I have worked in every block I now build for.
Engineering, lending, cards, payments, wealth and financial crime, then the bank itself as its first AI hire. That is why a CTO, a head of credit or a risk committee will sit down with me: I understand how their organisation makes decisions, and where it gets stuck.
HSBC · GE Money
Lending systems and self-service platforms from the inside.
Discover
Card products, transaction processing and settlement at scale.
RBC
Regulated wealth product across multiple jurisdictions.
Wonga
Credit, scoring and decision engines through FCA authorisation.
Thredd
£4.2B card-issuing platform, real-time financial crime, 100+ fintechs. Led a 15-person product org across London, Singapore and Sydney.
ComplyStream
AI compliance platform, co-founded and shipped to FCA customers.
UK specialist bank
First AI hire. Two systems in production, governed and signed off.
regstack
Open-source compliance agents. The whole journey, codified.
Engineer. Operator. Founder.
Vyaya
Shipping production AI and the governance to clear it, for regulated finance. Maintainer of regstack. Trading as Samantaray Digital Ltd.
UK specialist bank
First AI build lead on the strike team. 19 use cases across 5 BUs, 2 in production, one Trust Layer that cut approvals from six months to three weeks.
ComplyStream
AI financial-crime platform, zero to FCA-regulated customers. £850K pre-seed, Google for Startups AI, NVIDIA Inception. 500 to 25 alerts a day, 85% fewer false positives.
Thredd (ex-GPS)
£4.2B card platform, 60 to 100+ fintechs, 99.99% uptime. Built NLP developer tooling before GPT was public.
Wonga
1.2M applications a year, decided in 90 seconds. Rebuilt the credit models through an 18-month FCA authorisation, serving 2M+ throughout.
RBC Wealth Management
Regulated wealth product in a global bank. Where the second-line instinct came from.
Discover
Card products and credit systems at scale in US consumer finance.
HSBC
Where it started. Lending engineering, the foundation under all of it.
Shipped with the team. Measured honestly.
A few engagements where AI went past the demo and into something a regulated business now runs. The numbers are what the desks actually saw, not a launch headline.
Compliance OS, built solo, final 6 of 2,000+
An agentic KYC and compliance build that turns manual onboarding and review into audit-ready, regulator-defensible decisions. Selected as a Demo Day finalist and pitched live to a leading SF VC and the TinyFish leadership team.
From 19 ideas to two in production
Embedded with business, second-line and IT to find which use cases were real. Built two into production, complaints drafting and a valuation assistant, and authored the Trust Layer that got them signed off. It became the bank's standard for every AI deployment after.
The work around the score
Their ML does the scoring. The slow part is everything around it: extraction, the credit paper, the audit trail, monitoring. Scoped that into phased agentic use cases the credit team could trust, with the decisioning kept sovereign and governance sized for their warehouse lender.
A compliance platform, zero to FCA customers
£850K pre-seed from Cornerstone, Ascension and operators at Monzo and ClearBank. Google for Startups AI, NVIDIA Inception. Built the product and shipped it to FCA-regulated customers as co-founder and CPO, before moving on to build independently.
Named on the build, not just the deck
Brought in as the regulated-AI and payments voice on an AI-native neobank build: BaaS selection, card programme, AI architecture, hypercare. The reason teams ask is rare coverage of payments, AI and lending in one head, with £4.2B of card processing behind it.
I ship in the open, so the proof is public.
Client work stays private, so I build open-source compliance tooling in my own time. It is where you can actually read my code and see how I think about regulated AI. regstack is the home for it.
Full KYC onboarding with independent verification, deterministic four-factor risk scoring, immutable audit trail, 17-section report. 33+ stars, organic forks from IPO'd fintechs.
Three-pillar engine: regulatory mapping, policy framework, data orchestration, with a CRO / MLRO / FCA expert-challenge layer.
Trust infrastructure for AI-generated code. 95 patterns mapping EU AI Act Article 13 and PCI-DSS into developer-native compliance.
A 10-tool FastMCP server wired to a live payments API for real-time fraud signals inside an agent loop.
Invited where regulated AI is being figured out.
I get asked onto panels and into rooms on agentic payments and regulated builds because I have actually shipped them. I also write about it, in the open.
↳ Speaking & recognition
↳ Not Another Fintech Alert
AI COGS repricing, what agent unit economics do to a compliance P&L. ↗ Rathbones / FCA s166, reading a skilled-person review as a product spec. ↗ The compliance-startup bear case, where funding meets a thin moat. ↗ Lovable data study, a practitioner's critique of the numbers. ↗I publish the analysis, not just the take.
Interactive, data-led reports I research, build and deploy myself. The kind of primary-source work I bring to a build or a board.
The Distribution OS
Claude's plugin registry as a distribution layer: who gets anchored, amplified or absorbed across 9,000+ MCP servers. Nine findings on software, talent, commercials and regulation.
What AI Users Actually Think
Twelve months of primary signal from Reddit, Hacker News, GitHub and Stack Overflow. Agent pilot failure rates, the open-source model shift, MCP security, context engineering.
One architecture. Every regulated use case.
How I take a workflow problem to production a regulator, a board or a buyer will stand behind, governed from day one.
I came up as an engineer and never left the codebase. I build multi-cloud, multi-model systems hands-on: I have shipped custom Python ML and LLM orchestration across AWS Bedrock, Google Vertex and Azure OpenAI, and I build agents in the modern Claude and Gemini stack. I bring in specialists where it helps, but I am not a slideware operator.
With your team, from discovery to production.
I do not parachute in with an agent and leave. I embed with the engineers, data and risk people who own the system, and move in phases so value and confidence build together.
Find the real workflow
Map where the work actually gets stuck, not where a demo looks good. Pick one use case, build a working prototype, agree how we measure it.
Build it with the team
Ship into a real workflow with your engineers and data team. Wire the integrations, write the evals, stand up the audit trail, governance designed in, not bolted on.
Earn the sign-off
Trust scoring, escalation, logging and explainability the second line and Risk Committee will actually approve. Then hand it to an owner and scale to the next use case.
Where we start: most engagements open with a short paid discovery, usually a couple of weeks, to find the use case worth building and agree how we measure it. No long retainer before there is something working to point at.
Four ways in. Each one named, scoped and shippable.
No open-ended retainer before there is something working to point at. Most teams start with a fixed-fee discovery, then scale into a build once the use case has earned it.
Discovery Sprint
Fixed fee · 2–3 weeks- A scored use-case shortlist across your business
- One working prototype on a real workflow
- A measurement plan and a clear go / no-go
Build & Ship
Embedded · 12–16 weeks- One use case live on a real desk
- The Trust Layer: trust scoring, escalation, logging, audit trail
- A sign-off pack for second line and Risk Committee, plus handover
Fractional AI / CPO
Monthly retainer- Strategy, roadmap and hands-on build, not just advice
- Governance and a board-ready narrative for every release
Named on your bid
Per engagement- A credible regulated-AI voice on the bid or the deal
- Portfolio AI value creation, thesis to production
- Operator inside a PE-backed scale-up, with M&A diligence alongside Bain and Oliver Wyman.
On pricing: discovery is a fixed fee; builds and retainers are scoped to the work. Indicative numbers on the intro call.