Regulated operations

AI for the workyou cannot get wrong.

For 10 years we have deployed AI inside insurance, legal, biotech and health, where a wrong answer is a compliance event. We secure and audit every workflow, generate and manage your AI policies, and train your team to use AI safely.

  • 10 years in regulated industries
  • Patent authors
  • University of Toronto lecturers
  • $100k Lovable Shipped 2025 grand prize
10
Years deploying AI in regulated, high-stakes operations
~60
Cases a day processed by a claims system we run in production
£178k
Of recoverable leakage found in one legal-sector review
73
Hours a week of automatable work quantified in one broker review

Our deepestbench.

Most AI vendors have never shipped into a room with a compliance officer in it. We have, for a decade. These are the industries where we have put AI into production and stayed to run it.

Insurance

Claims intake, broker amendments, regulatory monitoring. Our deepest bench.

Legal

Client correspondence, document review, reconciliation, matter intake.

Biotech

Structured extraction and reporting where every figure must be sourced.

Health

Intake and documentation with data that never leaves your control.

Construction

Workforce and site orchestration, matched and confirmed by your team.

Commercial & real estate

Deal, lease, and portfolio workflows that run on email and PDFs.

Secure & audit

Predictable before it runs.Provable after.

A general AI agent improvises and hands you a transcript. You cannot put that in front of a regulated process. Every workflow we build is a mapped process you can predict before it runs and prove after it does.

/1

Human in the loop, always

Every workflow ends at a person on your team approving the output. During its trial period a named reviewer signs off on 100% of what it produces. Autonomy is earned with measured accuracy on your real samples, never assumed.

/2

Cited to your own rules

The system never invents a figure. Every number is cited row by row to your own versioned knowledge sheets: commission scales, rate tables, appetite, watchlists, policy wordings. Change a rule and the citation moves with it.

/3

A tamper-evident audit trail

Every action, by the AI or a human, lands on a hash-chained ledger you can verify and export. Not a chat transcript you have to trust. A record you can hand to a regulator.

The safety model

What AI may touch,and who is watching it.

Every job we deploy gets an address on this grid before it runs: a row that sets what it can reach, a column that says how deeply it is built. The rules come with the row. Your compliance team signs off on a one-page spec with a named reviewer, and nothing moves up a row without earning it.

The rows · access

Five levels of trust

A capability starts at the lowest tier that does the job. Each step up reaches deeper into your systems and carries heavier supervision by default.

  1. T0

    Public data

    Public data in, insight out. No internal access

    Supervision · Job spec + output log
  2. T1

    Reads internal

    Reads internal data, writes nothing

    Supervision · Probation review + access scoping
  3. T2

    Drafts for humans

    Drafts things humans review and send

    Supervision · 100% human approval until graduated
  4. T3

    Writes, quarantined

    Writes into systems behind a review queue

    Supervision · Confidence scoring + permanent quarantine + audit trail
  5. T4

    Operates systems

    Drives software the way staff do (agentic)

    Supervision · Pilot only. Longest probation. Never promised

Tier 4 is AI that operates software the way a person does. We do that work, and we refuse to sell it as finished: it runs as a pilot behind the longest probation we have.

The columns · build depth

Three ways to build the same job

The row is about risk. The column is about effort: days of configuration, weeks of assembly, or months of engineering for the proven, high-volume work.

01

Configured

Skill + template on certified equipment in your tenant

Days of work · Scoped to your volumes
02

Assembled

Scheduled workflows, connected tools, dashboards

Weeks of work · Scoped to your volumes
03

Engineered

Purpose-built system with its own review UI and integrations

Months of work · Scoped, with a run retainer
The grid, populated

Where the library sits today

The rows and columns above, with every deployable job from the catalog plotted on them. Circles are sized by the scale of the work they take on. Click one to see what it does and how it is governed.

Access tier: what it may touch, and the governance it carries
ConfiguredDays · Scoped to your volumes
AssembledWeeks · Scoped to your volumes
EngineeredMonths · Scoped, with a run retainer
T4 Operates systemsPilot only. Longest probation. Never promised
Pilot-only territory: piloted behind the longest probation we run, never sold as shipped.
T3 Writes, quarantinedConfidence scoring + permanent quarantine + audit trail
T2 Drafts for humans100% human approval until graduated
T1 Reads internalProbation review + access scoping
T0 Public dataJob spec + output log
Build grade: how it is built, what it costs, how permanent it is

Circles are colored by the outcome they serve, the same palette as the org map. The higher one sits, the more of your systems it touches, and the more supervision it ships with by default.

AI policy & governance

Your AI policy,written and kept current.

Most firms have no written AI policy, or one that was true the day it was signed and never again. We generate yours against your real obligations, enforce it in the systems we build, and keep it live.

/1

Generate the policy

We draft your acceptable-use and AI-governance policy against your actual obligations, not a template. What AI may touch, who signs off, where data lives, how long it is kept.

/2

Attest and enforce it

Per-seat attestation, an access register showing what every capability can reach, and guardrails enforced by the system itself, not by asking the model nicely.

/3

Keep it current

A monthly plain-language brief on what ran, what it returned, and what changed in the rules that affect you. Your compliance team gets a login, not a binder.

Train your teamto use AI safely.

Your staff already paste company data into free chatbots. Nobody signed off on it, and your compliance team does not know it is happening. That is the real AI risk in most regulated firms today, and banning the tools only pushes it underground.

We train your people to use AI safely on the work they actually do, with per-role playbooks for what is fine to paste, what is not, and where the approved tools live.

A workshop that leaves nothing running is theatre. Every training engagement ends with a working, governed system your team keeps using the next day.

We do not just advise.We ship.

We build and run our own products, in production, with real users. The judgment we bring to your systems is the judgment we use on our own.

In the United Kingdom we partner with North Stack to bring auditable, human-in-the-loop AI to FCA-regulated insurance operations.

Partner · United Kingdom
Start with a scoped pilot

Book a discovery call.Leave with a plan you can take to compliance.

A paid map, a fixed-fee pilot on one workflow, then a build we run. Your people still decide. Everything we build stays yours.

Loading form…