Our story
Why we wired AI governance into the rails instead of building a wall around the tools.
IT pushes a Chrome policy on Monday; by Tuesday someone has pasted a deal memo into their personal ChatGPT on a phone in a stairwell.
Our own AI use was throttled most of the time, so twenty-minute work became three hours of manual stitching. Watching colleagues route around it was an education. People reached for whatever slipped past the filters.

Anyone running that desk would likely make the same call, given the tooling at the time. The signal was that every new AI tool was a leak waiting to happen, so the cleanest answer was to keep them out.
The backdrop never let up: a regime to satisfy, and every breach headline of the last two years.
What if every AI a firm touched was already supervised the moment it ran?
Not the public chatbots alone, and not the internal assistants in isolation. The assistants embedded in Notion and Slack, the agents a developer pip-installs at eleven at night, the API calls between systems no one has named yet, all compliant by default, audited without a ticket, protected on every prompt before the request leaves the firm. And when the engine cannot decide in time, it fails safe: the prompt goes through, the event lands on the record, and nobody’s work stops.
The path of least resistance wins every time, so make the safe path the easiest one. When the supervised option is also the most convenient, the workarounds quietly stop being worth the effort.
Tens of conversations later, with CCOs and IT leaders across the US, Europe, and the UK, the picture only got more consistent. Firms genuinely want to adopt AI; the appetite and the budget are both there. What holds them back is the compliance risk on every prompt, tool, and model their teams might touch.
Most of the AI pitches landing in their inboxes ended the same way: interesting, but not until our AI use is supervised. When approved tools get blocked, people find unapproved ones. The work still gets done, but the data leaves without the record it used to carry.
The other thing keeping us up at night is how fast the threat surface itself is moving. Last November, Anthropic disclosed a sustained operation orchestrated through Claude Code, running attacks against multiple targets in parallel inside the agent’s normal interaction loop. Their write-up sits here. New tooling has to be ready for that from day one.
Adoption with the rails built in. That is what we are building.
Make the supervised path the easy path, and the safe choice becomes the obvious one.