How are you building enterprise AI capabilities? What factors are driving your build-versus-buy-versus-partner decisions?

Building enterprise AI capabilities in the financial sector relies on a strategic mix of build, buy, and partner approaches, shaped by regulatory, operational, and competitive needs.
In-house development typically focuses on high-stakes areas like risk assessment, fraud prevention, and compliance, where precision, security, and customization are essential. For standardized applications such as customer support automation or reporting tools, pre-built solutions are often adopted to ensure efficiency and reduce development overhead.
Partnerships become valuable for accessing niche AI advancements, such as predictive analytics or large-scale data processing, where collaboration with specialized vendors or fintechs can provide cutting-edge capabilities without full internal development.
Decisions are guided by regulatory compliance, ensuring adherence to frameworks like GDPR and CCPA, data sensitivity, prioritizing control over personally identifiable information, and strategic differentiation, focusing investments on AI that enhances customer trust, operational resilience, and market leadership. The objective is to create a scalable, secure, and adaptable AI infrastructure that meets the financial industry’s evolving demands.

In healthcare, we primarily build our AI solutions in-house due to the nature of our industry. As a publicly traded, highly regulated company handling sensitive healthcare information, we must ensure that any AI touching our core business, especially patient data is exceptionally secure and tightly controlled.

Currently, many AI vendors are making significant claims and sales, but we prefer to observe how the market and technology evolve before making external commitments. For AI initiatives involving our core business, we require absolute confidence that there will be no data leaks and that models are strictly constrained in their capabilities. At this stage, we believe the only way to achieve the required level of security and assurance is to develop these solutions internally.

Our general approach is to buy as much as we can, since most of our challenges are not so unique that commercial products cannot address them. We typically look for platforms that meet most of our needs and then customize and build on top of them, rather than starting from scratch. Building from the ground up is not feasible given our time constraints and the pace at which we need to operate.

However, as a product company, our product group tends to build everything internally. While we may use off-the-shelf components in our electronics, the core development is done in-house, aside from open-source libraries. The real value comes from integrating these two approaches, leveraging commercial platforms where possible and building custom solutions where necessary.

In terms of resourcing, the decision to build or outsource is based on the amount of work required. If the workload for a platform exceeds a certain threshold, essentially, enough to justify hiring a full-time employee—we will hire internally. If the need is less substantial, we outsource and have an internal resource manage the relationship and project. Ultimately, it’s a balancing act between internal capabilities, cost, and strategic priorities.