AI Roadmap
Roadmap operator view: preserved from WatchTower Obsidian roadmap content while the old reverse-proxy backend remains unavailable.
Read the master roadmap, then jump into department playbooks.
Static preservation on sycopa-us. DNS cutover remains blocked until browser/HTTPS proof.
βI only eat broken 502s after we checksum them.β Useful joke, real policy.
Source: 00-master-roadmap.md
πΊοΈ Enterprise AI Transformation Roadmap v1.0
From Chat AI β Fully Autonomous Agent Company
A Practical Guide for Knowledge-Work Companies (20-200 employees)
---
> **Core insight:** Each step isn't just about technology β it's about three axes:
> 1. **Technology** β what's deployed
> 2. **Trust & Autonomy** β what AI is allowed to do without human approval
> 3. **Org Change** β what shifts in roles, culture, and governance
>
> Most companies fail because they upgrade the tech without upgrading trust and org structure.
---
STEP 0: Individual Augmentation
**"Employees Google things with AI instead of Google"**
**Duration:** Already happening β 6-8 weeks to formalize
What It Looks Like
Every employee has access to ChatGPT/Claude for daily work β drafting emails, summarizing docs, brainstorming, research. No structure, no mandates. Copy-paste workflows.
Trust Level: ZERO
AI is a fancy search engine. Every output is manually reviewed and rewritten. No AI output goes to a customer or system without a human retyping it.
Org Change
- None yet. This is often shadow IT β management may not even know it's happening.
Tech Stack
- Claude Pro/Team, ChatGPT Team
- SSO via existing identity provider
- Optional: Slack bot wrapping Claude API
How to Execute
- Don't mandate it. Make it available, show examples, celebrate early wins publicly.
- Identify 3-5 "AI champions" per department β naturally curious people.
- Run weekly 30-min "show and tell" sessions where people share wins.
- ~30% will resist. Don't fight them. Focus on the eager 40%.
Gate Criteria β Step 1
- [ ] >70% weekly active users sustained for 4+ weeks
- [ ] AI usage policy signed by all employees
- [ ] Zero data security incidents
- [ ] At least 2 documented use cases per department
- [ ] Someone asks "can we get a company account with our own context?"
Where Companies Stall
They stay here forever because nobody owns the initiative. No budget, no champion, no policy. Usage stays at 20%.
---
STEP 1: Structured Individual Productivity
**"Every employee has an AI co-worker with context"**
**Duration:** 3-5 months
What It Looks Like
Company-provisioned AI workspace. Employees build personal prompt libraries, use AI for drafting, analysis, summarization. AI embedded into actual business processes β contract review, report generation, meeting summaries.
Trust Level: LOW
AI drafts, human reviews and sends. AI summarizes, human validates. AI suggests, human decides. Human is always the last mile.
Org Change
- AI usage policy published (data classification rules)
- "AI champion" role emerges per department
- **New role: AI Process Designer** β maps workflows, builds prompts
- Training budget allocated (2-4 hrs/month per employee)
Tech Stack
- Claude API with org-level keys and per-department billing
- API Gateway (Kong / FastAPI) injecting system prompts per role
- Prompt template library in Git (version-controlled, PR-reviewed)
- Interaction logging to Postgres + Grafana dashboards
How to Execute
- Department-by-department rollout, starting with highest Step 0 adoption
- For each department: map top 5 time-consuming bureaucratic tasks, automate 2-3
- Create exact playbooks: "Here's how legal uses Claude for contract first-pass review"
- Assign an AI process owner per department who maintains templates
Gate Criteria β Step 2
- [ ] Every department has β₯3 documented AI-assisted workflows in production
- [ ] Prompt template library has >50 vetted templates
- [ ] Measurable time savings: 5-10 hrs/employee/month
- [ ] Rework rate on AI output <25% sustained for 6+ weeks
- [ ] Employees start saying "my AI doesn't know what Sarah's AI knows"
Where Companies Stall
They buy licenses but never train anyone. Tools feel like toys because there's no shared knowledge layer.
Key Risk
"Automation of the boring parts" makes some roles feel hollow. Have proactive conversations with affected employees. Redefine roles toward judgment, strategy, oversight.
---
STEP 2: Shared Knowledge & Institutional Memory
**"The company has a brain, and AI can read it"**
**Duration:** 4-6 months
What It Looks Like
Centralized knowledge base (Obsidian/Notion/Confluence) that is AI-accessible. Documents, SOPs, decisions, project histories, client context β all indexed and queryable. AI answers "how do we handle X?" by referencing actual company docs.
Trust Level: LOW-MEDIUM
AI has *read access* to company knowledge. It can surface information and provide context-aware answers. But it still can't *write* to shared systems or take actions.
Org Change
- **Knowledge management becomes a real function.** Someone owns quality and completeness.
- Documentation culture shifts from "nice to have" to "if it's not documented, the AI can't help you"
- First governance question: who decides what goes in? What's the source of truth?
Tech Stack
- Obsidian vault(s) synced via Git (or Notion with API)
- Vector database: Qdrant (self-hosted) or Pinecone (managed)
- Embedding pipeline: File watcher β Chunking β Embedding model β Vector DB
- RAG service sitting between employees and Claude
- Document-level ACLs in vector DB (department-based access filtering)
How to Execute
- Make documentation the path of least resistance: AI auto-generates docs from meetings, Slack, project outputs. Humans review, not write from scratch.
- Kill the alternatives. Wiki = source of truth. Random Google Docs, tribal knowledge, "ask Steve" β deprecated.
- Gamify early: department with best knowledge base coverage gets recognition.
Gate Criteria β Step 3
- [ ] >80% of "how do we do X?" questions answerable from the knowledge base
- [ ] New employee onboarding time drops measurably
- [ ] Cross-department knowledge sharing happens via AI
- [ ] Knowledge freshness: >90% of docs reviewed in last 90 days
- [ ] Someone asks: "why can't the AI just *do* the thing instead of telling me how?"
β οΈ Where Companies Stall β #1 FAILURE POINT
Knowledge base becomes a graveyard. Outdated docs. Nobody maintains it. AI gives confidently wrong answers from stale data. Trust erodes. **If you can't maintain institutional knowledge, Steps 3-7 are impossible.**
---
STEP 3: Workflow Automation & Cross-Department Triggers
**"AI doesn't just answer β it acts (with permission)"**
**Duration:** 4-6 months
What It Looks Like
AI-powered workflows that span departments:
- Sales closes deal β auto-generates project kickoff β notifies ops β creates tasks β schedules onboarding
- Finance flags overdue invoice β triggers escalation β drafts follow-up email
- Engineering merges PR β updates changelog β notifies customer success
- HR receives PTO request β checks coverage β approves if policy met
Trust Level: MEDIUM
AI has *write access* to company systems β but within tightly scoped, pre-approved workflows. Humans approve the *workflow design*, not every execution.
Org Change
- **Process owners become workflow designers.** Every department articulates "when X happens, Y should follow."
- **New role: AI/Automation Lead** β builds and maintains integrations
- Cross-department dependencies become visible (often for the first time)
- Political conflicts surface: "Wait, marketing can trigger work for engineering?"
- First real error handling: rollback procedures, escalation paths
Tech Stack
- Event bus: Kafka, NATS, or AWS EventBridge (the nervous system)
- Workflow orchestrator: Temporal.io (recommended) or n8n
- API mesh: each department exposes capabilities as internal APIs
- Agent framework with event subscriptions, multi-step execution, Claude for decisions
- Circuit breakers: any failing workflow auto-pauses and alerts humans
How to Execute
- Start with the 3 workflows everyone hates. Quick wins build trust.
- Every workflow needs: defined inputs, outputs, guardrails, error handling, rollback
- Human-in-the-loop approval gates for anything touching money, customers, or legal
- Weekly "automation retrospective": what worked, what broke, what to automate next
Gate Criteria β Step 4
- [ ] >10 cross-department workflows automated and reliable
- [ ] Mean time to detect automation errors < 4 hours
- [ ] Workflow failure rate < 2%
- [ ] Employees have stopped doing β₯3 recurring manual tasks each
- [ ] Full audit trail exists for every automated action
Where Companies Stall
They automate the easy stuff and never touch the hard stuff (anything involving judgment, exceptions, or politics). Or they automate without monitoring, and broken workflows silently corrupt data for weeks.
---
STEP 4: Monitoring, Observability & Consolidation
**"We can see what every AI system is doing, and we trust the dashboard more than the anecdote"**
**Duration:** 3-4 months
What It Looks Like
Centralized monitoring across all AI workflows and agent actions. Dashboards showing: what ran, what succeeded, what failed, what's pending review. Audit trails. Cost tracking. Quality metrics. The org can *prove* AI is performing well with data.
Trust Level: MEDIUM-HIGH
Trust is now *evidence-based*, not faith-based. You can show the board: "here's our error rate, catch rate, cost savings." This is what enables higher autonomy.
Org Change
- **AI Governance Board** established β decides what gets automated next, autonomy levels, failure handling
- QA shifts from "humans check everything" to "humans check exceptions." Statistical sampling replaces exhaustive review.
- AI spend becomes a budget line item with ROI tracking
- **β οΈ First reallocation pressure.** If 10 people used to do work that's automated, leadership decides: redeploy or reduce headcount. Politically dangerous.
Tech Stack
- Observability: OpenTelemetry + Grafana/Datadog for all AI workflows
- Centralized logging with structured events (every agent action logged)
- Cost tracking per AI operation (token usage, API costs, compute)
- Quality evaluation pipelines: automated scoring of AI outputs
- Alerting: PagerDuty/OpsGenie for workflow failures
- Consolidation: reduce tool sprawl, standardize on fewer platforms
How to Execute
- Instrument everything. If it's not logged, it doesn't exist.
- Build executive dashboard: ROI, error rates, coverage, costs β one view.
- Establish quarterly governance reviews: what's working, what to expand, what to kill
- Create "AI incident" category in your incident management process
Gate Criteria β Step 5
- [ ] Full audit trail for every AI action in production
- [ ] Executive dashboard with real-time AI ROI metrics
- [ ] Governance board has met β₯3 times with documented decisions
- [ ] AI error rate demonstrably lower than human baseline on automated tasks
- [ ] Cost-per-task metrics available for all automated workflows
- [ ] At least one full "AI incident β detection β resolution β postmortem" cycle completed
Where Companies Stall
Dashboards exist but nobody looks at them. Governance board becomes a rubber stamp. Monitoring becomes a checkbox instead of an operational function.
---
STEP 5: Personal Agent Teams
**"Each employee has their own team of agents working 24/7"**
**Duration:** 4-6 months
What It Looks Like
Each employee has a personal fleet of AI agents orchestrating their work. Agents handle:
- Inbox triage and draft responses
- Research and brief preparation
- Meeting prep (pull context, create agendas, draft talking points)
- Task management (break down objectives, track dependencies, flag blockers)
- Proactive surfacing ("you have a client call tomorrow β here's what's changed since last contact")
Trust Level: HIGH
Agents act on behalf of employees within defined scopes. Some outputs go directly to internal systems without human review. External-facing outputs still require human approval.
Org Change
- **Employees become "agent managers."** Their job is to set objectives, review exceptions, make judgment calls. The volume of work they can handle 10x's.
- **Capacity planning changes fundamentally.** One person + agents can do what 3-5 people used to do.
- Some roles become purely supervisory/strategic
- **New role: Agent Platform Engineer** β maintains the agent infrastructure
- Working hours become less relevant β agents work 24/7, humans set priorities during business hours
Tech Stack
- Agent orchestration platform (custom or platform like OpenClaw/LangGraph/CrewAI)
- Per-user agent configurations with individual context and permissions
- Personal agent memory stores (each employee's agents have persistent context)
- Delegation protocols: how agents hand off to each other and to humans
- Kill switches: any employee can immediately halt their agent fleet
How to Execute
- Start with one department (probably ops or customer success)
- Each employee defines their "delegation profile": what agents can do autonomously vs. what needs approval
- Weekly 1:1s between employees and their manager specifically about agent management
- Create "agent playbooks" per role
Gate Criteria β Step 6
- [ ] >50% of employees actively using personal agent teams
- [ ] Measurable output increase (tasks completed per person per week)
- [ ] Agent autonomous action success rate >95%
- [ ] Employee satisfaction with agent assistance >75%
- [ ] Zero critical errors from autonomous agent actions
- [ ] Employees can articulate what their agents do and where the boundaries are
Where Companies Stall
Agents are deployed but employees don't trust them, so they micro-review everything and save no time. Or: agents are trusted too much and nobody catches errors until a client complains.
---
STEP 6: Autonomous Departments
**"Departments run themselves β humans set strategy and handle exceptions"**
**Duration:** 6-12 months
What It Looks Like
Entire department workflows run autonomously. Agent teams coordinate with each other across departments without human mediation for routine work. Humans focus on:
- Strategic decisions
- Exception handling
- Relationship management (clients, partners)
- Creative/novel problem-solving
- Governance and oversight
Examples:
- Finance department: invoicing, AP/AR, expense processing, financial reporting run 100% by agents. CFO reviews weekly summaries and handles exceptions.
- Customer Success: ticket triage, standard responses, health score monitoring, renewal processes run by agents. CS team focuses on at-risk accounts and strategic relationships.
- HR: recruiting pipeline, onboarding processes, benefits administration, compliance tracking β all automated. HR focuses on culture, conflict resolution, org design.
Trust Level: VERY HIGH
Agents make decisions within policy frameworks without per-action human approval. Humans set policy, review outcomes, handle escalations. The org operates more like a "governance + exceptions" model.
Org Change
- **Organizational structure flattens dramatically.** Middle management layers that existed for coordination are no longer needed β agents coordinate.
- **Headcount decisions are unavoidable.** Some roles genuinely don't exist anymore. Handle with radical transparency, generous transitions, and retraining.
- **New roles emerge:**
- **Culture shift:** from "doing work" to "designing systems that do work"
- **Legal/compliance becomes critical:** who is liable when an agent makes a decision? What's the regulatory stance?
