AI Governance
The framework that lets a firm expand AI without creating exposure: an acceptable-use policy, input restrictions, output-review standards, and vendor due diligence, written for your obligations rather than lifted from a template.
According to the Clio Legal Trends Report, 79% of legal professionals have used AI in their practice, and 44% of firms still have no formal AI governance policy. That gap is the risk. Shadow AI use without a framework is how confidential information ends up in a consumer-tier tool, how an unvetted vendor ends up training on client data, and how a hallucinated citation ends up in a filing. We build the framework that lets a firm expand AI deliberately instead of discovering its exposure after the fact, as part of the wider Legaltech & AI practice.
The rules have not changed
ABA Formal Opinion 512 (July 2024) made the point that frightened a lot of people and should have reassured them: generative AI is permitted, and your existing obligations apply unchanged. Competence, confidentiality, and supervision carry the load. Under Rules 5.1 and 5.3, managing lawyers must establish policy and ensure that lawyers and non-lawyer staff comply. The opinion also expects informed client consent before confidential information goes into a self-learning tool, and is explicit that boilerplate consent buried in an engagement letter is not sufficient.
| Framework | Applies to | What it asks for |
|---|---|---|
| ABA Opinion 512 | US lawyers (model rules) | Competence, confidentiality, supervision, informed consent |
| State bar guidance | CA, FL, NY, TX, and more | Jurisdiction-specific overlays on the above |
| NIST AI RMF | Any organisation, voluntary | Govern, map, measure, manage AI risk |
| EU AI Act | Firms operating in or serving the EU | Risk-tiered duties, transparency, record-keeping |
What a usable AI policy actually contains
A policy nobody can follow is theatre. A usable one is concrete, and every line maps to something a person can do on a Monday morning.
- Acceptable use: what AI may and may not be used for, in plain language, with a named accountable owner.
- Input restrictions tied to data classification: not “be careful,” but “this category of material, in this tool, under these conditions.”
- Output review proportionate to risk: a memo gets a different level of checking than a filing.
- A vendor and DPA register: which tools are approved, on what terms.
- A light audit trail: enough to show how AI is being used if a client, a regulator, or a court asks.
Vendor due diligence is the part firms skip
Before a tool is approved we check it against training-data terms (does it train on your inputs), data residency and sub-processors, DPA and zero-data-retention availability, security posture, and confidentiality risk. The output is a register and a recommendation a firm can defend, not a feature comparison from a vendor’s website. A tool that looks the same in a demo can sit on opposite sides of the confidentiality line depending on its terms, which is exactly the distinction that governs how we deploy Claude and build integrations.
Governance is what makes pilots survive
The pilots that quietly die rarely die of bad technology. They die of ungoverned use that someone eventually notices, a confidential input in the wrong tool, an output that reached a client unchecked, a vendor nobody vetted. We unpacked this pattern in the three failure modes of legal AI pilots. A framework drafted before the rollout, not after the incident, is what lets a firm say yes to AI with its eyes open.
Common pitfalls we are brought in to fix
- The blanket ban. Prohibition does not stop use, it drives it into the shadows where you cannot see it. A realistic policy beats an ignored one.
- Boilerplate consent. A line in the engagement letter is not the informed consent Opinion 512 contemplates for confidential inputs.
- No data classification. Without it, “be careful” is the whole rule, and nobody knows what that means in practice.
- Unvetted vendors. Tools adopted on a marketing page, with no check of training terms or DPA.
- A policy nobody reads. Written once, circulated, never trained on or reviewed.
The data-classification scheme is the spine
Every workable AI policy hangs off a classification of the firm’s information. Without it, every rule collapses into “use judgement.” We define a small, usable set of categories, from public marketing material through to privileged and client-identifying matter content, and map each category to what may be done with it and in which tool. That is what turns an aspiration into an instruction a fee-earner can follow without calling the general counsel. The scheme stays short on purpose; a taxonomy nobody can remember is a taxonomy nobody applies.
What the EU AI Act asks of a law firm
For firms operating in or serving the EU, the AI Act adds a risk-tiered layer on top of professional-conduct rules. Most legal-practice uses fall into the lower-risk tiers, where the duties are mainly transparency and record-keeping rather than heavy conformity assessment. The work is knowing which uses sit where, and building the light evidence trail the Act expects before a regulator asks for it. We map the firm’s AI uses to the tiers and fold the obligations into the same framework as the bar rules, so there is one policy to follow, not two.
A worked example
A mid-sized firm came to us after a client security review found that associates had been pasting draft agreements into a consumer chatbot. We ran a use audit, wrote a policy against their classification scheme, vetted and approved two tools on proper terms, retired the rest, and trained every team on the new rules in a single afternoon. The client review passed on the second pass. Nothing about the technology was exotic. What changed was that the firm could now show, on demand, exactly how AI was being used and why it was safe.
Who should own AI governance
A framework with no owner decays. We recommend a single accountable person, often a COO, an innovation lead, or a designated partner, with a short standing brief: keep the vendor register current, review the policy on a set cadence, and field the questions fee-earners actually have. The owner does not need to be technical. They need the authority to approve a tool and the discipline to retire one. We set the role up and, where a firm lacks the bandwidth, hold it on retainer until they are ready to take it in-house.
How we build governance that gets followed
Assessment of current and shadow AI use, a policy drafted against your confidentiality, privilege, and bar obligations, a data-classification scheme the input rules can hang on, training so the rules are understood rather than just circulated, and a review cadence so the framework stays current. It is written to be owned, with plain language, a named owner, and a defined cadence, so it stands without us. We can maintain it on retainer, but it is built not to need us. It is the foundation the rest of the Legaltech & AI practice is delivered on.