AI-Assisted Development
AI coding assistants are powerful tools, and you are responsible for everything they produce. Used well, they speed up the work. Used carelessly, they add hidden bugs, insecure patterns, and licensing or data-leak risks, and they do it fast. The rule is simple: you own the code. So you must understand it, review it, and verify it, exactly as if you wrote every line yourself.
AI assistants are confident, fluent, and often wrong in ways that look right. They invent APIs that do not exist, copy insecure patterns from their training data, miss the security and tenancy concerns in our domain, and can suggest code that does not fit our rules at all. Treat their output as a draft from a fast junior who is not accountable. It is a starting point to understand and check, never a finished answer to paste in.
Two risks are specific to a regulated business. First, data: prompts and context sent to an external AI service leave our control, so customer data, secrets, and proprietary code must never go into them. Second, accountability: an AI cannot be responsible for a fail-open AML check or a cross-tenant leak. You can. Speed is welcome. Giving up your judgement is not.
Own what the AI produces
- DoUnderstand every line you accept. If you cannot explain why it is correct and safe, do not ship it.
- DoReview and test AI-generated code to the same standard as hand-written code. Pay extra attention to security, tenancy, and fail-closed behaviour.
- DoUse AI for the right tasks: boilerplate, tests, refactors, and exploring an approach. Then check its output against our guidelines and the real docs.
- ConsiderChecking that suggested APIs and library calls actually exist and work as claimed. Assistants confidently invent ones that only look real.
- AlwaysTake personal responsibility for AI-generated code as if you wrote it. Review it, understand it, and verify it before it ships.
- NeverMerge AI-generated code you do not understand, or trust it for security or compliance-critical logic without careful verification.
Protect data, secrets, and IP
- DoUse only approved AI tools and settings, and keep anything sensitive out of your prompts.
- DoWatch for licensing. AI can reproduce code that carries obligations or restrictions. Do not add IP risk without checking.
- ConsiderThat AI output follows common patterns, not our standards. It will not know our tenant model, our fail-closed rules, or our regulatory limits unless you apply them.
- Do notLet AI produce code faster than people can review it. Generating code faster than anyone can check it just ships defects faster.
- NeverPut customer data, PII, secrets, credentials, or confidential code into a prompt or context sent to an external AI service.
// pasted a real failing query (with live connection string + customer rows)
// into an external chatbot, then merged its 'fixed' query unread
Two failures at once. Customer data and a secret were sent to an external service, which is a breach. And unreviewed code, quite possibly missing the tenant filter, was merged on trust. Speed bought a vulnerability.
// asked for a paginated query pattern using only a synthetic schema,
// no real data or secrets; reviewed the result against Multi-Tenancy
// and Data Modelling, added the TenantId predicate it omitted, tested it
The assistant sped up the draft, and the engineer stayed responsible. Nothing sensitive left our control, and the output was checked against our rules before shipping.
Self-review checklist
- AskCan I explain why every line I accepted is correct and safe?
- AskDid I review this to the same standard as hand-written code, especially the security and tenancy parts?
- AskDid any customer data, secret, or confidential code go into the prompt?
- AskAm I generating code faster than it can be reviewed?