LLM development for Australian teams that need models to actually ship.

Strong. Indian Standard Time is UTC+5:30, AEDT is UTC+11, so our 9:30am IST is your 3pm AEDT — a four-hour afternoon overlap with Sydney, Melbourne, and Brisbane working days every weekday. AEST (winter) shifts the overlap by one hour but the pattern holds. For Perth (AWST, UTC+8), the overlap is even stronger — our 9:30am IST is your noon AWST, giving most of an afternoon together. Daily standups and twice-weekly demos with eval-run numbers and cost telemetry run inside your business hours. Written async updates with overnight regression and cost data land before your morning standup. For engagements that need synchronous morning coverage as well, we can extend to early IST starts on a planned cadence — but it is rarely required.

Because every LLM engagement we have audited that failed in production failed because nobody wrote the eval set. The team tuned a prompt until it looked good on three examples, the model swapped underneath them in a vendor update (Claude 3.5 to 4.6, GPT-4o snapshot changes, Llama 3 to 3.1), and quality regressed silently for weeks before someone noticed in a customer complaint. The eval harness is the regression test for the LLM — a fixed reference set of inputs, expected behaviours, and pass-fail criteria. For Australian customer-facing LLM applications, we also wire Australian English evals explicitly so the LLM does not silently regress to American spelling, idiom, or measurement units when the model gets re-trained on US-skewed data. Frameworks we use: Braintrust, Langfuse, Phoenix Arize, or a bespoke harness when the standard tools do not fit.

Yes. Engagement defaults align with the Privacy Act 1988 and the 13 Australian Privacy Principles. Every model call is audit-logged with prompt version, model name, input, output, retrieval citations (where applicable), and operator identity — exportable for an OAIC inquiry or an internal compliance review. A Privacy Impact Assessment is run for engagements processing personal information at scale or operating on sensitive information. For APP 8 (cross-border disclosure of personal information), we explicitly map the data flow in your DPA — exactly where personal information is processed and which overseas endpoints (if any) receive it. PII redaction patterns cover TFN, Medicare numbers, driver licence numbers, and ABNs in customer context. The NDB scheme breach playbook is referenced in the DPA and tabletop-exercised in week one.

Your call. We default to AWS ap-southeast-2 (Sydney), AWS ap-southeast-4 (Melbourne), Azure Australia East (Sydney), Azure Australia Central (Canberra) for federal-adjacent work, or GCP australia-southeast1 (Sydney) / australia-southeast2 (Melbourne). For LLM inference, we route Claude (Anthropic), GPT-4o (Azure OpenAI Service Australia East), AWS Bedrock in ap-southeast-2, or self-hosted Llama 3 on vLLM inside your VPC — picked per your DPA's APP 8 third-party processing terms. For clients with strict no-overseas-inference requirements (federal-adjacent, defence, APRA at higher risk, healthcare), self-hosted Llama 3 70B in ap-southeast-2 is the default; we have the deployment runbook for it.

Yes for the controls that affect the LLM application. For APRA-supervised use cases, deterministic-output controls are wired where regulators expect them — temperature pinning at 0 or near-0, structured-output schema validation, refusal layers with measurable out-of-scope rates, and audit logs that capture the full prompt and the full output. Documentation aligned with CPS 230 (operational risk management) and CPS 234 (information security) is provided as part of the engagement — material outsourcing risk assessment, sub-processor management, incident reporting, exit and continuity planning. AUSTRAC-aware controls cover transaction-related LLM outputs and suspicious-activity flagging. ASIC RG 271-aligned internal-dispute-resolution paths are wired where the LLM touches customer complaints. We do not provide regulatory advice; we build the controls and ship the documentation your CRO and your APRA relationship manager can defend.

No — Aiinfox itself does not currently hold an IRAP assessment, and we will not pretend otherwise. We are a foreign engineering provider, not an Australian-hosted SaaS, so IRAP assessment of our own platform is not the relevant control. What we do for federal and defence-adjacent LLM clients is structure the engagement so the LLM workload runs inside the customer's existing IRAP-assessed cloud boundary (typically AWS Australia or Azure Australia Central at PROTECTED classification); our engineers connect over a privileged-access path the customer's security team controls. If your engagement requires our own IRAP assessment, we will say so on the first call and recommend an Australian provider that holds one.

Yes — LLM takeover audits are routine. Step one is reading the code, the prompts, the eval results (if any exist), the retrieval pipeline, the APP 8 compliance posture, the model and provider choices, and the cost telemetry. Step two is shipping the smallest valuable change to prove we understand the system — usually wiring the eval harness or fixing the retrieval layer the previous vendor skipped. Step three is the longer-term plan: incremental stabilisation, a model swap to a better-suited build, or a parallel rebuild if the architecture is unsalvageable. Most takeovers we see did not need a full rewrite; they needed evals, guardrails, observability, and a senior engineer on the build.

Most v1 LLM engagements at Aiinfox land between AUD $55,000 and AUD $210,000 fixed-price for a focused build — a copilot, a RAG-grounded LLM app, a fine-tuned domain model, or an evals-and-guardrails retrofit. Larger multi-quarter engagements with custom fine-tuning, bespoke evals, IRAP-boundary integration work, CPS 230 / CPS 234 documentation, and integration into a regulated platform typically reach AUD $250,000 to AUD $420,000. The cost difference versus a Sydney or Melbourne LLM consultancy lands roughly 30 to 50 percent lower on senior rates — useful, but the headline is the engineer on your kickoff call writes your prompts, your evals, and your code through launch. No swap-out to a junior pool mid-engagement.