A few engagements, told plainly.

Risk analysts were reviewing every flagged transaction from scratch — cross-referencing scattered policy PDFs, sanctions notes, and prior decisions by hand. Backlogs grew faster than headcount, and no one could later prove why a case was approved or declined.

We built an agentic review workflow that drafts a recommendation for each flagged case — gathering the signals, retrieving the governing policy, and proposing approve, decline, or escalate with its reasoning — while a human analyst stays the decision-maker. A separate copilot answers policy questions grounded only in the firm's own documents. We worked evaluation-first: a graded eval set and guardrails came before the agent, not after.

• An agentic case-review pipeline (Node/TypeScript) that gathers signals, retrieves the governing policy, and drafts an approve/decline/escalate recommendation with cited reasoning — every action logged for audit
• A RAG policy copilot over the firm's policy, sanctions, and onboarding documents (pgvector, hybrid retrieval) with a cite-or-abstain contract — it names the binding clause or says it doesn't know
• A human-in-the-loop desk where analysts accept, edit, or override each draft; overrides feed back as labelled examples, and the agent never auto-decides high-value or sanctions-adjacent cases
• A guardrail layer — prompt-injection screening on retrieved text, PII redaction, confidence thresholds that force escalation, and a rule that an uncited claim is treated as an abstention
• A graded eval harness (golden decision set + an LLM judge on citation faithfulness) wired into CI, so model, prompt, and retrieval changes are scored before they ship

A growing veterinary group ran nine clinics across three countries on a generic practice tool plus a sprawl of spreadsheets. Patient histories were siloed per site, medicine stock was counted by hand, and each country billed in its own currency — so month-end consolidation took days and never quite reconciled.

We built a bespoke multi-tenant platform where each clinic is its own tenant, but a patient's record follows them to any branch. Booking, clinical notes, prescriptions, and stock live in one system; invoicing is multi-currency with each country's VAT and rounding handled correctly; and a group dashboard rolls every site up to a single, reconcilable view.

• A multi-tenant clinic model — per-site isolation for staff, schedules, and stock, with a shared patient record that follows the animal to any branch
• Per-clinic medicine and consumables inventory with batch/expiry tracking and low-stock alerts, replacing the manual count spreadsheets
• Multi-currency, multi-VAT invoicing (DKK/SEK/NOK billing, EUR supplier costs) with country-correct tax and rounding, and a daily FX snapshot stored against each invoice
• A group operations dashboard consolidating revenue, utilisation, and stock across all nine sites in one reconcilable view
• Role-scoped access (vet, nurse, front desk, group owner) and a client portal for appointment history, prescriptions, and invoices

An HR-tech scale-up whose product screens and ranks candidates had quietly become a high-risk AI deployer under the EU AI Act — and a procuring enterprise's security questionnaire had just asked them to prove it. They needed to know exactly where they stood, what to fix in-house versus buy in, and who owned what, before the obligations bit.

Over a fixed-scope engagement we mapped their actual AI surface against the Act's obligations, separated genuine high-risk uses from lower-risk ones, and turned the gaps into a sequenced, owner-assigned plan. Counsel from an operator who still ships — so every recommendation was build-versus-buy honest and costed against their real roadmap.

• A scored readiness assessment across six governance dimensions, mapped article-by-article to the Act's provider and deployer obligations (Art. 26, Art. 50), citing binding text and flagging where the Digital Omnibus moved the dates
• A risk register classifying each AI use — candidate ranking as high-risk; resume parsing and chat assistance as lower-risk — so effort went where the law actually lands
• A build-versus-buy decision memo: build human-oversight and logging controls in-house, buy a model-monitoring layer, defer a full governance suite until volume justified it
• A RACI for AI governance naming a single accountable owner, plus a lightweight model inventory and incident-logging process that fit their existing workflow
• A sequenced 90-day remediation roadmap tied to the real deadlines — Art. 50 transparency (Dec 2026) ahead of the deferred high-risk deployer obligations (now Dec 2027)

The product was genuinely good and the team knew their domain cold — but the market couldn't tell. Growth leaned entirely on founder networks and paid ads that stopped the moment spend paused, and the site read as a feature list rather than a point of view.

We started with positioning — naming the specific problem the product solves and the buyer it serves — then turned that narrative into an SEO and content system built as infrastructure, not a campaign. Editorial, technical SEO, internal linking, and conversion paths were treated as one connected machine the team could run without us.

• A positioning document and messaging hierarchy: a one-line category claim, three proof pillars, and objection-handling copy reused across site, sales decks, and onboarding
• A topic-cluster content architecture (pillar pages plus supporting articles) mapped to real buyer search intent, with an editorial brief template the in-house team writes against
• A technical SEO foundation: clean information architecture, internal-linking rules, structured data, fixed crawl/index issues, and Core Web Vitals brought into the green
• A conversion redesign of the highest-intent pages — clearer hierarchy, honest social proof, one primary call to action per page
• A lightweight measurement setup and a quarterly content-ops playbook so the engine keeps running in-house

Donations ran through a dated hosted form that dropped roughly one in seven gifts at the payment step. And every quarter, two people lost most of a week hand-assembling the board and funder impact pack from four exported spreadsheets.

We rebuilt the giving flow as a fast, accessible, multi-currency checkout on Stripe, then put a small reporting pipeline behind it that turns the same donation and programme data into a board-ready pack — with a light AI assist that drafts the narrative and always cites the figure it is summarising. The point was leverage, not headcount.

• A rebuilt one-page donation checkout (one-off and recurring) on Stripe — Apple/Google Pay, SEPA, proper card retries, fully keyboard- and screen-reader-accessible
• A multi-currency reconciliation layer that ties every gift, refund, and Gift-Aid-style uplift back to the programme it funded
• An automated quarterly pipeline that compiles donations, programme spend, and reach into a single versioned board and funder pack
• A cite-or-abstain drafting step that writes the narrative summary and footnotes the exact figure behind every claim, leaving a human to approve before send
• A lightweight admin console: donor receipts, recurring-gift management, and one-click pack export to PDF