Cowork in regulated industries: keeping AI helpful, auditable and inside your tenant

For firms in finance, legal and professional services, AI is no longer optional - but it is also not straightforward. Compliance teams need to know exactly where data sits, who can see it, what models do with it and how it can all be evidenced later. Microsoft Cowork is designed with these questions in mind, but getting the answers right still takes deliberate setup.

This is a practical look at how regulated businesses can adopt Microsoft Cowork without giving their compliance and risk teams sleepless nights.

Why generic AI tools struggle in regulated sectors

Many AI tools were built consumer-first. They send prompts to shared services, log content for model improvement and operate outside the customer's normal identity and governance boundary. For a regulated firm, that combination is a non-starter. Client confidentiality, professional privilege, FCA expectations and SRA obligations all assume that sensitive information stays within tightly controlled systems.

The risk is not theoretical. A single careless prompt can place client information into an environment the firm cannot audit, retract or evidence. Most compliance teams have already had to ban tools for exactly this reason.

How Cowork is built differently

Cowork runs inside your Microsoft 365 tenant. It uses your existing identities, your existing permissions and your existing data boundary. Prompts and responses are not used to train public models. Data residency follows your Microsoft 365 commitments, so UK-hosted tenants keep their data in the UK.

That changes the conversation with compliance from "can we use AI at all" to "where exactly do we want to use it, and how do we control it." That is a much more productive place to start.

The four controls that matter most

Identity and access. Cowork respects the permissions a user already has. If they cannot open a document in SharePoint, Cowork cannot use it either. This is the single most important control to verify before rollout.

Sensitivity labels and Purview. Microsoft Purview lets you classify data and apply policies that follow it - including into AI interactions. Documents marked highly confidential can be excluded from agent activity entirely, or only used under defined conditions.

Audit trails. Every interaction with Cowork is logged in the same audit estate as the rest of Microsoft 365. That means compliance teams can answer "what did the AI see, do and produce" with the same tooling they already use for email and document access.

Tenant boundary. Cowork does not send your content to third parties for processing in ways you cannot inspect. Where external models are involved, they operate under the same contractual and data-handling terms as the rest of Microsoft 365.

What this looks like in practice

A law firm might enable Cowork for general business operations - finance, HR, internal communications - while keeping matter files behind sensitivity labels that exclude them from agent activity. As confidence builds, specific matter types can be opted in with their own controls.

A financial services firm might use Cowork agents to handle internal coordination, prepare meeting briefs and draft non-client communications, while client portfolios remain only accessible to named individuals with no AI involvement.

An accountancy practice might let Cowork triage the practice inbox, draft replies in the firm's tone and update internal trackers, while keeping client deliverables under tighter human-only review.

In each case, the answer is not all or nothing. It is layered, evidenced and reviewable.

The compliance conversation is part of the project

The mistake we see most often is treating compliance as a sign-off at the end. By that point, controls are hard to retrofit and momentum has stalled. Successful Cowork rollouts in regulated firms involve compliance, risk and IT from the first workshop. That way, the data classification, label scheme and audit approach are designed into the project, not bolted on afterwards.

This is one of the reasons firms work with a Managed Intelligence partner rather than going it alone. The technology questions are answerable. The governance questions need experience.

A measured way forward

Regulated does not mean stuck. Firms that take a deliberate approach to Cowork - clear data classification, layered access, full audit, phased rollout - are getting real productivity gains without compromising the controls their clients and regulators expect.

The firms that wait risk something different: watching less regulated competitors get faster, more responsive and more efficient while they debate whether to start.

Want to explore how Cowork could fit your firm's compliance posture?

Speak to Axon about a governance-first Cowork assessment.

Let's talk

Ready to talk to a real human?

Whether you have a quick question or a bigger project, the Axon team is here to help.