Dark cinematic workplace image showing an overwhelmed employee using AI tools to manage compliance and governance tasks without proper training, surrounded by confidential documents, governance pressure and operational risks, with LexMesos Solutions displayed at the bottom.

“Just Use ChatGPT”: When Companies Push Compliance Work Onto Untrained Employees

/ Articles / By

Many companies today want:

  • compliance policies,
  • governance frameworks,
  • anti-bribery procedures,
  • whistleblowing systems,
  • AI governance documents,
  • privacy notices,
  • vendor due diligence,
  • internal controls.

But not every company wants to invest in:

  • proper compliance teams,
  • legal support,
  • governance specialists,
  • training, and
  • compliance budgets.

So what happens?

Sometimes ordinary employees suddenly become:
“the compliance person”.

An HR executive gets told to prepare:

  • ABAC policies,
  • whistleblowing procedures,
  • governance documents,
  • or AI usage guidelines.

An admin staff suddenly handles:

  • PDPA matters,
  • GDPR questions,
  • vendor compliance,
  • or anti-corruption declarations.

A manager with zero legal or compliance background gets asked to:
just draft something quickly”.

And increasingly, many workplaces now rely heavily on AI tools like ChatGPT to fill the gap.

At first glance, this sounds efficient.

But in reality, many companies may not fully understand the risks involved.

Because compliance work is not just:
“copy and paste a template.”

The real danger starts when:

  • untrained employees feed confidential company information into AI platforms,
  • sensitive contracts are uploaded,
  • employee names remain visible,
  • internal investigations are pasted into prompts,
  • client details are not anonymised,
  • commercially sensitive information gets shared carelessly.

Some employees may not even realise:

  • what counts as confidential data,
  • what should be anonymised,
  • what internal information should never be uploaded externally.

And when companies provide no proper training or guidance, employees themselves can become exposed to unnecessary risk.

The uncomfortable reality is that many employees are simply trying to survive workload pressure.

When management says:
Just use AI to speed things up,”
employees may feel they have little choice.

Especially in workplaces where:

  • budgets are tight,
  • headcounts are low,
  • compliance teams do not exist,
  • management prioritises speed over governance.
The problem is that governance failures usually remain invisible,
until something goes wrong.

Sometimes companies only start taking compliance seriously after:

  • a data leak,
  • regulatory investigation,
  • whistleblower complaint,
  • cyber incident,
  • internal dispute,
  • public controversy.

And by then, the employee who was never properly trained may suddenly become the person blamed for the mistake.

This creates another difficult modern workplace reality.

Employees are increasingly expected to handle:
⚠️ legal-sensitive work
⚠️ compliance responsibilities
⚠️ governance tasks
⚠️ AI-related risks
⚠️ data protection concerns

without:

  • proper authority,
  • proper expertise,
  • proper staffing,
  • proper support.

This is especially dangerous in the AI era because employees may wrongly assume:
If AI generated it, it should be fine.”

But AI tools cannot automatically determine:

  • what information is confidential,
  • what creates legal privilege risks,
  • what breaches internal policy,
  • what violates NDAs,
  • what could expose sensitive corporate data.

And once sensitive information is uploaded externally, the consequences may become difficult to reverse.

That is why companies increasingly need:

  • AI governance awareness,
  • internal usage policies,
  • anonymisation practices,
  • employee training,
  • approval processes,
  • clear compliance ownership structures.

Because AI itself is not necessarily the problem.

The risk is:
companies deploying AI tools without proper governance, awareness or accountability.

At the same time, employees should also understand that:
using AI quickly
does not remove professional responsibility completely.

Where possible, employees handling sensitive matters should try to:

  • anonymise names and identifiers,
  • remove confidential details,
  • avoid uploading sensitive investigations,
  • limit unnecessary data sharing,
  • seek clarification when dealing with high-risk information.

Not because employees are expected to become compliance experts overnight.

But because modern workplace risks are evolving faster than many organisations are prepared for.

And in some companies today, the scariest sentence may no longer be:
We have no compliance department.”

It may be:

“Just ask ChatGPT to do it.”

Many companies today are trying to balance:

  • limited budgets,
  • operational pressure,
  • AI adoption,
  • growing compliance expectations.

If your organisation needs practical support with governance workflows, documentation processes or AI-related operational support, feel free to explore our available support plans and services.

Explore our services and Support Plans

Keywords: AI compliance risk, ChatGPT workplace risk, compliance governance, ABAC policy, workplace AI risks, confidential data AI, AI governance Malaysia, workplace compliance failures, employee data protection, AI workplace policies

22 May 2026