Functional Architect · AI Governance & Systems Architecture
_{Building infrastructure for privacy-preserving AI deployment in regulated environments.}

I bridge the gap between AI research and enterprise deployment. My work focuses on translating abstract governance and safety principles into operational software, specifically designing systems for environments where data privacy and regulatory compliance are non-negotiable.

An open-source, self-hosted proxy architecture sitting between enterprise workforces and external LLMs. It is designed to enforce data privacy and compliance by default.

• Pre-Flight PII Tokenization: Intercepts and tokenizes personal identifiers locally before prompts leave the corporate network (Jane Smith → {{PERSON_1}}), restoring them upon return.
• Fail-Safe Processing: Engineered to block requests if PII detection fails, ensuring safety is the default system state.
• Cryptographic Audit Trails: Implements hash-chained, append-only logging (WORM on Postgres) to generate tamper-evident records for compliance audits.
• OWASP LLM Top 10 Alignment: Built-in architectural mitigation for prompt-injection (LLM01), output sanitization (LLM02), and sensitive data leakage (LLM06).

I actively contribute to the broader trustworthy AI ecosystem, focusing on frameworks that enforce safety and governance at an institutional level.

• SantanderAI: Contributor to the Mechanical Governance Framework.
• Apache-2.0 Tooling: Building and maintaining permissive, open-source AI governance infrastructure.

My systems architecture approach is heavily informed by ~7 years of product management and business analysis in the banking sector, designing for strict regulatory constraints and globally recognized AI frameworks.

• AI Governance & Standards: Operationalizing enterprise controls against the NIST AI RMF, ISO/IEC 42001, and emerging legislation like the EU AI Act. Actively pursuing the IAPP AIGP (Artificial Intelligence Governance Professional) credential.
• Compliance-Critical Workflows: Directed product requirements for CTR, BSA, KYC, and OFAC systems.
• Identity & Access Management (IAM): Architected enterprise RBAC models to support secure, launch-critical deployments.
• Regulatory Traceability: Mapped system requirements directly to FCA, PRA, and RBI guidelines to ensure audit readiness.

• AI Governance vs. AI Safety: Why conflating them is a dangerous strategic blind spot.
• Building Privacy-Preserving Enterprise LLM Systems
• Designing Local-First LLM Evaluation Systems

• Current: Product Owner, Fiserv (via Orion Innovation) — Driving identity, governance, and platform safety for North American banking systems.
• Previous: Lead Business Analyst @ HSBC UK (Globant) · Lead Business Analyst @ Fiserv (Vivid) · Data/App roles @ Air Dynamics, Accenture.
• Education: MBA, Business Analytics — Hult International Business School (Dean's List) · B.E. Computer Science — University of Pune.