Somewhere in your organisation right now, someone is pasting a bill of quantities into ChatGPT. An estimator is running numbers through a browser-based AI plugin nobody vetted. A project manager is feeding meeting notes into a transcription tool that stores data on servers in another country. None of these tools have been approved by IT, cleared by compliance, or disclosed to clients.
This is Shadow AI: artificial intelligence tools used within an organisation without formal oversight or governance.[1] In construction, it is far more common than most boardrooms realise.
How Big Is the Problem?
Research suggests that 40% of organisations already have Shadow AI tools in active use, with the typical firm running between 5 and 15 unapproved tools at any time.[1] Construction is no exception. QS teams draft bid summaries with ChatGPT. Estimators rely on AI browser extensions to speed up takeoffs. Project teams adopt transcription services to capture meeting minutes. Each tool processes commercially sensitive data through third-party platforms with unclear data-handling practices.
The parallels with past governance failures in construction are striking. When the Grenfell Tower Inquiry reported its findings, one of the central themes was a culture where procurement shortcuts went unchallenged. Kensington and Chelsea TMO manipulated procurement processes, avoided proper oversight for appointing consultants, and selected contractors who drove cost savings at the expense of safety.[1] Shadow AI may not carry the same life-safety risks, but the underlying pattern is familiar: decisions being made without transparency, tools adopted without scrutiny, and governance treated as someone else's problem.
Why It Matters Now
The RICS AI Standard, mandatory from 9 March 2026, requires chartered professionals to disclose AI use to clients and maintain transparency about how AI tools inform professional outputs.[1] Undisclosed AI use is no longer just a governance gap. It is a professional compliance risk. GDPR violations alone can reach 20 million euros or 4% of global annual revenue.
Construction contracts compound the issue. As ConsensusDocs highlighted in February 2026, most contracts do not anticipate AI-related risks.[2] Firms may bear full responsibility for AI-generated errors in cost estimates, programmes, or contract advice. The Civil Engineering Contractors Association has stated clearly: AI does not replace the need for human involvement in decision-making.[3]
A Practical Governance Framework
Firms do not need to ban AI. They need to govern it. Four steps make a practical starting point:
- First, discover what is already in use. Conduct an internal audit to identify every AI tool active across the business. Survey teams, review browser extensions, check subscription lists, and examine data flows. You cannot govern what you cannot see.
- Second, assess each tool against data security, GDPR compliance, the RICS AI Standard, and contractual obligations. Understand where client data is being processed and stored.
- Third, approve or replace. Create a register of approved tools. Where existing tools meet requirements, formalise their use with clear policies. Where they fall short, find compliant alternatives.
Fourth, monitor continuously. AI tools update frequently, terms change, and new tools emerge. Quarterly reviews should be the minimum standard.
The Opportunity
The firms that act now will reduce their compliance exposure while unlocking the real productivity benefits of AI through a governed, transparent framework. Those that wait risk regulatory sanctions, damaged client trust, and disputes that could have been avoided entirely.
At Vidos Solutions, we help construction firms navigate AI governance practically, identifying Shadow AI risks, building compliant frameworks, and ensuring AI adoption enhances professional output without compromising standards.
About Vidos Solutions
Vidos Solutions is a UK-based construction consultancy specialising in commercial management, quantity surveying, and AI-augmented project delivery. We help contractors, developers, and public-sector clients achieve precision in planning and excellence in execution. Learn more at vidossolutions.co.uk.
