Vectra

industry: FINTECH / CRYPTO / US year: 2026 deploymentModel: vpc headlineStat: "8 weeks to VPC deployment" title: "How a US crypto-exchange P2P platform replaced ChatGPT with a private AI assistant" description: "A US-based crypto exchange operating a peer-to-peer marketplace for vehicle purchases and invoice payments couldn't send KYC, AML, or transaction data to external AI tools. We deployed a private AI inside their VPC."

The problem

The exchange ran a peer-to-peer marketplace where users bought cars and paid invoices in crypto. Their support, ops, and compliance teams wanted ChatGPT to draft dispute responses, summarize multi-leg transactions, and explain vehicle-purchase invoices to confused buyers.

Compliance blocked it. The data those teams worked with - BSA/AML records, customer KYC documents, vehicle title transfers, invoice PDFs - could not leave the perimeter. Sending it to a third-party model would have created a regulatory incident with FinCEN and state money-transmitter regulators.

They needed the productivity. They needed the data to stay home.

What we built

We deployed an open-weights LLM inside the exchange's existing AWS VPC, with no outbound network egress. The model was fine-tuned on their own redacted dispute logs and an invoice corpus, then connected to the internal transaction database via a local retrieval index. Inference runs on infrastructure the exchange already controls; nothing crosses the VPC boundary.

The assistant ships through the same internal admin tools the support team already used - no new vendor login, no shadow-IT.

The deployment

  • Weeks 1-2: data assessment, AML scoping, model selection
  • Weeks 3-4: VPC deployment, retrieval index against transaction store, evaluation harness
  • Weeks 5-6: fine-tuning on the dispute corpus, pilot with a 15-person support team
  • Weeks 7-8: rollout to full support, ops, and compliance

Results

Support agents resolved the majority of inbound disputes without escalation to ops. Compliance signed off on the deployment in advance - no surprise audit follow-up.

Zero customer data egress to external AI services. BSA/AML controls intact. Same auditable inference path the exchange already trusted for its core platform.