By Hakan Akcan · Reepa Solutions
If 2024 was still asking whether employees should be using ChatGPT, Microsoft Copilot or Claude at all, 2026 poses a different question: how do management and data protection officers ensure that staff use AI tools safely, productively and in compliance with regulations — and that usage is documented. Since 2 February 2025, Article 4 of the EU AI Act has been in force, creating an explicit obligation to maintain AI competency within the organisation. At the same time, a Bitkom survey from early 2026 shows that more than half of German employees use AI tools professionally — often bypassing IT, on personal accounts, without training, without a policy, without a data processing agreement. This situation is regulatorily risky and operationally expensive. This article explains why AI training in 2026 is a management priority, which three target groups you need to distinguish, which curriculum building blocks belong in an effective programme, how to prevent shadow AI through a smart tool policy rather than blanket bans, which training formats work and which three KPIs let you measure success reliably. For strategic context see our AI Guide for SMBs.
Why AI training in 2026 is a management priority
Until early 2025, AI training at SMBs was a voluntary measure — sensible, but not compelled. That changed on 2 February 2025. Article 4 of the EU AI Act has been directly applicable since that date and requires every provider and deployer of an AI system to "take measures to ensure, to their best extent, that their staff and other persons dealing with the operation and use of AI systems on their behalf have a sufficient level of AI literacy". In plain terms: every SMB that uses ChatGPT Enterprise, Microsoft Copilot, Claude for Work, Gemini for Workspace, its own RAG system or a purchased industry-specific AI product must demonstrably train its employees.
The obligation applies even for low risk classes — the wording of Article 4 is deliberately broad. Even companies that exclusively use Copilot in Word and Excel fall under the literacy obligation. Details in our cluster on EU AI Act for SMBs.
Three additional drivers are pushing the topic onto the management agenda. First, the GDPR: Article 32 requires training as a technical and organisational measure — see AI and GDPR. Second, co-determination under employment law: the Federal Labour Court clarified in 2024 that the use of AI in the workplace can be subject to co-determination under § 87 of the Works Constitution Act. Third, cyber insurers: since 2025 some policies exclude losses from prompt injection or data leakage if no documented training programme is in place.
Three target groups, three curricula
The most common mistake in training programmes is assuming all employees need the same curriculum. That is not the case. An effective AI awareness strategy distinguishes at least three target groups with their own content, formats and learning objectives.
| Target group | Learning objective | Format | Depth |
|---|---|---|---|
| All employees | What is permitted, what is off-limits, who to contact with questions — AI literacy foundation | 1-hour mandatory onboarding plus annual refresher | Conceptual and policy-oriented, no tool depth |
| Power users (multipliers) | Use tools safely and productively, support colleagues, identify use cases | 4-hour hands-on workshop plus monthly drop-in session | Practical, with real tasks from their own department |
| Management and department heads | Strategy, governance, liability, metrics for AI in the organisation | 2-hour closed executive workshop, annually | Regulation, responsibility, roadmap, ROI |
In practice, power users are the lever with the greatest impact per training euro. A multiplier in the accounting team who provides low-barrier support to their colleagues generates more sustainable adoption than two additional central workshops. Identifying, releasing and connecting one or two power users in every department builds a self-sustaining learning infrastructure.
The mandatory introduction for all employees serves a dual function: it fulfils the EU AI Act literacy obligation and communicates the tool policy in a binding way. This is precisely the mandatory introduction you should be able to present as evidence at any supervisory enquiry or supplier audit — including attendee list, date, content and test result.
Curriculum building blocks that actually matter
An effective AI awareness curriculum consists of five content building blocks. The depth varies by target group; the topics are the same.
- Foundations of large language modelsWhat an LLM does, why it calculates probabilities for words, that it has no knowledge but patterns, that it does not perform genuine source searches and that it will confidently give wrong answers when uncertain. Without this basic understanding, everything else is just click-through training with no real effect.
