Seven Years as the CTO a Financial Firm Wouldn’t Let Go
Client context
A financial advisory firm of around a dozen staff, serving international clients — a business where the website is the lead engine: roughly 4,000 published articles compound into search traffic, and search traffic compounds into advisory clients. Technology mistakes here don’t just cost money; they cost rankings, leads, and regulatory standing. I have been their fractional CTO for seven consecutive years — a few days a month, covering technology strategy, vendor decisions, and security posture.
The situation
The firm’s content platform ran on self-hosted WordPress: a plugin stack accumulating risk, a dedicated server that suffered a DDoS-driven near-outage mid-engagement, and — discovered during the work — a form bug that had been silently losing leads for weeks. The CEO wanted the entire operation consolidated onto a managed, CRM-integrated platform (HubSpot) without sacrificing a decade of accumulated SEO. Nearly 4,000 posts, ~300 pages, and 13,000+ legacy redirect rules had to arrive intact — with no agency, no internal engineering team, and a fixed budget of consulting days.
What I did — the judgment calls
Treated the migration as a verification problem, not a copying problem.
Every page was checked for content fidelity against the original, and before any DNS change, a purpose-built gate script tested all 4,445 legacy URLs against the new platform. The green light was evidence, not optimism.
Avoided a five-figure licence upsell with 19 redirect rules.
The new platform’s URL structure would have 404’d every legacy blog URL at cutover; the vendor’s fix required their most expensive licence tier. Nineteen carefully-scoped pattern redirects — configured to fire only when no real page matches — achieved full coverage at zero additional licence cost.
Designed the cutover around instant reversibility.
DNS was switched with a one-toggle rollback path prepared in advance. When the first cutover attempt hit a platform provisioning window and returned site-wide 404s, the site was back on the old platform within minutes, the root cause was diagnosed and fixed, and the re-cut completed successfully the same day. The client’s downtime was contained because the revert lever existed before it was needed.
Used an AI-agent team to deliver agency-scale throughput solo.
Parallel AI coding agents rebuilt competing versions of key landing pages (scored, client picked the winners), batch operations ran with dry-run-first discipline (2,265 images re-hosted, 926 posts link-fixed, 587 stuck posts published — each with zero failures), and a written coordination protocol kept automation away from anything live. Transparent to the client throughout — the AI leverage is part of what they’re buying.
Kept security and compliance load-bearing, not decorative.
Analytics rebuilt with consent-mode defaults appropriate to European visitors; an email-deliverability audit caught a misconfigured sending domain quarantining the firm’s mail; 20,000+ historical leads recovered from a decommissioned plugin and handled under strict data-privacy discipline; and the firm’s regulatory disclaimers rebuilt to render site-wide on the new platform.
Results
- Live on the new platform with 293/293 pages and 3,996/3,997 posts verified resolving at launch — the single exception a working redirect.
- ~14,000 redirect rules preserving a decade of SEO equity; zero content loss across ~4,000 migrated posts.
- Delivered solo in 35 consulting days — scoped at 27, extended repeatedly at the client’s request as confidence grew, and converted post-launch into an ongoing infrastructure retainer.
- Retained continuously for seven consecutive years — in a business run by a famously hard-nosed operator. Retention is the result.
Weighing a full-time CTO hire, or a technology decision you can’t fully vet? Book a 20-minute call.