There’s a graveyard somewhere in every enterprise IT department.
It’s full of demos that wowed a steering committee in 2024, RAG prototypes that beat ChatGPT on three cherry-picked questions, and copilots that looked unstoppable in a sandbox. Then someone asked the hard question — can we put this in front of 4,000 employees, integrated with our ERP, on customer data, under audit? — and the project quietly went into "phase 2."
Phase 2 never starts.
Industry estimates put the failure rate of enterprise AI initiatives somewhere between 70% and 85% depending on whose report you read. Our number, after a decade of architecture reviews and system integrations across cybersecurity, ERP, manufacturing, and ecommerce, is roughly the same: about 4 in 5 pilots we’re brought in to rescue never had a realistic path to production in the first place.
This post is the field guide we wish every CTO had before signing the SOW.
The Production Gap, defined
The Production Gap is the distance between a working demo and a system your operations team can run at 3am on a Sunday. It is rarely a model problem. It is almost always an architecture, data, and operations problem.
flowchart TD
A["Demo<br/>Hand-picked inputs, dev laptop"] --> B["POC<br/>One dataset, one user, no SLA"]
B --> C["The Production Gap<br/>Where most pilots stall"]
C --> D["Pilot<br/>Real users, real data, no on-call"]
D --> E["Production<br/>SLAs, observability, audit trail"]
E --> F["Operate<br/>Cost control, model drift, change mgmt"]
C -.->|"Most pilots end here"| G["Graveyard"]Crossing the gap requires answering seven uncomfortable questions. Each maps to a failure pattern we’ve seen repeatedly.
Pattern 1: No one defined what "correct" means
Most AI pilots start with "let’s see what it can do." Six months in, the steering committee asks for accuracy numbers and nobody can produce them — because there was never a labelled evaluation set, just a few demo prompts.
Symptom: The team argues about whether the model is "good enough" based on vibes.
Fix: Build the evaluation set before the model. 200–500 representative questions with expected answers, scored continuously. Without this, you have no compass; with it, model swaps, prompt changes, and retrieval tweaks become measurable engineering decisions instead of religious debates.
Pattern 2: Retrieval was treated as an afterthought
In a RAG system, the LLM is the cheap part. Retrieval quality is the system. Yet most pilots burn 90% of their budget on prompt engineering and 10% on the embedding, chunking, and indexing strategy.
Symptom: The model hallucinates on questions the source documents clearly answer.
Fix: Treat retrieval as a first-class engineering problem. Use a strong multilingual embedding model where the corpus warrants it (we default to multilingual-e5-large for Thai/Japanese/Chinese content). Chunk by semantic structure — sections, tables, headings — not by 512-token windows. Measure retrieval recall@k separately from end-to-end answer quality. If recall@5 is below 90% on your eval set, no amount of prompt tweaking will save you.
Pattern 3: Identity, permissions, and data boundaries were "TBD"
Enterprise data is not a single corpus. It is a thousand corpora, each with its own ACL, each governed by a different policy. A finance director should not get HR answers. A contractor should not see board minutes. PDPA, GDPR, and increasingly Thailand’s Cybersecurity Act and Japan’s APPI all have something to say about it.
Symptom: The pilot works beautifully on a flattened test dataset. Legal sees the production design and stops the project.
Fix: Push row-level access control into the retrieval layer, not the application layer. Tag every chunk at ingestion with the source ACL. Filter at query time using the user’s identity, not after the LLM has already seen the data. This is harder than it sounds and it is non-negotiable.
Pattern 4: No observability, no audit trail
If you can’t tell me what your system answered last Tuesday at 14:30 to the question "what is our refund policy," you do not have a production system. You have a liability.
Symptom: A user complains the AI gave them wrong information. The team cannot reproduce, investigate, or learn from the incident.
Fix: Log every retrieval, every prompt, every completion, every cost, with stable trace IDs that survive across services. The same way your SOC team treats security events — immutable, queryable, retained for the period your compliance regime requires. We use the same observability patterns here that we use for SIEM ingestion in our soc-integrator work: structured logs, OpenSearch indexes, retention tiers.
