AI Strategy, Cybersecurity, Compliance Automation & Microsoft 365 Managed IT for Security-First Financial Institutions | ABT Blog

Is Your Copilot Memory Examiner-Ready? Three Governance Gaps Banks and Credit Unions Must Document

Written by Justin Kirsch | Tue, Jun 30, 2026

Your loan officers are saving time. Copilot drafts correspondence faster, surfaces the right policy section without a ten-minute document hunt, and keeps meeting notes that would otherwise get lost. That productivity gain is real, and it is why your institution deployed Copilot in the first place.

Now your examiner asks a question you did not expect: "Where are your Copilot interaction logs, and how long do you keep them?"

If you pause before answering, you are not alone. Most financial institutions that deployed Microsoft 365 Copilot Business focused on the user-facing setup, verified that data stays inside the tenant, and moved on. The deeper question, which Microsoft Purview controls govern what Copilot stores about your staff and how long it keeps it, did not get the same attention.

This article covers the three specific governance gaps that NCUA, OCC, and FFIEC-supervised institutions need to document before that conversation happens. None of them require a compliance attorney to fix. All of them require configuration work that most institutions have not done.

3
Specific Microsoft 365 Copilot governance gaps that standard Purview configuration does not close automatically in your tenant
Source: Microsoft Purview documentation, Copilot personalization memory guidance

Why Copilot Memory Is a Governance Question, Not Just a Product Feature

Microsoft 365 Copilot includes a feature called Copilot Memory. When Enhanced Personalization is on in your tenant, Copilot stores discrete facts about each user: their preferred response format, their role context, things they have explicitly told Copilot to remember, and things Copilot inferred from conversations. Those facts persist across sessions.

This is genuinely useful. A loan officer who does not have to re-explain their document naming convention every morning gets more out of Copilot than one who starts from scratch each session. The productivity case is straightforward.

The governance question is where it gets complicated. Saved memories are stored in each user's Exchange mailbox, inside a hidden mailbox folder used for Copilot personalization. That means they follow Exchange mailbox compliance controls, including Customer Lockbox and encryption at rest. But it also means they behave differently from Copilot conversation data in ways that most compliance officers do not realize until they go looking.

Here are the three gaps your institution needs to document.

The three Microsoft 365 Copilot governance gaps NCUA, OCC, and FFIEC-supervised institutions must document before an examiner asks.

Gap 1: Standard Purview Retention Policies Do Not Cover Copilot Memory

If your institution has applied a retention policy to the "Microsoft Copilot experiences" location in Microsoft Purview, you may assume your Copilot governance is complete. That assumption is wrong in one specific and important way.

The "Microsoft Copilot experiences" retention location covers user prompts and Copilot responses, meaning the back-and-forth conversation text. Purview stores those messages in a hidden Exchange folder used for compliance purposes, separate from the CopilotMemory folder. Your retention policy governs that conversation data correctly.

It does not govern saved memories.

Because saved memories are stored as Exchange mailbox contact items rather than as conversation messages, the Copilot retention location does not reach them. According to Microsoft's documentation on Copilot personalization memory, retention policies configured in Microsoft Purview do not apply to Copilot memory by default.

To govern memory retention, your institution would need to apply Exchange mailbox retention policies specifically targeting the hidden Copilot retention location. That is not a standard configuration. It is also not something most institutions have set up, because the gap was not visible from the Purview retention policy interface.

Gap 1 Action: What to Document

  • Whether your institution has a retention policy that covers the CopilotMemory Exchange folder
  • What the retention period is and who is responsible for reviewing it against your records-management policy
  • If no policy exists for this folder, that absence is the gap to close before your next FFIEC IT examination

"We have a retention policy for Copilot" is not the same as "we have a retention policy for Copilot memory." An FFIEC IT examiner reviewing your AI governance posture will look at records retention as a baseline. Know which one you have.

Gap 2: Copilot Memory Writes Are Not in the Purview Audit Log

The Purview audit log for Copilot interactions captures a useful set of events. When a user talks to Copilot, which files were accessed during the conversation, what plugins or agents were involved, and when the interaction occurred are all logged as CopilotInteraction record types. Your compliance team can pull those records for an eDiscovery request or an examiner inquiry.

What the audit log does not capture: the act of Copilot creating, updating, or deleting a saved memory.

