Make AI‑driven decisions explainable, governed, and defensible.
Governance, evidence, and automation systems for organisations where the cost of being wrong is high.
The accountability gap
If AI is influencing outcomes in your organisation, can you explain what it did, why, and how — to a regulator, or your board?
Most organisations can't. The governance was built for humans using software, not AI agents using agents.
Next step
A 20-minute discovery call to confirm your problem, assess fit, and outline what the system would look like.
What I Build
Operational systems for organisations where the cost of being wrong is high.
Data + Search
Evidence Intelligence
Turn thousands of emails, contracts, regulatory letters, and financial records into a searchable evidence layer that reconstructs timelines, maps causality, and prepares complex complaints and disputes. Every assertion traced to source document, page, and exact wording — built so AI agents and humans can reason across your evidence.
SQLite · PostgreSQL + RLS · ChromaDB · OCR pipelines
Governance + Enforcement
Governance Architecture
Policy enforcement that AI agents actually obey. Seven atomic controls — purpose, data class, model version, human review triggers, blocking rules, audit logging, retention — enforced at the database layer via PostgreSQL row-level security, not in application code.
7 Primitives · RLS · JSONB decision traces · accountability binding
Automation + Integration
Agentic Workflows
Transform manual processes into AI-native workflows where agents do the work and humans provide judgment. Connect M365, Salesforce, databases, and APIs through orchestration layers. Deploy reusable AI skill libraries with multi-lens analytical protocols so teams get consistent, repeatable analysis instead of ad-hoc prompting.
Claude Code skills · N8N · MCP servers · 7-lens protocol · CLI/API tools
Evidence + Regulatory
Compliance Intelligence
Forensic-quality evidence management for regulatory complaints, litigation support, and compliance investigations. Every assertion traced to source document, page, and verbatim quote. Chain-of-custody document processing from ingestion to submission-ready evidence packs across financial services, privacy, consumer protection, and administrative review.
Regulatory mapping · causal chain analysis · forensic language audit
How It Works
The same architecture, applied to every domain. The methodology is portable — the infrastructure scales to need.
Intake
Docs, emails, PDFs, records, regulatory instruments
Data Layer
SQLite / PostgreSQL + FTS + ChromaDB semantic index
Analysis
Claude skills, 7-lens protocol, causal chain mapping
Quality Gate
Forensic language audit, blind-spot check, compliance review
Output
Defensible outputs, filed submissions, auditable decisions
Infrastructure
SQLite for edge deployments. PostgreSQL + RLS for production. Docker for development. Supabase or Azure for hosted. The intelligence layer is infrastructure-agnostic — designed so you're not locked in.
Why This Matters Now
Three things changed — and they changed what 'ready' looks like.
Software costs collapsed
AI agents now build and operate applications autonomously. Per-seat SaaS is dying; the application layer is commoditised. What still has value is your data, and the accountability infrastructure that lets you defend decisions made with it.
The bottleneck moved
The hard problem is no longer "how do we build this?" It's "can we specify what we need precisely enough that autonomous systems deliver it safely — and can we prove they did?" The skill that matters now is translating business intent into machine-enforceable constraints.
Tools became agents
AI systems now spawn sub-agents, manage dependencies, and coordinate with peers. Your compliance checklist doesn't know they exist. You need governance enforced at the data and evidence layer, not written in a PDF.
Experience
Leadership across AI governance, assurance, and regulated delivery.
2024 – Present
AI Governance Consultant
Designed and operated AI governance policy, standards, and control frameworks aligned to NSW and international expectations, including NIST AI RMF and ISO/IEC 42001 concepts. Embedded governance into procurement and vendor engagement.
2020 – 2024
Senior Manager, Digital Transformation — NSW Health (eHealth NSW)
Led AI governance, assurance, and risk management in a highly regulated NSW Health environment. Maintained AI system registers and assurance documentation.
2016 – 2020
ICT Strategy & Governance Consultant
Delivered ICT strategy and governance consulting across government, ASX-listed, and NFP organisations in Australia and APAC.
2011 – 2016
Project ICT Lead (APAC), Blackmores
Led regional technology governance and M&A support across five APAC countries, including due diligence and vendor governance.
2004 – 2011
Account Director, Telstra / NetStar
Managed compliance-sensitive government, health, and financial services accounts, leading cross-functional delivery teams.
Capabilities
Grouped by what they enable, not what they're called.
Systems & Data
AI & Agents
Governance & Compliance
Domain
Start with a clear conversation
If you're facing a decision where the risk of getting it wrong is high — politically, legally, operationally, or reputationally — that's the right time to talk.
After our engagement, you'll have clear accountability, explicit risk ownership, and decisions that can be defended to regulators and boards — not just documentation.
Most conversations start with:
- “We're being pushed to move faster, but the governance isn't there yet”
- “This sounds good on paper, but it won't survive Risk / Audit / the Board”
- “We've already invested, and now the consequences are catching up”
I'll be direct about:
- whether the issue is real or overstated
- what's actually blocking progress
- and whether I'm the right person to help
If I'm not, I'll tell you.
What happens next
- 20-minute discovery call
- Written assessment of fit + scope
- Proposal with deliverables and timeline if there's a match
- No obligation at any step