is identical in a five-person agency: data you cannot track, in a place you did not approve, that you now have to explain.
What do agency AI guardrails actually look like?
Three parts. An approved tool with a business agreement, a hard line about client data, and a named human who reviews anything client-facing. Write them down and put them in front of the team.
Here is the minimum viable policy for an agency, in plain terms:
| Guardrail | The rule in practice |
|---|---|
| One approved tool | Pick a business-tier AI tool with a data-protection agreement in place. Personal ChatGPT accounts are off-limits for agency work, because you cannot control where that data goes. |
| The client-data line | Nonpublic client information (names tied to policy details, account numbers, dates of birth, SSNs, financials) never goes into a public model. Strip it or use a tool covered by a signed agreement. This is your GLBA line. |
| Human review on client-facing output | Anything a client will read, an email, a coverage explanation, a renewal note, gets a human eye before it goes out. AI drafts, a licensed person approves. |
| Approved use cases, named | Say out loud what it is for: cleaning up internal drafts, summarizing long documents you already have, first-pass service note writing. And what it is not for: answering coverage questions from scratch, making binding decisions, talking to clients unsupervised. |
| A place to ask | One person owns the policy so a CSR who is unsure has somewhere to check instead of guessing. |
Notice none of this is a ban and none of it is a free-for-all. It is the same thing you already do with every other part of a people business, which is give your team clear rules so their good instincts do not become your liability.
How do I know which tasks are safe to hand my team’s AI and which are not?
You have to look at your actual workflows, because the safe line runs through your documentation. A task AI can do safely is one where the process is written down and a human checks the output. A task where AI is dangerous is one where the answer lives in someone’s head and nobody reviews it.
This is the part people skip. You cannot write a real guardrail for a workflow you have never documented, because you do not yet know where the judgment calls are. If your renewal process exists only in your service lead’s head, you have no way to tell a CSR “here is where the AI is allowed to help and here is where it must stop,” because you have never drawn that line yourselves. The guardrail and the documentation are the same work.
That is why the honest starting point is not writing a policy from a template off the internet. It is looking at the specific workflows where your team wants to use AI, renewals, service tickets, follow-up, and finding out which are documented enough to hand over safely and which need to be written down first. Dirty or missing data makes this worse, which is its own project we cover in what data your agency needs to clean up before using AI. Get that map, and the policy writes itself.
Your next step
Before you hand your team an AI tool, find out where it is safe and where it is a liability in your specific shop. The AI Readiness Audit reads your workflows the way an AI would and shows you which tasks are ready to delegate, which carry E&O and GLBA exposure, and where you need documentation before you turn anything on. It is $750 and credits toward the build.
For the bigger picture, read AI for independent insurance agencies and the pillar, AI only amplifies what it can read. If you would rather talk it through first, book a free fit call.