Theta Lake dropped a bombshell on the compliance world this week. The California-based collaboration security vendor declared that organizations must start treating “aiComms”—human-to-AI and agent-to-agent interactions—as a distinct communications risk category. And they’re not just warning about it; they’re shipping the first dedicated monitoring tools for these AI-driven conversations inside Microsoft 365.

It’s a move that validates what security architects have been whispering for months: Copilots, autonomous agents, and AI assistants aren’t just new productivity toys. They’re a sprawling, largely ungoverned communication channel that could leak sensitive data, violate compliance mandates, or enable insider threats in ways traditional DLP and eDiscovery tools never anticipated.

What Exactly Counts as aiComms?

Theta Lake defines aiComms as any workplace conversation that involves an AI participant. That splits neatly into two buckets:

  • Human-to-AI exchanges: Every prompt you type into Microsoft 365 Copilot, every question you ask a custom Copilot Studio agent, every meeting summary request. If you’ve ever pasted a confidential strategy document into a chat window and asked Copilot to rewrite it for an executive audience, that’s an aiComm. And until now, it probably wasn’t being captured for retention, supervision, or eDiscovery.
  • Agent-to-agent interactions: This is the newer, scarier frontier. In Microsoft 365, autonomous agents built with Copilot Studio or Power Automate can now talk to each other—requesting data, triggering workflows, escalating tickets—without a human in the loop. Those conversations happen at machine speed, often in JSON blobs or proprietary protocols that traditional archiving tools can’t read.

Both vectors matter because they carry the same regulated content as email or Teams messages: PII, PHI, financial projections, trade secrets. But they’ve been flying under the governance radar.

Why Microsoft 365 Makes This Urgent

Microsoft is pushing AI agents harder than any enterprise vendor. At Build 2025, the company announced that 300,000 organizations had already deployed custom agents built with Copilot Studio—a number that’s tripled in six months. Copilot is now embedded in Word, Excel, PowerPoint, Outlook, and Teams. The Copilot chat panel in Teams has become a parallel conversation stream that sits outside the standard compliance boundaries of Teams channels and private chats.

Three Microsoft 365 capabilities accelerate the aiComms risk:

  1. Copilot in Microsoft Teams: Users can @mention Copilot in any chat or channel, asking it to summarize a thread, generate action items, or answer questions about files shared in the conversation. Those Copilot responses pull from the entire Microsoft Graph—emails, documents, meeting recordings—and the generated text may expose sensitive patterns even if the underlying files are permissioned.
  2. Copilot Studio autonomous agents: An agent configured to handle HR inquiries can answer salary-band questions or benefits eligibility based on real employee data. If that agent then chats with another agent to verify employment history, you’ve got a chain of AI conversations that could contain regulated PII, all happening in a black box.
  3. AI-generated meeting recaps and action items: After every Teams meeting, Copilot can produce a recap with names, quotes, and assigned tasks. That recap is often shared in a Teams chat or via email, but the original AI reasoning—the intermediate steps—remains invisible to compliance managers.

Traditional compliance tools designed for human-to-human text chats can’t parse these interactions. They don’t understand the context of a prompt-response pair, can’t distinguish between a user’s genuine PII ask and a Copilot hallucination, and completely miss agent-to-agent JSON payloads.

The Regulatory Pressure Cooker

Regulators haven’t waited for vendors to sort this out. The SEC, FINRA, and the UK’s FCA have all signaled that AI-generated communications fall under the same recordkeeping rules as email. In December 2025, the SEC fined two broker-dealers $45 million for failing to retain WhatsApp and WeChat messages—and explicitly noted in the settlement that AI-generated messages on those platforms must be captured. FINRA’s 2026 Regulatory Oversight Report dedicates an entire section to “AI-Assisted Communications” and warns firms that “supervisory procedures must account for both human-to-AI and AI-to-AI interactions.”

Meanwhile, the EU AI Act’s high-risk provisions are starting to bite. Any AI system used in employment, education, or critical infrastructure—which describes most enterprise agents—must undergo conformity assessments that include “appropriate recordkeeping and traceability.” If you can’t show an auditor the full history of a Copilot conversation that influenced a hiring decision, you’re in violation.

Theta Lake’s Playbook: Visibility, Context, and Supervision

Theta Lake’s announcement this week isn’t just a white paper. It’s a product roadmap and a set of integrations they’re calling the aiComms Governance Suite for Microsoft 365. The company already has a reputation for adding compliance layers to Zoom, RingCentral, and Webex; now they’re bringing that same approach to the AI layer.