When Copilot infers a fact about a user and writes it to the CopilotMemory folder, that write action does not appear in the Purview audit log as a distinct auditable event. Microsoft's audit documentation lists the specific admin activities and user interaction events that are captured. Memory writes and deletes are not among them.

This matters for regulated institutions because FFIEC examiners and OCC supervisors looking at AI governance posture may increasingly expect AI systems that interact with member or customer data to generate complete audit trails for those interactions. If Copilot is building a behavioral profile of your staff members by storing inferred facts in their mailboxes, and those write operations are not audited, you have an AI activity gap in your compliance records.

This is not a hypothetical risk. A DLP bypass vulnerability that affected some Copilot configurations before Microsoft patched it in early 2026 showed that default Copilot behavior and compliant Copilot behavior are not the same thing. Default configurations give you a working product. Governed configurations give you an audit-ready one.

Gap 2 Action: What to Document

  • Whether your institution has reviewed what Copilot memory activity is and is not captured in your audit logs
  • If memory writes are not being audited, how you are governing the memory feature: through the Enhanced Personalization admin controls, through a policy requiring users to review and clear their memories periodically, or both
  • A written statement of your position so the documentation exists before an examiner asks

An NCUA examiner asking about AI audit trails may not yet know to ask specifically about Copilot memory writes. But as AI governance frameworks mature, that question will come. Document your position now while you can do it on your timeline rather than theirs.

Gap 3: Custom Instructions Are Not Discoverable by Admins

This is the one most institutions find genuinely surprising.

Copilot Chat includes a feature called Custom Instructions. Users can type in explicit behavioral preferences: preferred response length, how Copilot should address them, role context, and specific instructions for how Copilot should handle certain topics. Those instructions persist and apply to every subsequent Copilot Chat session.

Unlike saved memories, which live in the Exchange mailbox and are searchable by Purview eDiscovery tools, custom instructions are stored in a way that admins cannot access. There is no Microsoft 365 admin center path, no Purview eDiscovery query, and no Graph API endpoint that lets an administrator retrieve a user's custom instructions.

If a compliance officer at your institution wants to know what instructions an employee has given to Copilot, because those instructions may affect how Copilot handles customer-facing communications, regulatory filings, or loan documentation, there is no admin-facing way to find out. The user can export their own custom instructions manually, but that export depends on the user's cooperation.

This is not a malicious design. Custom instructions are a personalization feature, not a communication channel. But in a regulated environment where institutions need to demonstrate that AI tools are being used appropriately, the absence of any admin visibility into custom instructions is a governance gap worth acknowledging in writing.

Gap 3 Action: What to Document

  • That custom instructions exist as a user-level feature and that they are not admin-discoverable
  • That your institution has a written policy for how custom instructions should and should not be used
  • If your acceptable-use policy for AI tools does not mention Copilot custom instructions specifically, add it before your next examination

No FFIEC examination procedure today asks specifically about Copilot custom instructions. But the underlying principle, that institutions should be able to account for how AI tools are being used within the institution's regulatory environment, is well-established. A written policy that acknowledges this limitation and describes how your institution addresses it is a defensible position. Silence is not.

Microsoft Purview coverage map: what the standard Copilot experiences retention location covers and what requires additional configuration for NCUA, OCC, and FFIEC-supervised institutions.

What Purview Does Cover (So You Know Where You Stand)

Before this article creates more anxiety than it resolves, here is what Microsoft Purview does cover correctly when configured.

The "Microsoft Copilot experiences" retention location in Purview applies to user prompts and Copilot responses across Microsoft 365 Copilot, Security Copilot, Copilot in Fabric, and Copilot Studio. Those conversation messages are stored in a hidden Exchange folder for compliance purposes. Purview eDiscovery tools can search them. Retention policies apply. When the retention period expires, messages move through SubstrateHolds before permanent deletion.

What Your Purview Configuration Already Covers

Copilot Business, the product most ABT clients deploy, includes audit logs, retention policies, and eDiscovery for Copilot interactions as part of the license. The "Microsoft Copilot experiences" retention location captures conversation data: user prompts, Copilot responses, files accessed during conversations, plugins involved, and interaction timestamps. These capabilities work as described when configured correctly.

The gaps are specific. Conversation data: covered. Saved memories: not covered by default. Custom instructions: not admin-discoverable. Knowing which is which lets you document your actual posture instead of assuming your Purview setup covers everything it does not.

