Building an AI risk register for your small business
Most AI risk registers are bloated and useless. The version that actually helps a small business fits on one page and covers eight specific risks.
A "risk register" sounds like the sort of document that lives in a filing cabinet, never gets opened, and is dusted off when the auditor arrives. For most SMEs that is exactly what an AI risk register would become if treated like a corporate compliance exercise.
There is a more useful version. One page. Eight risks specific to AI use in a small business. A practical mitigation for each. Reviewed every six months. This article gives you the template.
Why an AI risk register matters for SMEs
Three reasons.
1. Demonstrating reasonable care. If something goes wrong with AI in your business - data leak, hallucinated output sent to a client, vendor disappearing - the question becomes "what reasonable care did you take?". A documented risk register is the answer.
2. Forcing a conversation. Writing the risks down forces decisions. "What happens if our AI vendor doubles their price?" is a question you should answer before it happens, not afterwards.
3. Onboarding. When you bring a new staff member in, the risk register tells them what the dangerous corners are. It is faster than them learning by accident.
The eight risks
Most SMEs face the same eight categories. The detail differs by business; the categories repeat.
1. Data leak
The risk: someone in the business pastes confidential client data into a free consumer AI tier, where it may be used for training or accessed by support staff at the AI provider.
Mitigation: a clear list of approved tools (paid business tiers only), a clear list of categories that never go into AI, named accountability. The AI policy template covers this.
2. Hallucinated output sent
The risk: AI invents a fact, citation or detail that is not real, and the staff member sends or publishes it without spotting the error.
Mitigation: review-before-send rule for any AI output going external. Prompting for accuracy techniques for high-stakes work.
3. Vendor lock-in
The risk: you become dependent on a specific tool, the vendor raises prices, changes terms, or shuts down, and you cannot easily move.
Mitigation: prefer tools that allow data export. Avoid tools that lock in custom prompts, fine-tunings or knowledge bases without a clear export path. Keep your saved prompts in a portable format (text files, not just inside one tool).
4. Cost creep
The risk: subscriptions accumulate. The free trial becomes a paid subscription. The Pro tier becomes the Team tier. Six months in, AI is costing five times what you budgeted.
Mitigation: a single named owner of AI tooling cost. Quarterly review of what is being paid for and used. A standing rule: any new AI subscription requires the owner's approval before purchase.
5. Skill atrophy
The risk: staff lose the skill of writing, summarising or analysing without AI. When the tool is unavailable - outage, contract dispute, particular task it cannot handle - the work cannot get done.
Mitigation: AI is for drafts and acceleration, not as a substitute for human judgment. Periodic AI-free work, particularly for senior staff, keeps the underlying skill alive.
6. Compliance drift
The risk: a change in regulation (UK AI rules, GDPR, sector-specific) makes your current AI use non-compliant, but no one notices until it is flagged.
Mitigation: a six-month review of AI use against current regulation. Subscription to a relevant compliance feed (ICO updates if data-heavy, your industry regulator otherwise).
7. Tool deprecation
The risk: an AI feature you depend on is changed or removed by the vendor. The model behaves differently after an update. The tool is acquired by another company with different priorities.
Mitigation: keep workflows model-agnostic where possible. Document which prompts work with which models. When a tool changes, test critical workflows before assuming continuity.
8. Reputation
The risk: a customer-facing AI behaves badly - an offensive output, a wrong answer, a clearly hallucinated reply - and the business is publicly embarrassed.
Mitigation: human review of all customer-facing AI output for the first six months of any deployment. Clear escalation path for edge cases. Test with adversarial inputs before going live.
The one-page format
Each row of the register has four columns:
- Risk (one line)
- Likelihood (low / medium / high)
- Impact (low / medium / high)
- Mitigation (what we do about it)
Eight risks, four columns, one page. Anyone in the business can read it in three minutes. That is the bar.
Reviewing the register
Review every six months minimum. Specifically:
- Are any risks now lower because of mitigation we have put in place?
- Have any risks become higher (new tools, new tasks, new regulations)?
- Are there new risks we did not have six months ago?
- Has any risk actually materialised? What did we learn?
Diary the review. Treat it as 30 minutes twice a year. That is enough to keep it useful.
When to escalate
If you are in a regulated industry (financial services, healthcare, legal services), this template is a foundation, not the full picture. Specific regulators have specific AI risk requirements that go beyond this. Use this register plus your regulator's guidance.
For unregulated SMEs, this template plus the AI policy template is enough for most cases.
The honest summary
An AI risk register that fits on one page is the version that gets read. Eight risks cover most SME territory. The categories are stable; the specific entries change as your AI use evolves.
If you would like a hand drafting your version, that is a 30-minute conversation in a discovery call. The third session of the AI Breakfast Club training also covers governance and risk in detail.