There is something I keep coming back to in these conversations.

You can go from idea to prototype incredibly fast right now. That is the day-zero problem, and AI has essentially solved it. You can spit out working code, scaffold an integration, and stand up a proof of concept in a week

But the nuance around an actual business workflow — the day one and beyond activities — those are dramatically harder than day zero ever was

Software engineering done well is craftsmanship.

There is more to it than generating code and turning a prototype into something a regulated enterprise can depend on. It means thinking about edge cases, failure modes, upgrade paths, observability, and long-term operability. It means deleting as much as adding. Simplifying interfaces. Collapsing concepts down to what actually matters

Inside my own teams, I see impressive first versions all the time.

That is not the hard part anymore.

The hard part is everything that comes after

We-Should-Just-Build-This-Ourse…

‍

Faster Engineering Just Pushes Work Somewhere Else

There is a tradeoff that rarely makes it into the first ROI spreadsheet.

AI compresses build cycles. In regulated companies, that speed shows up downstream. More releases mean more validation, more SOP updates, more training, more compliance review, and more audit prep

Engineering gets cheaper.

Governance becomes the constraint

There is also a subtler version of this problem.

Agents make it easy to generate output at scale. More workflows. More automation. More code.

But in regulated environments, every new service or automation path increases surface area. More things to secure. More things to validate. More things to explain to auditors

Speed without discipline creates complexity faster.

For CTOs, that is an architectural concern.

For Regulatory leaders, that is an inspection risk.

Are You Trying to Be a Software Company?

This is the part of these conversations that most often gets skipped.

A MedTech company is not a software shop. Most are largely outsourced IT organizations, and there is nothing wrong with that. The core business is devices, science, R&D, manufacturing quality, clinical programs, and global commercialization

When internal teams talk about building major regulatory platforms, the question is not whether they can spin up a prototype.

It is whether they want to operate a full-time software company inside their enterprise

Building software at scale is a people problem. It is not a technology problem. The constraint is coordination, judgment, institutional knowledge, and sustained focus over years

The people problem does not get fixed by agents and AI.

Regulatory platforms are deeply vertical. They encode jurisdiction-specific rules, regulator expectations, submission templates, QMS integrations, inspection trails, and post-market obligations

That knowledge is earned slowly.

It lives in product decisions, data models, operating procedures, and support playbooks.

AI will reshape how these platforms evolve.

It does not remove the learning curve that created them