The Options
Three paths. Different cost structures, different data answers.
Every firm is on one of these paths already โ the question is whether the choice is deliberate. Each has a legitimate use case; none is obviously wrong for every firm. What matters is whether your chosen path aligns with your client obligations and your risk appetite.
Where your data goes โ by path
The three paths in detail
Shadow AI / Status Quo
What's probably already happening โ unmanaged.
$0 declared / unknown actual liability
Advantages
- Zero upfront cost or procurement process
- Staff already familiar with tools (ChatGPT, Claude, Gemini)
- Immediate capability available
Limitations
- Unauditable โ no log of what client data was processed
- APP 11 breach risk: firm is data controller for tools IT didn't approve
- TPB Code and APES 320 non-compliance
- No fine-tuning possible โ model doesn't know your firm
- No governance framework โ any incident is unmanaged
SaaS AI Subscription
Copilot, ChatGPT Enterprise, Claude Teams โ governed but cloud-hosted.
$30โ$200/user/mo (ongoing, price uncertain)
Advantages
- Immediate deployment โ no hardware procurement
- Eliminates shadow AI by providing an approved alternative
- Enterprise tiers include audit logs and admin controls
- Scales without infrastructure management
Limitations
- Client data processed in vendor cloud โ data sovereignty is contractual, not technical
- No fine-tuning โ model does not learn your firm's templates, precedents, or style
- Perpetual per-user cost that compounds annually
- Price risk: SaaS AI pricing is currently in an introductory phase
- Generic responses โ does not know Bentleys' specific methodologies
Private Deployment
Model runs on your hardware. Data never leaves your network.
Capex ($186Kโ$387K) + low ongoing opex. No per-user fee.
Advantages
- Technical data sovereignty โ client data physically never leaves your network
- Fine-tunable on firm-specific data: precedents, templates, workpaper conventions
- Model improves over time โ Year 3 capability exceeds Year 1
- No per-user fee โ marginal cost of additional users is near-zero
- Full audit trail โ every interaction logged on infrastructure you control
- Strongest regulatory answer for SMSF, medical, and high-net-worth clients
Limitations
- Upfront capital expenditure required
- Requires ongoing maintenance and a technical point of contact
- Initial setup time (4โ24 weeks depending on scope)
- Responsibility for model updates sits with the firm
Which path fits which firm?
| Criterion | Shadow AI | SaaS AI | Private |
|---|---|---|---|
| Client data sensitivity (SMSF, medical, HNW) | Unacceptable risk | Acceptable with DPA review | Strongest answer |
| APES 320 compliance | Non-compliant | Compliant with governance work | Compliant โ framework included |
| Staff count 50โ100 | Unmanageable | Cost-effective | Capex amortises well |
| In-house IT capability | Not relevant | Low requirement | Requires tech support |
| Budget model | Hidden liability | Predictable opex | Capex then near-zero opex |
| Want model fine-tuned on firm data | Not possible | Not possible | Core capability |
The compounding advantage
The compounding advantage of a model that knows your firm.
SaaS AI tools are trained on the internet. They don't know Bentleys' templates, engagement letter conventions, workpaper standards, or the way partners phrase advice. A private model that has been trained on your firm's documents can answer questions a generic model cannot โ and that advantage compounds with each fine-tuning cycle.
Baseline productivity
Model trained on public data โ faster and more consistent than manual work, but generic.
+20โ35% on Year 1
After 2โ3 fine-tuning cycles on Bentleys data โ firm-specific answers, recognises your templates, drafts in your style.
SaaS tools remain flat on Year 1 capability โ they cannot learn your firm's templates or precedents. The compounding advantage is unique to private deployment with fine-tuning.
Private deployment detail
What private deployment actually looks like
Architecture, example workflows, and a phased rollout plan โ for those evaluating private deployment seriously.
Architecture overview
Every byte of client data stays inside this zone โ never transmitted to a vendor cloud.
Phased rollout โ 24 weeks pilot to full deployment
- 1
Discovery
4 weeks
- Integration mapping
- Governance baseline
- Go/no-go recommendation
- 2
Pilot
4 weeks
- Working AI on firm data
- 5โ10 named users
- Measured task wins
- 3
Hardening
4 weeks
- Security review
- Audit trail
- Performance tuning
- 4
Rollout
8 weeks
- All offices deployed
- 80 fee earners onboarded
- Governance framework live
- 5
Optimisation
Ongoing
- Fine-tuning cycles
- Custom workflow extensions
- Monthly metrics review
Private AI vs SaaS โ capability comparison
| Capability | Private AI | Copilot Enterprise |
|---|---|---|
| Data sovereignty | โ โ physically on Bentleys hardware | โ โ data processed in vendor cloud |
| Fine-tuning on firm data | โ โ model improves with each cycle | โ โ no fine-tuning available |
| Audit trail | โ โ every interaction logged on your infra | โ โ available via vendor admin console |
| Privacy Act compliance | โ โ full data locality | โ โ contractual only |
| APES 320 alignment | โ โ governance framework included | โ โ firm must build governance separately |
| Per-user marginal cost | Near zero after capex | $47/user/mo ongoing |
| 5-year total (80 users) | $186Kโ$387K (one-time + ~$42K opex) | $225Kโ$450K+ (price-dependent) |