- AI Policy Architect (defines the rules agents operate under)
- Exception Specialist (handles the 5% of cases agents can't)
- Agent Auditor (reviews agent decisions for bias, errors, drift)
Tech Stack
- Department-level agent orchestration with inter-department protocols
- Policy engine: codified business rules that agents follow (OPA/Cedar-style)
- Automated compliance checking (agents audit each other)
- Advanced monitoring: anomaly detection on agent behavior (not just errors β drift)
- Inter-agent communication bus with full observability
- Human escalation system with SLA tracking
Gate Criteria β Step 7
- [ ] β₯3 departments operating in autonomous mode for >3 months
- [ ] Exception rate stable at <5% of total workflow volume
- [ ] Customer satisfaction scores maintained or improved
- [ ] Regulatory/compliance audit passed with autonomous operations
- [ ] Financial performance improved vs. pre-automation baseline
- [ ] All remaining human roles clearly defined with "why a human does this" justification
Where Companies Stall
Resistance from department heads who see autonomy as losing their team/power. Legal/compliance uncertainty freezes progress. Or: a major agent error causes a client-facing incident and triggers a panic rollback.
---
STEP 7: The Autonomous Enterprise
**"The company is an organism β humans are the nervous system, agents are everything else"**
**Duration:** Ongoing evolution
What It Looks Like
The company operates as a human-AI hybrid organism:
- **Agents** handle all execution, coordination, routine decisions, monitoring, and optimization
- **Humans** handle strategy, creativity, relationships, ethics, governance, and novel situations
- The company can scale revenue without proportionally scaling headcount
- New products/services can be launched by designing new agent workflows, not hiring new teams
- The company learns continuously β every interaction improves the knowledge base and agent performance
Trust Level: NEAR-FULL AUTONOMY
Agents operate with full autonomy within defined policy boundaries. Humans intervene by exception. The system is self-monitoring, self-healing, and self-improving within guardrails.
Org Structure
βββββββββββββββββββββββββββββββββββββββββββ
β HUMAN LEADERSHIP β
β (Strategy, Ethics, Governance, Vision) β
βββββββββββββββββββββββββββββββββββββββββββ€
β AI GOVERNANCE LAYER β
β (Policy, Compliance, Audit, Oversight) β
βββββββββββββββββββββββββββββββββββββββββββ€
β AGENT OPERATIONS LAYER β
β (All execution, coordination, ops) β
βββββββββββββββββββββββββββββββββββββββββββ€
β KNOWLEDGE & DATA LAYER β
β (Institutional memory, learning) β
βββββββββββββββββββββββββββββββββββββββββββ
What's Different
- **Hiring changes:** You hire for judgment, creativity, and relationship skills β not execution skills
- **Competitive advantage:** Speed. A fully autonomous company can iterate 10x faster than a traditional one.
- **Risk profile changes:** Systemic risk replaces individual risk. One bad policy affects everything, not one bad employee.
- **Economics:** Revenue per employee can be 5-20x industry average
The Endgame Question
Step 7 isn't a destination β it's a new operating model. The question becomes: **what do humans focus on when execution is handled?**
The answer: the things only humans can do.
- Building trust with other humans
- Making ethical judgments in novel situations
- Creative leaps that require intuition
- Setting vision and purpose
- Deciding what the company *should* do, not just what it *can* do
---
TIMELINE SUMMARY
| Step | Name | Duration | Cumulative |
|------|------|----------|------------|
| 0 | Individual Augmentation | 6-8 weeks | ~2 months |
| 1 | Structured Productivity | 3-5 months | ~6 months |
| 2 | Shared Knowledge Layer | 4-6 months | ~11 months |
| 3 | Workflow Automation | 4-6 months | ~16 months |
| 4 | Monitoring & Consolidation | 3-4 months | ~19 months |
| 5 | Personal Agent Teams | 4-6 months | ~24 months |
| 6 | Autonomous Departments | 6-12 months | ~30-36 months |
| 7 | Autonomous Enterprise | Ongoing | 36+ months |
**Total: ~3 years from Step 0 to Step 7 for a 50-person company moving with intent.**
---
THE THREE LAWS OF AI TRANSFORMATION
1. **You cannot skip steps.** Each step builds the trust, infrastructure, and culture needed for the next. Companies that try to jump from Step 0 to Step 5 crash and burn.
2. **The bottleneck is never the technology.** It's always culture, governance, or knowledge quality. Budget accordingly.
3. **The goal is not to replace humans β it's to make humans unreasonably effective.** The companies that frame this as "cutting headcount" will lose their best people. The ones that frame it as "everyone becomes 10x" will attract the best people.
---
*Document version: 1.0*
*Created: 2026-04-24*
*Author: Atlas (COO Agent) β synthesized from Strategy, Technical, and Operations brainstorm*
*For: YI / SYCOPA*
Source: 01-full-department-playbooks.md
πΊοΈ Enterprise AI Transformation β Department Playbooks
Step-by-Step Guide per Department (Step 0 β Step 7)
For Financial Services / Trading Companies (20-200 employees)
---
TABLE OF CONTENTS
1. [Sales](#sales)
2. [Marketing](#marketing)
3. [Product](#product)
4. [Engineering](#engineering)
5. [IT/OPS](#itops)
6. [Legal](#legal)
7. [Compliance](#compliance)
8. [Finance](#finance)
9. [Trading Desk](#trading-desk)
10. [Operations](#operations)
---
SALES
Step 0: Individual Augmentation
**What AI does:**
- Reps paste prospect info into ChatGPT to draft cold outreach emails
- Summarize earnings calls, 10-K filings, news about target accounts (hedge funds, asset managers, prop trading firms)
- Meeting prep: "Summarize this prospect's recent trading volume changes and regulatory filings"
- Drafting follow-up emails after demos/calls
- Quick competitive comparison notes ("How does our OMS compare to Charles River?")
**What humans still do:**
- Everything strategic: pipeline management, deal qualification, pricing negotiations
- Relationship management β in financial services, trust is built person-to-person
- CRM data entry (still manual, still inconsistent)
- All prospecting decisions: who to target, when, what angle
**Tools/Tech:** ChatGPT Team or Claude Pro subscriptions ($20-30/user/month). No integration required.
**Role changes:** None. Some reps adopt heavily, others ignore β creating a performance gap.
**Key risks:**
- Reps paste confidential client data (AUM, trading strategies, fee structures) into public AI
- Inconsistent messaging across the team
- Compliance can't audit AI-generated comms
- AI hallucinating product capabilities in outreach emails
**Gate to Step 1:**
- [ ] β₯60% of sales team using AI weekly for 30+ days
- [ ] 3+ documented cases of productivity improvement
- [ ] Data handling policy covering what can/cannot go into AI
---
Step 1: Structured Productivity
**What AI does:**
- Company-provisioned AI with pre-built prompt templates per role:
- AI generates call prep briefs pulling from company knowledge about prospect's segment
- Standardized email sequences with AI-personalization per account
- **SDR:** ICP-based cold outreach for different buyer personas (Head of Trading, CTO, COO at buy-side firms), objection handling scripts
- **AE:** Proposal generation from deal parameters, RFP response drafts, competitive battle cards auto-populated
- **SE:** Technical Q&A responses, integration architecture summaries for prospect's tech stack
**What humans still do:**
- Review and edit every AI-generated outreach before sending
- All live prospect/client conversations
- Deal strategy, account planning, territory decisions
- Pricing and contract negotiation (regulated, requires human sign-off)
**Tools/Tech:** Enterprise AI platform with template management. CRM integration (Salesforce/HubSpot) β read-only. Prompt library per role (2-3 weeks to build). SSO + audit logging.
**Role changes:**
- Sales Enablement owns the prompt template library
- SDRs become measurably faster; quota may adjust upward 15-25%
- Sales managers start tracking AI adoption as a performance indicator
**Key risks:**
- Templates become stale (markets change fast)
- Over-reliance kills personalization β financial services buyers detect generic outreach instantly
- Compliance hasn't formally approved AI-generated client comms (SEC, FCA, MiFID II)
**Gate to Step 2:**
- [ ] Template library covers β₯80% of common sales motions
- [ ] β₯75% of team uses company-provisioned AI as primary tool
- [ ] Compliance has reviewed and approved template categories
- [ ] Proposal generation time drops β₯40%
---
Step 2: Shared Knowledge Layer
**What AI does:**
- RAG-powered sales assistant with access to: CRM data, past proposals, won/lost deal analyses, product docs, pricing sheets, competitor intelligence, client onboarding docs
- Answers questions like:
- AI generates account intelligence briefs from internal + permitted third-party data
- New rep onboarding: interactive knowledge base ("How does our settlement engine work?")
- "What objections did we face selling to macro hedge funds last quarter?"
- "Show me the proposal we sent to [similar firm] and what pricing we offered"
- "What's our win rate against [Competitor X] in the prime brokerage segment?"
**What humans still do:**
- All direct client/prospect interaction
- Strategic account planning (AI informs, humans decide)
- Complex deal structuring (multi-product bundles, custom integrations)
- Validating AI-surfaced insights before acting
**Tools/Tech:** Vector DB indexing CRM records, proposals, product docs, pricing. RAG pipeline. CRM API integration. Access control: reps see only their territory.
**Role changes:**
- Sales Ops evolves into "Revenue Intelligence" β owns knowledge base quality
- Senior AEs become knowledge contributors (deal notes feed the system)
- New hires ramp 30-50% faster
**Key risks:**
- Outdated pricing or product info in knowledge base β wrong quotes
- Sensitive deal data accessible too broadly (need tight RBAC)
- Data quality debt from years of sloppy CRM notes
**Gate to Step 3:**
- [ ] Knowledge base covers β₯90% of common sales questions
- [ ] Answer accuracy β₯95% on test set
- [ ] RBAC implemented and verified
- [ ] New rep onboarding time reduced β₯30%
---
Step 3: Workflow Automation & Cross-Department Triggers
**What AI does:**
- **Lead scoring agent:** Auto-qualifies inbound leads by checking firmographics, AUM, tech stack fit, regulatory status β routes to appropriate rep
- **Deal progression agent:** When AE updates deal stage in CRM β auto-generates next-step artifacts (proposal draft, legal review request, implementation scoping doc)
- **Cross-department triggers:**
- **Pipeline alerts:** Agent monitors deal velocity β flags stalled deals β drafts re-engagement suggestions
- Deal marked "Closed Won" β triggers Finance (invoice), Legal (contract filing), Ops (onboarding), Engineering (integration setup)
- Prospect requests RFP β auto-pulls relevant sections from past RFPs, product docs, compliance certifications
**What humans still do:**
- Final qualification decisions on complex/strategic accounts
- All negotiations and relationship management
- Approve AI-generated proposals before sending
- Override lead scoring when context demands it
- Strategic pipeline reviews
**Tools/Tech:** Event bus (Kafka/NATS) or CRM workflow automation (Salesforce Flow). Workflow orchestrator. API connections between CRM, billing, legal, ops systems. Human-in-the-loop approval gates.
**Role changes:**
- SDR role starts to shrink β AI handles initial qualification; remaining SDRs focus on outbound
- AEs manage 2-3x the pipeline (AI handles admin, they handle relationships)
- Sales Ops becomes "Revenue Automation Engineering"
- New role: Deal Desk Automation Specialist
**Key risks:**
- Lead scoring model has bias (e.g., penalizes smaller firms that are actually high-value)
- Automated cross-department triggers create work without human context ("why did Legal get a review request for a deal that's not real yet?")
- Over-automation of client-facing touchpoints damages relationships
**Gate to Step 4:**
- [ ] 5+ automated workflows live and reliable
- [ ] Lead scoring accuracy β₯80% (measured against actual conversion)
- [ ] Cross-department trigger failure rate <2%
- [ ] No client complaints attributable to automation errors
---
Step 4: Monitoring & Consolidation
**What AI does:**
- Real-time revenue dashboard: pipeline health, forecast accuracy, conversion rates by segment/rep/product
- Anomaly detection: "Pipeline dropped 30% in EMEA mid-market this week β flagging for VP Sales"
- Automated forecast: AI generates weekly/monthly revenue forecast from pipeline data + historical conversion rates
- Cost-per-acquisition tracking across all AI-assisted vs. manual motions
- Quality scoring of AI-generated proposals and outreach (A/B testing)
**What humans still do:**
- Interpret dashboards and make strategic decisions
- Forecast adjustments based on judgment (market conditions AI can't see)
- Governance: decide which automations to expand, which to kill
- Rep coaching and development
**Tools/Tech:** BI layer (Grafana/Looker/Metabase) pulling from CRM + AI system logs. Automated alerting (Slack/email). A/B testing framework for AI-generated content. Cost tracking per AI operation.
**Role changes:**
- VP Sales becomes "Chief Revenue Architect" β designs systems, not just manages people
- Sales Ops team consolidates tools (fewer platforms, more integration)
- Revenue Governance Board includes sales, finance, and compliance
**Key risks:**
- Dashboard overload β too many metrics, nobody reads them
- False confidence in AI forecasts during market disruptions
- Cost tracking reveals some AI automations aren't ROI-positive
**Gate to Step 5:**
- [ ] Single pane of glass for revenue operations
- [ ] AI forecast accuracy within 10% of actual for 3+ consecutive months
- [ ] All AI sales tools consolidated onto β€3 platforms
- [ ] ROI documented for each automated workflow
---
Step 5: Personal Agent Teams
**What AI does:**
- Each rep has a personal agent team:
- Agents work 24/7 β rep wakes up to a prioritized action list
- **Research Agent:** Continuously monitors assigned accounts (news, filings, social, market data) β surfaces actionable triggers
- **Prep Agent:** Before any meeting, auto-compiles briefing (account history, last touchpoints, competitor activity, relevant product updates)
- **Follow-up Agent:** Drafts personalized follow-ups post-meeting, schedules next steps in CRM
- **Pipeline Agent:** Monitors rep's deals, suggests next actions, drafts materials for each stage
- **Competitive Intel Agent:** Tracks competitor moves in rep's territory/segment
**What humans still do:**
- All live conversations (calls, meetings, dinners)
- Strategic relationship decisions ("should we drop this prospect?")
- Approve outgoing communications to key accounts
- Override agent suggestions when judgment says otherwise
- Handle politically sensitive or high-stakes situations
**Tools/Tech:** Agent orchestration platform with per-user configs. Market data feeds (Bloomberg, Reuters for financial services). CRM read/write APIs. Calendar integration. Personal agent memory store per rep.
