Anthropic shipped something quietly useful in May 2026. Claude for Small Business arrived with 15 pre-packaged agentic workflows connecting tools most small advice firms already pay for: QuickBooks, HubSpot, DocuSign, Google Workspace, Microsoft 365, Canva, PayPal[1]. No custom build. No API configuration. You connect your accounts, and the workflows run.
For a one-to-ten adviser firm, that matters more than it sounds. Most AI product launches aimed at financial services are either priced for enterprise or require a technical resource that small IFA and wealth management businesses simply do not have in-house. This one is different in structure, if not necessarily in risk profile. Understanding what it can and cannot do, within a regulated firm, is worth a few minutes of your time.
What the workflows actually cover
The 15 workflows sit at what I’d call Level 1 and Level 2 in terms of complexity. Level 1 (education) tasks are things you already could do with a prompt and patience, now packaged so you do not need to build the prompt yourself. Level 2 (integration) tasks involve Claude acting between two systems you already use, passing information or drafting outputs that would otherwise require manual handling.
Practical examples for a wealth management firm:
- CRM follow-up drafting. Claude connected to HubSpot can draft personalised follow-up messages after a client meeting note is logged, pulling context from the CRM record.
- Document preparation. Connected to Google Workspace or Microsoft 365, Claude can draft template letters, meeting summaries, or review packs against a brief you supply.
- Contract and form routing. Connected to DocuSign, Claude can pre-populate standard documents and route them for signature without manual data re-entry.
- Bookkeeping context. Connected to QuickBooks, Claude can answer questions about P&L, produce summaries, or flag anomalies for human review.
None of these replaces a regulated decision. All of them reduce the administrative friction around regulated decisions. That distinction matters a great deal under UK rules.
Where the FCA guardrails sit
The FCA, Bank of England, and HM Treasury issued a joint statement in 2026 confirming that frontier AI models now exceed baseline cyber resilience capabilities, moving AI governance from internal best practice to a hard regulatory obligation for UK financial services firms[2]. That context shapes everything that follows.
Running any AI assistant in a regulated advice firm now carries a material operational risk liability. The attack surface extends beyond naive misuse. It includes prompt injection, chatbot personality exploitation, and behavioural guardrail manipulation. These are not theoretical risks for large banks. They are live risks for any firm using a connected AI workflow, including Claude for Small Business.
AI tools in a regulated firm are not a productivity experiment. They are operational infrastructure, and the FCA is now treating them as such.
So what does that mean practically?
Claude can support these processes. It cannot own them. Any output that touches a regulated decision, a suitability judgement, a client communication about investments, or an AML-relevant check must be reviewed and signed off by a person with the appropriate permissions. The workflow drafts. The adviser approves. This is not a limitation to work around. It is the correct model.
Consumer Duty changes the bar for client communications. Under Consumer Duty, communications must demonstrably support good client outcomes[3]. An AI-drafted communication that has not been reviewed by someone who knows the client does not meet that bar by default. A workflow that drafts and a human who reviews and personalises before sending is a reasonable model. A workflow that drafts and sends is not.
Your data handling needs to be clean before you connect tools. Connecting HubSpot, DocuSign, and Claude means client data flows between those systems. You need to be confident that the data you are holding is within your consent and retention framework before you wire these things together. If your CRM holds data you have not audited recently, fix that first.
What to do if you want to use this
First, map what you actually need. Run down the 15 workflows and identify the three or four that address a genuine friction point in your current process. Connections to Google Workspace for document drafting, or HubSpot for follow-up, are likely to be the most immediately useful for a small advice firm. Start with one.
Second, define the human review step before you connect anything. For each workflow you plan to use, write down explicitly what the human review step looks like, who does it, and what they are looking for. If you cannot describe that step, the workflow is not ready to run. This is not a bureaucratic formality. It is the difference between a tool that reduces risk and one that creates it.
Third, check the commercial agreement. AI partnership contracts have become a material legal exposure[4]. Before your firm connects client data to any AI system, your terms of service review should cover: where data is processed and stored, what Anthropic can do with inputs, and how disputes about outputs would be handled. If your standard IT procurement process has not been updated to cover AI vendors, this is the moment to update it.
Fourth, document your use. The FCA’s direction of travel is clear. Firms that can demonstrate they thought carefully about AI use, defined oversight steps, and applied them consistently are in a far better position than those who cannot. A short internal note covering what you use, why, and how you review outputs is worth writing now, before you are asked for it.
A note on vendor risk
One structural concern with any application-layer AI product is vendor continuity. The AI industry is under significant margin pressure, and product lines aimed at small business can be discontinued, repriced, or pivoted upmarket with limited notice[5]. If a workflow becomes embedded in your operations and the vendor changes direction, that is a business continuity problem.
This does not mean you should not use the tools. It means you should use them for tasks where you could return to the manual process or switch to an alternative without a crisis. Build your operations to be resilient to tool changes, not dependent on any single product.
The honest bottom line
Claude for Small Business is a genuine step forward in accessibility. Pre-built workflows connected to tools a small advice firm already uses means the Level 2 integration work that previously required a consultant or a technical hire is now available to a business owner who is prepared to spend an afternoon on setup.
The regulatory constraints do not change. Output review, data governance, and documented oversight are not optional extras for a firm regulated by the FCA. But within those constraints, the tools are legitimately useful for reducing administrative load on the functions that do not require regulated judgement.
If you are unsure which workflows are appropriate for your firm’s specific processes and compliance position, a discovery call with Cordrey Consulting is a good place to start.
This article is for informational purposes only and does not constitute regulated financial advice or a compliance opinion. Consult a qualified compliance professional for advice specific to your firm.
This article does not constitute legal advice. Data protection obligations vary by circumstance and jurisdiction. Consult a qualified solicitor or data protection adviser for advice specific to your firm.
Sources
- [1] Anthropic, “Claude for Small Business” product announcement, May 2026. Source for the 15 pre-built workflows and named integrations (QuickBooks, HubSpot, DocuSign, Google Workspace, Microsoft 365, Canva, PayPal).
- [2] FCA, Bank of England, and HM Treasury, Joint Statement on Frontier AI and Systemic Cyber Risk, 2026. Source for the regulatory reclassification of frontier AI as a hard compliance obligation for UK financial services firms.
- [3] FCA, Consumer Duty (PS22/9), July 2022. Source for the requirements on client communications to support good outcomes, https://www.fca.org.uk/publications/policy-statements/ps22-9-new-consumer-duty
- [4] OpenAI, Apple commercial dispute, May 2026. Cited as a signal that AI partnership contracts now carry material IP and data-rights risk for regulated firms relying on third-party AI tools.
- [5] AI industry margin compression and vendor instability signals, May, June 2026. General reference to structural vendor risk at the application layer; no single primary source citable. Omitted specific attribution per citation rules.