Most SME AI projects fail in the same way. Not because the model is wrong, not because the prompt is weak — but because someone connected it directly to the CRM, the inbox, or the finance system on day one. The first bad output then writes itself into a system of record, and trust collapses before the project has earned the right to exist.
We've watched this pattern play out across recruitment agencies, professional services firms, estate agents, training providers and construction businesses. The technology is rarely the failure point. The integration posture is.
The risk envelope, defined
Every business has a risk envelope: the set of systems where a wrong action has real, hard-to-reverse cost. CRM data, invoices, customer comms, payroll, contracts, client records. Outside the envelope sits everything advisory: scratchpads, drafts, summaries, internal dashboards, suggestion queues, research notes.
The 444 ethos is simple. Start every system outside the envelope. Phase 1 generates outputs. A human reviews. Nothing writes back to a system of record until the system has earned that permission through measured output quality over a defined period.
This isn't caution for its own sake. It's the only posture we've seen consistently survive contact with a real SME.
What "outside" actually looks like
The instinct, when someone says "AI for your business," is to imagine an autonomous agent doing work end-to-end. The reality of a safe Phase 1 is much quieter:
- A drafting layer that produces proposals, replies and summaries a human pastes in
- A suggestion queue that surfaces follow-ups to chase, not one that books them
- An internal dashboard that scores leads, not one that emails them
- A research assistant that prepares call notes, not one that updates the CRM
- A weekly digest that highlights anomalies, not one that resolves them
None of those examples touch a system of record. All of them deliver real value the moment they're switched on.
Why this is faster, not slower
Teams assume the human-in-the-loop step slows things down. It does the opposite.
You ship in weeks instead of quarters because you skip the integration work, the permissions modelling, the rollback plans, the data-protection review, the legal sign-off, the change-management programme. None of those are wasted later — but none of them need to happen before you've proven the system produces useful output.
You also get real output-quality data from day one. Every human approval is a labelled training signal. Every rejection is a labelled failure. Within four to six weeks you have a quantified view of where the system is reliable and where it isn't. That data is what tells you whether deeper connection is justified, where, and on what terms.
When to connect deeper
Connection is opt-in, granular and reversible. Three rules:
- You connect a single workflow into a single system once output quality has held above your defined threshold for a defined period — typically four weeks at 90% acceptance with no critical errors
- You connect with a kill switch — a one-click revert that takes the integration back to draft-only mode
- You never connect a system you don't already trust the underlying outputs of
These rules sound conservative. They are. They're also why the systems built this way are still running two years later instead of being quietly decommissioned six months in.
The cost of getting this wrong
The asymmetry matters. A drafting system that produces a bad summary costs you the thirty seconds it took the reviewer to spot it. A system with write access that pushes a bad summary into the CRM costs you the customer relationship, the audit trail, and the trust of every team member who now distrusts every other AI-touched record in the database.
The blast radius of a Phase 1 mistake is small and recoverable. The blast radius of a connected-system mistake is large and persistent. Pick your posture accordingly.
The honest version
This approach is unglamorous. It doesn't make for a dramatic launch announcement. It doesn't let you say "we automated the entire sales process" in a board meeting. What it lets you say, twelve months in, is "the system is still running, the team trusts it, and we've connected three more workflows because the first one earned it."
That's a much better outcome than the alternative.