Insights on AI, due diligence, and technology advisory.
Evidence-based perspectives for investors, boards, and leaders making real AI decisions.
How to Read an AI Due Diligence Report (for Non-Technical Investors and Boards)
You do not need to understand the model to use the report well. You need to know what a good one tells you, in what order, and what its own weaknesses look like.
Read article
Level 4 vs Level 5 MLOps: What Advanced AI Organisations Look Like
Level 4 watches your models in production. Level 5 retrains them automatically with governance built in. Most organisations need the first and should not chase the second.
Read article
Technical Due Diligence vs AI Due Diligence: Where They Diverge
People assume AI diligence is tech diligence plus a look at the model. It is not. The questions that decide whether an AI system works are not on a standard technical checklist.
Read article
Conditional Proceed: The Underused Middle Option in DD Verdicts
Most reports push toward yes or no. The honest answer is usually yes, if. A conditional proceed with named pre-conditions and timelines is the verdict that actually protects the decision.
Read article
The UAE Charter for AI: What 'Non-Binding' Means in Practice
Non-binding does not mean consequence-free. The Charter signals where expectations are heading, and the gap between a nice statement and real controls is where organisations get caught.
Read article
Why '98% Accuracy' Is Meaningless Without Context
Accuracy is the most quoted and least useful AI metric. A model can be 98% accurate and still fail at the one thing you need it to do. Here is what to ask instead.
Read article
Verified, Corroborated, Reported: The Evidence Levels Behind Every Finding
A finding you verified against production logs is not the same as something a founder told you on a call. Reports that blur the two leave the reader unable to judge what to trust.
Read article
Why the UAE Has Multiple AI Regulators, and How to Work Through It
A single firm can answer to the CBUAE, the DFSA, and federal law at the same time. The layering is deliberate. The way through it is a mapping exercise, not a guess.
Read article
CBUAE's February 2026 AI Guidance: What UAE Banks Should Actually Do
It says 'should,' not 'must.' Treat it as optional and you will find out otherwise during an examination. Here are the four areas it covers and what to do about each.
Read article
Measuring ROI on AI Initiatives: What Actually Matters
Most AI ROI numbers measure the easy thing, not the real one. Here is what actually predicts whether an AI initiative paid off, and when the ROI question is the wrong one to ask.
Read article
The OWASP Top 10 for LLM Applications: What Investors Should Know
You do not need to be a security engineer to use this list. You need to know which risks to verify before investing and which to leave to the operators after.
Read article
ISO 42001 in Plain English
ISO 42001 is the first certifiable standard for managing AI. Here is what it asks for without the jargon, and how to check whether a vendor claiming it has actually done the work.
Read article
5 Red Flags in AI Startup Pitch Decks
The same five warning signs keep showing up in AI pitch decks. Here is each one, the slide it lived on, and what we found when we looked underneath it.
Read article
From Notebooks to Production: Moving from Level 1 to Level 3 MLOps
The leap from running models by hand to automated pipelines is the one that matters most, and the one most teams stall on. Usually because they buy a platform before they fix the process.
Read article
The 2026 GCC AI Regulatory Environment: What Financial Institutions Need to Know
There is no single GCC AI act. There is a layered set of regulators and binding expectations that most boards cannot yet name. Here is the map.
Read article
Three Questions to Ask Any AI Vendor Before Signing
Most AI procurement regret traces back to three questions that were not asked before the contract was signed. Ask these, and listen carefully to how the vendor answers.
Read article
Writing an AI Due Diligence Report Decision-Makers Can Act On
The output of an assessment is not a catalogue of findings. It is a decision someone can act on. Most reports stop one step short of being useful.
Read article
EU AI Act Risk Classifications: What They Mean for MENA Companies
The Act follows your customers, not your headquarters. If you serve EU clients, it can apply to you in Dubai or Riyadh. Here is what the four risk tiers actually mean.
Read article
An AI Procurement Due Diligence Checklist for Enterprise
Buying an AI system is not buying software. The demo is not the product, and the cheapest vendor is often the biggest risk. Seven categories every procurement scorecard needs.
Read article
The Information Request List Every AI Vendor Should Expect
We ask for artefacts, not assurances. How a company responds to the request list often tells you more than the artefacts themselves.
Read article
Scoping an AI Assessment: How to Frame the Questions That Matter
A thorough answer to the wrong question is the most common failure in due diligence. It starts with weak scoping. Here is how to frame an assessment so the rest of the work counts.
Read article
5 Levels of AI/ML Maturity: Where Most Companies Actually Sit
Google's MLOps model has three levels. We use five, because the gap between a team running notebooks by hand and one with monitored, retraining pipelines is too wide for three buckets.
Read article
NIST AI RMF vs ISO 42001 vs EU AI Act: Which One You Actually Need
These three get treated as interchangeable. They are not. One manages risk, one certifies a management system, one decides whether you can legally sell. The choice changes the conclusion.
Read article
The 4-phase AI due diligence process our team uses
A due diligence engagement is only as good as its structure. Here are the four phases we run, what each one produces, and why the sequence matters.
Read article