Before You Hire an AI Consultant in the Philippines, Read This

The Philippines is about to spend billions on AI it doesn’t understand.

The Philippine AI Report 2025 lays it out plainly: 92% of organizations have experimented with AI. Only 3% have operationalized it. That’s not an adoption curve. That’s a graveyard of proof-of-concepts.

And now the vendors are circling.

Every consulting firm in Metro Manila has bolted “AI” onto their services page. Every enterprise software company has an “AI-powered” badge. Every LinkedIn post from a local tech leader promises “transformation.” But here’s the question nobody’s asking: what are you actually buying?

I run AI in production. Not demos. Not decks. Not “AI strategy workshops” that end with a PDF nobody reads. I build systems where AI agents process real tasks, with real guardrails, every day.

Since launching this site in March 2026, I’ve published 14 technical articles on what production AI actually looks like, open-sourced a pre-action gate library for AI agent safety, and cross-posted my work to Dev.to for the developer community. This isn’t theory. It’s the work.

This guide covers the questions every business should be asking, because if you can’t answer these about your AI vendor, you’re not adopting AI. You’re renting someone else’s black box.

The 7 Questions Your AI Vendor Can’t Dodge

1. What LLM Powers Their Tool?

This is the first question, and most AI vendors in the Philippines can’t answer it clearly. Or won’t.

If a company tells you their product is “powered by AI” but can’t tell you whether that’s GPT-4o, Claude, Gemini, Llama, or a fine-tuned open-source model, that’s your first red flag.

Why it matters: The LLM determines your ceiling. It determines reasoning quality, context window limits, how well the tool handles Filipino business contexts, and how much you’ll pay per interaction. A vendor wrapping GPT-3.5 and charging enterprise rates for it is not “AI consulting.” That’s arbitrage. If you want to understand the model landscape yourself, I wrote a practitioner’s reference guide that breaks down which models fit which tasks, with real pricing. And if your vendor tells you their tool is just an LLM wrapper with a nice UI, that’s your second red flag.

What to ask:

• Which specific model and version? (Not “we use OpenAI.” Which model?)
• Do you update when new versions release, or are we locked in?
• Can we switch models if a better one fits our use case?

2. What Are the Token Costs, and Who Pays?

Every LLM interaction costs money. Input tokens, output tokens, reasoning tokens on newer models. Your vendor knows this. The question is whether they’re passing that cost transparently or burying it in a flat monthly fee that prints money for them.

The math matters: A single call to a frontier model (like Claude Opus or GPT-4o) with a 50,000-token context can cost $0.50-1.00. Multiply that by 500 daily queries across your team, and you’re looking at $250-500/day ($7,500-15,000/month) on API calls alone. If your vendor is charging you $5,000/month flat, either they’re using a cheaper model than they claim, or they’re throttling your usage behind the scenes.

What to ask:

• What’s your cost-per-query at our expected volume?
• Are we on metered or flat pricing? If flat, what’s the usage cap?
• Which tier of API access are you on? (This matters for data privacy. See Question 4.)

3. Where Does Your Data Go?

This is the question that separates real AI consultants from PowerPoint consultants.

When your team types a customer complaint into an AI tool, that text goes somewhere. It hits an API endpoint. It gets processed on a server. That server lives in a specific country, under specific data laws.

For Philippine businesses, this is critical. The Data Privacy Act of 2012 (RA 10173) requires data controllers to ensure adequate protection of personal data, including when processed overseas. If your AI vendor can’t tell you where data is processed and stored, you’re in compliance limbo.

What to ask:

• Is data processed locally or on international cloud infrastructure?
• Which cloud provider and which region? (US-East? Singapore? Europe?)
• Is data stored after processing, or is it ephemeral (processed and discarded)?
• Do you have a Data Processing Agreement (DPA) that covers AI-processed data?

4. Does Your AI Train on Our Data?

This is the one that keeps CIOs up at night. Or should.

Most consumer-tier AI tools (ChatGPT Free, Gemini Free) explicitly state that conversations may be used to improve their models. That means your proprietary business data, customer information, and strategic documents could become part of a training dataset that benefits your competitors.

The tiered plan distinction is everything:

• Free/consumer tier: Your data likely trains the model. You agreed to it in the Terms of Service nobody read.
• API/enterprise tier: Most providers commit to NOT training on API data. OpenAI’s API terms, Anthropic’s usage policy, and Google’s Cloud terms all include these protections. But you need to verify this per vendor.
• Self-hosted/on-premise: Your data never leaves your infrastructure. Highest control, highest cost.

What to ask:

• Are you on API/enterprise access, or consumer tier?
• Show me the provider’s data usage policy for your tier.
• Is there an opt-out mechanism for model training, and is it enabled by default?

5. What Security Architecture Exists Between Your Data and the AI?

A serious AI consultant doesn’t just connect your systems to an LLM and walk away. They build a security layer between your data and the model.

What good looks like:

• PII stripping before data hits the LLM. Names, account numbers, and emails get replaced with tokens, then re-mapped after processing.
• Prompt injection defenses. Preventing users or external data from hijacking the AI’s instructions. This is not hypothetical. I cataloged 575 malicious AI skills in a single tool registry. The attack surface is real and growing.
• Pre-action gates. Mechanical enforcement that blocks dangerous AI actions before they execute, not behavioral “please don’t do that” prompts. I open-sourced a library for this because the pattern is that important.
• Audit logging. Every AI interaction logged with input, output, timestamp, and user ID.

What bad looks like: “We use ChatGPT. Here’s the login.”

What to ask:

• What happens to sensitive data before it reaches the LLM?
• How do you prevent prompt injection attacks?
• Is there an audit trail for AI-generated outputs?
• Have you done a security assessment specific to your AI pipeline?

