Rolling Out Claude Safely: Plugins, Skills and Governance for Enterprises
From the admin panel to data privacy and cost controls – how to manage AI agents across your team without giving up control.
Orcha Team
March 11, 2026
“PwC is partnering with Anthropic to bring enterprise-grade agents into the office of the CFO – making finance teams an even more strategic and valuable function.”
– Sanjay Subramanian, PwC Anthropic Alliance Leader (February 2026)
One of the first questions we hear from our customers once Claude is running productively in their team: “Who actually controls what the AI does?” Shortly after, IT asks: “How do we make sure no confidential data leaks out?”
These are exactly the right questions. For finance teams, governance isn’t a feature you bolt on later – it’s the prerequisite for AI to enter production at all. The good news: Claude Enterprise was built for these requirements from the ground up.
Which Subscription Do You Need?
Claude comes in several tiers – but for governance features, you need at least the Team or Enterprise plan:
Pro
For individual users. More capacity and access to all models – but no team management, no admin panel.
$20/month
Team
Admin panel, user management, centralized billing and higher usage limits. The starting point for teams using Claude together.
$30/user/month
Enterprise
Everything in Team, plus: SSO/SAML, SCIM provisioning, Compliance API, Zero Data Retention, Domain Capture and advanced admin controls.
Custom pricing
In short
Most governance features in this article – Compliance API, Zero Data Retention, SSO – require the Enterprise plan. The admin panel with user management and dashboards is available from the Team plan onwards.
The Admin Panel: Your Control Center
Since February 2026, the “Customize” system in Claude Cowork provides a dedicated admin layer with four core functions:
Plugin Catalog
All available AI extensions in one place – with search, tags and descriptions.
Team-Based Assignment
Assign plugins to specific teams or roles: “All controllers get the budget analysis plugin, the FP&A team gets the forecasting plugin.”
Automatic Onboarding
New employees automatically receive the plugins for their role. When they leave, access is revoked – without manual effort.
Usage Dashboards
Real-time overview: Who uses what, how often and at what cost? Broken down by team.
Data Privacy: Four Layers of Protection
Data privacy determines whether your compliance team will approve AI usage at all. Claude Enterprise offers four layers:
Encryption Under Your Control
Your organization manages the encryption key itself – Anthropic has no access to your data. In technical terms: “Bring Your Own Key” (BYOK).
Announced for H1 2026
Independent Certifications
Anthropic holds SOC 2 Type II, ISO 27001 and ISO 42001 certifications – the key security standards for cloud services and AI systems.
GDPR Compliance
Anthropic offers a Data Processing Agreement (DPA) for Enterprise customers. Combined with Zero Data Retention and your own encryption, Claude can be operated in full GDPR compliance.
Cost Management: Full Transparency at Fixed Costs
Claude Enterprise works with a fixed price per user. Usage is still tracked in detail – so you can see exactly which teams and plugins deliver the most value.
Usage Transparency
Detailed reporting per user and team – so you can identify early where Claude delivers real value and where more training is needed.
Team Budgets
Allocate costs per team – perfect for internal cost allocation and transparency towards the CFO.
Spending Limits
Set maximum spending per user or team. When reached, access is paused or an approval is requested.
Real-Time Dashboards
See in real time which plugins are driving costs – course-correct early instead of being surprised at month-end.
Shadow AI: The Post-it Problem
You know the story of the password on a Post-it stuck to the monitor? When password policies get too complicated – 16 characters, special symbols, monthly rotation – employees just stick the password to their screen. The security problem doesn’t come from bad technology, but from rules that miss everyday reality.
With AI, we see exactly the same thing. If your official Claude setup is too restrictive or too cumbersome, employees will use their own tools – uncontrolled, without logging, without data protection. That’s Shadow AI, and it’s the biggest governance risk of all.
The best countermeasure: Make the official path the easiest path. Well-configured plugins that deliver real value drastically reduce the incentive for workarounds.
Real-World Examples
These governance features are already being used productively in regulated industries:
- Allianz (January 2026): Claude for all employees, AI agents for claims processing and document intake – with full logging of all AI interactions
- PwC (February 2026): The “AI Native Finance” initiative brings Claude into regulated environments where auditability is mandatory
- Intapp (February 2026): Claude at audit firms and investment banking firms – with Ethical Walls and Conflicts Management as an integrated governance layer
- Thomson Reuters (March 2026): Integration partner for AI-powered research tasks in regulated areas
- Infosys (February 2026): AI agents for telecommunications and financial services – including compliance reporting
Rollout in 5 Steps
Classify Your Data
What can Claude see (public, internal)? What can’t it see (confidential, personal data)? This classification determines which connections you enable.