**Role changes:**
- Rep becomes "Client Director" β manages relationships + agent fleet
- One rep + agents = 3-5x the account coverage
- SDR role may be eliminated entirely (agents do qualification)
- Sales management focuses on coaching agent management skills
**Key risks:**
- Agents send outreach at inappropriate times (market crash day, client dealing with crisis)
- Over-personalization feels creepy ("I noticed you posted on LinkedIn about...")
- Agent actions without context damage relationships built over years
- Rep disengagement β "my agents do everything, why am I here?"
**Gate to Step 6:**
- [ ] β₯80% of reps actively using agent teams daily
- [ ] Account coverage per rep increased β₯2x
- [ ] Client satisfaction scores maintained or improved
- [ ] Zero client-facing incidents from agent autonomous actions
---
Step 6: Autonomous Department
**What AI does:**
- Sales department operates as an AI-human hybrid with minimal manual intervention:
- Humans handle: strategic accounts, partnerships, pricing exceptions, negotiations, relationship escalations
- Inbound pipeline: fully automated (lead capture β qualification β routing β first outreach β meeting booking)
- Outbound prospecting: agents identify targets, research, craft sequences, send, follow up, book meetings
- Proposal generation: end-to-end automated for standard deals (human review only for deals >$X threshold)
- Pipeline management: AI manages stage progression, sends alerts, generates forecasts
- Competitive response: AI detects competitive threat, drafts counter-positioning, alerts AE
**What humans still do:**
- VP Sales sets strategy, targets, territory design
- AEs handle top 20% accounts (by value) personally
- Negotiation of bespoke deals and partnership terms
- Exception handling when AI hits edge cases
- Governance: what the autonomous system can/cannot do
**Tools/Tech:** Policy engine defining deal approval thresholds. Automated escalation rules. Full CRM automation. Self-healing pipelines (agent detects and fixes data issues). Inter-department agent coordination protocols.
**Role changes:**
- Sales team shrinks 40-60% in headcount
- Remaining roles are senior: Strategic Account Directors, VP/Head of Sales, Revenue Architect
- Sales Ops is now "Revenue Platform Engineering"
- Compensation models change: less commission on AI-closed deals, more on strategic relationship value
**Key risks:**
- Fully automated outbound at scale could damage brand if quality drops
- Regulatory risk: automated financial services sales comms need compliance review (MiFID II, SEC)
- Reduced headcount means less market intelligence from human relationships
- Competitive risk: competitors with better agents could out-prospect you
**Gate to Step 7:**
- [ ] Autonomous pipeline running for 6+ months with <3% error rate
- [ ] Revenue per sales headcount β₯3x pre-transformation baseline
- [ ] Regulatory audit passed with autonomous sales operations
- [ ] Client NPS maintained within 5 points of pre-automation baseline
---
Step 7: Autonomous Enterprise
**What AI does:**
- Sales is fully integrated into the autonomous enterprise:
- The sales "department" is really a revenue engine with human oversight
- Market opportunity detection β prospecting β qualification β proposal β negotiation support β close β handoff to ops β all automated
- Dynamic pricing based on market conditions, client profile, competitive landscape
- Self-optimizing outreach (AI A/B tests messaging, channels, timing continuously)
- Revenue forecasting feeds directly into finance, capacity planning, product roadmap
**What humans still do:**
- Set revenue strategy and market focus
- Manage top strategic relationships (CEOs, CIOs of major clients)
- Make ethical decisions ("should we sell to this counterparty?")
- Handle novel market situations (new regulations, market crises, new asset classes)
- Represent the company at industry events, build brand
**Role changes:**
- "Sales" as a department may not exist in traditional form
- Roles: Chief Revenue Officer, Strategic Relationship Partners (3-5 people managing top accounts), Revenue System Architect
- From a team of 20+ to a team of 5-8 with 10x the output
---
---
MARKETING
Step 0: Individual Augmentation
**What AI does:**
- Marketers use ChatGPT/Claude for first drafts: blog posts, social media copy, email campaigns, whitepapers
- Brainstorming campaign concepts and messaging angles
- Summarizing market research reports and competitor content
- Generating variations of ad copy for A/B testing
- Proofreading and editing existing content
**What humans still do:**
- Brand strategy and positioning decisions
- Campaign planning and budget allocation
- Design (visual assets, website, collateral)
- Event planning and execution
- Analytics interpretation and reporting
- Stakeholder management (internal comms, exec reviews)
**Tools/Tech:** ChatGPT/Claude subscriptions. Canva or Midjourney for basic image generation. No integrations.
**Role changes:** None. Content producers are faster individually.
**Key risks:**
- Generic, undifferentiated content (AI writes the same thing for everyone)
- Brand voice inconsistency β each marketer's AI produces different tones
- Compliance risk: marketing claims about financial products need regulatory review
- SEO content farms β temptation to produce volume over quality
**Gate to Step 1:**
- [ ] β₯60% of marketing team using AI weekly
- [ ] 3+ content pieces where AI meaningfully accelerated production
- [ ] Brand voice guidelines documented (needed for Step 1 templates)
---
Step 1: Structured Productivity
**What AI does:**
- Brand-voice-calibrated prompt templates:
- Compliance-aware content: templates include required disclaimers for financial services marketing
- Campaign brief generator: inputs = objective, budget, audience β output = structured campaign plan
- Blog post template: inputs = topic, audience, key points β output = draft in company voice with compliance disclaimers
- Social media template: inputs = announcement, channel β output = LinkedIn/Twitter/newsletter versions
- Case study template: inputs = client name, product, results β output = draft case study
- Email nurture template: inputs = segment, stage, goal β output = email sequence
**What humans still do:**
- Review all content before publication
- Visual design and creative direction
- Campaign strategy and budget decisions
- Client approval workflows for co-branded content
- Event planning and execution
- Performance analysis and optimization decisions
**Tools/Tech:** Enterprise AI with brand voice fine-tuning. DAM (Digital Asset Management) integration. Content calendar tool with AI drafting. Compliance review workflow built into content pipeline.
**Role changes:**
- Content writers shift from "writers" to "editors and strategists"
- Marketing ops starts managing the prompt template library
- Compliance liaison embedded in marketing workflow (if not already)
**Key risks:**
- AI-generated content passes compliance review without sufficient scrutiny
- Brand voice templates need constant tuning as positioning evolves
- Content volume increases but engagement doesn't
**Gate to Step 2:**
- [ ] Template library covers β₯80% of recurring content types
- [ ] All marketing content goes through compliance review workflow
- [ ] Content production time reduced β₯50% per piece
- [ ] Brand voice consistency score β₯80% (measured by blind review)
---
Step 2: Shared Knowledge Layer
**What AI does:**
- RAG-powered marketing assistant with access to: brand guidelines, past campaigns (performance data), competitor analysis, product documentation, client testimonials, market research, CRM segment data
- Answers questions like:
- Auto-generates content briefs informed by past performance and current market trends
- Competitor content monitoring and differentiation analysis
- "What messaging resonated most with mid-market hedge funds in Q3?"
- "What's our click-through rate history for email campaigns targeting COOs?"
- "Generate a blog post about T+1 settlement using our product positioning and recent client success stories"
**What humans still do:**
- Creative strategy and big-idea generation
- Campaign performance analysis and strategic pivots
- Relationship with sales (alignment on messaging, lead quality)
- Event and partnership management
- Brand evolution decisions
**Tools/Tech:** Vector DB indexing campaign archives, brand docs, competitor content, market research. Analytics API integration (Google Analytics, HubSpot, LinkedIn Campaign Manager). Content performance database.
**Role changes:**
- Marketing analyst role merges with content strategy β data-informed content creation
- "Content strategist" becomes the primary marketing role (not content producer)
- Marketing ops becomes "Marketing Intelligence" β manages the knowledge layer
**Key risks:**
- Past performance data biases future content (what worked before may not work now)
- Competitor content analysis leads to derivative messaging
- Knowledge base doesn't include qualitative insights (why a campaign failed, not just that it failed)
**Gate to Step 3:**
- [ ] Marketing knowledge base contains 2+ years of campaign data with performance metrics
- [ ] AI can generate content briefs that match quality of human-written briefs β₯80% of the time
- [ ] Competitor monitoring covers β₯5 key competitors with weekly updates
---
Step 3: Workflow Automation & Cross-Department Triggers
**What AI does:**
- **Content pipeline automation:**
- **Lead nurture automation:**
- **Performance-driven optimization:**
- Product team ships feature β auto-generates: changelog entry, blog post draft, social posts, email to relevant segments, updated sales collateral
- Sales team logs competitive loss β triggers competitive analysis update and counter-messaging development
- Compliance approves content β auto-publishes across channels on schedule
- Marketing qualified lead β AI assigns to nurture sequence based on segment, behavior, firmographics
- Lead engages with content β AI personalizes next touchpoint
- Lead hits score threshold β auto-hands to sales with full engagement history
- Campaign underperforms benchmark β AI suggests optimization (subject line change, audience adjustment, timing shift) β implements approved changes
**What humans still do:**
- Approve content before first publication (not every republication)
- Campaign strategy and budget allocation
- Creative direction for major campaigns
- Partner and event relationships
- Final approval on any messaging targeting regulated financial products
**Tools/Tech:** Marketing automation platform (HubSpot, Marketo) with AI-powered workflows. Event bus connecting product, sales, compliance, and marketing systems. Automated publishing pipeline. A/B testing framework.
**Role changes:**
- "Campaign Manager" becomes "Campaign Architect" β designs automated flows, doesn't execute manually
- Content production team shrinks β AI handles volume, humans handle premium/strategic content
- New role: Marketing Automation Engineer (could be shared with sales ops)
**Key risks:**
- Automated content at scale without sufficient quality control damages brand
- Lead nurture sequences become impersonal despite personalization attempts
- Cross-department triggers create noise (not every feature update needs a blog post)
- Compliance bottleneck: auto-generated content still needs review
**Gate to Step 4:**
- [ ] 5+ automated cross-department workflows live
- [ ] Lead-to-MQL automation running with β₯70% accuracy
- [ ] Content production velocity β₯3x pre-automation with maintained quality scores
- [ ] Compliance review turnaround <24 hours for AI-generated content
---
Step 4: Monitoring & Consolidation
**What AI does:**
- Unified marketing performance dashboard: all channels, campaigns, content β one view
- Anomaly detection: "LinkedIn engagement dropped 40% this week β here's why and what to do"
- Attribution modeling: AI tracks full-funnel attribution from first touch to closed deal
- Budget optimization: AI recommends budget reallocation based on channel ROI
- Content performance scoring: automatic grading of every piece of content
**What humans still do:**
- Strategic interpretation of data and market trends
- Budget approval decisions
- Brand positioning shifts
- Governance: what to automate next, what to keep human
- Creative review of novel content types
**Tools/Tech:** BI dashboard consolidating all marketing platforms. Automated reporting (weekly/monthly). Attribution model. Cost-per-lead and cost-per-content tracking. A/B test result aggregation.
**Role changes:**
- Marketing team consolidates: fewer specialists, more generalists with AI leverage
- CMO becomes "Chief Brand & Revenue Officer" β owns the full funnel
- Marketing analytics absorbed into marketing ops
**Key risks:**
- Attribution models are never perfect β over-optimizing on flawed data
- Dashboard fatigue
- Pressure to cut "underperforming" channels that actually drive brand awareness (hard to measure)
**Gate to Step 5:**
- [ ] Single marketing dashboard with real-time performance data
- [ ] Attribution model validated against actual revenue
- [ ] Marketing ROI demonstrably positive and trackable
- [ ] Tool stack consolidated to β€5 core platforms
---
Step 5: Personal Agent Teams
**What AI does:**
- Each marketer has specialized agents:
- **Content Agent:** Generates drafts, schedules publications, monitors performance, suggests optimizations
- **Analytics Agent:** Real-time performance monitoring, anomaly alerts, weekly reports
- **Competitive Agent:** Monitors competitor content, messaging, positioning changes
- **Audience Agent:** Tracks segment behavior, identifies emerging audience patterns
- **Campaign Agent:** Manages live campaign execution, adjusts bids, rotates creative
**What humans still do:**
- Brand strategy and creative direction
- Major campaign ideation (big ideas, not execution)
- Partner relationships
- Approve novel content types or messaging directions
- Interpret market shifts that agents can't predict
**Tools/Tech:** Agent orchestration per marketer. API integrations with all marketing platforms. Personal agent memory with marketer's preferences and historical decisions.
**Role changes:**
- Marketing team: 1 person + agents = previously a team of 3-4
- "Marketer" becomes "Marketing Director" β everyone is senior, managing agents
- Content writer role essentially eliminated for standard content
**Key risks:**
- Agent-generated content homogenizes β everything sounds the same
- Agents optimize for metrics that don't capture brand value
- Creative quality declines without human craft
**Gate to Step 6:**
- [ ] Each marketer managing agent team for 3+ months
- [ ] Content output β₯5x with maintained quality scores
- [ ] Brand consistency maintained (measured by quarterly brand audit)
---
Step 6: Autonomous Department
**What AI does:**
- Marketing department operates largely autonomously:
- Humans handle: brand strategy, creative for marquee campaigns, crisis comms, executive positioning
- Content engine: continuously produces, publishes, and optimizes content across all channels
- Lead gen: runs campaigns, nurtures leads, hands to sales β end to end
- Brand monitoring: tracks sentiment, responds to mentions, manages reputation
- Competitive response: detects competitor moves, auto-generates counter-content
- Budget optimization: dynamically allocates budget across channels based on performance
**What humans still do:**
- Set marketing strategy and brand direction (annual/quarterly)
- Approve messaging for new markets or product categories
- Handle PR crises and sensitive communications
- Major event strategy and keynotes
- Regulatory and compliance escalations
**Tools/Tech:** Self-optimizing marketing engine. Automated budget allocation. Agent-to-agent coordination with sales, product, compliance. Crisis detection and escalation system.
