Internal review copy. Not for public distribution.

Agent commissioning and operations

AI agents you can let near the business.

We commission agents into your real systems, gate every action that matters behind a human approval, and stay on to run them afterwards. Before you talk to us, read a sample of the audit trail you would get.

Book a scoping call See the work first

Every engagement scoped to the work

No client logos, because we have no clients yet

Ireland and India


Evidence

We have no client logos to show you yet.

We started this practice in 2026. Rather than a wall of borrowed logos, here is the work itself. Every artefact below is a real output of the method, synthetic or redacted, and labelled as a sample. If you want to judge an engineering firm, judge its artefacts.

Sample / approval receipt APR-0731-004
approval  APR-2026-0731-004
agent     invoice-triage
action    issue_credit_note
amount    EUR 4,820.00
policy    irreversible, approval required
requested 2026-07-31T09:14:22Z
approved  2026-07-31T09:16:41Z by r.shah
latency   2m 19s
receipt   sha256:9f2c1a...d47b
Sample / permission matrix PMX-invoice-triage
capability            alone  approve  never
read_ledger             yes        .      .
draft_reply             yes        .      .
send_customer_email       .      yes      .
issue_credit_note         .      yes      .
refund_over_10k           .      yes      .
delete_record             .        .    yes
change_own_permissions    .        .    yes
Sample / eval scorecard EVL-v14
suite       invoice-triage / v14
cases       412
pass        397   96.4%
fail        15    3.6%
vs v13      -0.8pp regression, investigate
p95 latency 1.84s
cost / 100  $0.41
gate        blocks merge below 95.0%
Sample / audit trail TRC-88213
09:14:22  agent.plan     classify, extract
09:14:23  tool.call      ledger.read(88213)  ok
09:14:24  policy.check   issue_credit_note HOLD
09:14:24  approval.raise to r.shah (ipad)
09:16:41  approval.grant r.shah
09:16:41  tool.call      ledger.credit(4820) ok
09:16:42  receipt.write  sha256:9f2c1a...d47b
Sample / incident record INC-0042
incident  INC-0042
title     eval regression after migration
detected  monitor: pass rate 96.4% to 91.2%
action    agent frozen, work to human queue
cause     provider changed a default sampling
          parameter without notice
fix       parameters pinned, gate added to CI
elapsed   00:41
impact    no customer-visible effect
Sample / agent file AGF-invoice-triage
agent/invoice-triage/
  charter.md        what it is for, and is not
  permissions.yaml  the matrix, versioned
  evals/            412 cases, run on change
  runbook.md        what to do at 3am
  receipts/         every action, signed
  owner             a named human being

Yours, in your repository, whether or
not we are still here.

The problem

Everyone has agents. Almost nobody has agents they trust.

Buyers are not short of tools. They are short of systems that survive contact with a real business and can explain themselves afterwards. The gap is not intelligence. It is operations.

Every figure links to its primary source
10% No more than one in ten organisations is scaling AI agents in any given business function, though 88% use AI somewhere. McKinsey, Nov 2025
60% Nearly six in ten enterprises have seen no measurable improvement in total cost of ownership from deals that include agentic AI. BCG, Feb 2026
21% Only one in five companies deploying agents reports a mature model for agent governance. Deloitte, Jan 2026
2 in 3 Two-thirds of enterprises now expect their providers to build and operationalise their priority use cases, not just build them. BCG, Feb 2026
40% Gartner predicts over 40% of agentic AI projects will be cancelled by the end of 2027, citing escalating costs, unclear business value, or inadequate risk controls. Gartner, Jun 2025

You may have seen a widely quoted figure that 95% of AI pilots fail. We do not use it. The study behind it measured something narrower than the headline says, its method has been publicly contested, and the numbers above make the same point without needing it.


Services

Three rungs. You climb them in order.

Every engagement is tailored to the work in front of it, and scoped in writing before anybody starts. We will not sell you the second rung without the first, because we would only be guessing about what your agents actually do.

01

Audit

Two to three weeks

Fixed scope, agreed before we start.

We put an eval harness on the agents you already have, find out why they fail, review the governance gaps, and write you a commissioning roadmap. If you paid for a pilot that stalled, this is the rung that tells you whether it can be saved, or whether it should not be.

  • Eval suite over your existing agents
  • Written failure analysis
  • Permission matrix
  • Commissioning roadmap
02

Commissioning

Six to ten weeks

Scoped from the audit. We will not start without one.

One agent, doing one job, inside your real systems. Integrations, evals, guardrails, human approval paths, a runbook, and acceptance criteria tied to a number you chose before we started. Not a demo. A thing that does the work, with a named human accountable for it.

  • One agent in service
  • Approval paths on every irreversible action
  • Regression-gated eval suite
  • Runbook and escalation path
  • Acceptance against your KPI
03

Operations

Ongoing

Agreed at signing, not after something breaks.

We keep the watch. Monitoring, drift and eval regression, model migrations, and a monthly report in plain English about what your agents did, what they cost, and what we changed. This is the rung that decides whether the other two were worth anything in a year.

  • Continuous monitoring and drift detection
  • Eval regression on every model change
  • Model migrations handled
  • Monthly written outcome report

How we scope

Consulting here is tailored, not packaged. We look at what you have, agree in writing what we will do and what we will deliver, and give you a number before any work begins. That number does not move unless the scope does, and if the scope moves we say so at the time rather than in the invoice.


Method

We sell rigour, so the method is the product.

Five stages. They are named for the work, and they are the same five whether the engagement is a two-week audit or a two-year retainer.

