Your Accountant's 'Productivity Tool' Just Sent Client M&A Data to a US Server
Why Formatting a Due Diligence Summary Is a Professional Secrecy Event — And What Accounting Firms Are Not Telling Their Clients
---
The M&A (mergers and acquisitions) deal was three weeks from closing. The NDA covered every party involved. Your associate had the valuation analysis ready at 10pm and the board meeting was at 8am. They pasted the summary into ChatGPT to fix the formatting. The report looked clean. The meeting went well. And your client's acquisition strategy spent the night on a server in Virginia that neither of you will ever audit.
Your associate didn't breach confidentiality on purpose. They just wanted to finish the report faster. And now your client's M&A strategy is on a US server that no NDA in history has ever covered.
---
Formatting Is a Data Transfer
Nobody thinks of formatting as a data risk. Pasting a client's financial statements into an AI tool to fix the layout is legally identical to emailing those statements to an unauthorized third party — the data left your firm's control without client consent. The word "formatting" disguises a data transfer as a style preference. That disguise is precisely where the professional liability hides.
Every time an associate uses ChatGPT, Microsoft Copilot, or a similar consumer AI tool on a client document, a specific sequence of events occurs. The document text is transmitted to servers operated by a US-headquartered company. Those servers route the query through whichever data center has available capacity — which, for non-US customers, may be in Virginia, Ireland, or Singapore, depending on network load. The US CLOUD Act of 2018 gives US law enforcement the right to compel any US company to produce data stored anywhere in the world, including EU data centers, without notifying the affected parties. Your engagement letter doesn't override federal law.
---
The Law Your Associates Have Never Heard Of
French professional secrecy law covers all client data handled by accountants. It is a legal obligation enforceable under Article 226-13 of the French Penal Code — not a voluntary courtesy, not a best-practice guideline. Forwarding client financial data to a US AI service for any purpose, including formatting a report, can constitute an unauthorized disclosure punishable by up to one year in prison and €15,000 in fines for the individual accountant who hit send. The engagement letter does not protect them. The NDA does not protect them. The fact that the tool produces better-formatted output does not protect them.
Most associates doing this have no idea the legal exposure is personal. Most managing partners who know their teams use ChatGPT have not communicated that the liability traces back individually, not just to the firm.
---
Pre-Installed AI Nobody Asked For
Shadow AI in accounting firms didn't begin with a deliberate decision. At many firms, it began without any decision at all. Microsoft Copilot — active by default in Microsoft 365 subscriptions — automatically processes spreadsheet data through Microsoft's AI infrastructure when enabled. Your firm didn't decide to use AI for client work. That decision was made when IT renewed the Office 365 contract without a specific audit of AI feature defaults. Spreadsheets containing client financials, audit working papers, and quarterly tax strategies have been processed through Microsoft's AI infrastructure at millions of firms globally, in many cases without the managing partner being consulted.
77% of accounting professionals paste confidential client data into AI tools — and 82% do it from personal accounts with no company oversight, according to LayerX's 2025 data. At an average of 223 sensitive data incidents per company per month (Netskope, January 2026), accounting firms are not facing a theoretical risk. They are statistically overdue for an enforcement event.
---
Three Names That Should Focus the Mind
Samsung's engineers were also "just trying to work faster" in March 2023 when three separate teams pasted confidential semiconductor source code and internal meeting notes into ChatGPT. Samsung banned AI tool use across all 160,000 employees globally within weeks — after the data had already left the building.
In May 2025, the Irish Data Protection Commission issued a €530 million GDPR fine against TikTok specifically for routing EU user data through non-EU servers — the largest data protection fine of 2025. The violation was cross-border data transfer, which is precisely what occurs when client financials are processed by a US AI tool from an EU accounting firm. Regulators have now demonstrated both the legal theory and the willingness to impose large penalties without hesitation.
Apple, JPMorgan, Goldman Sachs, and Deutsche Bank have all formally restricted or banned ChatGPT for sensitive work. These are organizations with dedicated compliance departments and in-house counsel who assessed the risk and acted. Most accounting firms have neither the written policy nor the enforcement mechanism those companies brought to the same question.
---
The Uncapped Number
GDPR fines are capped at 4% of global annual revenue. For a mid-size accounting firm billing €10 million annually, the maximum regulatory penalty is €400,000. A professional indemnity claim from a client whose M&A strategy leaked before a deal closed is entirely different — it is whatever the deal was worth, minus the deal that didn't close, multiplied by the strength of the client's legal team. Professional indemnity claims in accounting firms go to the partner who signed the engagement letter, not to the tool vendor. The tool vendor's enterprise contract caps their liability at 12 months of subscription fees. The arithmetic of exposure is on the client's side of the table.
Second-order consequences compound the first-order ones. GDPR requires notifying every affected client within 72 hours of discovering a personal data breach. Notifying 50 corporate clients that their financial data was processed by an unauthorized US AI system — during live transactions, during audit periods, during tax filing windows — creates a client relationship crisis that no communication strategy fully contains. The firm that explains its AI data handling practices before an incident owns the narrative. The firm explaining it after owns the consequences.
---
The Test You Already Know How to Apply
Would you tell your client directly: "We used a free AI tool to format your M&A analysis, and that tool may have used your financial data to improve its model for other users"? If the answer is no — if you wouldn't say it plainly — that is the complete test of whether the practice is acceptable. Accounting is a profession built on client trust and personal discretion going back centuries. Sovereign AI tools protect the thing that makes accounting valuable: the absolute confidence that a client's financial intelligence leaves the building only when the client decides it should.
The productivity gains are real. Associates save two hours on a complex report. AI tools make their work better and faster. The problem isn't that these tools work. The problem is which AI delivers those hours. The productivity savings and the confidentiality obligation are not in conflict — provided the tool processing client data runs on authorized infrastructure, within EU jurisdiction, with a complete audit trail your firm can produce on request.
---
What Sovereign AI Looks Like for an Accounting Firm
Stralevo processes client financial documents on your infrastructure. The associate asks the question, formats the report, runs the analysis — same speed, same quality — and every query is logged with a complete audit trail showing exactly which documents were processed, by whom, at what time, on which system. No client data crosses US jurisdiction. No CLOUD Act exposure. No professional secrecy event disguised as a formatting shortcut.
When a client's procurement team asks — and enterprise clients handling M&A transactions are already beginning to ask — "which AI systems processed our financial data during this engagement," the answer is specific, documented, and auditable: "Here is the list. Here are the isolation guarantees. Here is the audit trail." That answer is what client retention looks like in a market where the firms that built sovereign AI practices early have a documented advantage over firms still explaining why their team used a free tool for a sensitive mandate.
Firms that move first capture something beyond compliance: the mandate for the next sensitive transaction, from the client who asked the question and received a clear answer. Financial AI built on sovereign infrastructure isn't a compliance checkbox. It is the infrastructure of a trustworthy practice.