I run the Clonmel AI Brain workshops out of Annerpark House because the conversations I kept having with founders, partners and operations leads weren't fitting into a half-hour call. People wanted to sit down, look at their own data, and figure out where an on-premise AI brain actually fits — and where it doesn't. The workshops are practical sessions for people who have to make a decision about AI inside a regulated business, and would prefer to make it with their hands on a keyboard rather than a deck.
Who these workshops are actually for
If you're running a legal practice, an accounting firm, a medical group, a school, a property business or any small-to-mid Irish operation that holds client data, you've probably had the same week I've had with most attendees. Someone forwarded you an article about ChatGPT. A partner asked if you could "do AI" for proposals. A junior staff member is already pasting client material into a public model and you're not sure how to feel about it. Insurance is asking questions. The Data Protection Commission is, eventually, going to ask questions too.
The workshops are not for AI engineers. They're not for people who want to fine-tune transformer weights. They're for the person in the firm who has to own the decision, write the policy, brief the board, and pick a path. That tends to be a managing partner, a CTO, an operations director, or — in smaller shops — the founder themselves. I keep group size deliberately low because the value is in working through your specific data flow, not watching slides.
Day one: the honest map of where AI fits in a regulated firm
The first session is mapping. We sit down with whatever your firm actually does — file intake, client onboarding, drafting, billing, compliance reporting, internal search — and walk through where a language model genuinely helps and where it's a liability. The honest answer is that most of the value sits in three buckets:
- Internal retrieval. "Find me every matter where we advised on a Section 110 structure." "Pull every audit working paper that referenced this client's parent." Most firms have this information, but it's spread across a document management system, an email archive, a shared drive, and three people's heads.
- First-draft generation. Letters, file notes, internal summaries, board packs. Not final output — first drafts that a qualified human edits. The model is a junior with a perfect memory, not a partner.
- Structured extraction. Pulling dates, parties, amounts, obligations and risks out of unstructured documents into a form your existing systems can use.
The buckets that get hyped but rarely deliver in regulated work: client-facing chatbots, automated advice, anything that looks like it removes the human signature from a regulated act. We talk through why, and what the supervisory authorities have already said about it.
The architecture session — on-premise, hybrid, or cloud
This is the technical core. I draw the same diagram every time on the whiteboard, because it's the diagram most attendees haven't seen drawn honestly. There are three places your data and your model can live, and the combinations matter.
A pure cloud setup — your documents go to a third-party model provider, processed on their infrastructure, returned to you — is fast to deploy and cheap to start, but you've now moved your client material into a processor relationship that you need to paper, and into a jurisdiction that may not be the one you operate in. For some firms that's fine. For Irish solicitors handling sensitive client matters, or medical practices holding patient records, it's usually not.
A pure on-premise setup — model and data both inside a machine you own, sitting in your office or your colocation rack — gives you the cleanest data protection story. No data leaves the building. No third-party processor. Your DPIA writes itself. The trade-off is hardware cost up front and the need for someone to maintain it. For firms with strict confidentiality requirements, this is usually the right answer, and it's the architecture the Intelligence Brain is built around.
A hybrid setup uses an on-premise model for sensitive work and routes non-sensitive tasks (general drafting, public research, marketing copy) to a cloud model. This sounds clever and often is, but the rule for which task goes where has to be enforced by software, not by staff discipline. We spend real time on this in the workshop because it's where firms get themselves into trouble.
Hands-on: building a retrieval brain on your own documents
The afternoon of the first day is the bit attendees remember. We take a sample set of your documents — anonymised, or synthetic if you'd rather — and stand up a working retrieval system on a local machine. You watch the embeddings get generated. You see the vector store populate. You query it. You break it. You see what happens when the model hallucinates a citation and how a properly designed retrieval pipeline catches that.
The point isn't to turn anyone into an ML engineer. The point is that once you've watched a retrieval-augmented generation pipeline work on your own data, the conversation about vendors, contracts and architectures becomes concrete. You can ask a vendor "what's your chunking strategy" and know whether the answer is reasonable. You can ask "where do the embeddings live" and understand why it matters.
We cover the parts that don't make it into vendor pitches:
- How chunk size and overlap affect retrieval quality, and why a one-size-fits-all setting is wrong for mixed document types.
- Why semantic search alone misses obvious matches, and how hybrid search (semantic plus keyword) fixes most of it.
- The difference between a model that says "I don't know" and a model that confidently invents a case citation, and how to make yours behave like the first one.
- What evaluation actually looks like — building a small set of real questions with known correct answers and measuring against them, rather than vibes-based testing.
Governance, DPIAs and the bits the lawyers ask about
Day two opens with governance. Most firms walking into an AI deployment underestimate this and overestimate the technical work. The technical work is largely solved. The governance work is where projects actually fail.
We work through a real Data Protection Impact Assessment template, filled in for an on-premise brain handling client data. We cover the lawful basis question, the data minimisation question, the retention question, and the one nobody wants to think about — the right of erasure when an individual's data has been embedded into a vector store. There are clean answers to all of these, but they require thinking ahead of time, not after a complaint lands.
We also cover the practical policy documents your firm actually needs: an acceptable use policy for staff, a model card for whatever system you deploy, an audit log specification, and a clear written statement of what the AI is and isn't allowed to do. For sector-specific work — solicitors, accountants, medical practitioners, schools — we go through the relevant professional body's existing guidance and where it leaves gaps. If you're in one of those verticals, the workshop overview page has more on what's covered for your specific regulator.
What you walk out with
By the end of the second day every attendee has three things on paper. A decision document — on-premise, hybrid or cloud, with the reasoning written down so you can defend it to a board or a regulator. A first-pass DPIA filled in against your actual proposed deployment. And a short technical specification — what model, what hardware, what document set, what evaluation criteria — that's specific enough to brief either an internal team or an external vendor.
You also walk out with a working understanding of the failure modes. The workshop is honest about where this technology breaks. Models hallucinate. Retrieval misses things. Embeddings drift when documents update. People over-trust outputs that look fluent. None of these are reasons not to deploy — they're reasons to deploy with eyes open.
Where to start this week
If you're thinking about attending, the most useful preparation isn't reading more articles about AI. It's spending an hour with whoever runs your document management system and asking three questions: where do our documents physically live, who has access to them today, and how would I export a representative sample for a workshop. If you can answer those three, you'll get an order of magnitude more out of two days in Clonmel than someone who arrives without them. Email me through the site if the next available session looks like it fits your schedule, and tell me roughly what your firm does — I keep groups deliberately mixed but small, and the prep is more useful when I know who's in the room.