What AI integration actually means for a 20-person fintech.

In full

"We should be using AI" is not a strategy. For a 20-person fintech it is usually a distraction dressed as ambition. The firms that get value from AI are not the ones that bolt a chatbot onto the homepage. They are the ones that find the three workflows quietly costing them a salary a year and let software take the repetitive 80% while people keep the judgement. Here is how to find those workflows, and how to add AI without inheriting a compliance problem.

Start with the cost, not the technology

The wrong first question is "where can we use AI?" The right one is "where are we paying skilled people to do unskilled work?" In a small fintech the answer is almost always the same handful of places: reading documents and typing their contents into a system, deciding which queue a request belongs in, and chasing the same five exceptions every day.

Those tasks share a profile. They are high volume, low variation, and they sit between two systems that do not talk to each other. That profile, not the word "AI", is what tells you there is value to capture.

If a task is high volume, low variation, and sits between two systems, it is a candidate. If it needs real judgement, it is not.

The three workflows worth automating first

1. Document intake and extraction

Someone receives a PDF, reads it, and types six fields into your platform. They do this hundreds of times a month. An extraction pipeline reads the document, pulls the fields, reports a confidence score per field, and routes anything uncertain to a person. The person now reviews exceptions instead of typing everything. The same headcount processes several times the volume.

2. Triage and routing

Incoming requests need to be sorted before anyone can act on them. A classification step does this in milliseconds, tags each item, and sends it to the right queue. Misroutes drop, response times fall, and your most experienced people stop spending their morning sorting the post.

3. Drafting the first version

Status updates, standard responses, summaries of long threads. AI drafts; a person edits and approves. The blank page disappears, and the human spends their time on the judgement call of whether the draft is right, not on assembling it from nothing.

The guardrails that make it safe in a regulated firm

A fintech does not get to "move fast and break things." POPIA in South Africa and FCA rules in the UK mean a careless integration is not a bug, it is a reportable event. Three guardrails are non-negotiable, and they cost very little if you build them in from day one rather than retrofitting them after an audit.

• Data boundary. Customer data does not leave your compliance perimeter to reach a model. You choose a deployment where the data stays inside the boundary you can evidence.
• Human in the loop on regulated decisions. AI can read, sort, and draft. It does not autonomously make a decision that affects a customer's money or rights. A person signs off.
• An audit trail on every action. What the system did, what it read, and what it decided, written somewhere immutable. If you cannot show it, you cannot defend it.

What to ignore, for now

The same discipline says no to most of what gets pitched. A 20-person fintech does not need to fine-tune its own model, build an agent that acts without supervision, or put a generative chatbot in front of customers making financial decisions. Those are not wrong forever. They are wrong as a first move, because they carry the most risk and the least certain return.

Done this way, AI stops being a line item you feel guilty about not using and becomes what it should be: quiet leverage on the work you already do.