Governed AI, running our own business
Enigma’s own operations
Most organisations adopt AI tools with no governing framework — no answer to who approved an action, what the agent can touch, or how to evidence any of it. We decided to solve that on ourselves first.
The challenge
AI agents are moving from conversation to action — reading mailboxes, maintaining financial records, producing client documents, operating business systems. The gap isn’t capability; it’s governance. We wanted real agent capability in our own operations without surrendering control or auditability.
What we did
How it was delivered.
-
01
Run the firm on agents — today
Business dashboard, CRM, invoice register, client document production and mailbox management executed by AI under human supervision. Every action reviewable; every record reversible.
-
02
Backed by production evidence
The pattern was proven at enterprise scale earlier — a security-first AI onboarding platform that processed 80+ consultants as one auditable workflow.
-
03
Codified into a framework
Human-in-the-loop approval gates, least-privilege access, auditable action logs and environment segregation — aligned to NIST AI RMF, the EU AI Act and ISO/IEC 42001. In active development.
The outcome
A daily, working demonstration — on real clients and real money — of what governed agentic AI looks like inside a professional services business. When we advise on AI adoption, we’re describing our Tuesday, not a slide.
Our Tuesday
governed AI in live operations — not a slide
Start a conversation
Tell us where the business is losing time, money or momentum.
We reply within one working day with an honest view — and if we can't help, who's better placed.