**Role changes:**
- Marketing team: CMO + 2-3 senior strategists + platform engineer
- From team of 8-12 to team of 4-5 with greater output
- Compliance review becomes automated for standard content, human-only for novel claims
**Gate to Step 7:**
- [ ] Autonomous marketing running 6+ months
- [ ] Lead volume and quality maintained or improved
- [ ] Brand metrics (awareness, sentiment) stable or improving
- [ ] Regulatory compliance maintained through automated review
---
Step 7: Autonomous Enterprise
**What AI does:**
- Marketing is a fully integrated subsystem of the autonomous enterprise:
- Continuous optimization without human intervention for standard operations
- Product launches β automatic full-funnel campaign deployment
- Market signals β automatic positioning adjustments
- Revenue data β automatic budget reallocation
- Competitive moves β automatic counter-positioning
**What humans still do:**
- Define brand purpose and values
- Creative vision for the company
- Navigate market crises and paradigm shifts
- Industry thought leadership (the human face of the company)
- Decide what the company stands for
**Role changes:**
- "Marketing department" β "Brand & Growth System" managed by 2-3 humans
- CMO role is strategic: brand guardian, culture setter, market visionary
---
---
PRODUCT
Step 0: Individual Augmentation
**What AI does:**
- PMs use AI to draft PRDs, user stories, and acceptance criteria
- Summarize user research transcripts and support tickets
- Competitive analysis: "Compare Feature X across our top 5 competitors"
- Draft product update communications (release notes, internal announcements)
- Brainstorm feature ideas and edge cases
**What humans still do:**
- Product strategy and roadmap prioritization
- User research (conducting interviews, analyzing behavior)
- Stakeholder management and alignment
- Technical feasibility assessment with engineering
- All prioritization decisions
**Tools/Tech:** ChatGPT/Claude subscriptions. No integrations.
**Role changes:** None. PMs write faster but responsibilities unchanged.
**Key risks:**
- AI-generated PRDs lack context of real user needs
- Cookie-cutter user stories that miss edge cases
- PMs become writers instead of thinkers
**Gate to Step 1:**
- [ ] β₯70% of product team using AI weekly
- [ ] 5+ PRD drafts where AI meaningfully accelerated production
---
Step 1: Structured Productivity
**What AI does:**
- Prompt templates for:
- PRD generation: inputs = problem statement, target user, constraints β output = structured PRD
- User story generation: inputs = feature description β output = user stories with acceptance criteria in standard format
- Competitive analysis: inputs = feature area β output = comparison matrix with sources
- Release notes: inputs = engineering changelog β output = user-facing release notes
- Sprint planning: inputs = backlog items β output = prioritized sprint proposal with effort estimates
**What humans still do:**
- Validate AI-generated requirements against actual user needs
- Prioritization and trade-off decisions
- Stakeholder alignment (AI can't navigate politics)
- User research design and interpretation
- Go-to-market strategy
**Tools/Tech:** Enterprise AI with product templates. Integration with Jira/Linear (read-only). User research repository (Dovetail or similar).
**Role changes:**
- PMs produce documentation 3x faster
- Associate PMs become significantly more capable (AI bridges experience gap)
- Product ops starts managing templates and workflows
**Key risks:**
- PRDs generated from templates feel formulaic, miss creative product thinking
- "AI-assisted" prioritization creates false objectivity (it's still a judgment call)
**Gate to Step 2:**
- [ ] Template library covers standard product artifacts
- [ ] PRD drafting time reduced β₯60%
- [ ] Engineering reports AI-generated user stories are "as good or better" than manual ones
---
Step 2: Shared Knowledge Layer
**What AI does:**
- RAG over: user research transcripts, support tickets, feature requests, product analytics, past PRDs, competitor analyses, engineering ADRs
- PMs ask:
- Auto-generated feature request summaries aggregated from support, sales, and NPS data
- Historical decision context: "Why did we build it this way?" answered from ADRs and past PRD discussions
- "What have users said about our reporting capabilities in the last 6 months?"
- "How many support tickets mention latency on the trading dashboard?"
- "What was the rationale for deprioritizing Feature X last quarter?"
- "What features did [Competitor] launch in Q2?"
**What humans still do:**
- Interpret user needs and translate to product direction
- Prioritize based on strategy, not just data
- Design product experiences
- Navigate trade-offs between user needs, business goals, and technical constraints
**Tools/Tech:** Vector DB indexing: user research repo, support tickets (Zendesk/Intercom), feature request database, product analytics (Amplitude/Mixpanel), past PRDs, engineering ADRs. RAG pipeline with product-specific retrieval.
**Role changes:**
- "User Research" becomes partially automated (AI summarizes, humans validate)
- PMs become data-rich decision-makers instead of data-gathering analysts
- Product analytics becomes embedded in AI (PMs query in natural language)
**Key risks:**
- Quantitative data overweighs qualitative insights (support ticket count β user need importance)
- Historical decisions create inertia ("we decided this before, so...")
- Product analytics without context leads to wrong conclusions
**Gate to Step 3:**
- [ ] PMs can get user insight summaries in <5 minutes (vs. hours of manual research)
- [ ] Product decisions documented with data citations from knowledge base
- [ ] Feature request aggregation automated across β₯3 data sources
---
Step 3: Workflow Automation & Cross-Department Triggers
**What AI does:**
- **Feature lifecycle automation:**
- **Feedback loop automation:**
- PM approves feature β auto-generates: engineering tickets, design brief, QA test plan outline, documentation stub, marketing brief
- Engineering ships feature β auto-updates: product docs, changelog, release notes, notifies CS and sales
- Support ticket volume spikes on a feature β auto-generates incident report for PM review
- NPS survey responses β auto-categorized by feature/theme β aggregated report to PM weekly
- Churn events β auto-pulls user's feature usage, support history, creates "churn analysis" for PM
- Feature usage analytics β auto-flags features with declining engagement
**What humans still do:**
- Product strategy and roadmap decisions
- Design reviews and UX decisions
- Stakeholder negotiations ("engineering says 6 weeks, sales wants it in 2")
- Exception handling for complex cross-functional initiatives
**Tools/Tech:** Event bus connecting product, engineering, design, support, sales, marketing. Workflow orchestrator. Jira/Linear API (read + write). Analytics API.
**Role changes:**
- Product ops becomes "Product Automation Engineering"
- PMs spend 60% less time on documentation/coordination, more on strategy
- Analyst role merges into PM (AI handles data aggregation)
**Key risks:**
- Auto-generated engineering tickets lack context that in-person conversations provide
- Information overload: PMs drowning in automated reports and alerts
- Automation creates rigidity in what should be a flexible, creative process
**Gate to Step 4:**
- [ ] Feature lifecycle automated end-to-end for standard features
- [ ] Feedback loop processing <24 hour latency
- [ ] PM time spent on admin/documentation reduced β₯50%
---
Step 4: Monitoring & Consolidation
**What AI does:**
- Unified product health dashboard: feature usage, NPS by segment, support ticket trends, roadmap progress, development velocity
- Anomaly detection: "Feature X usage dropped 25% after last release β investigate"
- Automated product KPI reporting (weekly/monthly)
- Roadmap vs. actuals tracking with AI-generated variance analysis
- Customer health scoring feeding into product priorities
**What humans still do:**
- Strategic interpretation and course correction
- Roadmap reprioritization based on market shifts
- Governance: which automated workflows to expand/modify
- Communicating product vision to the company
**Tools/Tech:** BI dashboard. Automated reporting. Product analytics consolidation. Roadmap tracking tools with AI integration.
**Role changes:**
- Product team consolidates β fewer PMs managing more surface area# πΊοΈ Enterprise AI Transformation β Department Playbooks (Part 2)
Engineering, IT/OPS, Legal, Compliance, Finance, Trading Desk, Operations
---
ENGINEERING
Step 0: Individual Augmentation
**What AI does:**
- Devs use ChatGPT/Copilot for code generation β boilerplate REST endpoints, SQL queries for trade reconciliation tables, unit tests for pricing models
- Debugging: pasting stack traces to diagnose issues in FIX protocol handlers or market data feed parsers
- Generating regex, cron expressions, Dockerfile snippets
- Explaining legacy code ("what does this C++ order matching engine function do?")
- Writing commit messages, PR descriptions, Jira ticket summaries
**What humans still do:**
- Everything. AI is fancy autocomplete. Humans architect, review, deploy, debug production.
- All code review β nobody trusts AI output without reading line by line
- System design decisions (Kafka vs RabbitMQ for trade event streaming)
- Security-sensitive code (auth, encryption, trading API key management)
**Tools/Tech:** Personal Copilot/ChatGPT subscriptions. No company infra required.
**Role changes:** None. Informal split: "AI-fluent" devs ship 20-40% faster; others don't use it.
**Key risks:**
- Developer pastes proprietary trading algo logic or API keys into public ChatGPT (compliance violation)
- Junior devs accept AI code with subtle bugs in financial calculations (floating point in currency conversion, off-by-one in trade dates)
- Shadow IT β security has no visibility
**Gate to Step 1:**
- [ ] >50% of engineering using AI tools in last 30 days
- [ ] No known sensitive data leakage to third-party AI providers
- [ ] Security/compliance informed and has acknowledged usage
---
Step 1: Structured Productivity
**What AI does:**
- Company-provisioned GitHub Copilot Business across all engineering seats with enterprise data protection
- Standardized prompt libraries per role:
- AI-powered code review assistant in GitHub PRs β flags missing error handling, unparameterized SQL
- Automated API documentation from code annotations
- Sprint retro summaries from Slack threads and Jira comments
- Backend: "Generate a FastAPI endpoint with input validation for [trade submission schema]"
- Data: "Write a dbt model transforming raw FIX messages into normalized trade events"
- QA: "Generate pytest cases for edge cases in [margin calculation function]"
**What humans still do:**
- Architecture decisions and system design
- Final code review approval
- Production incident response and root cause analysis
- Security review of anything touching trading systems, client funds, regulatory reporting
**Tools/Tech:** Copilot Business ($19-39/seat/month). Private AI gateway (LiteLLM/Portkey) routing to Azure OpenAI or Anthropic with data retention. Prompt library in shared repo. Snyk/Semgrep for AI-generated code security scanning.
**Role changes:**
- AI Champion per squad maintains prompt templates
- QA shifts toward writing prompt templates for test generation rather than writing every test
- Junior devs significantly more productive β gap between junior and mid narrows
- Tech leads spend more time reviewing, less writing boilerplate
**Key risks:**
- Prompt template rot (break on model updates, nobody maintains)
- Over-reliance on Copilot β devs stop understanding the code
- License/IP concerns: AI may reproduce open-source patterns in proprietary trading systems
**Gate to Step 2:**
- [ ] 100% of engineering on company-provisioned AI coding tools
- [ ] Prompt template library with >20 templates
- [ ] 15-25% reduction in average PR cycle time
- [ ] No increase in vulnerability density in AI-assisted code
---
Step 2: Shared Knowledge Layer
**What AI does:**
- RAG indexes all engineering knowledge: Confluence, ADRs, runbooks, post-mortems, Slack engineering channels, code comments
- Natural language questions with accurate answers:
- Onboarding: new engineers chat with the knowledge base instead of interrupting seniors. Time to first meaningful PR: 3 weeks β 5 days
- Semantic code search: "Find all places where we handle partial fills"
- AI reads (not writes) Jira, GitHub, Datadog, PagerDuty
- "What's our retry policy for failed trade submissions to the exchange?"
- "How does the margin calculation service handle cross-currency positions?"
- "What was the root cause of the August 2025 settlement failure?"
**What humans still do:**
- Curating and validating knowledge base content
- Writing new ADRs and runbooks (AI drafts from incident notes, humans approve)
- All code writing and deployment
- Architectural decisions β AI provides context, doesn't decide
**Tools/Tech:** Vector DB (Pinecone, Weaviate, or pgvector). RAG pipeline. Connectors for Confluence, GitHub, Slack, Jira, Datadog. Embedding model. Internal Slack bot or web app. Access control: RAG respects existing permissions.
**Role changes:**
- Knowledge Engineer emerges (could be part-time senior dev) β owns RAG quality
- Senior engineers become knowledge curators β tribal knowledge becomes high-value input
- Onboarding dramatically accelerated
**Key risks:**
- Runbooks indexed but outdated β AI gives wrong incident procedures (dangerous in trading systems)
- Code snippets retrieved without version context β dev implements deprecated pattern
- Access control gaps β junior dev sees infra secrets via RAG query
**Gate to Step 3:**
- [ ] >80% of "how does our system do X?" answerable via RAG
- [ ] New engineer onboarding to first PR: <7 days
- [ ] Post-mortem retrieval accurate for incidents from last 2 years
- [ ] Access controls verified by security team
---
Step 3: Workflow Automation & Cross-Department Triggers
**What AI does:**
- **CI/CD intelligence:**
- **Cross-department triggers:**
- **Operational automation:**
- PR opened β AI reviews for security, performance, architecture pattern compliance β auto-approves trivial PRs, flags complex ones for human review
- Build fails β AI diagnoses root cause from logs, suggests fix, links to similar past failures
- Deploy succeeds β auto-updates changelog, notifies product/CS of shipped features
- Product approves feature β auto-creates Jira epic with generated stories, design brief, test plan
- Incident detected β auto-pages on-call, pulls relevant runbooks, starts incident channel with context
- Engineering ships feature β triggers marketing (content), sales (enablement), docs (update)
- Database migration scripts auto-generated and tested in staging
- Infrastructure capacity monitoring β auto-scaling recommendations β approved changes auto-applied
**What humans still do:**
- Architecture decisions for new systems
- Code review on complex/critical changes (trading engine, risk systems)
- Incident command for P1s
- Strategic technical decisions (language choices, vendor selection, build vs. buy)
- Security review and penetration testing
**Tools/Tech:** Event bus (Kafka/NATS). Workflow orchestrator (Temporal). CI/CD pipeline integration (GitHub Actions/GitLab CI). Automated PR review tools. Incident management integration (PagerDuty). Policy engine for auto-approval rules.
