Close menu
Toggle menu
Home / Copilot in Business Central – how to safely manage AI in an ERP system?

Copilot in Business Central – how to safely manage AI in an ERP system?

Damian Tomalka Damian Tomalka February 11, 2026

You're reading:

Copilot in Business Central – how to safely manage AI in an ERP system?

AI in ERP is already the standard but is it secure?

In 2026, artificial intelligence in ERP systems is no longer a novelty. It has become a market standard. Microsoft Dynamics 365 Business Central with Copilot now works as a digital assistant, helping users analyze data, post invoices, and monitor financial liquidity.

However, for management boards and IT departments, one key question remains:

How can you use AI in ERP without risking data security and regulatory compliance?

The answer is not to avoid AI, but to manage it consciously and responsibly.

Copilot in Business Central is part of the system, not an add-on

In the latest versions of Business Central, Copilot is an integral part of the ERP system. This means greater control options for administrators.

Instead of a simple “on/off” switch, administrators gain access to advanced AI management settings that allow them to control:

  • the availability of Copilot features for users
  • permissions aligned with user roles in the organization
  • data flow and processing location
  • the use of external knowledge sources such as Bing
As a result, AI acts as operational support rather than an uncontrolled source of risk.

Key levels of AI Control in Business Central

Data Flow Control

If the ERP environment operates in a different region than Azure OpenAI services, the system requires explicit approval to send queries. This is particularly important for organizations that prioritize:
  • data sovereignty
  • GDPR compliance
  • industry-specific regulations

AI Agent Selection

You decide which AI agent to enable. For example, the Payables Agent acts like a digital trainee. It monitors the mailbox, extracts invoices, and prepares draft entries in the system. The user remains in control, while AI serves as an assistant.

Permission System

Copilot respects existing roles and access rights within the ERP system.

If a user does not have access to payroll data:

➡️ Copilot will not display it
➡️ it will not use it in analysis
➡️ it will not infer it based on other available data

Examples of secure Copilot usage

Mini Case 1: manufacturing and margin protection

A manufacturing company was concerned about exposing margin data. The solution:
  • invoice automation was enabled only
  • access to financial data was restricted
  • AI operated exclusively within the procurement area
Result: automation without the risk of exposing trade secrets.

Mini Case 2: organization with high security requirements

The administrator blocked the submission of feedback to Microsoft. As a result:
  • AI queries do not leave the company’s environment
  • no diagnostic data is shared outside the organization
  • full control over information flow is maintained

Controlled internet access

Some Copilot features may use the Bing search engine. Administrators can:
  • completely disable internet access
  • restrict Copilot to internal data only
  • ensure full environment isolation

Key AI risks in ERP

Compliance and data residency

This becomes especially important in regulated industries. If you do not properly configure data transfer settings, Copilot may process sensitive information outside the protected region, which could lead to penalties during an audit.

Data quality and the quality of truth

AI is only as good as the data it works with. If there are errors or duplicates in the system, the assistant may generate incorrect financial forecasts. Based on these, you could make the wrong decision, such as blocking a customer or granting unnecessary credit.

Shadow AI and excessive permissions

Copilot connects information faster than a human. If ERP permissions are too broad, an employee may gain access to information they should not see, such as confidential supplier pricing, which may result in internal data leaks.

How to safely implement Copilot in Business Central?

Principle of Least Privilege

Conduct a role audit. Make sure that only individuals who are truly responsible for sensitive areas have access to AI in those parts of the system.

Source Data Hygiene

Clean your database before activating AI algorithms. AI amplifies what it receives. The better the data you provide, the more reliable the forecasts will be.

Human-in-the-Loop Policy

Artificial intelligence should prepare draft documents only. Every financial or sales operation must be ultimately approved by an employee.

Geofencing

If you operate in a regulated industry, block data transfers outside your region until full compliance with local regulations is confirmed.

FAQ – Copilot in Business Central

Does Copilot send my data outside the company?

No. Your business data remains within your Microsoft Azure tenant. Everything you enter, as well as the responses you receive, is confidential. Importantly, Microsoft does not use your data to train public AI models, so your company’s private information is not exposed to competitors. Since 2026, your queries have been processed physically within data centers located in Poland.

Does Copilot see everything in our ERP system?

Only what the user who asks the question is allowed to see. Copilot operates in line with the permissions of the user it is working for. If an employee does not have access to payroll data, Copilot will not display that information or use it in any analysis. The system verifies access rights each time data is requested.

Is Copilot compliant with legal regulations and GDPR?

Yes. Copilot in Business Central complies with strict data protection standards under GDPR as well as the latest European regulations on artificial intelligence, known as the EU AI Act. Data is encrypted, and administrators have full visibility into how and when the system is used. It is a secure and legally compliant tool.

Can AI features be completely disabled?

Artificial intelligence is a built-in element of the system. However, you decide whether and how to use it. You can disable individual features, for example blocking marketing content generation while keeping support for accounting tasks, or limit access to selected users within the company.

How much does Copilot cost and how is it billed?

Basic assistant functionality is included in your standard license. More advanced tasks are billed using so-called Copilot Credits, where you pay only for actual usage in a flexible pay-as-you-go model or through prepaid packages. This allows full cost control and alignment of expenses with the level of automation in your organization.

Who is responsible if AI makes a mistake?

Always a human. Copilot does not make final decisions or execute payments without your approval. Its role is to prepare drafts, such as invoice or offer proposals. An employee must review the assistant’s suggestion and either approve or reject it.

Does Copilot work in polish?

Yes. As of 2026, Copilot fully understands Polish. You can give it instructions as if you were speaking to a colleague, and it will prepare analyses or reports for you in the same language.

Do you want to implement Copilot on your own terms?

Secure AI configuration does not have to be complex if you have a well-defined plan. Contact us to conduct a permission audit in your system and help you deploy AI agents that will start generating measurable business value.

See the latest insights

 

Voice AI in business systems: how a voice agent integrates with CRM and ERP

Read More
 

5 key manufacturing capabilities in Dynamics 365 Business Central

Read More
 

Do I get licenses for Power Apps along with Office 365 (Microsoft 365)?

Read More