Building
AI governance infrastructure, not frameworks on paper. Colloxa is the current focus: technical enforcement and evidence for regulated enterprises under POPIA, GDPR, the EU AI Act, and ISO 42001.
See governance infrastructure →︎I turn policy into systems that enforce it.
A systems builder at the intersection of technology, governance, and execution. Product work, delivery work, and writing are the same discipline in different mediums.
- Lula: delivery · operational proof
- Colloxa: AI governance infrastructure
- GRC: Governance, Risk & Compliance
- The Control Plane: practitioner writing
- Systems That Hold: book in progress
Pilot by invitationFlagship product · AI Governance Infrastructure
Governance you can enforce, not only document.
AI governance infrastructure for regulated enterprises: the control-and-evidence layer between organisations and the AI they depend on. Built by a practitioner who implements what frameworks require, not a consultant who stops at policy.
POPIA · GDPR · EU AI Act · ISO 42001 · NDPR · Rwanda DPL · Zimbabwe CDPA · Kenya DPA
Control Fabric · Evidence Fabric · Agentic Risk Fabric · Trust Operations Fabric
Real-time enforcement
Regulator-ready evidence
Sub-200ms decisions
Technology, governance, and execution
One discipline in three mediums: build enforceable systems, run delivery where stakes are real, write as a practitioner in public.
Delivery
At Lula, a Cape Town fintech, I lead delivery across engineering, product, and compliance. Seven years turning ambiguous requirements into systems that run in regulated environments.
See delivery track record →︎Writing
The Control Plane is the public record: AI governance from someone building the infrastructure. Tries Too Hard and my books carry judgement, leadership, and the human side of systems.
Read The Control Plane →︎Why Africa matters for governance infrastructure
Most governance vendors are built in jurisdictions with one dominant regulatory concern. Building from South Africa means building inside regulatory layering: POPIA plus GDPR plus the EU AI Act plus global norms, at the same time. Constraint produces infrastructure-first thinking. It is operational realism, not geography pride.
Read the Africa essay →︎A practitioner thinking out loud
Not thought leadership. Field notes on enforcement, evidence, and why most organisations are further behind on AI governance than they believe.
- Field noteAI governance without enforcement is theatreThe prompt is not the risk. The policy gap is.
- Field noteAfrica’s AI Governance Advantage Is InfrastructureWe have a chance to build evidence, control and accountability into the systems still being formed.
- Field notePrivacy by design failedPrivacy by design is not a compliance checkbox
Currently
- Leading delivery at Lula, Cape Town
- Building Colloxa, AI governance execution infrastructure
- Pursuing IAPP CIPT and AIGP
- Publishing on The Control Plane
- Writing Systems That Hold
Follow the work.
Colloxa for enforceable governance. The Control Plane for the public record. Delivery at Lula for operational proof.