- Prompt basicsHow to phrase a request so the model responds helpfully — role, context, task, format, examples. No magic tricks, just a handful of patterns that cover 80 percent of use cases. More depth in our cluster on Prompt Engineering for Businesses.
- Data protection and confidentialityWhich data may go in, which may not. Personal data only in approved tools with a data processing agreement and EU data residency. Business secrets only in closed workspaces. Client data, patient data, employee data never in consumer tools. Concrete examples from your own organisation outperform abstract GDPR lectures.
- Hallucinations and source verificationHow to recognise when the model is making things up — typical warning signs such as overly polished phrasing, precise figures without source references, invented paragraph numbers. Practical verification routines: spot-check facts, check the original source for legal matters, double-check figures.
- Safe tool use in everyday workWhich tools are approved, how to log in, where to document use cases, who to contact if uncertain. Plus clear escalation paths for unintended data disclosure — what to do if you accidentally entered confidential information into a consumer tool.
Important: all five building blocks should be filled with examples from your own organisation wherever possible. Generic slides from the internet are sufficient for AI literacy documentation, but not for genuine learning outcomes. A draft email from your own sales team, an analysis from your own reporting, a risk assessment from your own compliance practice — those are the exercises that stick.
Request a free awareness consultation
Want to set up an AI training programme or professionalise an existing one? We offer a free 30-minute initial consultation — we assess your current AI literacy maturity, propose a suitable curriculum and deliver a realistic roll-out plan including works council argumentation.
Request a free AI training consultationHands-on exercises that stick
Experience from dozens of workshops: three to five exercises per workshop is enough — more content overwhelms. Exercises should be realistic, well-defined and verifiable. The following exercises have proven effective:
Exercise One — Data protection triage. Ten fictional prompt inputs are shown and participants categorise each into three classes: permitted in any tool, only in EU data residency, not permitted at all. The discussion of borderline cases reveals where the tool policy needs to be supplemented.
Exercise Two — Prompt improvement. A weak prompt is iteratively improved with role, context, task and format. Both versions are run and compared — the aha moment is consistently significant.
Exercise Three — Hallucination hunt. A model-generated response with hidden false facts — a fabricated study, a wrong paragraph number, a made-up statistic. Participants search for errors. For many, this is the first time they develop the necessary scepticism.
Exercise Four — Real use case. Each participant brings an anonymised task from their daily work and solves it under guidance. The result goes into the use-case backlog.
Exercise Five — Escalation simulation. Scenario: confidential personnel file content has accidentally ended up in a consumer ChatGPT. What to do, in what order, who is informed. Critically important in a real incident.
Avoiding shadow AI — tool policy instead of bans
Shadow AI is the use of AI tools bypassing IT: personal ChatGPT accounts in the browser, personal Claude Pro subscriptions on company laptops, free Gemini inputs during a lunch break. The typical reaction from many organisations is a technical or organisational ban. This does not work. Employees switch to personal devices, hotspot their phones, use tools via browser extensions or through third-party systems. The problem is not eliminated — it becomes invisible, and the regulatory situation worsens because no governance is possible.
What works is a clear tool policy with three lists and an escalation address:
- Green list — unrestricted approval. Tools with a data processing agreement, EU data residency and a documented security assessment. All approved data types may be processed here, including personal data in the normal scope of business. Typical candidates: Microsoft Copilot for Microsoft 365, ChatGPT Enterprise, Claude for Work, Gemini for Workspace.
- Yellow list — tolerated for clearly defined use cases. Tools that may be used for specific tasks without personal data and without business secrets — such as publicly available research tools, code examples without internal references, general brainstorming.
- Red list — prohibited. Specifically named tools with justification, such as absent data processing agreement, US data residency without safeguards, documented data protection issues or known security incidents. Important: the red list must be justified and maintained — it must not be a blanket ban on everything outside the company's own stack.
In addition, a low-barrier escalation address is needed — a shared email address, a Microsoft Teams channel or an internal form. Anyone wanting to try a new tool reports it briefly, describes the use case and receives a reasoned approval or rejection within one to two weeks. This escalation address is also the most important data source for the ongoing maintenance of the tool lists.