Enable Data Protection
Turn on Zero Data Retention, configure your own encryption (once available). Document both for audit records.
Assign Roles and Plugins
Define which teams can use which plugins. Enable automatic onboarding, document the role matrix.
Set Up Monitoring
Connect the Compliance API to your existing monitoring system. Configure automatic alerts for suspicious activity.
Start a Pilot Phase
Set budget limits per team, start with a pilot group, measure ROI. Scale gradually. Monthly reviews for costs, usage and compliance.
Governance Checklist for Go-Live
- ● Data classification completed and documented
- ● Zero Data Retention enabled
- ● Own data encryption configured
- ● Role and permissions matrix created
- ● Internal plugin store set up, only approved plugins active
- ● Compliance monitoring connected to existing system
- ● Automatic alerts for policy violations configured
- ● Spending limits per team defined and activated
- ● Rollback process tested and documented
- ● Monthly review cycle scheduled
The following section is intended for IT teams and admins who are technically setting up and securing Claude Enterprise. Feel free to forward this part to your IT department.
Compliance API: Audit-Ready Logging
The Compliance API provides programmatic access to everything auditors want to see: chat histories, file contents, tool calls – filterable by user and time range. Audit logs are retained for 30 days and can be exported as JSON/CSV or pushed directly to SIEM systems like Splunk, Datadog or Elastic.
Core features:
- Complete activity logs of all AI interactions
- Automated flagging of potential policy violations
- Selective deletion for targeted data retention
- Direct SIEM integration for existing compliance dashboards
Managing MCP Servers Securely
The Model Context Protocol (MCP) is the interface through which Claude accesses external data sources. There are currently over 12 official connections (Google Calendar, Drive, Gmail, DocuSign, FactSet, Salesforce and more). The key security levers:
- Central Configuration: Via a managed-mcp.json, admins deploy a fixed set of connections that users cannot modify
- Allowlist/Denylist: Precisely define which MCP servers are permitted
- OAuth 2.1 with PKCE: Standard authentication for all MCP connections (no static API keys)
- Least Privilege: Each server only receives the permissions needed for its function
- Versioning: Make changes traceable, roll back when issues arise
- MCP Gateway: For larger deployments, a central control point for authentication, rate limiting and audit logging
OWASP MCP Top 10: New Attack Vectors
OWASP has published a Top 10 list for MCP-specific security risks: Tool Poisoning, Prompt Injection via tool responses, oversized permissions and supply chain attacks. Check your MCP configuration against this list – especially for third-party connections.
Skill and Plugin Versioning
Skills and plugins evolve over time. Without versioning, you lose track of which version is running in production. Recommended: Semantic Versioning (MAJOR.MINOR.PATCH) with Git tags and staged rollouts (test group first, then everyone).
Regulatory Context
The EU AI Act becomes enforceable for high-risk AI from August 2026. BaFin published guidance on ICT risks related to AI in late 2025. FINRA dedicates a GenAI section for the first time in its 2026 Oversight Report. Document your configuration carefully – it will be relevant at the next audit.
Conclusion
AI governance is not a one-time project but an ongoing process. Claude Enterprise provides the tools – from the Compliance API to plugin management to real-time cost transparency. Start with the 5-step plan, work through the checklist and establish a monthly review cycle. This way you build a framework that grows with your requirements.
Sources
Anthropic
- • Cowork and Plugins Across the Enterprise (February 2026)
- • Claude Code: Admin Controls for Business Plans
- • Manage Cowork Plugins for Your Organization
- • Deploying Enterprise-Grade MCP Servers
- • Anthropic Certifications (SOC 2, ISO 27001, ISO 42001)
Real-World Examples
- • Allianz + Anthropic: Global Partnership (January 2026)
- • PwC + Anthropic: AI Native Finance (February 2026)
- • Intapp + Anthropic: AI Agents for Regulated Firms (February 2026)
- • Infosys + Anthropic: Enterprise AI Solutions (February 2026)
Regulation
This article is part of our community series on Claude for finance teams. More articles: Managing Claude for Teams | Build Custom Plugins | Finance Plugins | AI & Data Privacy
Stay Up to Date
New guides, plugin templates and best practices straight to your inbox.