Financial Advisors

Is It Safe to Use ChatGPT With Client Data? What Financial Advisors Need to Know.

May 2026

By Mark Reeves — author of all 47 AI Field Guides. Written and tested in a working business.

AI-generated portrait. Pen name. Real work.

The honest answer is no — but the practical path forward is less complicated than you think.

You have a client's complete financial picture sitting in front of you. Assets, liabilities, income, family situation, retirement goals, estate wishes. You're about to draft a plan or a letter, and you're wondering: can I just drop this into ChatGPT to speed up the work?

Here is the straight answer. But before you read on: check the last AI prompt you sent for client work. Did it contain a name, account value, Social Security number, or family detail? If yes, Regulation S-P exposure may already be live — regardless of the tool's privacy settings.

Standard ChatGPT Is Not the Right Tool for This

Standard ChatGPT — the version at chat.openai.com — stores your conversations. Historically, OpenAI used that conversation data to improve its models. Users can opt out of training, but opting out of training and opting out of storage are two different things. Your prompts and the data inside them still live on OpenAI's servers by default.

When you put a real client's name, account values, Social Security number, or family details into that interface, you've transmitted sensitive financial data to a third-party system with no data processing agreement covering it. If your firm is subject to Regulation S-P — which governs the safeguarding of client financial information and applies to RIAs and broker-dealers — that's a real exposure.

It's not theoretical. In 2023, Samsung engineers accidentally leaked proprietary source code via ChatGPT three times in a month before the company banned it. Financial data has different legal weight, but the same basic problem applies: data you put in goes to a system you don't control.

What "Safe" Actually Means for Financial Professionals

For AI use to be genuinely compliant for your practice, you need one of three things.

First, a tool with a signed data processing agreement (or Data Privacy Framework equivalent) that covers financial data. This is the enterprise version of what BAAs are to healthcare — a legal contract that governs how the vendor handles the data you give them.

Second, an enterprise AI deployment with data isolation. ChatGPT Enterprise and Microsoft Copilot for M365 (with appropriate configuration) offer versions where your organization's data is not used to train models and is isolated from other tenants. These aren't the free tools. They require a contract and typically a per-seat subscription.

Third, using AI only with de-identified or hypothetical data. If there is no real client in the prompt, there's no real data being exposed.

Most independent advisors don't have access to an enterprise deployment yet. Which brings us to the practical middle ground.

The Practical Middle Ground That Actually Works

You can use standard ChatGPT productively and compliantly — as long as you never put actual client data into the prompt.

Here's what that looks like in practice.

Drafting client communications. Write your prompt with placeholders: "Draft a letter to [Client Name] explaining the rationale for shifting [X%] of their portfolio from growth equities to income-generating bonds given their [age]-year retirement timeline." Fill in the real details yourself after the AI gives you the structure and language. You get 80% of the value with none of the exposure.

Creating template language. Use AI to build reusable templates — annual review summaries, onboarding questionnaire frameworks, estate planning checklists, beneficiary designation reminder letters. No client data required. The templates are the output.

Explaining complex concepts. Ask AI to explain a Roth conversion ladder, the SECURE 2.0 catch-up contribution rules, or the difference between a GRAT and a SLAT in plain English. You're pulling from public financial knowledge, not uploading anything about a client.

Drafting meeting agendas. "I have a meeting with a client who's 58, planning to retire in 7 years, has significant 401(k) assets, and is worried about sequence-of-returns risk. What topics should I cover?" — no real client, useful output.

The principle is simple: real client data stays out of the prompt. Hypothetical scenarios and placeholder structures can go in.

The Shadow AI Problem No One Wants to Talk About

Here's the uncomfortable data point: 55% of workers use unapproved AI tools even when their employer has explicitly banned them.

If your firm has prohibited AI tools and you're reading this article, you're probably not the only person at your firm who is curious. The question is whether the policy or the workaround creates more risk.

A blanket ban on AI is a reasonable response to a genuine compliance uncertainty. But it has a failure mode: it doesn't stop usage, it just drives it underground. And unsupervised, undocumented AI use by advisors is arguably worse from a compliance standpoint than a supervised, policy-governed deployment.

The better outcome for firms is not a ban but a framework: approved tools, documented use cases, clear rules about what client data can and cannot touch any AI system. That protects clients and advisors both.

If you're in a firm that hasn't built that framework yet, working with hypothetical and de-identified prompts keeps you on the right side of the line while the industry catches up.

Why Claude Produces Better Output for Financial Work Than Standard ChatGPT

The guide linked at the bottom of this article focuses on Claude, the AI built by Anthropic. There's a reason I recommend it for financial professionals over standard ChatGPT.

Claude is built with precision and careful reasoning as explicit design goals. It's more likely to flag when it's uncertain, less likely to fabricate financial statistics, and better at holding structured context in a long document. Anthropic has also built Claude with a notably strong approach to declining harmful or non-factual outputs.

That doesn't mean Claude is compliant for client data in its standard consumer form — the same data handling cautions apply. But for the compliant use cases (templates, concept explanation, communication drafting with placeholders), Claude tends to produce cleaner, more accurate financial language than the default ChatGPT output.

Before you move on — a prompt you can run right now:

Open Claude or ChatGPT. Paste this (no client data required):

"Draft a letter to a client explaining why we're recommending a shift from a growth-oriented equity allocation toward income-generating assets as they approach retirement. The client is in their early 60s with a 7-year retirement timeline. Keep the tone clear and direct, not overly technical."

Review what comes back. That's the practical middle ground in action: structured financial language, no real client data in the prompt, useful draft in under 30 seconds. Edit the specifics yourself before sending.

This article covers the data safety question and the three compliant use cases. It doesn't cover how to document your AI use in a way that satisfies FINRA supervision requirements, what a data processing agreement actually needs to say before it covers client financial data, or how to build the firm-level AI policy that stops the shadow AI problem before it becomes an exam finding. Those gaps are where the real compliance exposure is.

Related reading

• Getting started with AI as a financial advisor: the compliance framework
• Is it safe to use ChatGPT with client data?

Mark Reeves is a pen name. AI Field Guide publishes role-specific, practical guides for using AI tools in real work.