Implementing AI inside a firm handling HNW client data is a high-stakes decision. This page sets out where Anthropic's controls do meaningful work, where the firm's IT and compliance functions retain ownership, and what we will and won't ask for.
This is a contractual commitment under Anthropic's Commercial Terms — not a toggleable setting. Customer Content stays out of model training, full stop. Data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
Independent audit of controls over time — not just on paper.
Information Security Management Systems.
AI Management Systems — the international standard for AI governance.
Verify at trust.anthropic.com. Detailed SOC 2 reports available under NDA on request.
Continuous record of user actions, project activity, data access, file uploads, authentication. Exportable as CSV by Org Owners.
Programmatic access to activity logs, chat histories, file content by user and time range. Forensic retrieval on demand.
Configurable per chat and per project. Zero Data Retention available via contractual addendum for the most sensitive workloads.
Centralised identity. Automated provisioning and de-provisioning when staff leave or change roles.
Network-level access restrictions and role-based access controls.
Files remain inside your firm's tenant. The integration is governed by four mechanisms, each controlled by your IT function:
Claude inherits each user's existing M365 permissions. If a junior administrator cannot see a folder today, Claude cannot either.
The connector cannot edit, delete, send, or create. All outbound actions remain human.
In Microsoft Entra ID, IT sets Assignment required = Yes. Only users IT assigns can authenticate the connector.
IT can switch off any permission category — SharePoint, Outlook, Teams, OneDrive — or restrict to specific sites.
Anthropic's controls are real and well-designed, but they don't substitute for ongoing operational discipline. We name the residual risks here so the firm, IT, and operations all see them clearly.
If a CDD pack or piece of correspondence contains content engineered to redirect Claude's behaviour, human review of every consequential output is the mitigation.
Every control assumes humans actually read AI output before signing or sending. If review becomes rubber-stamping, the controls become theatre.
Permissions set on day one are not the permissions you will have in year three unless someone owns reviewing them. Quarterly access review by IT is the answer.
Claude is usually right — which is what makes the wrong moments dangerous. Train staff to verify rather than trust, especially on figures, names, dates, and jurisdictional detail.
All configurations, projects, prompts, and rule sets reside in your firm's own tenant. If the engagement ends, the firm retains everything. We take nothing with us.
| Domain | Owner |
|---|---|
| Platform compliance, security architecture, Entra ID scoping, audit log review | Your IT function |
| Retention policy, user provisioning approvals, connector enablement | Your firm's owners |
| Regulatory, signatory, banking, and compliance decisions on client matters | Your Compliance & Directors |
| Build quality, automation logic, prompt and project configuration, staff training | ctrlroom.ai |
| Model behaviour, platform certifications, contractual data handling | Anthropic |
Deployments are read-only by design. Outbound actions remain human.
No signatory authority. No payment instructions. No call-back verification.
Your IT function holds every admin role. We operate as a configured user under your governance.
A serious vendor risk assessment is the right first step, not a checkbox cleared once work has started. We recommend your committee and IT function request the following from Anthropic before the build queue begins:
Available under standard NDA via trust.anthropic.com.
The DPA covers SCCs for international transfers and establishes the customer as data controller.
Available via contractual addendum for the most sensitive workloads.
We can request expedited engagement from Anthropic's compliance team to support your due diligence, not to bypass it.
Questions for IT or Compliance before you go further?