The FCA, Bank of England, and HM Treasury issued a joint statement on frontier AI and cyber resilience in May 2026, directing regulated firms to strengthen AI governance, third-party controls, and AI-specific incident response. This is the remediation document behind the free diagnostic.
Instant download. PDF + full bundle. No subscription. · Diagnostic: 5 minutes, scored out of 45, no account required.
From 2023 onwards, UK organisations adopted AI tools at a pace the usual governance processes weren't built for. ChatGPT arrived and within six months it was in use across most organisations - sometimes by IT procurement, sometimes by individual employees on personal accounts, sometimes by engineering teams who'd quietly integrated a model API into a production service without a DPIA, a DPA, or a data residency check.
None of that was reckless. The productivity case for these tools is real. But the governance gap that opened up is also real, and it's getting harder to ignore.
The FCA, Bank of England, and HM Treasury joint statement from 15 May 2026 was the clearest signal yet that UK regulators consider this a financial services risk, not just an IT question. They specifically called out AI governance, third-party controls, and AI-specific incident response as areas where regulated firms needed to strengthen their posture.
The EU AI Act is already in force on prohibitions, with the bulk of high-risk system obligations applying from August 2026. ISO 42001, the AI management system standard published in December 2023, is the certification route for organisations that need formal evidence of AI governance maturity.
The problem isn't that organisations don't know they should have AI governance. Most of them do. The problem is the gap between "we know we should" and "here is our documented posture, scored across 15 domains, with owners and target dates for every gap." The Playbook is how you close it.
If you're a CISO, DPO, Head of Security, Head of Compliance, or AI programme lead at a UK regulated organisation, this Playbook is for you.
Banks, insurers, asset managers, fintechs - anywhere the FCA, PRA, or both have a supervisory interest. The May 2026 joint statement is the specific regulatory anchor.
Health data is special category data under UK GDPR. The ICO's expectations on DPIAs and automated decision-making apply with particular force here.
Classification requirements, BYOD restrictions, and third-party security assessments create constraints generic AI governance guidance doesn't address.
The framework applies wherever UK GDPR obligations bite - which is most medium and large organisations.
It assumes you know what UK GDPR, OWASP, and NIST mean, and that you've dealt with FCA or ICO expectations before. It does not assume you've built an AI governance framework from scratch, because almost nobody has. Whether you're technical-but-not-a-CISO, or a CISO without a deep technical team, the Playbook is written to work for both.
The diagnostic has 15 questions, each covering one domain of AI security posture. Each maps to a chapter. The framework is organised into 7 parts, and it builds in sequence: the policy foundations have to exist before the technical controls can be meaningful.
Ch 1 - Consumer AI tool permissions. What it means to "permit" a tool in writing, why blanket bans fail, and what a tiered AI Acceptable Use Policy looks like.
Ch 2 - Personal vs enterprise accounts. Why consumer and enterprise tiers aren't the same product, what you lose without enterprise accounts (audit logging, DPA coverage, training opt-out), and the joiner/mover/leaver gap for AI tools.
Ch 3 - Data residency. UK GDPR transfer mechanisms, FCA/PRA outsourcing obligations under SYSC 8, why US-default routing matters even for "enterprise" tools, and how to map your AI tool estate. Includes the insurer case study - browser-blocked ChatGPT, missed on personal phones.
Ch 4 - Local AI models. Ollama, LM Studio and the rest solve residency but introduce provenance and audit risk.
Ch 5 - Device and MDM coverage. Most technical controls only work on managed endpoints; the honest message about BYOD is here.
Ch 6 - Secure Web Gateway coverage. What URL blocking doesn't give you, which vendors deliver AI-category controls, and why SSL inspection isn't optional.
Ch 7 - DLP for AI tools. Why your existing DLP rules don't extend to AI tool traffic, and what AI-specific patterns look like. Includes the DLP-alert case study with no "gotcha" ending.
Ch 8 - Inline query inspection. Semantic inspection beyond pattern matching, prompt-injection detection, and the lightweight entry points before a full runtime governance layer.
Ch 9 - AI Acceptable Use Policy at the governance layer, and the "published vs actually communicated" distinction most organisations get wrong.
Ch 10 - AI security awareness training. The specific AI risks general training misses, structured to actually be completed.
Ch 11 - AI governance and tool review. The tiered review framework, from light-touch up to blast-radius analysis for agentic AI. Includes the governance case study.
Ch 12 - Shadow AI detection. SWG-based discovery, and why shadow AI data belongs with business leaders as well as security teams.
