How to evaluate an AI development company in Australia.

Three concrete checks. First, ask for named engineers on the proposal and confirm their LinkedIn profiles match the seniority claimed — eight-plus years of production AI or ML work, not eight years of general software with six months of LangChain. Second, ask for direct access to those engineers on the discovery call and again at kickoff — the same names, not a swap. Third, ask for public artifacts: GitHub commits, conference talks, or shipped products you can locate. Vendors who refuse all three are running a senior-figurehead-plus-junior-pool model, which remains the most common failure pattern across the Sydney and Melbourne consultancy market.

Six non-negotiables. (1) IP assignment — your code, your prompts, your evals, your data, assigned to you on payment under New South Wales, Victorian, or Queensland law as applicable. (2) Source in your GitHub organisation from day one, not a vendor repo. (3) Acceptance criteria written into the SOW with a defined test plan. (4) A 30-day production warranty — bugs introduced by the vendor are fixed at no charge for 30 days post-launch. (5) A clean exit clause — runbooks, on-call docs, and credentials handed over on termination for any reason. (6) Data protection terms (Privacy Act 1988-aligned DPA, APP 8 cross-border disclosure mapping, NDB breach playbook, sub-processor list) signed before any personal information is processed. Anyone resisting any of these is protecting a lock-in.

It looks like the vendor losing zero leverage if you decide to leave. Concretely: code lives in your GitHub organisation from commit one. Deployment runs in your AWS ap-southeast-2, ap-southeast-4, Azure Australia East, or GCP australia-southeast1 account under your IAM. Secrets live in your secret manager. Runbooks, on-call docs, and architectural decision records are checked into the repo, not parked in a vendor wiki. IP assigns to you on payment, not on contract end. If your vendor cannot describe a clean handover to a different team on a single page, the architecture itself is the lock-in. We see this most often with 'managed AI platforms' that wrap an open-source stack — the moment you try to leave, the wrapper goes with them.

Be precise about what you actually need. IRAP assesses Australian-hosted cloud services against the ISM and PSPF — it is not a certification that foreign consultancies hold. Most foreign engineering providers, including Aiinfox, do not hold IRAP assessments of their own platform because we are not a hosted SaaS. The honest pattern for federal and defence-adjacent engagements is: deployment runs inside the customer's existing IRAP-assessed cloud boundary (AWS Australia or Azure Australia Central with PROTECTED classification), the vendor's engineers connect via a privileged-access path that the customer's security team controls, and all sensitive data stays inside the customer's IRAP boundary. Vendors who claim 'IRAP-compliant' without explaining the boundary pattern are being imprecise — ask them to walk through the actual data flow.

Four asks on the first call. (1) Show me your DPA template — vendors who 'handle personal information all the time' but cannot produce a Privacy Act-aligned DPA template have not done the work. (2) Walk me through how APP 8 (cross-border disclosure of personal information) applies to your inference architecture — which endpoints receive personal information, in which jurisdictions, under what safeguards. (3) Tell me which Australian region your inference endpoints run in and how that is enforced. (4) Walk me through the Notifiable Data Breaches scheme playbook you would run — the 30-day assessment window, the criteria for an 'eligible data breach,' the OAIC notification template, the technical evidence you would produce. Anyone who cannot do all four on the first call is selling compliance, not practising it.

Australia is one of the better offshore overlap windows. Indian Standard Time is UTC+5:30, AEDT is UTC+11, so our 9:30am IST is your 3pm AEDT — that gives roughly a four-hour afternoon overlap with Sydney, Melbourne, and Brisbane working days every weekday. AEST (winter) shifts the overlap by one hour but the pattern holds. For Perth on AWST (UTC+8), the overlap is even stronger — our 9:30am IST is your noon AWST, giving most of an afternoon together. Daily standups, twice-weekly demos, and ad-hoc problem-solving fit inside your business hours. If a vendor claims '24/7 Australian coverage' from India without naming the specific overlap windows or a dedicated Australian-hours pod, they are bending the truth — the honest answer is the four-hour afternoon overlap plus async written updates.

A focused v1 — single AI agent, single RAG system, or single voice pipeline — with Australian compliance scope (Privacy Act, APPs, NDB) lands at AUD $40,000-$180,000 fixed-price for a six-week build with offshore senior-only delivery, AUD $90,000-$320,000 with Australian mid-market consultancies, and AUD $250,000-$700,000+ with Sydney or Melbourne boutiques. Anything quoted under AUD $40k is either a pilot, a corner-cutter, or a junior-pool play. Anything quoted over AUD $300k without fine-tuning, multi-system scope, IRAP-boundary work, or a multi-quarter timeline is paying for a sales narrative, not engineering. The most expensive vendor is rarely the best one; the cheapest one almost never is.

A 30-day production warranty as default — the vendor fixes their own bugs at no charge for 30 days after the system is live. After that, an optional retainer for tuning, eval refresh, drift monitoring, and on-call response inside AEDT or AWST business hours, priced separately and renewable monthly. The retainer should be optional, not bundled into a 'managed service' that you cannot cancel without losing access to your own code. If the vendor's post-launch model requires you to keep paying them to keep your system running, you have bought a service, not a build — and you should recognise that before signing the MSA.