Artificial Intelligence is a hot topic everywhere, in every industry, right now. Incorporating AI can feel exciting, futuristic, and advanced, but also scary, unsafe, or even overwhelming. That doesn’t change the fact that AI is showing up everywhere, and ERP systems are no longer excluded from that conversation.
When organizations evaluate AI as part of their business strategy and the powerful capabilities it could enable, the conversation usually isn't about the technology itself. It's about control and security.
Questions like:
The good news is that organizations have more control than they realize.
When considering enabling AI functionality in your Acumatica instance, one of the most important steps is understanding where your data is traveling, and more importantly, where it doesn’t.
Let’s start with the most pressing question leaders ask.
The answer is no, Acumatica doesn’t use customer data to train its AI models. Your organization’s information remains isolated from other Acumatica customers.
Additionally, the AI Assistant only works with information that the current user is already authorized to access. If a user doesn’t have permission to view certain data, the AI Assistant doesn’t gain access to it on their behalf. Access to data through the AI Assistant must be intentionally enabled, and users must have the appropriate permissions. These permissions can vary by role and by individual user, determining both the assistant’s functionality and the data it can use.
When external AI providers are connected through AI Studio, the conversation changes slightly. In those scenarios, retention and training policies are governed by the agreement established with the selected provider. That makes provider selection and governance an important part of any AI strategy.
In most cases within Acumatica, no. Several AI-powered features operate entirely within your Acumatica-managed infrastructure, including:
Acumatica’s AP Document Recognition, OCR, and Receipt Recognition all use built in OCR technology, and processing is handled through Acumatica’s secure cloud via Azure AI Document Intelligence.
This is an important distinction because not all AI operates the same way. This leads us to the next question.
Data may only leave the Acumatica environment when an organization actively chooses to use Acumatica’s AI Studio with an external large language model (LLM).
AI Studio allows organizations to connect Acumatica by approved AI providers and build custom AI-powered workflows. Those integrations don’t happen automatically and must be intentionally configured and enabled.
Organizations decide:
The level of control remains in your hands.
Beginning with Acumatica 2026 R1, organizations will also be able to optionally mask selected sensitive fields before information is sent to an external LLM through AI Studio.
For example, customer names, account numbers, pricing, or other sensitive data can be replaced with masked values before transmission. The real values don’t leave Acumatica, and when the LLM returns the processed data to Acumatica, the system replaces the content with actual data.
This gives organizations another layer of protection when leveraging external AI services.
Another common misconception is that once AI is enabled, it’s simply “on.”
Acumatica treats AI capabilities as optional features. AI Assistant, AI Studio, and related AI functionality can be enabled or disabled through feature settings and licensing controls.
Organizations can decide which capabilities align with their business requirements and governance policies.
For some companies, that means embracing multiple AI features. For others, it means starting with a single use case or disabling AI functionality entirely until they’re ready.
One of the strengths of Acumatica's approach is that AI works within the security framework organizations already have in place.
Existing controls continue to apply, including:
They're about governance.
Organizations want to know where their data goes, who has access to it, and what controls exist to protect it. Those questions are often more important than the technology itself.
Acumatica's setup gives organizations flexibility without requiring them to give up control. AI features can be enabled selectively, external integrations are optional, and customer data is not used to train AI models.
That means organizations can explore AI at their own pace while maintaining the security and governance standards they already expect from Acumatica.
AI doesn't have to be an all-or-nothing decision. The first step could simply be understanding how to leverage AI features in Acumatica and if it makes sense to enable them safely.
Knowing when data stays inside Acumatica, when it may leave, and what controls exist can help teams make informed decisions about adoption.
And as AI becomes a larger part of everyday business applications, that understanding may be just as valuable as the technology itself.
More about AI in Acumatica:
© 2026 SVA Consulting