Founder offer · −50 % the first year, then −20 % the second year · −25 % more on annual.
GovernanceGovernanceThe roles, validation steps and reviews that ensure the quality of shared practices. · carousel

The hidden seam

In most organizations, generative AI is already everywhere, not in the official tools, but in employees' personal accounts. We call it Shadow AI, and we treat it as a risk to shut down. That's a misreading: these invisible uses are the trace of what your teams have already solved on their own. A raw material, not a problem.

The hidden seam: beneath an organization's visible surface, an underground of personal prompts, methods and AI tools glowing like a gold lode.
Nearly eight in ten employees already use their own AI at work, with no visibility for IT.

Shadow AI everywhere, and no one has the map

The figure is known, but rarely faced head-on. According to the Microsoft Work Trend Index 2024, nearly eight knowledge workers in ten already use their own AI at work. A senior consultant can pile up dozens of homemade tools inside a plain twenty-dollar-a-month subscription. On average, several people per department have built a personal stack, with no visibility whatsoever for IT.

What leadership doesn't see isn't something coming: it already exists.

Shadow AI is born from a legitimate business need facing an official tool that is missing, too thin or too slow.

The cause isn't rule-breaking, it's the void

The reflex is to see indiscipline. The reality is simpler. An employee has a legitimate business need: to write faster, check consistency, translate a client document, draft a first version. The official tool, meanwhile, is often missing, too thin, too slow or too bureaucratic. Faced with that void, they improvise a solution with whatever is at hand.

It isn't a fault, it's a pragmatic answer. Shadow AI is the symptom. The official void is the cause.

Banning AI without an alternative doesn't remove the usage: it sinks below the waterline into copy-paste and private accounts, and becomes invisible.

Banning without replacing just moves the problem

As long as no official alternative exists, a ban doesn't remove the usage: it makes it invisible. Before the ban, the tools live in identifiable personal accounts, so they can be inventoried. After, they migrate to copy-paste, screenshots, the personal email forwarded to an AI, the detour through a home VPN, encrypted messaging.

The uses don't disappear, they sink below the waterline. You trade a visible risk for an invisible one, which is to say, a more dangerous one.

Three losses from ungoverned Shadow AI: client data outside GDPR, an asset base that leaves with the person, governance without audit or traceability.

Three silent losses, all avoidable

Ungoverned Shadow AI costs the organization three things. Client data first: no DPA, no GDPRGDPRThe EU General Data Protection Regulation. Marylink is built for GDPR compliance. framing, conversations reusedReuseThe same practice serving many times, across many spaces, the key measure of the Practice Graph's value. without control. Then the asset base: the tools, prompts and methods live in personal accounts and leave with the person, without a trace. Governance last: no audit, no versioning, no traceability, hence no chain of accountability.

Three slow leaks, and none of them is inevitable.

Quote: what you ban without replacing comes back in a quieter form.
What you ban without replacing comes back in a quieter form.
Intelligence des organisations
Two readings of Shadow AI: the traditional one bans the risk, the other converts the seam of already-solved needs.

From risk to resource

Everything hinges on how you read it. The traditional reading sees Shadow AI as a data leak, a compliance gap, an individual dependency: it bans. Another reading sees a signal. Every improvised tool reveals a real business need and a solution users have already found.

It's an organizational raw material, a seam that asks only to be captured. The risk, you ban. The seam, you convert.

Four moves to convert Shadow AI into an asset: detect through amnesty, govern, share in the graph, enrich.

How Shadow AI becomes a shared asset

The conversion happens in four moves, with no penalty. Detect: invite employees to share their tools, through amnesty rather than control. Govern: the tool becomes versioned, commented, documented, validated. Share: it enters the organizational graph and becomes available to everyone. Enrich: others improve it and make it evolve.

At each step, the employee's status shifts: from contributor to recognized author, then mentor. The personal tool becomes a collective asset, without losing any of its usefulness.

Marc, a finance director, fed fourteen personal AI conversations over three years that the whole finance team had been waiting for without knowing it.

The stakes aren't theoretical. In Analogique, Marc has run a firm's finance function for twelve years with his own ChatGPT stack: fourteen conversations fed over three years to analyze budgets the official tool couldn't handle. He'd never told anyone. He thought it was his crutch.

It was the tool the whole finance team had been waiting for.

The seam is inside you: the real question isn't whether you have Shadow AI, but how many invisible tools and what you do with them.

The seam is inside you

So the point isn't to ban, but to convert. The real question isn't whether you have Shadow AI, you do. The question is: how many invisible tools, and what are you doing with them?

Get the free excerpt of both booksIntroduction + 3 chapters of the essay, plus the novel’s prologue. ≈ 20 pages, PDF, free.
Download the excerpt →