The Options

Three paths. Different cost structures, different data answers.

Every firm is on one of these paths already โ€” the question is whether the choice is deliberate. Each has a legitimate use case; none is obviously wrong for every firm. What matters is whether your chosen path aligns with your client obligations and your risk appetite.

Where your data goes โ€” by path

The three paths in detail

Shadow AI / Status Quo

What's probably already happening โ€” unmanaged.

$0 declared / unknown actual liability

Data exits firm โ€” uncontrolled
Non-compliant

Advantages

  • Zero upfront cost or procurement process
  • Staff already familiar with tools (ChatGPT, Claude, Gemini)
  • Immediate capability available

Limitations

  • Unauditable โ€” no log of what client data was processed
  • APP 11 breach risk: firm is data controller for tools IT didn't approve
  • TPB Code and APES 320 non-compliance
  • No fine-tuning possible โ€” model doesn't know your firm
  • No governance framework โ€” any incident is unmanaged

SaaS AI Subscription

Copilot, ChatGPT Enterprise, Claude Teams โ€” governed but cloud-hosted.

$30โ€“$200/user/mo (ongoing, price uncertain)

Data to vendor cloud โ€” contractual
Compliant with work

Advantages

  • Immediate deployment โ€” no hardware procurement
  • Eliminates shadow AI by providing an approved alternative
  • Enterprise tiers include audit logs and admin controls
  • Scales without infrastructure management

Limitations

  • Client data processed in vendor cloud โ€” data sovereignty is contractual, not technical
  • No fine-tuning โ€” model does not learn your firm's templates, precedents, or style
  • Perpetual per-user cost that compounds annually
  • Price risk: SaaS AI pricing is currently in an introductory phase
  • Generic responses โ€” does not know Bentleys' specific methodologies
Strongest data answer

Private Deployment

Model runs on your hardware. Data never leaves your network.

Capex ($186Kโ€“$387K) + low ongoing opex. No per-user fee.

Data stays on your hardware
Strongest compliance fit

Advantages

  • Technical data sovereignty โ€” client data physically never leaves your network
  • Fine-tunable on firm-specific data: precedents, templates, workpaper conventions
  • Model improves over time โ€” Year 3 capability exceeds Year 1
  • No per-user fee โ€” marginal cost of additional users is near-zero
  • Full audit trail โ€” every interaction logged on infrastructure you control
  • Strongest regulatory answer for SMSF, medical, and high-net-worth clients

Limitations

  • Upfront capital expenditure required
  • Requires ongoing maintenance and a technical point of contact
  • Initial setup time (4โ€“24 weeks depending on scope)
  • Responsibility for model updates sits with the firm

Which path fits which firm?

CriterionShadow AISaaS AIPrivate
Client data sensitivity (SMSF, medical, HNW)Unacceptable riskAcceptable with DPA reviewStrongest answer
APES 320 complianceNon-compliantCompliant with governance workCompliant โ€” framework included
Staff count 50โ€“100UnmanageableCost-effectiveCapex amortises well
In-house IT capabilityNot relevantLow requirementRequires tech support
Budget modelHidden liabilityPredictable opexCapex then near-zero opex
Want model fine-tuned on firm dataNot possibleNot possibleCore capability

The compounding advantage

The compounding advantage of a model that knows your firm.

SaaS AI tools are trained on the internet. They don't know Bentleys' templates, engagement letter conventions, workpaper standards, or the way partners phrase advice. A private model that has been trained on your firm's documents can answer questions a generic model cannot โ€” and that advantage compounds with each fine-tuning cycle.

Year 1

Baseline productivity

Model trained on public data โ€” faster and more consistent than manual work, but generic.

Year 3

+20โ€“35% on Year 1

After 2โ€“3 fine-tuning cycles on Bentleys data โ€” firm-specific answers, recognises your templates, drafts in your style.

SaaS tools remain flat on Year 1 capability โ€” they cannot learn your firm's templates or precedents. The compounding advantage is unique to private deployment with fine-tuning.

Private deployment detail

What private deployment actually looks like

Architecture, example workflows, and a phased rollout plan โ€” for those evaluating private deployment seriously.

Architecture overview

BentlysAI private architectureExisting systems connect to a private AI inference server running Llama 3.3 70B with Qdrant and BGE embeddings. A struck-through arrow shows no data flows to external services.YOUR NETWORKAI INFERENCE LAYEREXTERNALM365FYI DocsOutlookXeroActive WorkpapersClass Super2ร— H200 (pilot) or 4ร— H200 (full)Llama 3.3 70B (fine-tuned on firm data)Vector DB: QdrantEmbeddings: BGE (BAAI General Embedding)โœ—No data leaves

Every byte of client data stays inside this zone โ€” never transmitted to a vendor cloud.

Phased rollout โ€” 24 weeks pilot to full deployment

  1. 1

    Discovery

    4 weeks

    • Integration mapping
    • Governance baseline
    • Go/no-go recommendation
  2. 2

    Pilot

    4 weeks

    • Working AI on firm data
    • 5โ€“10 named users
    • Measured task wins
  3. 3

    Hardening

    4 weeks

    • Security review
    • Audit trail
    • Performance tuning
  4. 4

    Rollout

    8 weeks

    • All offices deployed
    • 80 fee earners onboarded
    • Governance framework live
  5. 5

    Optimisation

    Ongoing

    • Fine-tuning cycles
    • Custom workflow extensions
    • Monthly metrics review

Private AI vs SaaS โ€” capability comparison

CapabilityPrivate AICopilot Enterprise
Data sovereigntyโœ“ โ€” physically on Bentleys hardwareโœ— โ€” data processed in vendor cloud
Fine-tuning on firm dataโœ“ โ€” model improves with each cycleโœ— โ€” no fine-tuning available
Audit trailโœ“ โ€” every interaction logged on your infraโœ“ โ€” available via vendor admin console
Privacy Act complianceโœ“ โ€” full data localityโš  โ€” contractual only
APES 320 alignmentโœ“ โ€” governance framework includedโš  โ€” firm must build governance separately
Per-user marginal costNear zero after capex$47/user/mo ongoing
5-year total (80 users)$186Kโ€“$387K (one-time + ~$42K opex)$225Kโ€“$450K+ (price-dependent)
Ready to size the financial impact?