**Role changes:**
- Junior dev role evolves: less code writing, more "AI pair programming supervisor"
- DevOps shifts to "Platform Engineering" β building the automation platform
- QA role transforms: writing test strategy and reviewing AI-generated tests
- Engineering managers focus on system design and team development, not sprint mechanics
**Key risks:**
- Auto-approved PRs introduce bugs that human review would have caught
- Automated incident response takes wrong action (e.g., scales down during peak trading hours)
- Cross-department triggers create cascading work without context
**Gate to Step 4:**
- [ ] AI code review active on all repos
- [ ] Trivial PR auto-approval running with <1% error rate
- [ ] Incident auto-diagnosis accuracy >80%
- [ ] Mean time to detect issues decreased 40%+
---
Step 4: Monitoring & Consolidation
**What AI does:**
- Unified engineering health dashboard: deployment frequency, lead time, MTTR, change failure rate (DORA metrics)
- AI-driven anomaly detection across all services (not just alerting on thresholds)
- Code quality trends, tech debt scoring, security vulnerability tracking
- Cost-per-feature estimation based on historical data
- Automated engineering KPI reporting for leadership
**What humans still do:**
- Strategic technical decisions based on dashboard insights
- Tech debt prioritization
- Governance: expanding or constraining AI automation scope
- Engineering culture and team development
**Tools/Tech:** OpenTelemetry + Grafana/Datadog. DORA metrics pipeline. Automated code quality tools (SonarQube with AI). Security scanning consolidation. Cost tracking per deployment.
**Role changes:**
- Engineering management becomes heavily data-driven
- SRE role evolves: from "keeping things running" to "keeping the automation running"
- CTO focuses on technical strategy and AI governance
**Gate to Step 5:**
- [ ] DORA metrics tracked and improving for 3+ months
- [ ] AI anomaly detection false positive rate <10%
- [ ] Engineering ROI per AI tool documented
- [ ] Tool stack consolidated
---
Step 5: Personal Agent Teams
**What AI does:**
- Each developer has agent team:
- Dev wakes up to: "Overnight, I refactored the trade validator tests, updated 3 dependencies with breaking change handling, and drafted the API endpoint for the new position limit feature. Ready for your review."
- **Code Agent:** Generates code from requirements, writes tests, handles refactoring
- **Review Agent:** Continuously reviews code changes, suggests improvements
- **Ops Agent:** Monitors dev's services, auto-diagnoses issues, suggests fixes
- **Research Agent:** Stays current on relevant libraries, security advisories, best practices
- **Planning Agent:** Breaks down tickets, estimates effort, identifies dependencies
**What humans still do:**
- Review and approve agent-generated code
- Architectural and design decisions
- Complex debugging that requires system understanding
- Pair programming on novel problems
- Mentoring and knowledge transfer
**Tools/Tech:** Agent orchestration per developer. IDE integration. Git-integrated agent actions. Personal context store (each dev's preferences, code patterns).
**Role changes:**
- "Developer" becomes "Software Architect" β everyone designs, agents implement
- One dev + agents = previously a team of 3-4
- Junior role nearly disappears β agents do junior-level work
- Senior engineers become system designers and agent supervisors
**Key risks:**
- Code quality drift β AI-generated code works but becomes unmaintainable
- Developers lose hands-on skills needed for complex debugging
- Agent-generated code introduces subtle, hard-to-detect bugs in financial calculations
**Gate to Step 6:**
- [ ] Each dev managing agent team for 3+ months
- [ ] Code output per developer β₯3x with maintained quality
- [ ] Zero critical production incidents from agent-generated code
- [ ] Dev satisfaction with agent assistance >75%
---
Step 6: Autonomous Department
**What AI does:**
- Engineering operates as AI-first:
- Humans handle: architecture for new systems, security review, incident command for novel failures, strategic technical decisions
- Feature requirements β auto-generated implementation β auto-tested β auto-deployed (for standard patterns)
- Bug reports β auto-diagnosed β auto-patched β auto-deployed (for known categories)
- Infrastructure management fully automated (scaling, failover, disaster recovery)
- Security patching automatic for all non-breaking updates
- Technical documentation continuously auto-generated and maintained
**What humans still do:**
- System architecture for new products/features
- Security review and risk assessment
- Handle novel production incidents (first-time failures)
- Technical strategy and platform evolution
- Governance: what agents can/cannot deploy autonomously
**Tools/Tech:** Autonomous CI/CD with policy gates. Self-healing infrastructure. Agent-to-agent coordination across product, QA, ops. Rollback automation. Full audit trail.
**Role changes:**
- Engineering team shrinks 50-70% in headcount
- Remaining: Principal Engineers, Architects, Platform Engineers, Security Engineers
- CTO manages the engineering platform, not a team of coders
**Gate to Step 7:**
- [ ] Standard features shipped end-to-end autonomously for 6+ months
- [ ] Zero critical incidents from autonomous deployments
- [ ] Infrastructure self-healing success rate >99%
- [ ] Security posture maintained or improved
---
Step 7: Autonomous Enterprise
**What AI does:**
- Engineering is a self-evolving system:
- Product requirements β autonomous design β implementation β testing β deployment β monitoring
- Infrastructure scales, heals, and optimizes without human intervention
- Codebase continuously refactored, dependencies updated, security patches applied
- Performance continuously optimized based on production metrics
**What humans still do:**
- Define what to build and why
- Architect novel systems
- Security governance
- Technical innovation and R&D
- Make build-vs-buy decisions
**Role changes:**
- "Engineering department" β "Technical Platform" managed by 3-5 senior architects
- From a team of 20+ to a team of 5-8 with 10x+ output
---
---
IT/OPS
Step 0: Individual Augmentation
**What AI does:**
- IT staff use ChatGPT to draft runbook procedures and troubleshooting guides
- Generating scripts: PowerShell for AD management, Bash for server maintenance, Python for log parsing
- Answering "how to" questions: "How do I configure Okta SAML for this SaaS app?"
- Drafting change management documentation
- Writing incident reports and post-mortems
**What humans still do:**
- All infrastructure management and changes
- User provisioning and deprovisioning
- Security incident response
- Vendor management and procurement
- Network and server administration
- Helpdesk support
**Tools/Tech:** ChatGPT/Claude subscriptions. No integrations.
**Role changes:** None. IT staff individually faster at documentation and scripting.
**Key risks:**
- AI-generated scripts run in production without proper testing
- Security configs generated by AI have vulnerabilities
- Shadow AI usage creates compliance gaps
**Gate to Step 1:**
- [ ] >60% of IT team using AI for documentation/scripting
- [ ] AI-assisted scripts have been through standard change management before production use
---
Step 1: Structured Productivity
**What AI does:**
- Templates for:
- Helpdesk AI: first-line support bot handling password resets, VPN issues, common software questions
- Automated KB article generation from resolved tickets
- Incident response: "Given these symptoms and affected systems, draft an incident response plan following our IR framework"
- Change management: "Generate a change request document for [infrastructure change] including risk assessment and rollback plan"
- User provisioning: "Generate the provisioning checklist for a new [role] employee including all required system access"
- Vendor evaluation: "Compare [vendor A] vs [vendor B] for [use case] based on our requirements"
**What humans still do:**
- All infrastructure changes and approvals
- Security architecture and policy decisions
- Vendor negotiations and contracts
- Complex troubleshooting (network issues, performance degradation)
- Strategic IT planning (cloud migration, tool consolidation)
**Tools/Tech:** Enterprise AI platform with IT-specific templates. Helpdesk integration (ServiceNow/Jira Service Management). ITSM workflow tool with AI layer.
**Role changes:**
- L1 helpdesk agents shift to "AI support supervisors" β reviewing AI responses to users
- Sysadmins produce documentation 2-3x faster
- IT manager designates "IT AI Champion"
**Key risks:**
- Helpdesk AI gives wrong answer β user takes harmful action on their system
- Template-generated change requests create false sense of completeness
- IT staff become documentation factories instead of problem solvers
**Gate to Step 2:**
- [ ] Helpdesk AI handling >40% of L1 tickets autonomously
- [ ] Change management documentation time reduced β₯50%
- [ ] All templates reviewed and approved by IT security
---
Step 2: Shared Knowledge Layer
**What AI does:**
- RAG over: network diagrams, server inventories, configuration baselines, past incident reports, vendor docs, security policies, compliance requirements
- IT staff ask:
- Dependency mapping: "Show me everything that depends on Service X"
- Asset inventory queries in natural language
- "What's the firewall rule for traffic between trading systems and the clearing network?"
- "When was the last time we patched the market data servers and what issues did we hit?"
- "What's our disaster recovery procedure for the primary database?"
- "Which systems are affected if the Bloomberg terminal gateway goes down?"
**What humans still do:**
- Infrastructure architecture decisions
- Security policy creation and enforcement
- Vendor relationship management
- Complex troubleshooting requiring system-level access
- Maintaining and updating the knowledge base
**Tools/Tech:** Vector DB indexing: CMDB data, network documentation, incident history, runbooks, vendor docs, security policies. CMDB integration (ServiceNow). Monitoring tool APIs (Datadog, Nagios, Zabbix). Asset management integration.
**Role changes:**
- L1/L2 support dramatically faster β institutional knowledge available instantly
- New IT hires productive in days instead of months
- Senior IT staff valued for their knowledge contributions to the system
**Key risks:**
- Outdated infrastructure docs in RAG β wrong troubleshooting guidance
- CMDB data quality issues (garbage in, garbage out)
- Security-sensitive information (credentials, network topology) needs tight access control
**Gate to Step 3:**
- [ ] >80% of "how does our infrastructure work?" questions answerable via RAG
- [ ] CMDB integrated and accessible via AI
- [ ] IT onboarding time reduced β₯40%
- [ ] Access controls verified: sensitive infra details restricted appropriately
---
Step 3: Workflow Automation & Cross-Department Triggers
**What AI does:**
- **IT automation:**
- **Cross-department:**
- New employee hired (HR trigger) β auto-provisions: AD account, email, Slack, VPN, role-based system access β notifies manager
- Employee terminated (HR trigger) β auto-deprovisions: all accounts disabled within 15 minutes β audit trail generated
- Security alert from SIEM β auto-triages: severity assessment, affected systems identified, initial containment actions, on-call paged with full context
- Server health degradation β auto-diagnoses, auto-scales or auto-remedies known issues, escalates unknowns
- Engineering needs new environment β auto-provisions: cloud resources, networking, monitoring, access controls
- Compliance audit scheduled β auto-generates: evidence collection from all systems, access review reports
**What humans still do:**
- Approve infrastructure changes above cost/risk threshold
- Handle novel security incidents
- Strategic IT decisions (cloud migration, vendor changes)
- Complex networking and architecture work
- Manage vendor relationships and SLAs
**Tools/Tech:** SOAR platform (Splunk SOAR, Palo Alto XSOAR) for security automation. Infrastructure as Code (Terraform) with AI-generated configs. ITSM workflow automation. HR system integration for provisioning/deprovisioning. Auto-scaling policies.
**Role changes:**
- L1 helpdesk role may be eliminated (AI handles >80%)
- L2 support becomes "Automation Engineering" β building automations, not doing manual work
- Security analyst shifts from "reviewing every alert" to "reviewing what AI escalates"
- IT ops becomes "Platform Engineering"
**Key risks:**
- Auto-deprovisioning hits wrong account (especially dangerous in trading systems β locks out a trader mid-session)
- Security automation takes wrong containment action β disrupts business
- Over-automation without sufficient testing β cascading failures
**Gate to Step 4:**
- [ ] Employee provisioning/deprovisioning automated end-to-end
- [ ] Security alert triage >70% automated
- [ ] Infrastructure auto-remediation running for known issues
- [ ] Zero incidents caused by automation errors in 90 days
---
Step 4: Monitoring & Consolidation
**What AI does:**
- Unified IT operations dashboard: system health, security posture, compliance status, cost, user satisfaction
- AIOps: anomaly detection across all infrastructure (not just threshold alerts)
- Automated capacity forecasting and cost optimization
- Security posture continuous assessment
- Vendor performance tracking against SLAs
**What humans still do:**
- IT strategy and budget decisions
- Security architecture and policy evolution
- Vendor negotiations and strategic partnerships
- Governance: automation scope management
- Complex incident management
**Tools/Tech:** AIOps platform (Moogsoft, BigPanda, or custom). Unified monitoring (Datadog/Grafana). Security posture management. Cost management (CloudHealth/Spot). Automated compliance reporting.
**Role changes:**
- IT team consolidates around platform engineering and security
- CIO/IT Director becomes data-driven decision maker
- Operations and security merge under unified AIOps
**Gate to Step 5:**
- [ ] Single pane of glass for IT operations
- [ ] AIOps reducing alert noise by >60%
- [ ] Infrastructure costs optimized (documented savings)
- [ ] Compliance reporting automated
---
Step 5-7: IT/OPS becomes the backbone of the autonomous enterprise
**Step 5:** Each IT staff member has agent teams managing their domain β network agents, security agents, cloud agents. One admin manages what previously required 3-4.
**Step 6:** IT/OPS runs autonomously: infrastructure self-heals, security auto-responds, provisioning is instant, costs auto-optimize. Humans handle architecture evolution and novel threats.
**Step 7:** IT is the nervous system of the autonomous enterprise. Every other department's agents depend on IT infrastructure agents. Self-evolving infrastructure that adapts to company needs. Humans: 2-3 platform architects + CISO.
---
---
LEGAL
Step 0: Individual Augmentation
**What AI does:**
- Lawyers paste NDA clauses into Claude for plain-English summaries
- Draft emails to counterparties ("summarize our position on this indemnity clause")
- Research: "What are the SEC rules on principal trading disclosure?"
- First drafts of internal memos ("summarize legal implications of expanding into EU crypto derivatives")
- Proofread and redline contracts for formatting issues
**What humans still do:**
- All final legal decisions and sign-offs
- Client/counterparty negotiations
- Regulatory filings and submissions
- Privileged communications management
- All substantive legal analysis
**Tools/Tech:** ChatGPT Team/Claude Pro (2-5 seats). DLP policy blocking client data to public AI endpoints.
**Role changes:** None. Paralegals and junior lawyers use AI as research shortcut.
**Key risks:**
- Lawyers paste privileged/confidential info into public AI (data leakage)
- AI hallucinates case law or regulatory citations (the "fake case" problem)
- No audit trail for AI-assisted legal analysis
**Gate to Step 1:**
- [ ] 80%+ of legal team has used AI for β₯3 distinct tasks
- [ ] Acceptable use policy for AI in legal work documented and signed
- [ ] At least 1 AI hallucination caught and circulated as training example
---
Step 1: Structured Productivity
**What AI does:**
- Templates for:
- First-draft generation of standard contracts (engagement letters, vendor agreements)
- Meeting note summarization for legal calls
- NDA review: "Extract governing law, term, carve-outs, non-solicitation, assignment β flag anything non-standard vs. our template"
- ISDA schedule comparison: "Compare this ISDA schedule against our standard terms"
- Employment contract drafting from structured inputs
- Board resolution generation
- Regulatory research: "For [jurisdiction], summarize current requirements for [activity] including recent enforcement actions"
**What humans still do:**
- Review and approve all AI-generated contract language before it leaves
- Negotiate bespoke terms ("do we accept this liability cap?" β judgment call)
- Handle litigation, disputes, regulatory inquiries
- Maintain privilege logs
**Tools/Tech:** Enterprise AI with data residency controls. Contract comparison tool (Luminance or Copilot in Word). Template repository in DMS (iManage/NetDocuments).
