The AI Footnote
A weekly Wednesday series from Andreea Anca, founder of Norvanta and creator of Lexendo. Peer-to-peer notes for partners and practice owners on where AI risk intersects with insurance, cyber, AML, and audit.
Something changed this year in how AI tools are built, and it is worth understanding even if you never build one yourself. People used to write prompts. The newer tools do not work that way.
Read note →A UK accountant carries a personal duty to report suspicion. Now put an AI tool between you and the source of funds documents. If an injected or doctored file shapes an AML conclusion, the suspicion you were required to form never forms. The regulation still points at you. The software points at nothing.
Read note →Imagine you hired someone last month. Frighteningly fast. They read every document that comes into the firm before you've finished your coffee. They never get a bad feeling about a file. They believe everything they read, and then they act on it. Your new hire? AI.
Read note →A boutique firm's AI assistant follows a hidden instruction in a client spreadsheet and emails the firm's master contact list to the sender. The breach is found nine days later. The ICO clock starts. This is what indirect prompt injection looks like when the AI is allowed to act.
Read note →A PDF with hidden text told an AI assistant to misclassify supplier payments. The accountant signed off. Months later, HMRC opens a review. Read your PI renewal form. Look for a question about prompt injection. You will not find one.
Read note →