A managing director of a 20-person consultancy told me recently that they had rolled out Microsoft 365 Copilot to the whole team six months earlier. The recommendation came from a supplier. The contract was straightforward. It felt like the right moment to move. Six months later, fewer than a third of the staff were using it regularly, and nobody could point to a single process that had actually changed. The sequence, it turned out, mattered more than the tool.
What choice are you actually facing?
For a 20-person service firm, the AI question usually collapses to two decisions: which system does your team already live in, and where is the actual bottleneck? At this size, a full-team licence is not trivially cheap. Microsoft 365 Copilot across 20 staff runs close to £6,000 a year. Getting the diagnosis right before committing matters more than chasing the best-reviewed tool on the market.
The pattern seen in firms of this size is a three-layer stack: a general-purpose writing and reasoning assistant, a suite-level copilot tied to the office software the team already uses, and one specialist tool aimed at a specific pain point, whether that is customer enquiries, finance admin, or meeting capture. You rarely need all three from day one. The question is which layer solves the problem that is costing the most time right now.
UK data protection law applies to AI tools in the same way it applies to any other software that handles personal data. The ICO has been clear on this: the obligations on fairness, transparency, security, and accountability apply to AI systems the same as to any other technology. That means governance belongs on the table before the contract is signed. If the firm serves EU customers or uses an AI system with EU-facing workflows, the EU AI Act’s risk-based obligations may also apply, even for a UK business.
When is a suite copilot the right first layer?
If your team’s working day runs through Microsoft 365, Copilot is the most natural starting point because it sits inside the tools staff already use. Email drafting, meeting summaries, document generation, and proposal prep all become faster without asking anyone to change where they work. The case is strongest when those tasks are the genuine bottleneck.
At £24.70 per user per month on an annual commitment, Copilot across 20 staff is a defensible spend when the tool sits in the daily workflow. Adoption that fragments, with staff using it occasionally rather than consistently, converts a sound investment into an expensive experiment. The return comes from whether the working pattern actually changes.
For firms standardised on Google Workspace, Gemini is the equivalent. It serves the same function inside Gmail, Docs, and Sheets, and the same adoption logic applies. Switching suites to gain access to an AI layer rarely pays back unless a migration was already on the agenda for other reasons. If you are already paying for Google Workspace, check whether Gemini access is bundled into your current plan before adding a new tool and a new contract.
When is a specialist tool the better choice?
If the team’s main pain isn’t email or documents, a suite copilot is answering the wrong question. Three distinct bottlenecks come up repeatedly in 20-person service businesses, each with a tool built specifically for it rather than a general assistant: inbound enquiries and support ticket volumes, bookkeeping and expense capture, and meeting transcription with follow-up actions.
Where customer enquiries are the drain, Intercom Fin is designed for deflection and conversation handling, priced per resolved conversation rather than per seat. It fits best when there is an existing knowledge base and a pattern of repeat questions. The usage-based pricing can rise sharply if query volumes spike, which makes monitoring the cost line important from day one.
Where the bottleneck is finance admin, Dext connects with Xero or QuickBooks to reduce manual data entry for receipts and invoices. It solves a narrower problem than a suite copilot, but the return is often quicker precisely because the pain is specific and the integration is clean.
Where the firm spends significant time in client calls and internal meetings, Otter.ai captures transcriptions and summaries without requiring a dedicated note-taker. Before running it on sensitive client conversations, the confidentiality terms warrant checking against the firm’s obligations to those clients. The NCSC advises treating any AI tool that touches client data as a third-party service requiring the same scrutiny as any other supplier.
What does it cost to get this wrong?
The two most common errors at this size are buying a full-team licence before confirming the workflow genuinely exists, and putting client data into a tool without checking who governs it. Both are recoverable. The first wastes money and erodes enthusiasm for the next attempt. The second creates data protection exposure that is harder to walk back, particularly where client personal data is involved.
The FCA has been explicit that regulated firms cannot hand off model risk and governance to an AI vendor; those responsibilities stay with the firm. For businesses working in regulated environments or supporting regulated clients, this matters from the moment any AI tool touches client information, not only when something goes wrong.
There is a third risk that receives less attention: system mismatch. Buying a tool that doesn’t connect to the system of record the business actually runs on adds duplication rather than removing it. Whether a tool integrates cleanly with Microsoft 365, Google Workspace, Xero, QuickBooks, HubSpot, or whichever platform currently holds the firm’s operational data is a more reliable basis for a purchasing decision than a feature list.
The CMA’s work on AI foundation models has also flagged the risks of bundling and lock-in in major platform AI offerings. If the firm is evaluating a suite-bundled AI, understanding what switching would cost is worth doing before committing rather than after. Hiscox’s 2024 Cyber Readiness Report reinforces the same point from a different angle: for SMEs, cyber and data events remain expensive, and any tool that expands the firm’s data footprint warrants treating as a security decision, not just a productivity purchase.
What should you ask before you commit?
Five questions worth working through before signing any AI tool contract. They are workflow and governance questions that a 20-person firm can answer in an afternoon, and the answers will tell you which tool class fits and what a justified budget looks like. Getting these clear upfront avoids being six months in with a tool that nobody is using.
First: where is the actual bottleneck, email, proposals, meetings, customer enquiries, or finance admin? Second: which system already runs the business, Microsoft 365, Google Workspace, Xero, QuickBooks, or something else? Third: what data will go into the model, and does any of it belong to clients or include personal information? Fourth: who is accountable for checking and approving AI outputs before they reach clients or inform decisions? Fifth: is the vendor’s pricing seat-based, usage-based, or bundled into something you already pay for?
The firms that get the most from AI at this size tend not to start with the biggest tool. They start with the sharpest problem, confirm it is genuinely solved, and expand from there.
