Public sector AI use has climbed fast. In Q4 2025, Gallup data showed 43% of public sector employees reported using AI at least a few times a year, up from 17% in early 2023.
A wider survey of public servants across ten countries put usage at 74%, with most of that adoption arriving in the past twelve months. The same survey found that only 18% of public servants believe their governments use AI effectively.
That distance between heavy use and weak oversight exposes a category of problem now common across government: shadow AI.
What shadow AI looks like inside government
Shadow AI covers any AI tool an employee uses without approval or oversight from their organization. In the public sector, 70% of public servants who use AI often do so outside approved channels.
A worker faces a deadline, opens a consumer chatbot, pastes in a document, and copies the output back into their work. There’s often no procurement step, no logging, no data classification check, and no proof the exchange ever happened.
Enterprise data tracks the same pattern. Studies put unsanctioned AI use between 55% and 78% of employees, and 98% of organizations report some unsanctioned AI use.
Why finance functions raise the stakes
A finance ministry or revenue authority handles data that carries direct consequences when exposed: taxpayer records, draft budgets, revenue forecasts, audit findings, and intergovernmental transfer calculations.
When a public servant feeds that material into a consumer tool, that’s data leaving controlled systems. It can persist on third-party servers, surface in later model outputs, or enter training pipelines the organization never reviewed.
Most public finance bodies have no framework to catch this. Among financial authorities in emerging and developing economies, only about a quarter hold a formal policy governing their internal use of AI.
Where AI and data governance breaks down
The common first response is a ban. But bans simply push usage underground, hiding security risks. Gartner predicts more than 40% of enterprises will face a security or compliance incident tied to unauthorized AI use by 2030.
Internal policy documents alone produce a similar result. Workers who know the rules often bypass them when approved tools are absent or slower than the consumer alternative.
That bypass increases the risk of a breach or other security issue driven by delayed detection and weak incident containment.
But provision changes behavior. When organizations supply a sanctioned, capable alternative, unauthorized use drops.
| Governance response | What the evidence shows |
| Outright bans | Usage continues without visibility; incident exposure remains |
| Policy documents alone | Rules are known but bypassed when approved tools are missing |
| Audit after the fact | Detection arrives late, raising breach risk and cost and containment time |
| Sanctioned tools plus classification | Unauthorized use drops |
What a working framework includes
A governance model that holds up in a finance environment rests on four moving parts, each closing one route by which sensitive fiscal data escapes oversight.
First, a sanctioned toolset. Finance teams need an approved AI option that performs as well as the consumer product they would otherwise open. Capability is the deciding factor; a secure tool that frustrates the user loses to the free one in the browser tab.
Second, data classification tied to AI use. Staff need clear, simple rules on which categories of information can enter an AI system and which cannot. Taxpayer identifiers, unpublished forecasts, and audit material belong in a restricted tier with technical controls, not just a guidance memo.
Third, human-in-the-loop design at the workflow level, not the policy level. A reviewer checks AI output before it enters a budget line, public statement, or compliance filing. This embeds the control within the process, not in a document read once during onboarding.
Fourth, monitoring. Visibility into which tools staff use, and for what, lets an organization spot drift early and adjust provision before a small workaround becomes a standing practice.
These four parts work together. Sanctioned tools remove the reason to go elsewhere; classification defines the boundary; human review catches errors before they propagate; and monitoring keeps the picture current. Remove any one and the others weaken.
The adoption numbers will keep climbing. Public sector AI use more than doubled between 2023 and 2025, and the finance function adopted alongside the rest of government.
The question for any treasury, revenue body, or budget office is whether the governed path or the shadow path absorbs that growth.
Not sure how exposed your AI use is?
Take the AI readiness assessment. Ten minutes gives you a scored view of where unapproved AI sits in your operation and what to address first.