How We Built RiskPod: 550 Signups in 48 Hours From a £45K Build (vs £130K Agency Quotes)

The full story of building a compliance contractor marketplace — from agency rejection to 550 signups on launch day.

Mark got quoted £130K+ by agencies for a compliance contractor marketplace. We built RiskPod for £40K in 30 days. It got 550 signups in 48 hours. Here is the full build story.

Mark Weclawek went to agencies first. He had a clear vision: a platform connecting compliance and risk contractors with financial services job opportunities. The recruitment process was manual — spreadsheets, scattered email threads, no centralised matching. He knew software could fix it.

The agencies agreed. They also quoted £120K–£130K+. Six-month timelines. 47-page proposals full of phases, milestones, and deliverables. It looked professional. It felt safe. It also meant he'd need to raise money just to find out if his idea worked.

That's when Mark found me.

The problem: a recruitment business running on spreadsheets

Compliance and risk recruitment is a specialist niche in financial services. Contractors have specific certifications, jurisdiction experience across 16 regulatory territories (UK, Jersey, Guernsey, EU, Singapore, Hong Kong, and more), and rate expectations in multiple currencies.

Mark's recruitment operation was doing all of this manually. Matching contractors to roles meant scanning spreadsheets, checking availability by email, and hoping the right person was still free. Every job required hours of coordination. Communication happened across dozens of email threads, making audit trails nearly impossible.

The business was successful — but it couldn't scale. Every new job required the same manual effort. The spreadsheet was the bottleneck, and it was throttling growth.

What we built: the full platform

I sent Mark a working prototype on day 5. Not a proposal — a product. That single moment changed the trajectory of the entire project, because he could see it, touch it, and start giving feedback immediately.

Over 30 days, we shipped a complete compliance contractor marketplace:

Contractor onboarding — a 10-step wizard capturing personal details, skills, rates in GBP/USD/EUR, jurisdictions, certifications, and documents. Profile completeness scoring gates job matching at 70%, so incomplete profiles don't waste recruiter time.

5-dimensional matching engine — a weighted algorithm scoring contractors on skills (40%), rate compatibility (20%), jurisdiction experience (20%), availability (10%), and profile completeness (10%). Transparent match reasoning explains why someone ranks high or low, not just that they do.

Secure document management — a dual-storage system with token-based access, verification workflow, and complete audit logging. Every document access is tracked with IP, user-agent, and denial reasons. This is non-negotiable in financial services compliance.

Real-time messaging — WebSocket-powered conversations with threading, file attachments, and read receipts. Replaced the 19 different email threads per job with one searchable channel.

Email broadcast system — template creation, variable replacement, recipient targeting, and comprehensive analytics tracking delivery, opens, clicks, and bounces.

Admin dashboard — real-time statistics, contractor management, document verification queue, and a notification centre with deep linking.

The technical footprint: 166+ API endpoints, 30+ database tables, 19 email template types, and 16 jurisdiction coverage. Built on React, TypeScript, Node.js, PostgreSQL with Drizzle ORM, Supabase Auth, and WebSockets.

The decision that made the matching engine work

The most impactful product decision wasn't technical — it was making profile completeness a first-class metric that directly affected contractor outcomes.

Most platforms nag users with reminder emails. We took a different approach: incomplete profiles simply don't get matched. Contractors complete their profiles because an incomplete profile means no job opportunities. No nagging required.

The 70% threshold was deliberate. High enough to ensure quality matches, low enough that it's achievable without being onerous. Contractors who reach 70% automatically transition from draft to active status.

This solved a problem that plagues every marketplace platform: getting supply-side quality without friction. The incentive is structural, not behavioural.

What the agencies were actually quoting for

After building RiskPod, I went back and looked at what the £130K agency quotes actually contained. The features were broadly similar — onboarding, matching, document management, messaging.

The difference was in how the work was structured. A traditional agency quote for this project typically includes a product strategist, a UI/UX designer, a frontend developer, a backend developer, QA, and a project manager. Six people, all coordinating with each other and with the client.

