Originally published March 2024 in CIO

Every AI cycle goes through the same three stages: demo, pilot, production. Most enterprise AI in 2023 was somewhere between the first two. The work to close the gap between a compelling ChatGPT demo and a reliable system that a regulated business can run on is harder than the demos make it look, and 2024 will be the year that gap gets paid for, in either engineering hours or lost deployments. Three of those gaps are worth focusing on: accuracy and reliability are still unacceptable for most enterprise use; responsible-AI testing is now the rate-limiting step for production launches; and the regulatory environment is starting to catch up with the technology, in ways that will matter for how systems are built, not only how they’re run.

Demo accuracy and production accuracy are not the same number

The year of AI hype that closed out 2023 made two accuracy claims hard to separate: the claim that modern LLMs handle open-ended natural language tasks well, which is true, and the claim that an enterprise can point one at its data and ship, which is not. Closing that gap takes more engineering than most organizations budgeted for.

The first place the numbers fall short is out-of-the-box extraction and classification. In regulated industries, the work an AI system needs to do is usually not “write me a paragraph about” but “pull every adverse event from this progress note and tell me which medication was associated with it.” On those tasks, peer-reviewed benchmarks consistently show general-purpose LLMs underperforming smaller, domain-tuned models by meaningful margins. A *JAMIA* study from January 2024 on the 2010 i2b2 clinical-concept extraction benchmark measured GPT-4 with baseline prompting at F1 0.804, against BioClinicalBERT at 0.901, a 110-million-parameter model released years earlier. A careful prompt framework closed part of the gap. It did not close all of it, and building the prompt framework itself required enough labeled data to have trained a specialized model in the first place. Similar patterns have been reported across biomedical named entity recognition: a 2024 paper in *Bioinformatics* showed fine-tuned open models outperforming few-shot GPT-4 on biomedical NER by 5 to 30 F1 points depending on the dataset.

The second place the numbers fall short is consistency. The same prompt asked of the same model on the same input can return different answers on successive calls. For a chatbot producing creative text, that’s acceptable variety. For a system that pulls clinical findings from notes, or extracts contract terms from legal documents, or computes tax-coded line items from invoices, inconsistency is a production defect. Most enterprise pipelines need deterministic-enough behavior that the same record produces the same answer today and next week, which is not a property generative decoding gives you for free.

The third is cost and latency under real volume. A system that works on a dozen documents in a demo environment does not always work on the hundred thousand documents a real business process throws at it. Frontier-LLM calls priced per token, billed per request, and rate-limited by a vendor turn out to be a different line item at 10,000× scale than at 10× scale. For pipelines that process millions of records a day, which is what a hospital system, a large insurer, or a global pharma safety function actually does, the economics and the latency both push toward smaller, specialized models running on the buyer’s own hardware.

None of this argues that frontier LLMs are useless. It argues that enterprise AI in 2024 is going to be a composition problem rather than a single-model problem. The systems that ship will combine specialized extraction and classification models for the high-volume, high-accuracy, low-latency work with frontier LLMs used for reasoning, summarization, and conversation on already-cleaned inputs. Getting that composition right is the engineering gap between a demo and a production system.

Responsible AI has moved from adjective to rate-limiting step

By late 2023, enterprise AI buyers started asking a question that was largely absent from the first wave of deployments: how do you know this system is safe to run? The question covers six things in a trench coat (robustness, fairness, bias, truthfulness, data leakage, and safety), and the testing that answers them is harder to do well than most organizations realized when they started.

Robustness is the property that small, legitimate changes to an input should not produce large changes in the output. A system that gives a different answer when a patient’s name is changed from one that the training distribution saw often to one that is rarer is not robust. Testing robustness at scale means generating perturbed versions of real inputs (different names, slight rewording, translated variants) and measuring how much the output changes.

Fairness and bias testing asks whether the system performs equally well across demographic groups. The peer-reviewed literature on LLM bias has thickened considerably, with systematic surveys published through 2024 and 2025 cataloging intrinsic biases in representations, extrinsic biases in downstream tasks, and evaluation frameworks for both. For clinical systems, UK government guidance published in 2025 recommends treating fairness metrics as first-class production metrics alongside accuracy and latency, with bias evaluation gates in continuous integration and automatic rollback when thresholds are breached. That is a concrete, operational recommendation, and very few enterprises have the test infrastructure in place to run it yet.

Truthfulness, or more precisely, the absence of confidently stated wrong answers, is the hardest of the six. The failure mode is not the model saying “I don’t know”; it’s the model producing fluent, plausible text that is factually incorrect. A 2023 evaluation of a widely used open-source medical LLM reported high plausibility (~98.8%) paired with a meaningful hallucination rate (~19.7%), which is a reasonable summary of the problem: the outputs look right often enough that they pass a casual reader, and they’re wrong often enough that a regulated workflow cannot safely rely on them without source citation.

Data leakage is the training-time version of the privacy problem: the risk that a model has memorized specific training records and can be induced to reproduce them. For systems trained on sensitive data, this is both a privacy violation and, depending on jurisdiction, a legal violation. Testing for it is non-trivial and is now an expected part of any regulated deployment.

The practical consequence is that the responsible-AI test suite has become the rate-limiting step for many enterprise launches. The organizations that get systems into production in 2024 are the ones that treat testing as part of the engineering — with automated test generation, versioned test suites, and CI gates on fairness, robustness, and privacy the same way they have CI gates on unit tests — rather than as a compliance box checked after the system is already built. Open-source tooling for this work has matured considerably (LangTest and DeepEval among others), but the tooling is useful only in the context of an engineering discipline that treats responsible-AI testing as a first-class concern.