AI policy in the organisation — template
A written AI policy is the foundation of any training. It must be short, readable and concrete — not a ten-page legal treatise, but a two- to three-page document with clear statements. The following components are essential:
| Section | Content | Example wording |
|---|---|---|
| Purpose and scope | Who is covered, which tools are covered | "This policy applies to all employees when using generative AI systems in a professional context." |
| Approved tools (green list) | Specific tool names, licence type, login method | "Microsoft Copilot for Microsoft 365 via company account. ChatGPT Enterprise via single sign-on." |
| Permitted data types | What may be entered, what may not | "Permitted: internal documents without a special protection level. Off-limits: personnel files, salary data, client confidentiality, source code with third-party licences." |
| Prohibited tools (red list) | Specific tools with justification | "Personal ChatGPT accounts on company devices — no data processing agreement, no data residency control." |
| Escalation and responsible parties | Who to contact, who decides | "Report new tools by email to ki-governance@company.com. Decision within ten business days." |
| Labelling obligation | When AI-generated output must be marked as such | "Texts generated more than 50 percent by generative AI are labelled accordingly for internal use." |
| Sanctions | What happens in case of violation | "Violations are discussed without blame. Repeated or deliberate violations follow the regular employment law procedure." |
The policy should be agreed with the works council and the data protection officer and published visibly on the intranet — ideally linked from the onboarding workflow and briefly referenced in every training slot. An update frequency of six months is appropriate, as the tool landscape changes rapidly.
Training formats — what works when
The best curriculum is worthless if the format does not suit the target group. In practice, the following three-component structure has proven robust:
Component One — 1-hour mandatory onboarding for everyone. Mandatory for all employees, with a quiz at the end and automatic attendance confirmation. Content: what am I allowed to do, what is off-limits, where do I report questions. Plus three example scenarios from your own organisation. This onboarding is the evidence for the EU AI Act literacy obligation and must be completed when new employees join and refreshed annually.
Component Two — 4-hour workshop for power users. Voluntary, but actively promoted by department heads. Content: advanced prompt basics, hands-on exercises, data protection triage, building a use-case backlog for the department. Ideally in person, alternatively as two half-day remote sessions.
Component Three — monthly 1-hour drop-in session. Open to all power users and anyone with a specific question. Format: brief introduction of new use cases and tools, followed by two or three practical questions from the floor, then ten minutes on regulatory updates. This drop-in session is the most important anchor against knowledge decay and the fastest feedback channel for policy maintenance.
A lightweight e-learning track for asynchronous refreshing helps too — five to seven micro-modules. Pure e-learning without a synchronous format is insufficient — workshops and drop-in sessions carry the greatest impact.
Success measurement with three metrics
Anyone who sets up an AI training programme should also measure it. Otherwise the programme remains a matter of faith in management discussions. Three metrics are sufficient for a reliable picture and fit into any quarterly reporting:
- Adoption rateThe share of employees in the target group who have actively used the approved AI tool at least five times in the past 30 days. Microsoft Copilot, ChatGPT Enterprise, Claude for Work and Gemini for Workspace all provide this telemetry. Target after six months: above 40 percent in the knowledge worker target group, above 65 percent after twelve months.
- Use-case backlogThe number of documented, team-validated use cases with an estimate of time or quality savings. This figure measures whether the knowledge from workshops is being converted into productive application. Target after six months: at least three documented use cases per department with more than 20 employees.
- Confidence surveyA short biannual questionnaire with two to four items on self-efficacy, tool confidence and perceived organisational support — five-point Likert scale. Rising confidence over several quarters is the most reliable indicator of sustainable learning outcomes. Target after twelve months: average 3.8 out of 5 or higher.
These three metrics should be segmented by department, function and power-user status in the quarterly report to management. Collecting them consistently allows training gaps to be identified early and content to be sharpened in a targeted way, rather than flying blind.