**Role changes:**
- Paralegals shift from "draft first version" to "run AI template and QA"
- Junior lawyers: less mechanical drafting, more analysis
- GC becomes "AI quality gatekeeper" β reviews template outputs quarterly
**Key risks:**
- Over-reliance on templates for non-standard situations
- Template drift as regulations change
- Lawyers skip review because "the template always works"
**Gate to Step 2:**
- [ ] 10+ prompt templates covering 80% of recurring legal tasks
- [ ] Time-to-first-draft for standard NDAs reduced β₯60%
- [ ] QA checklist exists for every template output
---
Step 2: Shared Knowledge Layer
**What AI does:**
- RAG over entire contract corpus:
- RAG over regulatory guidance:
- Regulatory change monitoring: AI scans Federal Register, FCA updates, MAS circulars β flags relevant items
- Clause library search with semantic matching
- "Show me all NDAs with Singapore counterparties in last 3 years"
- "Find the last time we negotiated an uncapped indemnity and what we settled on"
- "Give me our standard force majeure clause for APAC counterparties"
- "What did we conclude internally about MiFID II best execution for our OTC desk?"
**What humans still do:**
- Interpret precedents in context ("we accepted that clause because the deal was $50M β this is different")
- Make strategic legal decisions
- Curate and tag the knowledge base
- Handle novel legal questions with no precedent
- Maintain privilege boundaries
**Tools/Tech:** Vector DB indexed on: all executed contracts (with metadata), internal memos, board minutes, regulatory correspondence, third-party regulatory guidance. OCR pipeline for scanned contracts. Privilege tagging system β privileged docs excluded from RAG or access-controlled.
**Role changes:**
- Legal knowledge manager role created (paralegal who owns the corpus)
- Junior lawyers become "AI-assisted analysts" β query and synthesize, don't manually search
- GC has real-time portfolio visibility ("how many contracts expire in Q3?")
**Key risks:**
- **Privilege waiver:** privileged docs indexed and surfaced to non-privileged users β privilege may be deemed waived
- Stale data: amended contracts where amendment wasn't indexed
- Incomplete corpus: 60% digitized = false negatives
**Gate to Step 3:**
- [ ] 90%+ of executed contracts from last 5 years indexed and searchable
- [ ] Privilege-tagged documents properly excluded from general queries
- [ ] "What's our precedent for X?" answerable in <2 minutes (vs. previous 2+ hours)
- [ ] Regulatory monitoring flags changes within 48 hours of publication
---
Step 3: Workflow Automation & Cross-Department Triggers
**What AI does:**
- **Contract lifecycle automation:**
- **Cross-department triggers:**
- **Regulatory monitoring agent:** Continuously scans regulatory sources, auto-classifies by relevance and urgency
- Sales submits deal β auto-selects appropriate contract template β populates terms from deal parameters β generates first draft β sends for legal review
- Counterparty returns redlines β AI compares against approved terms, auto-accepts standard deviations, flags non-standard for human review
- Contract nearing expiration β auto-generates renewal analysis with usage data, pricing history, market comparisons
- New regulation published β AI assesses impact β generates compliance gap analysis β notifies affected departments
- Employee dispute filed β auto-generates preliminary legal analysis and response framework
- Board meeting scheduled β auto-compiles required legal disclosures, consent items, resolution drafts
**What humans still do:**
- Review all non-standard contract terms before approval
- Negotiate with counterparties
- Make regulatory interpretation decisions
- Handle litigation and disputes
- Board advisory and strategic counsel
**Tools/Tech:** CLM platform (Ironclad, DocuSign CLM) with AI layer. Event bus connecting sales, procurement, HR. Regulatory monitoring pipeline. Document generation engine. Approval workflow with escalation rules.
**Role changes:**
- Paralegals become "contract automation operators" β managing the workflow, not drafting
- Junior lawyers focus on exception review (the 20% AI can't handle)
- Legal ops becomes real function β owns the automation platform
- GC focuses on strategic counsel, not contract processing
**Key risks:**
- Auto-accepted contract deviations that shouldn't have been accepted
- Regulatory impact assessment misses a critical regulation
- Over-automation in regulated environment β compliance gaps
**Gate to Step 4:**
- [ ] Contract first-draft generation automated for β₯80% of standard agreements
- [ ] Auto-redline comparison running with <5% error rate on flagging decisions
- [ ] Regulatory monitoring covering all relevant jurisdictions and regulators
- [ ] Zero contract errors attributable to automation in 90 days
---
Steps 4-7: Legal's Progressive Autonomy
**Step 4:** Unified legal operations dashboard: contract portfolio status, regulatory change tracker, matter management, outside counsel spend, compliance coverage map. Evidence-based trust in AI legal work.
**Step 5:** Each lawyer has agent team: Contract Agent (drafts, reviews, tracks), Research Agent (regulatory monitoring, case law updates), Compliance Agent (flags issues proactively), Administrative Agent (scheduling, billing, matter management). One lawyer + agents = previously a team of 3.
**Step 6:** Legal department operates autonomously for standard work: contract lifecycle fully automated, regulatory monitoring and initial response automated, compliance tracking automated. Humans handle: litigation, novel regulatory questions, board advisory, strategic transactions, ethics.
**Step 7:** Legal is embedded in the autonomous enterprise as a governance layer. Every agent in every department has legal guardrails baked in. Legal humans focus on: strategic counsel, novel situations, ethical judgment, regulatory relationship management. Team: GC + 1-2 senior lawyers + legal technologist.
---
---
COMPLIANCE
Step 0: Individual Augmentation
**What AI does:**
- Compliance officers use ChatGPT to draft policy documents and procedure manuals
- Research regulatory requirements: "What are FCA requirements for trade surveillance?"
- Summarize regulatory updates and enforcement actions
- Draft SAR (Suspicious Activity Report) narratives
- Generate compliance training materials
**What humans still do:**
- All compliance decisions and sign-offs
- Trade surveillance and alert investigation
- Regulatory reporting and filings
- AML/KYC reviews
- Compliance testing and audits
- Regulatory examinations and correspondence
**Tools/Tech:** ChatGPT/Claude subscriptions. Strict policy: NO client data, NO trade data, NO regulatory filing data in third-party AI.
**Role changes:** None. Compliance officers draft faster.
**Key risks:**
- Compliance officer pastes client KYC data or trade surveillance alerts into public AI β massive regulatory violation
- AI-generated compliance policies miss jurisdiction-specific requirements
- False confidence in AI research for regulatory interpretation
**Gate to Step 1:**
- [ ] Compliance team has used AI for documentation/research tasks
- [ ] Strict data handling policy specifically for compliance AI use
- [ ] No data incidents
---
Step 1: Structured Productivity
**What AI does:**
- Templates for:
- Standardized compliance report generation (monthly, quarterly regulatory reports)
- Meeting note formatting for regulatory examination prep
- SAR narrative drafting: inputs = alert details, transaction patterns β output = structured SAR narrative following FinCEN/NCA format
- Policy document generation: inputs = regulation, business activity β output = draft compliance policy
- Regulatory change assessment: inputs = new regulation text β output = impact assessment on company activities
- Compliance testing checklist: inputs = regulatory requirement β output = testing procedures and evidence requirements
**What humans still do:**
- Review and sign off on all SARs and regulatory filings
- Make all compliance determinations (is this suspicious? is this a violation?)
- Conduct compliance testing and examine evidence
- Manage regulatory relationships
- Train business units on compliance requirements
**Tools/Tech:** Enterprise AI platform with maximum data security (on-prem or SOC2-certified). Template library for compliance artifacts. Audit trail on all AI interactions.
**Role changes:**
- Junior compliance analysts produce reports faster
- Senior compliance officers become template reviewers
- CCO designates compliance AI champion
**Key risks:**
- AI-generated SAR narratives that miss key suspicious patterns or include wrong details
- Template-generated policies that don't reflect current regulatory expectations
- Regulatory examiners question AI use in compliance function
**Gate to Step 2:**
- [ ] Compliance-specific templates deployed for β₯5 core workflows
- [ ] All templates reviewed by CCO and third-party counsel
- [ ] SAR drafting time reduced β₯40%
- [ ] Regulatory examiners briefed on AI usage in compliance
---
Step 2: Shared Knowledge Layer
**What AI does:**
- RAG over: all compliance policies, regulatory guidance, past examination findings, enforcement actions (internal and industry), compliance testing results, training records
- Compliance officers ask:
- Regulatory change tracking: AI monitors regulators globally β categorizes by relevance β summarizes impact
- Compliance training content auto-generated from current policies and recent enforcement actions
- "What did the FCA say about best execution obligations in their last thematic review?"
- "Show me all SAR filings we've made related to layering patterns in the last 2 years"
- "What was our remediation plan for the finding on client money segregation?"
- "Which regulations apply to our new crypto OTC desk?"
**What humans still do:**
- Interpret regulatory guidance in context of the business
- Make all compliance determinations
- Conduct investigations
- Manage regulatory# πΊοΈ Enterprise AI Transformation β Department Playbooks (Part 3)
Compliance (continued), Finance, Trading Desk, Operations
---
COMPLIANCE (continued)
Steps 3-7: Compliance's Progressive Autonomy
Step 3: Workflow Automation & Cross-Department Triggers
**What AI does:**
- **Trade surveillance automation:**
- **Cross-department triggers:**
- **Automated compliance testing:**
- Trade executed β auto-screened against surveillance rules (spoofing, layering, wash trading, insider trading patterns) β alerts generated and pre-investigated by AI β compliance officer reviews AI analysis and decides
- New client onboarded (Sales/Ops trigger) β auto-runs: sanctions screening, PEP checks, adverse media, risk scoring β generates KYC file β flags for human review if elevated risk
- Employee personal trade request β auto-checked against restricted list, holding period rules, pre-clearance requirements β auto-approves standard cases, escalates exceptions
- New product launch (Product trigger) β auto-generates: regulatory assessment, required disclosures, compliance requirements for sales/marketing
- Regulatory change detected β auto-assesses impact β generates action items for affected departments β tracks remediation
- Client complaint received (Ops trigger) β auto-categorizes β regulatory reporting assessment β escalation if required
- Scheduled compliance tests auto-execute: sample selection, evidence collection, preliminary analysis β human reviews conclusions
**What humans still do:**
- Make final determination on all alerts and SARs
- Investigation of complex or sensitive cases
- Regulatory examination management
- Compliance testing conclusions and remediation decisions
- Policy interpretation for novel situations
- Regulatory relationship management
**Tools/Tech:** SIEM/trade surveillance platform (Nasdaq Surveillance, NICE Actimize) with AI layer. Sanctions screening (World-Check, Dow Jones) API integration. Automated compliance testing framework. Case management system with AI pre-investigation. Event bus connecting trading, onboarding, product, and compliance systems.
**Role changes:**
- Compliance analysts shift from "investigating every alert" to "reviewing AI-investigated alerts"
- Alert investigation volume per analyst increases 5-10x
- Junior compliance role evolves to "alert review operator"
- New role: Compliance Automation Engineer (maintains surveillance rules and AI models)
**Key risks:**
- False negatives: AI misses genuinely suspicious activity β regulatory failure
- Auto-approval of trades/KYC that should have been flagged β massive regulatory risk
- Surveillance model bias (trained on historical data, misses novel manipulation techniques)
- Regulator rejects AI-driven compliance processes ("you need humans doing this")
**Gate to Step 4:**
- [ ] Trade surveillance AI catches β₯95% of patterns (validated against historical confirmed cases)
- [ ] KYC auto-screening running for standard risk clients
- [ ] False positive reduction β₯40% vs. manual surveillance
- [ ] Regulatory examination passed with AI-assisted compliance processes
---
Step 4: Monitoring & Consolidation
**What AI does:**
- Unified compliance dashboard: alert volumes, investigation outcomes, SAR filing rates, regulatory change tracker, compliance test results, training completion, risk heat map
- Anomaly detection: "SAR filing rate for desk X increased 200% β investigate"
- Regulatory examination readiness scoring: AI continuously assesses preparedness
- Cost-per-alert and cost-per-investigation tracking
- Compliance culture metrics (training completion, policy acknowledgment, escalation patterns)
**What humans still do:**
- CCO interprets dashboard and sets compliance priorities
- Regulatory strategy decisions
- Examination preparation and execution
- Board and audit committee reporting
- Governance: compliance automation scope decisions
**Tools/Tech:** Compliance BI dashboard. Regulatory change management platform. Automated compliance KPI reporting. Risk heat mapping. Exam readiness scoring.