That coordination tax is real. Every meeting, every handoff, every "can you review this before I pass it to dev" adds time. Not because the people aren't good, but because the model requires synchronisation between specialists.

With AI-accelerated development, the coordination tax collapses. One person making product decisions, design decisions, and implementation decisions in real-time. No handoffs. No waiting for the next sprint review.

The result: £40K instead of £130K+. 30 days instead of 6 months. Same product. Same quality. Dramatically less overhead.

The technical decisions that mattered

Three technical choices shaped RiskPod's architecture in ways that wouldn't be obvious from the outside:

Webhook-first email architecture. We instrumented email analytics from day one. Every delivery, open, click, and bounce is captured via Resend webhooks and tied back to both transactional emails and broadcast campaigns. In recruitment, knowing that a job invitation was delivered but not opened changes how you follow up. Building this retrospectively would have been painful — instrumenting from the start was cheap.

Token-based secure document access. Contractor documents (passports, certifications, compliance records) can't live behind simple URLs. We built application-layer tokens that log every access attempt, enforce role-based permissions, and can be revoked without regenerating URLs. Essential for any compliance-heavy platform.

Dual storage with sync tracking. Files write to both local filesystem and Supabase cloud storage simultaneously, with a status field tracking sync state. This gives reliable local access during development and cloud redundancy in production. Zero document loss incidents.

Launch: 550 signups in 48 hours

Mark launched RiskPod and got 550+ signups in 48 hours. Not email subscribers — actual platform signups. Contractors creating profiles, uploading documents, and making themselves available for matching.

That number matters not because it's large, but because it's real. These aren't people clicking a landing page button. They're people going through a multi-step onboarding process, entering personal details, uploading certifications, and specifying their rates across multiple currencies.

The platform validated immediately because it solved a real problem that Mark's existing network already felt. They didn't need to be convinced. They needed the tool.

What happened next

RiskPod now generates a £10K/month retainer for ongoing development. The platform is growing into a two-sided marketplace, with features expanding based on actual usage data rather than assumptions.

The key insight for other service business founders: Mark didn't need to raise money. He didn't need six months. He needed to ship something real, get it in front of his network, and iterate from there.

The agencies weren't wrong about what needed to be built. They were wrong about what it should cost and how long it should take.

Lessons for service business founders

Your recruitment process is your product. Mark's matching methodology — how he evaluated contractors, what mattered most, how he weighted different factors — became the algorithm. The software didn't replace his judgment. It encoded it.

Ship a prototype in days, not months. The working prototype on day 5 did more for alignment than any specification document could. When the founder can see the product early, feedback is concrete. "Move this button" is clearer than "I'm not sure about the information architecture."

Don't build for scale on day one. Stripe payment infrastructure is ready but not implemented. When there's revenue to process, we'll turn it on. Building payment processing for a pre-revenue platform would have been wasted effort.

The 80/20 rule applies to AI builds. AI tools got us to 80% of the code quickly. The remaining 20% — the matching algorithm weights, the document security model, the multi-currency handling, the webhook architecture — required human judgment and domain expertise. That's the final 10% that separates revenue-generating products from unused prototypes.

---

Frequently asked questions

How long did it take to build RiskPod?

30 days from start to production deployment. A working prototype was delivered on day 5. The remaining time covered the matching algorithm, document security, messaging, email system, and admin dashboard.

How much did RiskPod cost to build?

£40K total — compared to agency quotes of £130K+. The cost difference comes from eliminating the coordination tax of multi-person agency teams and using AI-accelerated development.

What technology is RiskPod built with?

React 18, TypeScript, Node.js, Express, PostgreSQL with Drizzle ORM, Supabase Auth, WebSockets for real-time messaging, Resend for email, and OpenAI for CV parsing.

Can any service business build a marketplace like this?

Any service business that matches supply to demand — contractors to roles, experts to clients, specialists to projects — is running a marketplace without the platform. The methodology you use to make those matches is the product. Read more in how service businesses build two-sided marketplaces.

---