The Reepa Awareness Programme
Reepa Solutions offers a modular AI awareness programme designed specifically for German SMBs. The programme includes an initial assessment of current AI literacy maturity, the development of a tailored AI policy including works council and data protection coordination, delivery of mandatory onboarding content, a four-hour power-user workshop per department and the setup of a regular drop-in session in the first year. All content is consistently aligned with the EU AI Act, GDPR and German supervisory expectations and is filled with examples from the relevant industry context.
Typical project sizes range from €6,000 for an initial rollout with fewer than 100 employees to €25,000 for a year-long programme with multiple locations. A free initial consultation clarifies the right scope — content, format mix and roll-out. Let's talk without obligation.
Frequently asked questions
Is AI training at SMBs really legally mandatory in 2026?
Yes. Article 4 of the EU AI Act has been applicable since 2 February 2025 and requires every provider and deployer of an AI system to ensure a "sufficient level of AI literacy" in their staff and all other persons who deal with the AI system on their behalf. The obligation applies regardless of the risk class of the system and therefore also covers non-critical applications such as Microsoft Copilot, ChatGPT Enterprise or Claude for Work. The legislator does not prescribe a specific form, but supervisory authorities expect documented training measures, attendance records and role-based differentiation of content. A simple "we explained it briefly once" approach will not withstand scrutiny.
Ban or allow — what is the best way to deal with shadow AI?
Bans do not work in practice. If ChatGPT, Gemini or Claude saves an employee hours per week in their browser, they will use the tool — with or without official approval. What works instead is a clear tool policy with three lists: approved tools with a data processing agreement and EU data residency, tolerated tools for clearly defined use cases without personal data, and banned tools with justification. It is important that the approved list is powerful enough to cover the most common use cases — otherwise employees will work around it anyway. A low-barrier escalation address also helps: anyone who wants to try a new tool reports it briefly and receives an approval or rejection with reasons within a few days.
Which training formats work best in practice?
The most effective combination for SMBs is a three-tier structure: a one-hour mandatory introduction for all employees, a four-hour hands-on workshop for power users, and a monthly one-hour open drop-in session for ongoing questions from daily practice. The introduction covers the AI literacy obligation, the workshop builds real competence among multipliers, and the drop-in session prevents knowledge from decaying. Pure e-learning modules without a practical component generate click-through rates but not behavioural change — they are sufficient for mandatory documentation but not for real adoption.
Do management and the supervisory board need their own AI training?
Yes, and with content that differs from what the general workforce receives. Leadership needs to understand which AI systems are used in the company and for what purposes, who bears responsibility, what regulatory risks exist — especially the EU AI Act, GDPR and co-determination under employment law — and how adoption and ROI are measured. A two-hour closed workshop for management and department heads covers this. Topics like prompt tricks or model selection do not belong in this slot; governance, liability and strategic roadmap do. Supervisory board members have increasingly requested an explicit AI briefing since 2025 — proactively offering one avoids unpleasant surprises in board meetings.
How do we measure whether our AI training programme is actually working?
Three metrics are enough for a reliable picture. First, the adoption rate: the share of employees in the target group who have actively used the approved AI tool at least five times in the past 30 days — platform telemetry from Microsoft Copilot, ChatGPT Enterprise or Claude for Work provides this figure. Second, the use-case backlog: the number of documented, team-validated use cases, ideally with an estimate of time or quality savings. Third, the confidence survey: a short biannual questionnaire with two to four items on self-efficacy, tool confidence and perceived organisational support. Reporting these three values quarterly allows weaknesses to be identified early and training content to be sharpened in a targeted way.
Ready to make your workforce AI-ready?
Let's talk for 30 minutes with no obligation. We assess your current AI literacy maturity, propose a suitable curriculum and format mix, and deliver a realistic plan for the first 90 days — including an AI policy, works council and data protection argumentation.
Book a 30-minute conversation
IT security and cloud architect with over ten years of experience. Advises SMBs on AI strategy, EU AI Act compliance, GDPR and security awareness. Writes regularly about AI for SMBs, cloud security, NIS2 and data protection.
Reviewed: 22 May 2026 · More about Hakan