**Role changes:**
- Compliance team becomes data-driven
- CCO shifts from "process manager" to "risk strategist"
- Compliance reporting largely automated
**Gate to Step 5:**
- [ ] Single compliance dashboard covering all regulatory domains
- [ ] Regulatory change response time <72 hours from publication to impact assessment
- [ ] Compliance testing cycle time reduced β₯50%
---
Step 5: Personal Agent Teams
**What AI does:**
- Each compliance officer has agents:
- One compliance officer + agents covers what previously required 3-4 officers
- **Surveillance Agent:** Monitors assigned areas 24/7, pre-investigates alerts, prioritizes by risk
- **Regulatory Agent:** Tracks regulatory changes in officer's domain, summarizes impact, drafts policy updates
- **Testing Agent:** Runs continuous compliance testing, flags exceptions
- **Reporting Agent:** Auto-generates regulatory reports, filing drafts, board materials
**What humans still do:**
- Final decisions on all SARs and regulatory filings
- Complex investigations
- Regulatory meetings and examinations
- Policy judgment calls
- Ethics and culture oversight
**Gate to Step 6:**
- [ ] Each compliance officer managing agent team
- [ ] Coverage per officer β₯3x pre-transformation
- [ ] Zero regulatory findings attributable to automation gaps
---
Step 6: Autonomous Department
**What AI does:**
- Compliance operates autonomously for routine monitoring:
- Humans handle: complex investigations, regulatory examinations, novel regulatory interpretation, ethics decisions, board advisory
- Trade surveillance: continuous, AI-driven, with human review only for confirmed alerts
- KYC/AML: auto-screening, auto-refresh, human review for high-risk only
- Regulatory reporting: auto-generated, auto-filed for standard reports (human sign-off on regulatory filings)
- Compliance testing: continuous automated testing with exception reporting
- Policy management: auto-updated when regulations change (human approval before publication)
**What humans still do:**
- CCO: strategy, regulatory relationships, board advisory
- Senior compliance: complex investigations, exam management
- Compliance architect: system design and governance
**Gate to Step 7:**
- [ ] Autonomous compliance monitoring for 6+ months with zero regulatory failures
- [ ] Regulatory examination passed in autonomous mode
- [ ] Alert handling volume β₯10x pre-transformation per human
---
Step 7: Autonomous Enterprise
- Compliance is embedded as a governance layer across all autonomous departments
- Every agent in every department has compliance guardrails baked in
- Continuous regulatory monitoring and auto-adaptation
- Humans: CCO + 1-2 senior compliance officers focus on regulatory strategy, examinations, novel situations
- Compliance is not a "department" but a pervasive governance function
---
---
FINANCE
Step 0: Individual Augmentation
**What AI does:**
- Accountants paste financial data into ChatGPT to draft variance explanations ("Why did COGS increase 12% QoQ?")
- Controllers use AI for board-ready financial commentary from raw P&L exports
- AP clerks parse vendor invoice PDFs and extract line items into spreadsheet format
- Tax staff interpret IRS/HMRC guidance on crypto asset gains treatment
- FP&A analysts generate Excel formulas for complex forecasting models
**What humans still do:**
- All journal entries, approvals, and postings
- Bank reconciliation sign-offs
- Revenue recognition decisions
- Vendor payment authorization
- Budget approval and allocation
- Audit responses
**Tools/Tech:** ChatGPT/Claude Team ($25-30/user/month). Policy: no PII, client positions, or unreleased financials in AI.
**Role changes:** None. Individual productivity gains of 15-30 min/day on writing tasks.
**Key risks:**
- Someone pastes client position data or unreleased financials into public AI β data breach
- AI hallucinates a tax treatment β gets into a memo that reaches auditors
- Inconsistent adoption across the team
**Gate to Step 1:**
- [ ] 80%+ of finance team has used AI for at least one work task in 30 days
- [ ] Written policy defining approved/prohibited financial data for AI input
- [ ] No data incidents in 60-day window
---
Step 1: Structured Productivity
**What AI does:**
- Prompt templates per role:
- Standardized financial commentary generation (MD&A drafts, variance narratives, board deck commentary)
- **AP Clerk:** "Extract invoice number, vendor, line items, amounts, tax, due date from this PDF"
- **FP&A:** "Given this P&L vs budget, identify top 5 variances by dollar impact, explain causes, suggest questions for department heads"
- **Controller:** "Draft month-end close checklist status update from these items"
- **Tax:** "Summarize tax implications of [transaction] under [jurisdiction], cite specific code sections"
**What humans still do:**
- Review all AI-generated financial narratives
- Make all accounting judgments (materiality, estimates, accruals)
- Approve all payments and journal entries
- Manage auditor relationships
- Sign off on all regulatory filings
**Tools/Tech:** Enterprise AI platform with workspace features. Prompt template repository. Role-based access. SSO for audit trail.
**Role changes:**
- Finance analysts expected to produce 2x analytical output
- Senior accountants become "prompt reviewers"
- CFO/Controller designates Finance AI Lead (existing senior person, 10% allocation)
**Key risks:**
- Over-reliance on template outputs without critical review β financial errors propagate
- Templates stale when accounting standards change
- Auditors ask "who wrote this?" β answer is unclear
**Gate to Step 2:**
- [ ] 10+ vetted templates covering core finance workflows
- [ ] 90%+ of recurring financial narratives use AI first draft
- [ ] Auditors briefed on AI in financial reporting workflow
- [ ] Monthly financial package production time reduced β₯25%
---
Step 2: Shared Knowledge Layer
**What AI does:**
- AI reads from centralized knowledge base:
- Use cases:
- Chart of accounts with descriptions and usage rules
- 3+ years historical financial statements
- Accounting policy manual (rev rec, capitalization, depreciation)
- Vendor master data and payment terms
- Prior audit findings and management responses
- Tax position memos and transfer pricing docs
- "What GL account for cloud hosting costs?" β answer with policy citation
- "Trend in SG&A as % of revenue over last 8 quarters" β chart
- "What was the auditor's finding on revenue cut-off and what did we do?" β retrieves from audit archive
- "Draft intercompany elimination entries for Q3 based on Q2 methodology" β references prior workpapers
**What humans still do:**
- All posting and approval authority
- Judgment calls on accounting estimates
- External audit management and negotiation
- Board and investor communications (AI drafts, humans finalize)
- Treasury decisions
**Tools/Tech:** RAG connected to ERP (NetSuite/SAP/QBO), document store, accounting policy wiki. Vector DB indexing financial docs. Read-only ERP API (no write access yet).
**Role changes:**
- FP&A shifts from "data gatherers" to "insight validators"
- Junior accountants self-serve on policy questions via AI
- Finance AI Lead role becomes 25% time allocation
**Key risks:**
- Stale policies in RAG β outdated accounting guidance
- Wrong context for ambiguous queries (3 depreciation policies for different asset classes)
- Over-trust in historical data that may have been restated
- ERP data quality: miscoded transactions β garbage out
**Gate to Step 3:**
- [ ] Knowledge base: chart of accounts, policies, 3 years financials, audit files
- [ ] AI accurately answers β₯85% of "where do I book this?" questions
- [ ] Access controls verified (comp, investor terms in restricted corpus)
- [ ] New finance hire productive in β€50% of previous ramp time
---
Step 3: Workflow Automation & Cross-Department Triggers
**What AI does:**
- **AP automation:**
- **Close process automation:**
- **Cross-department triggers:**
- **FP&A automation:**
- Invoice received β AI extracts data β matches to PO β codes to GL β routes for approval β posts (for amounts under threshold)
- Three-way match (PO, receipt, invoice) automated β exceptions flagged for human review
- Month-end close triggers checklist β AI auto-completes standard entries (depreciation, amortization, accruals) β generates trial balance β drafts financial statements β flags anomalies
- Sales closes deal β Finance auto-generates: invoice, revenue recognition entry, commission calculation
- HR hires employee β auto-updates: payroll, benefits accruals, headcount reporting
- Procurement approves vendor β auto-creates: vendor master entry, payment terms, W-9 tracking
- Actuals posted β auto-generates: budget vs actual analysis, variance commentary, forecast update
**What humans still do:**
- Approve entries above materiality thresholds
- Make accounting judgment calls (complex rev rec, impairment assessments)
- Manage third-party audit
- Treasury and cash management decisions
- Tax strategy and filing sign-off
- Board presentations
**Tools/Tech:** ERP with AI layer (or middleware). AP automation (Tipalti, Bill.com with AI). Event bus connecting sales, HR, procurement to finance. Workflow orchestrator for close process. Approval routing with escalation.
**Role changes:**
- AP clerks become "exception handlers" β reviewing what AI can't process
- Junior accountants shift to close process monitoring and anomaly investigation
- Controller focuses on technical accounting and judgment areas
- CFO gains real-time financial visibility for the first time
- New role: Finance Automation Engineer
**Key risks:**
- Auto-posted journal entries with errors β corrupt financial statements
- Revenue recognition automation doesn't handle complex contracts (variable consideration, multiple performance obligations)
- Cross-department triggers create entries without proper context
- Audit trail breaks if automation isn't properly logged
**Gate to Step 4:**
- [ ] AP automation processing β₯70% of invoices without human intervention
- [ ] Month-end close time reduced β₯40%
- [ ] All automated entries have full audit trail
- [ ] External auditors comfortable with automated processes
---
Steps 4-7: Finance's Progressive Autonomy
**Step 4:** Unified finance dashboard: real-time P&L, cash position, AP/AR aging, close progress, forecast accuracy. AI-driven anomaly detection on all financial data. Cost tracking for all automated processes. Auditor-friendly evidence packages auto-generated.
**Step 5:** Each finance team member has agents: Reconciliation Agent (auto-reconciles accounts daily), Reporting Agent (generates all recurring reports), Analysis Agent (monitors financial KPIs, surfaces insights), Tax Agent (tracks tax obligations across jurisdictions). One controller + agents = previously a team of 4.
**Step 6:** Finance department operates autonomously for standard operations: AP/AR fully automated, close process automated (human review of final statements), FP&A continuously updated, regulatory filings auto-prepared (human sign-off). Humans handle: complex accounting judgments, treasury strategy, third-party audit management, board advisory, M&A financial analysis.
**Step 7:** Finance is an autonomous system: real-time financial statements, continuous close, dynamic forecasting, automated regulatory compliance. CFO + 2-3 senior finance professionals focus on: strategic financial planning, capital allocation, investor relations, complex transactions.
---
---
TRADING DESK
Step 0: Individual Augmentation
**What AI does:**
- Traders use ChatGPT for market research summaries ("What happened in copper markets today?")
- Analysts draft trade ideas and research notes using AI
- Quick calculations and scenario analysis ("What's our P&L impact if EUR/USD moves 200 bps?")
- Summarize broker research and central bank communications
- Draft client trade reports and market commentary
**What humans still do:**
- ALL trading decisions and order execution
- Risk management and position monitoring
- Client relationship management
- Market analysis and trade idea generation
- P&L reconciliation
- Compliance with trading rules and limits
**Tools/Tech:** ChatGPT/Claude (personal or team subscriptions). STRICT policy: NO position data, NO client data, NO proprietary strategies, NO pre-trade information in third-party AI.
**Role changes:** None. Traders use AI for research speed. Analysts draft faster.
**Key risks:**
- Trader pastes position data or strategy into public AI β front-running risk, regulatory violation
- AI market analysis is wrong β trader acts on it without verification
- Material non-public information (MNPI) accidentally shared with AI provider
- In financial services, this is the HIGHEST RISK department for AI data leakage
**Gate to Step 1:**
- [ ] Trading desk data handling policy specifically for AI β reviewed by compliance
- [ ] Zero incidents of sensitive trading data in third-party AI
- [ ] Traders have identified β₯3 use cases where AI adds value WITHOUT accessing sensitive data
---
Step 1: Structured Productivity
**What AI does:**
- Company-provisioned AI workspace with STRICT data isolation (on-premises or dedicated cloud tenant):
- Automated trade blotter formatting and report generation
- Quick regulatory reference: "What are EMIR reporting requirements for this trade type?"
- **Research templates:** "Summarize today's central bank communications and expected market impact on [asset class]"
- **Trade report templates:** "Generate end-of-day client trade report from this execution data"
- **Scenario analysis:** "Given portfolio [anonymized parameters], model P&L under [stress scenarios]"
- **Market commentary:** "Draft morning market commentary for [asset class] based on overnight developments"
**What humans still do:**
- ALL trade execution and risk decisions
- Client communication and relationship management
- Strategy development
- Risk limit monitoring and management
- All compliance-related decisions
- Market-making decisions
**Tools/Tech:** On-premises or dedicated cloud AI (Azure OpenAI Private Endpoint, AWS Bedrock in VPC). Air-gapped from trading systems. NO API connection to OMS/EMS at this stage. Templates stored in secured internal repo.
**Role changes:**
- Research analysts produce 2-3x more content
- Junior traders get better market context faster
- Desk head monitors AI usage through audit logs
- Compliance reviews all trading desk AI templates
**Key risks:**
- Even company-provisioned AI, if connected to trading data, creates insider trading risks
- Traders start relying on AI market analysis β dangerous if model is wrong during volatile markets
- Regulatory scrutiny: MiFID II, Dodd-Frank implications of AI-assisted trading decisions
- Audit trail for AI-assisted research that leads to trading decisions
**Gate to Step 2:**
- [ ] AI workspace deployed with full data isolation from trading systems
- [ ] Compliance approved all templates for trading desk use
- [ ] Research output per analyst increased β₯50%
- [ ] Full audit trail of all AI interactions by trading desk personnel
---
Step 2: Shared Knowledge Layer
**What AI does:**
- RAG over PERMISSIBLE knowledge only (strict access controls):
- Traders/analysts ask:
- Market research archive (published research, not proprietary)
- Regulatory requirements per product type and jurisdiction
- Trading desk procedures and risk management frameworks
- Historical market events and the desk's response to them
- Client coverage notes (non-MNPI)
- Product specifications and exchange rules
- "What's our risk limit framework for commodity options?"
- "How did we manage our book during the 2020 March volatility?"
- "What are LME rules for position reporting?"
- "What's the margin methodology for cleared OTC swaps at CME?"
**What humans still do:**
- ALL trading decisions
- ALL risk management
- Client relationships
- Strategy β AI is a reference tool, not a decision-maker
- Compliance monitoring of trading activity
**Tools/Tech:** Separate, secure vector DB for trading desk knowledge. Strict access tiers: market knowledge (all traders), risk frameworks (senior + risk), client notes (coverage traders only). NO connection to real-time position data or P&L.
