About us
We operate where the risk sits.
A practitioner-led firm built for the work that begins after the policy is signed and the demo is over.
AI fails in production, not on paper. The policy gets signed, the launch goes well, and the live system carries on behaving in ways no one actually approved. That gap between the document and the running system is where the real risk sits, and it is where we have built the firm to work.
Responsible AI Solutions is practitioner-led. We build production AI and cloud-data platforms, govern them against the purpose they were approved for, advise the leaders who are accountable for them, and train the teams who will run them once we are gone.
What makes that possible is holding two disciplines the market usually keeps apart, the engineering depth to build production systems and the legal depth to govern them. The same firm that architects a platform can stand behind it in front of a regulator. What we leave behind is a working system, the evidence to defend it, and a team that no longer needs us.
What sets us apart
How we are different, in four sentences.
We build and we govern.
Most firms do one or the other. We do both, with an implementation lead who holds all thirteen AWS certifications and the Golden Jacket and a governance lead certified to ISO/IEC 42001, working as one accountable team rather than two handoffs.
We work to a production standard.
Our governance runs inside live systems, our builds ship with testing and monitoring already in place, and we judge training by what people can do afterwards rather than by the certificates they collected along the way.
We brief the board and the engineer.
The same decision has to read clearly to a director and precisely enough for an engineer to build from. Most programmes lose something in that translation, and ours is designed to survive it intact.
We leave capability behind.
We hand over a documented, operable system and train your people for the roles they actually fill, so that when we leave the platform keeps running and the governance still holds.
Leadership
Two principals, both sides of the work.
Vivegavalen Vadi Valu
Vivegavalen has spent twelve years across technology law, privacy, data governance, and AI risk in Asia-Pacific. He has built and led AI governance programmes for banks, telecoms operators, and government agencies, most recently as Associate Director at Deloitte, with earlier roles spanning Accenture, Nestlé, and PwC. He is also the founder of Trustethica, a platform for purpose-anchored governance of enterprise AI.
John Nathan
John is an AWS Professional Services Cloud Architect who holds all thirteen AWS certifications and the AWS Golden Jacket. He architects and delivers production systems for major banks, manufacturers, and government bodies, and he has worked every side of an engagement, from writing the RFP through to the handover. He builds for the team that will inherit the system rather than for the demo that wins the room.
Standards & frameworks
We benchmark to international standards.
ISO/IEC 42001:2023
The international standard for AI management systems.
NIST AI Risk Management Framework
The US reference for managing AI risk.
EU Artificial Intelligence Act
The EU regime for high-risk AI obligations.
Malaysia AIGE & NAIO
National guidelines and the direction of the National AI Office.
Singapore Model AI Governance
Singapore’s framework for responsible AI.
OECD AI Principles
International principles and related ASEAN guidance.
AWS Well-Architected
The framework behind production-grade cloud design.
Bank Negara RMiT
Risk management in technology for Malaysian finance.
PDPA & Cybersecurity Act
Malaysian data and cyber obligations, as amended.
Work with a team that does both.
One engagement, one accountable team, both sides covered.