A founder I spoke with recently had a question that comes up on nearly every discovery call. She ran a 12-person professional services firm and had spent two months bookmarking AI tools. She’d shortlisted a general-purpose assistant, two CRM platforms with AI built in, and a specialist legal drafting tool. She wasn’t sure which to start with or whether she needed all four.
What she hadn’t written down was the specific workflow she wanted to improve, or what success would look like in measurable terms. That single step changed her shortlist from four tools to one.
What choice are you actually facing?
UK SMEs are buying AI faster than they’re evaluating it. The Federation of Small Businesses found that 63% of UK SMEs now use at least one form of AI or automation, but fewer than half had a documented framework for tool selection. That gap is where problems emerge. Define the business problem first, with a concrete success target, and the shortlist tends to write itself.
The practical choice for a small firm sits across three axes: general-purpose assistant versus specialist vertical tool; fully managed SaaS versus a self-hosted private instance; and all-in-one suite versus a modular stack of point solutions. This post focuses on the first and most common, general versus specialist, because it’s the axis that shapes the other two. Once you’ve worked out which type of tool fits your workflow stage, the hosting and stack questions follow more naturally.
When a general-purpose assistant is the right starting point
General-purpose AI assistants, including ChatGPT, Claude, and Gemini, cost roughly £15 to £20 per user per month as of early 2026. They handle marketing copy, summarised emails, first-draft proposals, and general admin with minimal setup. For a small firm still working out where AI fits, a general-purpose tool is a low-risk starting point while you find the specific workflow that deserves a more targeted investment.
The right conditions for starting here are a team spread across several different tasks, no single repetitive bottleneck identified yet, and a preference for piloting on non-sensitive data before committing to something deeper. These tools have short learning curves, broad documentation, and active user communities. For firms already working inside Microsoft 365 or Google Workspace, the embedded Copilot or Gemini features offer a variation: AI folded into tools staff already use, with no separate login, though at a higher per-seat cost that varies by plan. The FSB notes that unused SaaS seats are among the most common drivers of overspend in small businesses, so checking actual adoption before upgrading tiers is worth the ten minutes it takes.
The main risks of staying general-purpose are output quality that depends heavily on user prompting skill, missing sector-specific compliance features, and data that may be processed outside the UK or EEA. Check the vendor’s data processing terms and transfer agreements before connecting any real client or business data.
When a specialist tool earns its cost
A specialist tool earns its cost when you have a specific, repetitive workflow and a measurable outcome target. Inbound lead triage, contract review, support email handling, and appointment scheduling are the workflows where domain-specific tools have shown consistent gains. They come pre-configured with relevant logic and typically connect to existing systems such as Xero, HubSpot, or Microsoft 365, cutting the integration work required.
Customer service triage offers a useful benchmark: specialist tools have demonstrated response-time reductions of 25 to 40% in this workflow. A modular stack of point solutions, connected via automation tools such as Zapier or Make, gives more flexibility than an integrated suite and lower switching costs, but adds integration complexity and can create fragmented security controls if you don’t standardise identity management across the tools.
The corresponding risks of specialist tools are significant. The Competition and Markets Authority has flagged lock-in risk from proprietary data formats and ecosystem dependency, and recommends checking data portability before committing to any platform. If the tool falls under the EU AI Act’s high-risk categories, such as credit scoring, HR screening, or certain health applications, and you serve EU customers, additional compliance obligations apply from 2025 onwards. Vendor failure or acquisition is a real operational risk when a tool sits deep in core operations.
What a wrong call actually costs
The cost of a poor tool selection extends well beyond the licence fee. DSIT research found that between 10% and 30% of AI licences go unused after six to twelve months in firms that skipped structured pilots. McKinsey found that small businesses switching AI tools mid-stream typically spend three to four months retraining staff and rebuilding workflows, often wiping out the first year’s productivity gains.
Over-buying a specialist tool before proving the workflow can add three to six months of sunk time and recurring licence costs with no return, according to case studies from DSIT’s SME AI adoption programme. Staying with a general-purpose tool in a high-volume, repetitive workflow leaves 20 to 30% efficiency gains uncaptured. McKinsey found that small firms choosing tools primarily on brand recognition or market hype were around 1.5 times more likely to switch within 12 months, incurring fresh onboarding and change-management costs each time.
The compliance cost of a careless data decision sits in a different category altogether. A serious personal data breach can lead to ICO fines of up to £17.5 million or 4% of global annual turnover. UK cyber-insurance data suggests typical SME breach costs, covering forensics, legal work, and downtime, run between £15,000 and £30,000 before reputational damage is factored in.
What to ask before you commit
DSIT research found that SMEs which scoped a clear use case and success metric before adopting AI were around 40% more likely to report productivity gains than those adopting without a clear brief. The five checks below are the minimum diligence any small firm should run before committing to a tool. Worked through methodically, they take about an hour. Skipping them typically costs months.
Start with the specific workflow and what success looks like in numbers. Name the bottleneck, whether proposal drafting, inbound triage, or support email volume, and set a measurable target before you buy. Without a baseline, you can’t tell whether the tool is working at month six.
Then check where your data goes. Ask the vendor whether your data is used to train their models, whether processing happens inside the UK or EEA, and whether there is a Data Processing Agreement in place. UK GDPR applies to any AI SaaS tool handling personal data, and the ICO’s guidance is clear that SMEs carry the compliance responsibility even when using external services.
Check whether your team can realistically adopt the tool. The FSB reports that complex tools with steep learning curves are more likely to be abandoned within months. If non-technical staff can’t complete core tasks within an hour of guided exploration, that is a meaningful signal.
Check data portability before you are committed. Confirm that you can export your data in open formats such as CSV or JSON, and that there is a documented exit process. The CMA’s cloud services review found that switching becomes significantly harder once workflows are built inside proprietary environments.
Finally, run a structured pilot before scaling. Choose one workflow, three to five users, a four to six week window, and a concrete metric set before day one. DSIT case studies show this is sufficient to detect meaningful productivity changes without large sunk costs. Firms that measure from the start are the ones still finding the tool useful at month six.
The founding question is simpler than the vendor catalogues suggest: what problem are you solving, and how will you know the tool is working? Answer that before you open a pricing page.