6. Is the AI a Tool or a Team Member?

This distinction changes everything about how you evaluate, deploy, and budget for AI.

AI as a tool: Your team uses it like a search engine or calculator. They type a question, get an answer, move on. Low integration, low risk, low value. Most “AI adoption” in the Philippines lives here. Someone bought a ChatGPT team license and called it transformation.

AI as a team member: The AI is embedded in your workflow. It reads your CRM data, drafts responses, flags anomalies, generates reports on schedule, and escalates decisions to humans. It has context about your business. It has guardrails about what it can and can’t do. It runs supervised, not autonomously.

I’ve written about this distinction as “harness engineering”: the discipline of building the scaffolding that turns raw AI capability into reliable daily operations. The harness is everything your vendor should be building around the model. If all they’re delivering is the model, you’re doing the hard part yourself.

What to ask:

• How does your AI integrate with our existing systems (CRM, ERP, helpdesk)?
• What level of autonomy does the AI have, and where are the human checkpoints?
• What happens when the AI gets something wrong? What’s the recovery process?

7. What Happens When It Breaks?

Every AI system breaks. Models hallucinate. APIs go down. Context windows overflow. Prompts that worked yesterday fail after a model update.

Your vendor needs a plan for this, not just a shrug. I’ve seen what happens when AI runs without guardrails: an AI agent deleted a production database in 9 seconds. No confirmation. No review step. Just raw autonomy doing exactly what it was told, with nobody checking whether “what it was told” was correct.

What to ask:

• What’s your SLA for AI-specific incidents (not just server uptime)?
• When the underlying model updates, how do you test for regressions?
• If the AI produces a wrong output that we act on, what’s the accountability framework?
• Can we roll back to a previous model version if an update degrades performance?

Red Flags When Hiring an AI Consultant in the Philippines

You don’t need all 7 answers to be perfect. But if you see these patterns, walk away:

If you’re evaluating vendors right now and need a practitioner’s perspective, reach out.

What Real AI Operations Look Like

I’ll be direct about what I bring to this conversation.

I co-founded and run Aether Global Technology Inc., a Salesforce consulting firm in Manila. Over 14+ years in enterprise tech, I’ve led deployments for clients in aviation, banking, pharmaceutical, healthcare, logistics, and legal, including a record-time Salesforce Service Cloud deployment across 3 call centers in 89 days for a major national airline.

Separately from client work, I built a production AI operations system as a personal R&D lab. I don’t sell it. I use it every day to run my own work across multiple projects and platforms. That daily practice is where the articles on this site come from.

What I’ve published in 2026:

• 14 technical articles on production AI patterns, from context engineering to why multi-agent AI fails to the security risks of vibe coding
• Open-source code: ai-agent-gates, a pre-action gate library for AI agent safety (zero dependencies, tested with Claude and Gemini)
• Developer community: 6 cross-posts on Dev.to reaching the global developer audience
• Speaking: Presented “The Agentic AI Landscape” at the LivePerson x Aether enterprise event, March 2026, Makati

I’m telling you this because credentials matter when you’re vetting someone. And the best credential is published work you can actually read and evaluate.

What this taught me about hiring AI consultants in the Philippines:

Start with one process, not a platform. The companies that succeed with AI pick one painful, repetitive process (lead qualification, report generation, customer triage) and automate it with guardrails. The companies that fail buy a platform and try to “transform everything.”

Autonomous agents are a trap. They look impressive in demos. In production, they compound errors at machine speed. The right model is supervised agents, where AI does the heavy lifting and humans verify the output before it goes anywhere that matters. I wrote about why this matters for the Philippines specifically.

Your vendor’s harness is worth more than their model. The difference between an AI that gives generic answers and one that gives useful, specific answers isn’t the prompt. It’s the context infrastructure feeding the model, the gates preventing bad actions, the memory that persists between sessions. That’s what separates a toy from a production system.

Security can’t be bolted on later. I cataloged 575 malicious AI skills in a single tool registry. The AI supply chain attack surface is real and under-discussed. Your AI consultant should be able to explain their security architecture in detail. If they can’t, they haven’t built one.

Wrong answers are expensive. Philippine businesses are cost-sensitive, and that’s rational. But a ₱5,000/month tool that gives wrong answers 30% of the time costs more than a ₱25,000/month system that’s reliable. The wrong answers cost you customers, rework, and trust.

Before You Sign Anything

If you’ve read this far, you’ve already gotten more actionable AI guidance than most consulting engagements in the Philippines will give you.

The AI consulting market here is young, and most businesses don’t yet know what questions to ask. That’s not their fault. The vendors aren’t helping. They’re selling solutions to problems they haven’t bothered to understand.

Five things to take with you:

1. Don’t start with “which AI tool should we buy?” Start with “which process hurts the most?”
2. Vet your vendor with the 7 questions above. If they can’t answer them, they’re not ready to serve you.
3. Demand a proof-of-concept on YOUR data, with YOUR process, before signing anything longer than 3 months.
4. Read your vendor’s published work. If they don’t have any, ask yourself why you’d trust them with your AI strategy. (Here’s mine.)
5. Choose consultants who build, not just advise. The gap between “AI strategy” and “AI in production” is where most engagements die. I wrote about that gap in The Rip-and-Replace Trap, and it applies to consulting relationships too.

If you’re evaluating AI consultants and want to compare notes with someone who builds these systems daily, I’m always up for a conversation.

Tom Tokita is the President and CEO of Aether Global Technology Inc., a Salesforce consulting firm in Manila. He builds AI operations infrastructure as a daily practice and publishes technical articles, open-source tools, and production patterns at tokita.online. Connect at [email protected].