AI Governance Framework & Operational Redesign
Built the company's first AI governance framework before most organisations knew they needed one, alongside a complete CRM and project management overhaul.
Sonect was operating across multiple European markets with a team using AI tools informally, no documented policies on data handling, privacy, or responsible use. This was 2022-2023: AI governance was not yet a regulatory mandate in Switzerland, but the trajectory was clear to anyone paying attention.
On the operational side, the CRM was fragmented and unmaintained. Project management happened across email, WhatsApp, and disconnected spreadsheets. A Mexico market entry was underway, adding a new regulatory layer: IFPE licensing, with AML, KYC, and KYB requirements that needed cross-team coordination.
Three problems, all urgent, all interconnected: no governance, no operational structure, and a regulatory deadline approaching for the Mexico expansion.
I tackled governance first, because it had the longest timeline to embed into the organisation's culture. I audited every AI tool in use, documented how data was flowing through them, and identified the gaps between current practice and what responsible deployment looked like.
The governance framework I built covered: data privacy guidelines (what data could be input into which tools, retention rules), data security rules (access controls, output handling), responsible usage guidelines (prohibited use cases, bias awareness checkpoints), and an AI tool approval process for any new tool the team wanted to adopt.
This was not a compliance checkbox. I wrote it to be readable and practical, not a legal document. The goal was for every team member to understand it and actually follow it.
CRM redesign: Rebuilt HubSpot from the contact database up. Defined pipeline stages that matched how Sonect actually sold, created deal properties that captured relevant data, and migrated the existing contact base with cleaned records.
ClickUp implementation: Replaced the email/WhatsApp project coordination with a structured ClickUp workspace. Defined team spaces, workflow templates, and status conventions. Ran adoption training across the team.
Mexico regulatory work: Coordinated the cross-functional workstream for the IFPE audit, aligning AML, KYC, and KYB requirements across product, legal, and operations. Managed 100+ B2B contacts across banking and retail partners in Mexico and LATAM.
- Sonect's first-ever internal AI governance framework, deployed before AI regulation became a mandatory discussion in Switzerland. The company had documented policies before regulators required them.
- Mexican IFPE audit passed. The regulatory approval that unlocked the Mexico market entry.
- AML, KYC, and KYB requirements documented and aligned across product, legal, and operations teams.
- HubSpot rebuilt from scratch with clean data, proper pipeline structure, and active adoption across the commercial team.
- ClickUp replaced ad hoc project coordination across three time zones and two languages.