AI risk management for businesses. Not just enterprises.
Your team is already using AI.Do you know what it is doing with your data?
Modulos shows you which AI tools your team is using, helps you put a policy in place, and gives you something to show your clients and your board. No specialist compliance team needed.
Know which AI tools your team is using right now and how
Put an AI policy in place in days, not months
Get audit-ready and demonstrate compliance to clients and your board
ISO/IEC 42001 Product Conformity | SOC 2 Type 2 | Trusted by 200+ organisations
Trusted by 200+ organizations
Modulos customers include aDigital, SCSK, ETH, PwC, Berner Fachhochschule, Mobile Health, Serai, CertX, JobCloud, Xayn, Beyond Gravity, Armasuisse.
Your team is using AI tools you did not approve.
Here is what that means for your business.
250%
Shadow AI growth year on year
(Zendesk, 2026)
76%
Organisations using AI without a governance programme
(G2, 2026)
40-60%
AI use happening outside IT awareness in audited organisations
(EPC Group, 2026)
50%
Customer service agents using shadow AI tools
(Zendesk CX Trends, 2026)
Most businesses in the 50 to 500 employee range are already using AI tools without realising it. ChatGPT is in email workflows, Copilot is embedded in Microsoft 365, and Gemini is processing customer queries in CRM platforms.
Often, none of this usage has been formally reviewed, and if something goes wrong, the business is exposed. Not just to a fine, but to a client call you did not want to take, a breach notification you were not ready for, and a board question you could not answer.
Find out where your business stands. Complete the AI risk calculator in about three minutes.
What Modulos does for a business your size
See what AI your team is using
Modulos discovers every AI tool in use across your business, including the ones your team did not tell IT about. You get a complete picture in one place.
Put a policy in place without a compliance team
Modulos guides you through building an AI usage policy in plain language. Downloadable, editable and ready for your team. No external consultant needed.
Show your clients and your board you are on top of it
When a procurement questionnaire asks about your AI governance, or your board asks what you are doing about AI risk, Modulos gives you something to show them.
We thought AI governance was only for big companies.
A professional services firm with 180 employees used Modulos to discover 23 AI tools in use across the business, build an AI policy, and complete their first AI audit in six weeks. One person ran the whole process part-time.
Operations Director, 180-person professional services firm, UK (anonymised)
Find out how exposed your business actually is.
A structured estimate of your AI liability exposure, broken down across five risk categories. Free, no login required, and takes about three minutes.
Returns a 90% confidence interval on expected annual loss, a downloadable PDF report, and a breakdown across technical, operational, legal, ethical and governance risk categories.
Start the AI risk calculatorWhat non-compliance costs
GDPR and EU AI Act penalties for businesses of all sizes
Up to £30M
or 6% of global turnover for prohibited AI practices under the EU AI Act
Up to £12.5M
or 3% of global turnover for high-risk AI non-compliance under the EU AI Act
Up to £17.5M
or 4% of global turnover for serious GDPR breaches involving employee AI use or data leakage
UK applicability note
For UK-based organisations operating in the EU or processing data of EU residents, the EU AI Act creates compliance obligations regardless of where you are headquartered. If your business has EU customers, EU suppliers, or processes data of EU residents, the Act may apply to you. Modulos helps organisations in the UK and across Europe understand their obligations and manage them in one place.
Frequently asked questions
Almost certainly yes. The EU AI Act applies to any organisation that uses AI systems, not just those that build them. If your business uses AI-powered tools for hiring, customer service, credit decisions, fraud detection or any operational process, you are likely in scope. Many tools that organisations use every day, including HR software, CRM platforms and automated scheduling systems, fall into categories that carry compliance obligations. If you operate in the EU, sell to EU customers, or process data of EU residents, the Act applies regardless of where your organisation is headquartered. UK businesses with EU customers are included.
Find out how exposed your business actually is.
Complete the AI risk calculator in about three minutes. No account needed.