Pattern 5: The cost model was wishful thinking
A pilot running 50 queries a day costs nothing. Roll the same architecture out to 4,000 employees averaging 30 queries each, with rich context retrieval, and suddenly your monthly LLM bill exceeds the salary of the team that built it.
Symptom: Finance pulls the budget two months into rollout.
Fix: Model cost per useful action, not cost per token, from day one. Cache aggressively. Route easy questions to small/cheap models and reserve frontier models for genuinely hard ones. Compress retrieval context — most pilots send 8,000 tokens of context to answer questions that need 800. Measure, then optimize. Cost engineering is engineering.
Pattern 6: It was built around a single LLM provider
The model that won your bake-off in Q1 may not be the cheapest, fastest, or even available in Q4. Provider lock-in is the silent killer of multi-year AI investments.
Symptom: A pricing change or regional availability issue forces an emergency re-platforming.
Fix: Abstract the model boundary from the start. A thin internal gateway with a stable interface, model routing rules, and a fallback chain. The same way you wouldn’t hard-code a single payment provider into a checkout, don’t hard-code a single LLM into a knowledge product. The cost is small upfront and the option value is large.
Pattern 7: No one owned it after launch
Pilots are owned by an innovation team. Production systems need an owner with on-call rotation, a runbook, and a budget for model drift, evaluation refresh, and quarterly retraining of retrieval indexes.
Symptom: Six months after launch, accuracy has quietly degraded because the source documents changed and nobody re-indexed.
Fix: Decide who operates this thing before you ship it. AI systems need the same operational disciplines as any other production service — SLOs, change management, incident response — plus a few new ones (eval set re-runs, drift monitoring, prompt versioning). If your org doesn’t have that capability in-house, build it or buy it. Don’t ship without it.
The pattern behind the patterns
Notice what isn’t on this list: model choice, fine-tuning, vector database brand, agent framework selection. Those are the questions teams want to argue about because they’re fun. The seven questions above are the ones that decide whether your investment pays back — and they’re boring, operational, and architectural.
This is the same lesson we learned shipping SOC platforms (where the SIEM is the cheap part — detection engineering and tuning are the system) and ERP integrations (where the connector is the cheap part — data contracts and reconciliation are the system). New technology, same physics.
What we’d do if it were our problem
A pragmatic 90-day path from pilot to production:
| Weeks | Focus |
|---|---|
| 1–2 | Architecture review. Document the gap. Build the evaluation set. |
| 3–6 | Fix retrieval. ACL-aware indexing. Observability and cost telemetry from day one. |
| 7–10 | Hardening: identity integration, fallback chains, runbooks, load testing. |
| 11–12 | Operated pilot with real users, real SLAs, and an owning team in place. |
It is not glamorous. It is what works.
Where Simplico fits
We’ve spent the last decade shipping production systems for clients across Thailand, Japan, China, and the wider Asia-Pacific region — SOC platforms for critical infrastructure, ERP integrations for manufacturing, ecommerce backbones, and increasingly, RAG and agentic systems built to the same standard.
If you have a pilot that’s stuck — or if you’d rather not build one that gets stuck in the first place — we’d be happy to take a look.
Book a free architecture review →
A 90-minute call with one of our architects. We’ll map your current state, name the production gaps honestly, and leave you with a one-page rollout plan. No slideware.
Simplico is a Bangkok-based engineering studio specializing in AI/RAG, cybersecurity, ERP integrations, ecommerce, and mobile delivery. We work with enterprise teams across Thai, Japanese, Chinese, and English-speaking markets.
Latest Posts
- Your Calipers Are Already Talking — Is Anyone Listening? May 9, 2026
- The Simplico Engineering Library: A Field Guide to Production Software, AI, and Security in 2026 May 5, 2026
- The ESG Data Bridge: Why CSRD Implementation Costs Most in the Layer No One Discusses May 3, 2026
- Building a Tier-1 SOC Analyst Agent: Wazuh + Claude + Shuffle in Production, Why “AI for SOC” mostly doesn’t work — and what does May 2, 2026
- The Accounting Software Your Firm Uses Is Built for Your Clients, Not for You April 28, 2026
- Choosing Hardware for Local LLMs in 2026: A Practical Sizing Guide April 28, 2026