Buy or build? The question every compliance team is asking
Every AI adoption conversation eventually arrives at the same fork in the road. Buy a solution or build one in-house.
There is no easy answer. That was the premise of the Buy or Build in AI Compliance debate, hosted by Guildhawk Gai Labs this Tuesday at 22 Bishopsgate, where senior leaders from across industries gathered to explore the subject head-to-head.
The debate was chaired by Jurga Zilinskiene MBE, and featured Dr Steve Strickland, Chief Risk and Compliance Officer at ReStabilise, and Gary Brailsford-Hart, Director of Information and CISO at City of London Police.
A question with no single right answer
The debate format itself made the point better than any single argument could. Two experienced practitioners, both fluent in the risks and realities of deploying AI in regulated environments, took opposing positions and made a genuinely compelling case for each.
What emerged was not a clean verdict. It was a map of trade-offs.
Buying a solution offers speed, established governance, and the comfort of vendor accountability. Building offers control, and the ability to shape a tool precisely around an organisation's own risk appetite and workflows.
Neither path is free of cost, and neither is free of risk.
Where the room found common ground
If there was a consensus in the room, it was this: the choice is rarely binary in practice.
Several attendees pointed to a middle path already gaining traction. Teams are using AI tools to build working prototypes early, not as production systems, but as a way of clarifying requirements before a buy decision is made. A rough, fast prototype can surface exactly what a compliance workflow needs before a single procurement conversation begins.
This is not a compromise position. It is a sequencing decision. Build first, to understand. Buy second, to scale.

Audience Q&A at Guildhawk GAI Labs’ Buy or Build in AI Compliance debate, 22 Bishopsgate, 7 July 2026
Why this matters now
Compliance and risk functions are under pressure to move quickly on AI, often faster than their usual due diligence cycles allow. The debate reflected a wider tension: the tools available today are powerful, but the frameworks for evaluating and trusting them are still catching up.
That tension is not going away. If anything, it is the defining question for regulated sectors in 2026.
Click here to download a copy of Gary Brailsford’s presentation.
What comes next
Guildhawk was pleased to bring this conversation to a room of senior leaders.
The event also included a preview of new work from GAI Labs, with further news on an AI tool designed to help prevent fraud expected soon.
Buy or build remains an open question. The organisations that answer it well will not be the ones with the strongest opinion, but the ones asking the sharpest questions of themselves first.

About Guildhawk Gai Labs
Gai Labs is Guildhawk’s research and development team, developed in partnership with Sheffield Hallam University. It builds AI solutions for regulated, high-trust environments, where accuracy and accountability matter as much as speed.
Guildhawk has spent 25 years working at the intersection of language, technology and trust, and Gai Labs continues that focus with human oversight built into every product it creates.
Media enquiries:
info@guildhawk.com