**Role changes:**
- New hires access institutional knowledge instantly (previously took 6-12 months to learn "how we do things")
- Research function enhanced β historical context at fingertips
- Risk managers use AI to quickly reference policies and precedents during stress events
**Key risks:**
- RAG accidentally indexes MNPI or position data β insider trading risk
- Over-reliance on historical responses ("we did X in 2020") in different market conditions
- Access control failure β junior trader sees information above their clearance
**Gate to Step 3:**
- [ ] Knowledge base covers desk procedures, risk frameworks, market reference β verified by compliance
- [ ] ZERO position data, ZERO client-specific data in the knowledge base
- [ ] Access controls audited by compliance and IT security
- [ ] New trader onboarding time reduced β₯30%
---
Step 3: Workflow Automation & Cross-Department Triggers
**What AI does:**
- **Pre-trade automation:**
- **Post-trade automation:**
- **Cross-department triggers:**
- Trade request submitted β auto-checks: risk limits, margin requirements, regulatory constraints, client suitability β flags violations before execution
- New client trade request β auto-pulls: client risk profile, credit limits, product permissions β presents to trader with recommendation
- Trade executed β auto-generates: confirmation, regulatory reports (EMIR, MiFIR, Dodd-Frank), updates P&L, notifies operations for settlement
- End-of-day β auto-generates: desk P&L report, risk summary, position report, exception list
- Margin call triggered β auto-calculates: required amounts, generates client notification draft, alerts operations
- Trade exception detected β alerts compliance (surveillance), risk (limit breach), operations (settlement issue)
- New product approved β auto-updates: trading system parameters, risk limits, regulatory reporting templates
**What humans still do:**
- ALL trading decisions and execution
- Risk limit setting and exception approvals
- Client relationship and negotiation
- Market-making strategy
- Override/approve any pre-trade check rejection
**Tools/Tech:** Integration layer between AI and OMS/EMS (carefully scoped, read-heavy, limited write). Pre-trade compliance engine. Regulatory reporting automation (Kaizen, Cappitech). Post-trade processing integration. VERY careful API scope β agents can read and report but cannot execute trades.
**Role changes:**
- Middle-office shrinks β post-trade processing increasingly automated
- Risk analysts shift from report generation to exception investigation
- Compliance surveillance enhanced by automated flagging
- Operations team focuses on settlement exceptions, not routine processing
**Key risks:**
- Pre-trade check automation has false negative β trade violates limits/regulations
- Post-trade reporting error β regulatory violation
- ANY agent action that could be construed as trade execution β regulatory catastrophe
- System failure during high-volume periods β manual fallback needed
**Gate to Step 4:**
- [ ] Pre-trade checks automated with β₯99% accuracy
- [ ] Post-trade reporting automated for β₯80% of trade types
- [ ] No regulatory reporting errors from automated processes
- [ ] STRICT separation maintained: AI reads trading data, NEVER executes
---
Steps 4-7: Trading Desk's Progressive Autonomy
**Step 4:** Unified trading operations dashboard: real-time P&L, risk utilization, regulatory reporting status, settlement pipeline, margin levels. AI-driven anomaly detection on trading patterns. Cost tracking for all automated processes. Regulatory exam readiness scores.
**Step 5:** Each trader/analyst has agents:
- **Research Agent:** 24/7 market monitoring, summarizes overnight developments, surfaces relevant research
- **Risk Agent:** Monitors position risk in real-time, alerts before limits are breached, suggests hedges
- **Reporting Agent:** Auto-generates all reports (P&L, risk, regulatory, client)
- **Compliance Agent:** Pre-screens all activity, maintains audit trail
**β οΈ CRITICAL BOUNDARY:** Even at Step 5-7, agents NEVER execute trades autonomously. Trading desk is the one department where "autonomous execution" requires explicit regulatory approval (algorithmic trading authorization under MiFID II, Reg AT proposals, etc.) and carries extreme risk.
**Step 6:** Trading desk middle/back-office operations autonomous: settlement processing, regulatory reporting, margin management, client reporting. Front-office remains human-driven for trade execution with AI as decision support.
**Step 7:** The trading desk is the most human-centric department in the autonomous enterprise. AI provides: perfect information (real-time, comprehensive), instant analysis, complete compliance coverage, and automated operations. Humans make ALL execution decisions. The trader becomes a "strategic decision-maker with perfect information" rather than someone drowning in manual processes.
---
---
OPERATIONS
Step 0: Individual Augmentation
**What AI does:**
- Ops staff use ChatGPT for: drafting client onboarding documentation, writing process checklists, summarizing regulatory requirements for operational procedures
- Generating reconciliation reports commentary
- Answering "how to" questions: "How do we process a corporate action for dual-listed securities?"
- Drafting client communications (settlement confirmations, operational updates)
- Writing SOPs and procedure manuals
**What humans still do:**
- All settlement processing and confirmation
- Client onboarding and account setup
- Trade reconciliation and break resolution
- Corporate action processing
- Regulatory reporting
- Cash management and collateral management
- Client service and query resolution
**Tools/Tech:** ChatGPT/Claude subscriptions. Policy: no client data, no position data, no settlement details in third-party AI.
**Role changes:** None. Ops staff draft documentation faster.
**Key risks:**
- Client data or settlement details pasted into public AI
- AI-generated procedures that miss critical steps
- Ops staff trust AI for regulatory procedures that require precise compliance
**Gate to Step 1:**
- [ ] >60% of ops team using AI for documentation
- [ ] Data handling policy for ops-specific sensitive data
- [ ] 3+ documented productivity improvements
---
Step 1: Structured Productivity
**What AI does:**
- Templates for:
- Automated daily operations reporting (settlement status, breaks outstanding, onboarding pipeline)
- **Client onboarding:** "Generate onboarding checklist for [client type] in [jurisdiction] covering: KYC requirements, account documentation, system setup, regulatory notifications"
- **Reconciliation:** "Given these trade breaks [anonymized details], classify by type, prioritize by age and value, suggest resolution steps"
- **Corporate actions:** "Draft client notification for [corporate action type] on [security], including election deadlines and options"
- **SOP generation:** "Create standard operating procedure for [process] including: steps, controls, escalation triggers, regulatory references"
**What humans still do:**
- Execute all settlement processes
- Resolve reconciliation breaks
- Client account management
- Corporate action processing and elections
- Regulatory reporting
- Exception handling and escalation
**Tools/Tech:** Enterprise AI with ops-specific templates. Integration with OMS/settlement system (read-only). Template library maintained by ops management.
**Role changes:**
- Ops analysts produce documentation 2-3x faster
- Junior ops staff handle routine queries using templates
- Ops manager designates AI champion
**Key risks:**
- Template-generated procedures miss jurisdiction-specific requirements
- Ops staff become process followers instead of process thinkers
- Wrong reconciliation classification β wrong resolution approach
**Gate to Step 2:**
- [ ] Templates covering β₯80% of standard ops procedures
- [ ] Daily reporting automated
- [ ] SOP library generated and reviewed by ops leadership
- [ ] Onboarding checklist generation time reduced β₯50%
---
Step 2: Shared Knowledge Layer
**What AI does:**
- RAG over: all SOPs, operational procedures, client onboarding guides per jurisdiction, settlement rules (CLS, DTC, Euroclear, DTCC), corporate action processing guides, historical break resolutions, regulatory requirements for operational processes
- Ops staff ask:
- New hire training: interactive knowledge base covering all operational processes
- "What's the settlement cycle for Turkish equities?"
- "How did we resolve the last DTC fail on [security type]?"
- "What documentation is required for a new custody account in Singapore?"
- "What's the CSDR penalty regime for late settlement?"
**What humans still do:**
- Execute operations
- Client relationship management
- Exception handling
- Process improvement
- Maintaining the knowledge base
**Tools/Tech:** Vector DB indexing: SOPs, procedure manuals, settlement rule guides, historical break resolution records, client onboarding templates. Integration with settlement system and OMS (read-only).
**Role changes:**
- Ops analysts become "exception investigators" β routine queries handled by AI
- New hires productive in days instead of weeks
- Ops leadership focuses on process optimization, not fire-fighting
**Key risks:**
- Outdated settlement rules in RAG (exchanges change rules)
- Historical break resolutions that don't apply to current market structure
- Over-reliance on AI for time-critical operational decisions
**Gate to Step 3:**
- [ ] >80% of "how do we process X?" answerable via RAG
- [ ] Settlement rule database current for all active markets
- [ ] New hire ops onboarding time reduced β₯40%
---
Step 3: Workflow Automation & Cross-Department Triggers
**What AI does:**
- **Settlement automation:**
- **Client onboarding automation:**
- **Reconciliation automation:**
- **Corporate actions:**
- **Cross-department triggers:**
- Trade executed (Trading Desk trigger) β auto-generates: settlement instructions, matches with counterparty, monitors settlement status, escalates fails
- Settlement fail detected β auto-diagnoses: reason code, counterparty status, suggests resolution β initiates buy-in process if threshold exceeded
- T+0 settlement matching β auto-affirm/confirm where bilateral agreement exists
- Sales closes deal β auto-initiates: KYC document collection, account opening forms pre-populated, system setup tickets generated, regulatory notifications drafted
- Client submits KYC docs β auto-validates: completeness check, sanctions screening, adverse media β flags gaps for human review
- Daily auto-reconciliation: positions, cash, trades β breaks auto-classified by type and priority β standard breaks auto-resolved β exceptions queued for human investigation
- Corporate action announced β auto-notifies: affected clients with election options, calculates entitlements, generates processing instructions, tracks deadlines
- Ops identifies issue β alerts trading desk, compliance, finance as appropriate
- Client offboarding initiated β auto-processes: position transfers, account closure, regulatory notifications, record archival
**What humans still do:**
- Exception handling for complex settlement fails
- Client relationship management for operational issues
- Processing non-standard corporate actions
- Regulatory reporting sign-off
- Strategic decisions on operational infrastructure
- Managing custodian and counterparty relationships
**Tools/Tech:** Settlement system integration (read + write for approved actions). Reconciliation engine with AI layer. Client onboarding platform with automated KYC. Corporate action processing system. Event bus connecting trading, compliance, finance, client-facing systems.
**Role changes:**
- Settlement processing team shrinks 40-50% (standard settlements automated)
- Ops analysts become "exception specialists" β handling only what AI can't
- Client onboarding role evolves to "client experience manager" β less paperwork, more relationship
- New role: Operations Automation Engineer
- Reconciliation team focuses on complex breaks and process improvement
**Key risks:**
- Auto-settlement instruction error β failed settlement β financial loss and regulatory penalty
- KYC auto-validation misses a document β regulatory violation
- Reconciliation auto-resolution closes a break incorrectly β position discrepancy
- System failure during settlement window β need manual fallback procedures
**Gate to Step 4:**
- [ ] Standard settlement processing β₯80% automated
- [ ] Client onboarding β₯60% automated (standard risk clients)
- [ ] Daily reconciliation auto-match rate β₯90%
- [ ] Zero settlement errors from automation in 90 days
---
Steps 4-7: Operations' Progressive Autonomy
**Step 4:** Unified operations dashboard: settlement pipeline, break aging, onboarding status, corporate action calendar, regulatory reporting. AI anomaly detection on all operational flows. Cost-per-settlement and cost-per-onboarding metrics. STP (Straight Through Processing) rates tracked and improving.
**Step 5:** Each ops team member has agents:
- **Settlement Agent:** Monitors and manages settlement pipeline 24/7, handles standard fails, escalates complex ones
- **Reconciliation Agent:** Continuous reconciliation, not just end-of-day
- **Client Agent:** Manages onboarding pipeline, tracks documentation, sends reminders
- **Reporting Agent:** All operational and regulatory reporting automated
One ops analyst + agents = previously a team of 3-4.
**Step 6:** Operations runs autonomously for standard processing: settlements, reconciliations, standard onboarding, corporate actions, regulatory reporting. STP rate >95%. Humans handle: complex exceptions, client relationships, custodian negotiations, process innovation, regulatory examinations.
**Step 7:** Operations is the circulatory system of the autonomous enterprise. Every transaction flows through automated operational pipelines. Real-time reconciliation (not end-of-day). Predictive settlement (anticipate and prevent fails before they happen). Humans: Head of Ops + 2-3 senior exception specialists + operations architect.
**Operations is arguably the department that benefits MOST from autonomous transformation** β it's process-heavy, rule-based, and high-volume. The transformation from a team of 15-20 to a team of 5 with better accuracy and speed is realistic.
---
---
CROSS-DEPARTMENT SUMMARY: TEAM SIZE EVOLUTION
| Department | Pre-Transform | Step 3 | Step 5 | Step 7 |
|-----------|:---:|:---:|:---:|:---:|
| Sales | 15-20 | 12-15 | 8-10 | 5-8 |
| Marketing | 8-12 | 6-8 | 4-5 | 2-3 |
| Product | 5-8 | 4-6 | 3-4 | 2-3 |
| Engineering | 20-30 | 15-20 | 10-12 | 5-8 |
| IT/OPS | 8-12 | 5-8 | 3-5 | 2-
Source: README.md
---
tags: [project, ai-transformation, roadmap, sycopa]
created: 2026-04-24
status: active
owner: Atlas (COO)
---
πΊοΈ AI Enterprise Transformation Roadmap
> Transform a knowledge-work company from Step 0 (employees using chat AI) to Step 7 (fully autonomous enterprise) β without reinventing the wheel.
Documents
- [[00-master-roadmap]] β Executive overview: 8 steps, timelines, gate criteria, tech stacks, risk matrices, and the Three Laws of AI Transformation
- [[01-full-department-playbooks]] β Detailed playbooks for all 10 departments (Sales, Marketing, Product, Engineering, IT/OPS, Legal, Compliance, Finance, Trading Desk, Operations) across all 8 steps
Quick Reference
| Step | Name | Duration | Cumulative |
|------|------|----------|------------|
| 0 | Individual Augmentation | 6-8 weeks | ~2 months |
| 1 | Structured Productivity | 3-5 months | ~6 months |
| 2 | Shared Knowledge Layer | 4-6 months | ~11 months |
| 3 | Workflow Automation | 4-6 months | ~16 months |
| 4 | Monitoring & Consolidation | 3-4 months | ~19 months |
| 5 | Personal Agent Teams | 4-6 months | ~24 months |
| 6 | Autonomous Departments | 6-12 months | ~30-36 months |
| 7 | Autonomous Enterprise | Ongoing | 36+ months |
The Three Laws
1. **You cannot skip steps.** Each builds trust, infra, and culture for the next.
2. **The bottleneck is never the technology.** It's always culture, governance, or knowledge quality.
3. **The goal is not to replace humans β it's to make humans unreasonably effective.**
Context
- Created by Atlas (COO Agent) on 2026-04-24
- Requested by YI for SYCOPA company transformation
- Covers financial services / trading company context (20-200 employees)