The suite attacks the problem on three fronts:

  • Real-time capture: A connector that hooks into the Microsoft Graph and the Copilot API surface to ingest every human-to-AI prompt and response, every agent-to-agent message, and every AI-generated meeting recap. It doesn’t just log the text—it captures the metadata: who asked, which agent responded, which data sources were accessed, and whether the output was shared externally.
  • Contextual risk scoring: A supervised learning model that classifies aiComms against the same policies enterprises use for email and chat—data leakage, harassment, fair lending, insider trading. The models understand the difference between a legitimate HR question (“What’s my PTO balance?”) and a potentially problematic one (“What’s the salary range for my colleague Jane in the Chicago office?”). They also flag when an agent returns an answer that contradicts corporate policy.
  • Unified supervision and eDiscovery: All aiComms feed into a single dashboard alongside traditional Teams chats, emails, and voice recordings. Supervisors can sample flagged interactions, add annotations, and initiate retention holds. And when legal comes calling, the eDiscovery tool can reconstruct entire AI conversation threads—including the original prompts, the intermediate reasoning steps, and the final outputs—in a format that outside counsel can review.

What This Looks Like in Practice

Imagine a scenario playing out in a financial services firm. An analyst in the M&A group opens Copilot in Teams and asks: “Summarize the key terms from the latest merger agreement with Acme Corp and suggest talking points for the client.” Copilot pulls from a confidential PowerPoint deck stored in the analyst’s OneDrive. The response includes specific valuation numbers and the client’s code name.

Under old governance, that prompt and response would either vanish when the chat window closes or get lumped into an unsearchable Teams compliance export. With aiComms monitoring, the entire exchange is captured, flagged as potential material non-public information, and routed to a compliance supervisor. The supervisor sees that the output hasn’t been shared outside the firm—yet—and can either release it or quarantine it.

Or take the agent-to-agent case. A customer support agent built in Copilot Studio receives a complaint about a product defect. It automatically triggers a quality-reporting agent that pulls production data from a separate system. That agent then messages an incident-management bot that creates a Jira ticket. If the original complaint contains a customer’s health information (say, a medical device complaint), that data could propagate through three agents and out to a third-party system, all without a human ever seeing it. Theta Lake’s connectors would capture each hop, allowing the organization to demonstrate that the data wasn’t misused and to enforce data residency rules.

The Broader Industry Picture

Theta Lake isn’t alone in sniffing out this market. Microsoft itself has been building compliance controls directly into Purview. In March 2026, the company released the Copilot for Microsoft 365 interaction report (public preview), which shows admins a log of user prompts and Copilot-generated responses. But that report is limited: it’s a PowerShell-exportable CSV, not a real-time monitoring tool, and it doesn’t cover agent-to-agent traffic.

Proofpoint, Mimecast, and Netskope have all added AI-related detection rules to their cloud access security brokers, but they focus mostly on blocking users from pasting sensitive data into public AI tools like ChatGPT. They aren’t tackling the internal Copilot-to-agent pipe.

The gap is wide enough that Gartner recently predicted that by 2027, 60% of large enterprises will deploy dedicated AI communications supervision tools, up from less than 5% today. Forrester, in a May 2026 report, went further: “Without native governance for agentic workflows, enterprises risk a compliance debt that rivals the early days of mobile messaging.”

What IT Leaders Should Do Now

Theta Lake’s solution is available as a managed service integrated with Microsoft 365 E5 or as an add-on for existing Theta Lake enterprise deployments. But even if your organization isn’t ready to buy a dedicated aiComms tool, there are steps you can take immediately using native Microsoft 365 controls:

  • Enable Purview Audit logging for Copilot: In the Microsoft Purview compliance portal, turn on auditing for Copilot activities. This captures prompt and response events with a retention period you configure.
  • Leverage communication compliance policies: Purview’s communication compliance now includes templates for “AI interactions” (in preview). You can set policies that detect keywords, sensitive info types, and conflicts of interest in Copilot prompts.
  • Lock down agent permissions: In Copilot Studio, apply least-privilege access to each agent. Don’t let an agent that handles simple FAQs also have access to the full Microsoft Graph.
  • Tag AI-generated content: Train employees to mark documents that are heavily AI-generated. Microsoft’s sensitivity labels can apply to Copilot outputs automatically if you configure auto-labeling rules.
  • Update your retention schedules: Work with legal to determine how long aiComms should be kept. The default retention in Teams might be shorter than what regulators require.

These native tools won’t give you the contextual supervision or unified dashboard that a vendor like Theta Lake offers, but they’ll lift the visibility from zero to something. And in an audit, showing that you’ve started the journey is far better than pretending AI communications don’t exist.

The Bottom Line

Theta Lake’s aiComms push is a harbinger. As Microsoft 365 adds more autonomous agents and deeper Copilot integration, the old boundaries of “electronic communication” blur. Governance can’t afford to play catch-up this time—not when a single errant prompt or unchecked agent-to-agent handoff could trigger a multimillion-dollar fine or a data breach.

Organizations that view aiComms as a separate risk category, and that invest in purpose-built monitoring, will build the trust that lets them deploy AI agents aggressively. Those that don’t are rolling the dice.