The build under the hood.

We move product, policy, and operational knowledge out of the prompt and into a retrieval layer built to survive model turnover. Sources render alongside every answer. The architecture decisions — what we put in retrieval, what we keep in the prompt, what we never put in the weights — are the work; the implementation choices follow.

• Diagnostic pass: which parts of your content are RAG-appropriate, which need structured retrieval, which should not be retrieved at all
• Retrieval-layer architecture that survives model generations — prompts and sources separated from the underlying LLM choice
• Two-phase retrieval where intent classification runs before the vector search, not instead of it
• Evaluation harness from day one: faithfulness, citation accuracy, regression against known-good answers
• Production deployment with monitoring, prompt versioning, and documented handover

Keyword search fails on specialty catalogues because customers don't know the keyword. We build retrieval layers that classify intent first — grade, regulatory class, application — then apply those signals as boosts into a search index, so the results stay explainable and the failure modes stay legible.

• Intent-classification layer separate from the retrieval layer — not bolted onto the same model
• Synonym and facet tuning against real query logs, not guessed schemas
• Permission-aware retrieval for regulated catalogues (e.g. access-controlled scientific or pharmaceutical inventories)
• Semantic caching where the query patterns justify it; honest opt-out where they don't
• Production integration into existing e-commerce stacks — no rip-and-replace

Shipping LLM features without an eval layer is how regressions slip through undetected. We build the evaluation discipline first: structured test suites, CI-integrated gates, regression detection on prompt and model changes. The discipline is the work; tools are selected after the coverage map is agreed, not before.

• Coverage map: which behaviours must not regress, which can tolerate drift, which need manual review
• CI-integrated eval gates for every deployment — no model change ships without passing the suite
• Continuous test coverage against the public LLM security taxonomies (OWASP LLM Top 10, NIST AI RMF)
• Prompt versioning tied to measured change, not to commit IDs
• Monthly AI performance reporting formatted for board and regulatory review

Unstructured documents become queryable knowledge only when the ingestion pipeline handles versioning and change detection. We build pipelines that extract structure from PDFs, DOCX, and scraped web content, then keep the retrieval layer current as sources move — without drift, without silent staleness.

• Content-hash change detection so downstream retrieval only refreshes what actually changed
• PDF/DOCX/HTML parsing selected per source characteristics — different tools for different document pathologies
• LLM-assisted relevance scoring to promote useful content and demote boilerplate
• Integration with retrieval layers (vector stores or structured search) without locking the pipeline to one
• Versioned snapshots so regressions can be traced to a specific source update

Twenty years of enterprise DWH practice from Swiss and German engagements, adapted for APAC delivery. Dimensional modelling, Data Vault, cloud and on-prem architecture — selected per the data and the organisation, not per current trend. Design and delivery under one partner.

• DWH architecture selection — cloud, on-prem, or hybrid — grounded in the data volumes, the governance posture, and the existing investments
• Data modelling (dimensional where reporting is stable; Data Vault where source systems churn)
• ETL/ELT delivery end-to-end
• Legacy DWH migration with parallel-run validation
• Reporting layer and BI design against named business questions, not dashboards-as-deliverables
• Data governance frameworks sized to the organisation — not imported from another one

AI-assisted engineering works only if the team can still reason about what the system did and why. We install the tooling — skill libraries, MCP integrations, AI-reviewed CI — and the delivery discipline (Scrum, prompt versioning, evaluation gates, human-in-the-loop where it earns its place) that keep AI-assisted engineering auditable, forecastable, and reversible. Internal portals and client dashboards get built full-stack with CI/CD and observability from the first commit, not bolted on in week eight.

• AI skill library design — distributed, versioned, discoverable
• MCP server integration with live enterprise knowledge bases
• AI-assisted PR review in CI/CD — the AI is an advisor, not a gate
• Prompt and skill evaluation infrastructure
• Scrum or Kanban implementation selected per the team's actual delivery pattern (PSM II, PSPO II certified)
• Backlog structuring and sprint facilitation — hard rule: coach leaves when the team runs the ceremonies without them
• Full-stack delivery of internal portals and client dashboards — Python backend, Next.js frontend, authentication via mature identity providers, observability from day one
• Workflow automation — low-code inside the team's own surface, direct integration on the customer path
• Local LLM integration where data residency or air-gap requirements make it the right call

GDPR and EU AI Act compliance lived in advisor reports until the fines started. We design and implement the technical controls: data-residency architecture, PII anonymisation pipelines, risk classification under the EU AI Act, zero-trust access patterns for residency-sensitive workloads, and governance documentation that survives first-pass regulatory review.

• GDPR data-handling audit across AI systems — PII in chat logs, in training data, in retrieval indexes
• PII anonymisation pipelines at ingestion, not at reporting time
• EU AI Act risk classification and technical documentation
• Data residency architecture with explicit EU/non-EU separation — enforced in the infrastructure, not in policy
• Zero-trust deployment patterns for residency-sensitive AI workloads — Cloudflare tunnels, identity-aware access, infrastructure-as-code
• AI governance documentation sized for board reporting and first-pass regulator review
• Privacy-by-design review on new AI features before production