Regulation catches up, and the rules shape the architecture

The third growing pain is regulatory. Through 2023 the pattern was mostly principles papers; through 2024, concrete rules started to land. The EU AI Act passed in March 2024, with the first prohibitions on high-risk and prohibited practices taking effect in February 2025 and full provisions rolling out in stages. US state legislatures introduced nearly 700 AI-related bills in 2024 across 45 states, with 113 enacted into law. In healthcare and life sciences, FDA and EMA guidance on AI-enabled medical devices and software continues to expand, with data-provenance, validation, and post-market monitoring expectations that look a lot like the expectations on any other regulated product.

For enterprises, the operational question is not “what do I do if the regulator shows up” but “what architectural choices do I make now so that, when the regulator shows up, the answers are short.” The choices that make that conversation easier are the ones that also make engineering easier: training-data provenance tracked as a first-class artifact; validation and fairness results stored in a form that can be shared with regulators on request; deployment inside the organization’s own environment rather than a third-party cloud, so data-residency and privacy questions have short answers; audit logs that show, for each production answer, which model version generated it and what sources it cited.

What doesn’t work is treating compliance as an afterthought layered onto a system whose core was built for a different set of constraints. Every organization that has tried to retrofit provenance, audit, or data-residency onto an already-deployed AI system has discovered what engineers who live through any regulatory wave eventually learn: the right time to build in the constraints was before the system shipped. The second-best time is now, because the regulatory floor is rising and is going to keep rising through 2026 and beyond.

What to prioritize

For enterprises planning 2024 AI investments, three practical priorities sort out the demo-to-production gap.

First, invest in the boring layer. Specialized, task-specific models (entity recognition, classification, terminology mapping, translation between natural language and structured queries) are where the accuracy and cost wins come from in regulated workflows. Frontier LLMs are valuable; they are not the whole system. The systems that ship are compositions, with the specialized layer doing the high-volume, high-accuracy, low-latency work and the LLM doing the reasoning on top of clean inputs.

Second, treat responsible-AI testing as an engineering discipline rather than a compliance function. That means automated test generation, versioned test suites, CI gates, and production monitoring on robustness, fairness, and privacy, not a final-stage review before launch. The organizations that have figured out how to do this ship AI faster, not slower, because the testing catches problems early, when they’re cheap to fix.

Third, assume the regulatory floor keeps rising. Build systems that produce the artifacts regulators will eventually ask for (training-data provenance, validation records, fairness metrics, audit logs, citations on every answer, in-environment deployment) as a natural byproduct of how they operate, rather than as a separate compliance step. The point is not to predict exactly which rule will land when. The point is to build systems whose answers to those rules are short.

2024 was never going to be the year AI hype died. It was the year the engineering under the hype got harder. For organizations that invest in the composition, the testing, and the compliance as engineering choices rather than afterthoughts, the rocky road turns into a faster one, because the systems that clear those bars are also the ones that get past procurement and into production.

FAQ

Why isn’t a single frontier LLM enough for enterprise work?

Because most regulated enterprise tasks are high-volume extraction and classification problems, not generation problems. Peer-reviewed benchmarks have consistently shown smaller, domain-tuned models outperforming frontier LLMs on named entity recognition, relation extraction, and terminology mapping, and doing it at a fraction of the cost and latency. The enterprise systems that ship in 2024 combine specialized models for the structured work with frontier LLMs for reasoning and summarization.

What is “responsible AI” testing in practice?

Automated testing for six properties: robustness (small input perturbations shouldn’t cause large output changes), fairness (performance shouldn’t vary by demographic group), bias (outputs shouldn’t reflect stereotypes), truthfulness (the system shouldn’t confidently produce false statements), data leakage (training data shouldn’t be reproducible from the model), and safety (the system shouldn’t produce harmful content). Each of these has measurable metrics, and production systems should have automated tests that run on every model change.

Does the EU AI Act apply to US companies?

Yes, for systems that process data about EU residents or are placed on the EU market. The extraterritorial application is modeled on GDPR. US companies that build AI systems which touch EU data or EU markets need to meet the Act’s requirements on risk classification, documentation, human oversight, and transparency, and need to do so on the rolling timeline the Act lays out.

What’s the cheapest-to-ignore regulatory requirement to get right early?

Training-data provenance. The ability to say, for each model, what data it was trained on, where that data came from, what licenses apply, and what validation it was tested against — in a form that can be shown to a regulator or an auditor. Retrofitting this later is expensive; building it in from the start is cheap.

How do cost economics change for enterprise AI in 2024?

The fixed-cost versus per-token calculus tips toward fixed-cost at scale. Running frontier LLMs over the wire is economical for exploratory workloads and low-volume applications. For production workloads with millions of records per day, which is what large healthcare, pharma, financial, and legal operations actually run, specialized models on the buyer’s own hardware are often 50 to 100× cheaper and orders of magnitude faster, which is why the architectural pattern that wins is composition rather than single-model deployment.

---

David Talby is CEO of John Snow Labs, whose medical language models and responsible-AI testing tooling (including the open-source LangTest library) are used by 500+ healthcare and life sciences organizations. He also leads Pacific AI, which focuses on governance for healthcare AI.