Back to lumenii.io
Lumenii

AI Policy

Manage, distribute and track acknowledgment of AI governance policies

AI Acceptable Use Policy

v1.0Published

Governs how employees may use AI tools, which tools are permitted, data handling requirements, and disciplinary consequences for misuse.

Owner: Chief Compliance OfficerUpdated: 14 Mar 2026Review due: 14 Mar 2027
SYSC 13.9 — OutsourcingConsumer Duty — PRIN 2ASM&CRUK GDPR Art.28
Employee acknowledgment38/52 (73%)
Distribute

Data Classification Policy

v1.2Draft

Defines data categories (Confidential, Restricted, Public) and prohibits input of classified data into unapproved AI tools without explicit authorisation.

Owner: Head of TechnologyUpdated: 10 Mar 2026Review due: 10 Sep 2027
SYSC 13.9 — OutsourcingUK GDPR Art.32 — SecurityFCA MAR
Employee acknowledgment0/52 (0%)
Distribute

AI Vendor Approval Process

v2.1Published

Defines the formal workflow for evaluating, approving and onboarding third-party AI vendors — including DPA requirements, security review checklist, and sign-off authority.

Owner: Head of TechnologyUpdated: 1 Feb 2026Review due: 1 Feb 2027
SYSC 13.9 — OutsourcingUK GDPR Art.28 — Data ProcessorConsumer Duty
Employee acknowledgment24/52 (46%)
Distribute

Regulatory Framework Coverage

Which FCA regulatory obligations each policy addresses

PolicySYSC 13.9SM&CRConsumer DutyFCA MARUK GDPR
AI Acceptable Use Policy
Data Classification Policy
AI Vendor Approval Process