There are multiple media that are being communicated in the tool such as text, data, documents, speech and video. How can the development team make sure there are no fraudulent data tapping will not occur.
Microsoft has quite a bit of documentation on Teams Governance. Check out their security guide via https://docs.microsoft.com/en-us/microsoftteams/teams-security-guide. With Azure Active Directory (AAD) and enforcing Multi-Factory Authentication (MFA/2FA), this will help to greatly reduce the attack surface. You can eliminate external sharing (so can only share within the organization) if desired. There are tools to help monitor or you can write your own auditing tools via Graph API or perhaps even use Power Automate.
Here is a pretty solid configuration setup walkthrough:
Data leak out was more my concern, but that can be handled very well with DLP in O365.