Ch 13 - AI coding assistants. Why Copilot, Cursor and the rest carry a distinct risk profile, the training-on-your-code question, and why SAST applies to AI-generated code.
Ch 14 - Data Protection Impact Assessments. When a DPIA is mandatory, Article 22 automated-decision obligations for underwriting/credit/clinical triage, and why a bad DPIA is worse than none.
Ch 15 - AI incident response. Why AI incidents don't look like traditional ones, the four scenario types every plan needs, and the ICO 72-hour notification window.
Each chapter follows the same structure: what the stage covers, what failure looks like, what good looks like, remediation steps you can task into a sprint, and a self-assessment checklist scored 0-3 (not started / partial / implemented / implemented and tested).
At £195 you get the PDF and four additional artefacts designed to cut the time between "I've read this" and "we're actually doing something about it."
The full 15-chapter document, ~80,000 words. Written for practitioners, not consultants. Named vendors where it's useful. Honest about what each control does and doesn't cover.
A stage-by-stage assessment worksheet (every stage, 0-3 score criteria, evidence fields) feeding the Remediation Roadmap; the 25-question AI vendor security questionnaire (the Tier 2 review template, ready to send); and a DPIA template with a dedicated Section G for Article 22 automated decision-making - the section generic templates omit.
Present without modification beyond your score and top-three priorities. Covers the adoption-risk context, the FCA/BoE/HM Treasury framing, your posture score, the 7 domains, priority actions, and governance structure. Speaker notes included. ~20 minutes of board time.
The most directly time-saving part. A Netskope configuration guide (AI category groups, DLP rules, SSL inspection); a GitHub security guide (secret scanning, SAST via Actions, Copilot audit logs) with the actual commands; an Azure/M365 guide (sensitivity labels, Purview DLP for Copilot, audit retention); and incident-response detection queries.
Working Splunk (SPL) and Microsoft Sentinel (KQL) queries for all four AI incident scenarios in Chapter 15 - each annotated with the index names, sourcetypes and thresholds you need to adapt to your environment:
// AiToolHighVolumeUpload // Flags users uploading more data to AI tool endpoints in a 1-hour window // than their historical baseline, adjusted for standard deviation. // ADAPT: AI domain list, uploadThresholdMB, stdDevMultiplier to your baseline.
That level of annotation runs throughout. These are the starting points a security engineer would actually use, not sample scripts padded to look substantial.
I've worked in software and platform engineering for about 20 years, starting in a small development house in Hull in June 2005 with a PHP portfolio and a PowerPoint to convince the MD to take a chance on me. No degree. Just projects.
What followed was a winding career across environments where getting things wrong has consequences: Genomics England, the Ministry of Defence, Fidelity, bp, Vodafone. Regulated organisations, health data, financial infrastructure, defence systems.
The thread through most of it has been the gap between what organisations say they're doing and what they're actually doing - in CI/CD pipelines, in deployment practices, in security controls, and increasingly in AI governance. I spent a couple of years at bp as a DevOps Evangelist running workshops for several thousand engineers on what good looks like. The consistent finding: the tools existed, the guidance existed, but implementation lagged because nobody had time to connect the two.
That pattern - tools ahead of governance, adoption ahead of oversight - is exactly what I kept seeing with AI from 2023 onwards, which is what led to the diagnostic and eventually to this Playbook. I signed up to the OpenAI API in September 2021, before most people had heard of GPT, and I've been building with large language models since, including agentic systems. That gives me a reasonable view of both sides: the security risks of deploying AI in production, and the genuine productivity case that makes organisations want to deploy it anyway.
The 15 stages reflect 20 years of regulated-sector experience filtered through the specific lens of AI in 2025 and 2026. I've written it as I'd explain things to a smart CISO who doesn't need the vendor pitch - just the framework and the honest caveats. My DMs are open on LinkedIn if something here raises a question specific to your environment.
Instant download. No account required. 14-day satisfaction policy.
Priced for a professional buyer - a CISO, DPO, or security lead who'll use it to build or strengthen an AI governance programme. If you're an individual just exploring the topic, take the free diagnostic instead.
The average organisation answers 4 of 15 questions at best-practice level. That's where most UK regulated organisations are in mid-2026. The Playbook gives you the structure; the worksheet turns it into a documented position; the board deck turns that into a governance commitment; the detection queries and config guides turn the commitment into actual controls.
My DMs are open on LinkedIn if you have questions before buying.