I

Sounding

Measure before you move. We instrument what exists and take a baseline. You cannot improve a number nobody has ever taken, and you cannot prove you improved it either.

II

Marking the line

We write the permission matrix. What this agent may do alone, what needs a human to approve, and what it may never do under any circumstance. Clients tell us this is the document they did not know they needed.

III

Commissioning

Build, integrate, evaluate against the baseline. Guardrails and approval paths go in during the first week, not bolted on in the last. Every action that cannot be undone gets a named human in front of it.

IV

Acceptance

We agreed a number at the start. Either it moved or it did not. Acceptance is not a demo and it is not a slide deck. If we missed, we say so, and the report says why.

V

Standing watch

Monitoring, regression, migration, and a monthly report. Agents drift. Providers change defaults without telling you. Somebody has to be watching, and it should be somebody who is paid to.

Every engagement leaves behind an agent file: the permission matrix, the eval suite, the runbook, the receipts, and the escalation path. It lives in your repository. It works whether or not we are still here. We think that is the minimum a consultant owes a client, and we are aware that it is not the industry norm.


Limits

What we will not do.

A firm that will do anything has no method. These are not caveats buried in a contract. They are the shape of the practice.

No no-code automation piecework.

Wrong altitude, and the bottom of that market is saturated with people who will do it cheaper than we would.

No model training or fine-tuning engagements.

Not our stage, and mostly not your problem. The failures we see are integration failures.

No staff augmentation.

We sell outcomes, not hours. If you want bodies, there are better firms and they are cheaper.

No hosting your inference on our hardware.

Your data stays in infrastructure you control or rent. We are not a cloud.

No agent takes an irreversible action without a named human approving it.

This is not negotiable, and it is the one thing we will lose an engagement over.

No borrowed credibility.

No logo walls, no invented metrics, no case studies we did not do. When we have clients, you will see them here with their permission.


Regulation

What the EU AI Act actually requires, and when.

A lot of people are currently selling against an August 2026 deadline for human oversight and logging. That deadline moved.

The Digital Omnibus was endorsed by the European Parliament on 16 June 2026 and given final approval by the Council on 29 June 2026. It defers the obligations for high-risk systems, which are the ones that concern anybody operating agents.

We mention it because a deadline is a poor reason to build an audit trail. A better reason is that you cannot operate what you cannot see.

We are not lawyers and this is not legal advice. Talk to your counsel.

Obligation Applies from
Article 50 transparency, Article 4 AI literacy, national enforcement and penalty powers 2 Aug 2026
Stand-alone high-risk systems (Annex III), including human oversight (Art. 14) and logging (Art. 12) 2 Dec 2027
High-risk AI embedded in regulated products (Annex I) 2 Aug 2028

Sources: Council of the EU, Gibson Dunn, Pinsent Masons.


Your data

Where your data goes, in three lines.

Class S / sensitive

Finance, legal, personal data, anything near a credential. Never enters a shared model context. Hosted use only under zero-retention terms with logging off, and tagged in the trace so you can see it was.

Class I / internal

Code, documents, operations. Hosted frontier models by default, because capability matters more here and the exposure is lower.

Class P / public

Marketing and outbound content. Cheapest capable route. It is reviewed by a human before anybody sees it anyway.

Per-client credential handles. Your data never crosses into another client's context, and it never enters ours.


Principals

Two people. Both of them will be on your call.

A boutique is its people. Anonymous firms are not trustworthy, and a leveraged pyramid of analysts is not what you are buying here.

Rishiom Shah

Principal. Ireland.

Thirteen years building, operating and selling software. Runs a company whose daily work is carried out by AI employees under approval gates, with receipts for everything they do. Building Orbiter Dev, a governance layer that puts one approve button in front of every agent. The approvals land on an iPad beside the keyboard, which is where this practice started.

Aman Abhishek

Principal. India.

Aman co-founded the practice with Rishiom, after a long time spent planning it between them. He moved back to India in 2026 and runs the practice from there. He owns the half of this work that a client only feels later: whether the agent still holds six months after handover, and whether somebody actually answers when the escalation path gets used at three in the morning.


Questions

The awkward ones, first.

What does an engagement cost?

It depends on what you have, and we will not pretend otherwise by putting a number on a page before we have seen it. What we will do is agree the scope and the number in writing before any work starts, and hold to it unless the scope changes. You will not discover the price at the end.

You have no clients. Why would I be the first?

You get the founders themselves, and an audit that tells you honestly whether to proceed. If the answer is that your pilot cannot be saved, we will write that down, and you will have found out early and cheaply rather than late and expensively.

What if the agent breaks after you hand it over?

That is what the third rung is for, and it is why we agree it at signing rather than after something breaks. Agents drift. Providers change defaults without telling anyone. That is not a hypothetical, it is a Tuesday.

Do we have to use your stack?

No. We have a default stack we know deeply. If you have a mandated platform, we work inside it. What we will not compromise on is the eval suite, the permission matrix and the approval path.

Who is liable if the agent does something expensive?

You are the deployer of record. Our job is to build the oversight that makes that position defensible: named human approvals on irreversible actions, and a logged trail of what was decided and by whom. Before you sign anything we will put professional indemnity cover appropriate to the engagement in place and show you the certificate, and we will send you the contract terms before you ask for them.

How small is too small?

If the audit is not obviously worth it to you once we have described it, we are the wrong firm, and we will tell you that on the call rather than after it.


Start with a sounding.

An audit, two to three weeks, and a written answer about whether your agents can be saved. If the answer is no, we will say so, and the roadmap will tell you what to do instead.

Book a scoping call Read the artefacts again

Every action an agent takes, on a line you drew, in a record you can read.