Building
Colloxa turns POPIA, GDPR, the EU AI Act, and ISO 42001 into technical enforcement and regulator-ready evidence.
See governance infrastructure →︎I turn policy into systems that enforce it.
Systems builder in AI governance and privacy for regulated enterprises. Based in Cape Town, working across product, delivery, and public writing.
- Colloxa: governance infrastructure
- Lula: delivery leadership
- The Control Plane: field notes
Pilot by invitationFlagship product · AI Governance Infrastructure
Governance that runs in production.
AI governance infrastructure for regulated enterprises: a control-and-evidence layer that enforces policy at runtime and produces regulator-ready records.
POPIA · GDPR · EU AI Act · ISO 42001 · NDPR · Rwanda DPL · Zimbabwe CDPA · Kenya DPA
Control Fabric · Evidence Fabric · Agentic Risk Fabric · Trust Operations Fabric
Frameworks: POPIA, GDPR, EU AI Act, ISO 42001
Four fabrics: Control, Evidence, Agentic Risk, Trust Operations
Pilot by invitation
Technology, governance, and execution
One discipline in three mediums: build enforceable systems, run delivery where stakes are real, write as a practitioner in public.
Delivery
At Lula, a Cape Town fintech, I lead delivery across engineering, product, and compliance. Seven years turning ambiguous requirements into systems that run in regulated environments.
See delivery track record →︎Writing
The Control Plane is the public record: AI governance from someone building the infrastructure. Tries Too Hard and my books carry judgement, leadership, and the human side of systems.
Read The Control Plane →︎Why Africa matters for governance infrastructure
Most governance vendors are built in jurisdictions with one dominant regulatory concern. Building from South Africa means working across POPIA, GDPR, the EU AI Act, and global norms at the same time. That regulatory complexity produces infrastructure-first thinking and operational realism.
Read the Africa essay →︎A practitioner thinking out loud
Field notes from building governance infrastructure: enforcement, evidence, and the operational gaps policy leaves behind.
- Field noteAI governance without enforcement is theatreThe prompt is not the risk. The policy gap is.
- Field noteAfrica’s AI Governance Advantage Is InfrastructureWe have a chance to build evidence, control and accountability into the systems still being formed.
- Field notePrivacy by design failedPrivacy by design is not a compliance checkbox
Follow the work.
Colloxa for enforceable governance. The Control Plane for the public record. Delivery at Lula for operational proof.