Skip to main content

Market fit

Why “market fit” on a page about regulation and hesitation around AI adoption?

A short take on what executives bump into: regulation (which we treat as a systems competency) and people, their sense of value, stakes, and risk.

Regulation

On regulation: our background in industrial systems, safety, ergonomics, and human factors lets us embed that expertise in your products, often beyond the letter of the rule.

Regulation looks opaque to digital players without a systems lens (or lucrative to those who sell complexity). They will over-read the texts to compensate for missing systems-engineering practice.

For everyone else, new AI rules largely encode known industrial practice (in plain, expected terms).

Our knowledge of good practices in systems and aeronautical interface design (yes, by accident) maps well to new agentic-AI compliance needs. We fold that into the same UIs you expect, explained and captured in audit.

We run on Google Cloud infrastructure, including:

• proprietary code with open licenses at framework/model layers, • hosted open models without vendor inference calls, • microservices and GCE MIG VM pools, • durable storage on Elastic (Dutch-headquartered vendor).

Sovereignty

The US leans on the Cloud Act for AI. The EU relies on the AI and Data Acts.

The US Cloud Act lets authorities demand data flowing through our infrastructure provider (Google). It is not limited to “data at rest” (the Elastic DB permanent storage). Any data under a US company’s control can be targeted (including live RAM during VM processing).

Section 2713 of the Stored Communications Act (as amended by CLOUD Act 2018, 18 U.S.C. § 2713) requires providers like Google to disclose electronic communications “whether stored, held, or under the provider’s control (including RAM) inside or outside the United States”.

The EU responded with requirements on Google that may not outrank US obligations. Data Act Art. 27 asks cloud providers to take “all reasonable measures” (technical, legal, organizational) to block access (while Google offers higher-cost “hardened” VM variants, compliantly enough).

Regulated sectors (high-risk: health, finance, HR, education)

Additional measures to block US-forced intercepts are effectively mandatory.

Non-regulated sectors

Without mitigations, the risk is potential loss of confidentiality (trade secrets) via undisclosed US government requests to Google (for investigation or industrial espionage).

Traceability and auditability

The EU AI Act (Aug 2026) expects full traceability and human oversight for “high-risk” systems.

We can embed end-to-end traceability targets for any client who asks.

That includes tamper-evident logs, model evaluations that show attention to failure cases, and continuous improvement on those dimensions.

Explainability

AI Act Art. 13. We can ship full explanatory outputs and log them in system records.

Humans running the system should fully understand decision criteria and how delegation to agents is intended. We read that as healthy transparency: surface choices in the UI, made upstream of implementation, and obvious to everyone.

Supervision

AI Act Art. 14: humans must be able not to apply, to change, or to ignore AI outputs.

We design HIL systems with those affordances (typically on edge cases you define, because supervising every case is simply not using AI).

Our human-factors practice helps clarify trade-offs, classic design gaps with real consequences, and when legal questions belong in the room.

Control

Beyond the above, fit is how teams who wrote the specs and staff who run supervision feel about the system.

Ergonomics and workload matter as much as domain expertise and decision milestones. The goal is to avoid a system that fights its users. Bespoke delivery, our systems + AI practice, and evolutionary maintenance are aimed at exactly that.

ADOPTION: trust and process clarity

AI and a prior audit are a chance to validate or rethink processes: clarify, improve, or transform (including business-model change).

ADOPTION: trust in data and processing

Often cited, sometimes overstated (see Google’s report). Data-policy adjustments can run in parallel with AI work. Agents can cover persistent gaps.

ADOPTION: fear of replacement

Career uncertainty is real. Better to discuss it openly as decisions emerge.

Under Your processes we cover handover, changing roles, and training juniors. Depending on scope, domain expertise can live directly in interfaces as shared media.

Becoming a system supervisor does not erase broader employment questions.

Security

New risks sit in conversational interfaces and sensitive data paths. See OWASP’s paper about the current picture of the top 10 agentic AI security threats.

We treat these as required layers after first prototyping.

Tool dependence

Learning curves create stickiness once teams invest time. Vendor strategies differ: OpenAI and Anthropic skew lock-in, while Google’s stack hosts multiple agent frameworks, conscious of the point we are making here.

A studio can recycle past drafts on these tools when you decide to move to a higher-performing dedicated system. They will be a good starting point to let the team speak its needs and articulate precise specifications.

Cost control

Inference (“token cost”) is the headline. Narratives conflict: some claim prices fall with competition and efficiency. We often see the opposite. Compare Cursor pricing, or Starlink underpricing then hiking (unlike Tesla’s early automotive playbook).

Open models now rival frontier performance and pressure US vendor valuations. Reports cite >85% of US startups using chinese open-source DeepSeek-class models. Many offer free inference (you pay infra only). Below a threshold, open stack wins. Hybrid setups are normal.

Bespoke design matches models to confidentiality and trims tokens aggressively. Agencies and vendors rarely ship those optimizations until their ecosystem does.