Copilot conversation data -- Covered by "Microsoft Copilot experiences" retention location in Purview
Audit logs for interactions -- CopilotInteraction record types capture which files were accessed, plugins used, and interaction timestamps
eDiscovery for conversation history -- Purview Content Search can retrieve Copilot conversation messages stored in hidden Exchange folders
Copilot Memory (saved facts) -- Stored in a hidden mailbox folder separate from conversation data; requires a separate Exchange mailbox retention policy targeting the Copilot retention location
Memory write audit trail -- Memory creates, updates, and deletes are not captured as distinct CopilotInteraction events; requires a written governance policy
Custom Instructions -- Not admin-discoverable; requires an acceptable-use policy that specifically addresses this feature

The Configuration ABT Runs Before Your Staff Uses Copilot

ABT manages Microsoft 365 tenants for credit unions, community banks, and mortgage companies. Before your institution deploys Copilot to staff, we run a configuration checklist that covers the items most institutions miss. If you have not yet reviewed the tenant-level settings that shape what users can personalize, our guide to Microsoft 365 Copilot Chat personalization settings for financial institutions covers those controls first.

That includes setting up Purview audit logging for Copilot interactions, which covers conversation data. It includes reviewing the Enhanced Personalization admin controls and helping you decide whether to leave them on with user education or turn them off for specific groups. It includes configuring retention policies for Copilot conversation data at the right scope, and documenting the custom instructions gap in your AI acceptable-use policy so you have a written position when the question comes up.

None of this happens automatically when you buy a Copilot Business license. It requires configuration decisions, and those decisions need to be made by someone who understands both the Microsoft platform and the regulatory expectations your institution operates under.

ABT manages your Microsoft 365 tenant and governs the AI tools running inside it. We are a Tier-1 Microsoft Cloud Solution Provider with direct delegated admin access to your tenant, not a reseller who hands you a license and moves on. We have run this configuration for institutions regulated by NCUA, OCC, FDIC, and FFIEC. The playbook exists. We can run it for you before your next examination.

Get Your Microsoft 365 Security Grade

Understand where your tenant stands on Copilot governance, Purview configuration, and your full Microsoft 365 compliance posture before an examiner asks. ABT's Security Grade Assessment covers the Copilot-specific controls this article describes, alongside your complete Microsoft 365 security baseline.

Frequently Asked Questions

No. Turning off the Enhanced Personalization admin control prevents Copilot from storing new memories and disables the user-facing memory feature going forward. It does not delete memories that were already saved in each user's CopilotMemory Exchange folder. To clear existing memories, users must delete them individually, or your institution would need to apply a retention policy that deletes items from that folder on a defined schedule.

Yes. Because saved memories are stored as Exchange mailbox items, Purview eDiscovery and Content Search tools can surface them. This is different from custom instructions, which are not admin-discoverable. If your institution receives a legal hold or an examiner request that would cover employee data stored by AI tools, memories would be within scope. Your legal counsel should be aware of this when scoping holds.

The U.S. Treasury Financial Services AI Risk Management Framework, released February 19, 2026, contains 230 control objectives and is currently non-binding. It will inform examinations within the next 12 to 24 months. The governance documentation this article describes, written policies on memory and custom instructions, configured retention and audit logging, and a clear statement of what your Purview controls cover and do not cover, is exactly the kind of posture the Treasury framework is pointing toward. You do not need to wait for formal examination procedures to start building it.

We start with a review of the current tenant configuration to identify what is in place and what is missing. For clients who deployed Copilot without a pre-deployment governance review, the audit logging, retention, and documentation gaps are addressable. The enhanced personalization controls and memory feature settings are administrator-configurable at any time. The custom instructions gap requires a policy response rather than a technical one. We walk through both dimensions with your compliance and IT teams and document the resulting posture.

Justin Kirsch

CEO, Access Business Technologies

Justin Kirsch has managed Microsoft 365 compliance and security configuration for financial institutions since 1999. As CEO of Access Business Technologies, the largest Tier-1 Microsoft Cloud Solution Provider dedicated to financial services, he helps more than 750 banks, credit unions, and mortgage companies govern AI tools inside their Microsoft 365 tenants so they are ready for the next examination, not scrambling after it.