AI for Law Firms
Without the Hallucinations
Fee earners are already using AI for research, drafting and document review. A firm-wide approach needs matter-level access, source checks, human approval and a record that satisfies the people responsible for professional standards.
61%
OF UK LAWYERS NOW USE GENERATIVE AI (LEXISNEXIS 2025)
18
FABRICATED CITATIONS IN AL-HAROUN, 2025
75%
REVIEW TIME CUT IN ONE THOMSON REUTERS CASE STUDY
Fee earners are already using public AI tools
Lexis put UK lawyer adoption at 61% in late 2025. The Law Society's guidance is clear: client-sensitive material shouldn't go into public generative AI. It does anyway, daily, because the public tools are the ones already open in another tab.
In June 2025, Dame Victoria Sharp told the High Court that tools like ChatGPT "are not capable of conducting reliable legal research". One solicitor's witness statement relied on 45 authorities, 18 of which didn't exist. The barrister in the parallel case was referred to the Bar Standards Board, the solicitor to the SRA.
If you don't give the firm a private stack, the firm builds its own. Usually badly.
PUBLIC CHATGPT, ON THEIR PHONE
- Client material trained into someone else's model
- Fabricated authorities filed under your firm's name
- No audit log of what was asked or sent
- Confidentiality breach you only find out about later
- COLP can't answer the SRA when asked
PRIVATE STACK, RUN BY YOU
- No-training contracts with the underlying providers
- Citations verified against a real case database before they reach a brief
- Every prompt, file and answer logged, per matter
- Matter-level access controls and conflict checks
- A policy your COLP can hand to the regulator on Monday
Legal work worth automating
The practical starting points are document review, controlled drafting, intake, internal search and research support where a solicitor still checks the sources and conclusion.
Disclosure and review
Tag, cluster and summarise a bundle while keeping the source reference beside every output. The fee earner still decides what is relevant and what reaches the client or court.
First-draft contracts and letters
Engagement letters, NDAs, leases, employment contracts off your own precedents. Thomson Reuters report customers cutting review and drafting time by upwards of 60% on this kind of work. A senior still signs it off.
Intake and triage
Conflict screen, jurisdiction check, eligibility, fee bracket. Done before a fee earner has read the email. You get a triaged inbox, not a backlog.
Internal knowledge search
Find the clause from the 2022 matter that mirrors the one open now. Plain English in, the actual paragraph out, with the file reference attached.
Verified research
Research over a real authorities database, not an open-web guess. Every citation is checked against a live source before it can be quoted. If it can't be found, it doesn't appear.
How we start
Four phases. Confidentiality first, productivity second, regulator-ready evidence running underneath both. Fixed-scope, priced up front, no eighteen-month transformation programme.
We work alongside your COLP and IT lead. You keep the code, the prompts, the logs and the data.
BOOK A SCOPING CALLConfidentiality and risk audit
We map current unapproved use, data flows, provider terms and the gap against Law Society and SRA guidance. The output identifies affected matters or client types, owners and immediate controls.
Build the private stack
An internal interface your fee earners use, sitting on top of models contracted not to train on your inputs. Matter-scoped access, logging per prompt, verification against a real case database before any citation leaves the building.
Wire it into the work
Disclosure review, first-draft contract generation, intake triage, precedent search. Plugged into what you already use: SharePoint, iManage, NetDocuments, Clio, ActionStep, your PMS. No "log into yet another portal".
Policy, training, evidence
A written AI policy your COLP can stand behind. Training for fee earners and support staff on what's safe to put in, what's not, and how the verification gate works. A logged trail that answers the SRA before they ask.
AI errors reported in UK courts
These reported cases show the same operational failure: a lawyer relied on public AI output without verifying the authorities before filing.
Ayinde v Haringey
A pupil barrister cited five non-existent cases in submissions for Haringey Law Centre, denied using AI, and could not later locate the sources. The Divisional Court referred her to the Bar Standards Board and the Law Centre's solicitor to the SRA.
Al-Haroun
A solicitor's witness statement, in a £89m claim against Qatar National Bank, leaned on 45 authorities. Eighteen of them did not exist. The court referred the solicitor to the SRA in the same judgment.
Mata v Avianca
The first one. Two New York attorneys filed a brief with ChatGPT-fabricated cases, fictional airlines and all. Judge Castel found subjective bad faith, dismissed the claim and fined them $5,000. Damien Charlotin's tracker has logged more than 700 similar judgments worldwide since.
Sources: Royal Courts of Justice judgment (Bailii [2025] EWHC 1383 (Admin)), Law Gazette, Legal Futures, LexisNexis Generative AI report, SDNY Mata v Avianca order, AI Hallucination Cases database (damiencharlotin.com).
When this is worth discussing
We work best when there is a real operating problem, enough volume to measure and people from the affected teams who can make decisions.
Usually a good fit
- An established UK business, usually with annual revenue above £10m
- A repeated process with a known cost, delay, error rate or capacity problem
- A senior sponsor and a day-to-day owner who understand the work
- Access to the relevant staff, systems, sample records and security requirements
We may point you elsewhere
- A standard product already covers the process well
- The requirement is a one-off small build with no wider operating case
- There is no owner or access to the people and data needed to test the result
- The plan relies on AI making high-impact decisions with nobody responsible for review
Questions the buying team will ask
Doesn't AI in a law firm just blow up confidentiality?
Confidentiality depends on the provider terms, product tier, configuration, region, access and the material submitted. We document those controls and work with the firm's privacy and security owners before client material is used. Public consumer AI accounts are not treated as an approved client-data route.
What if it hallucinates a case?
We never let it free-recall authorities. Research runs over a real case database, every citation is checked against a live source before it ever lands in a draft, and anything the model "remembers" without a verifiable hit gets stripped. The fee earner still reads what they sign. Belt and braces, because the regulator already told us this is on us.
Will it kill our billable hours?
It may. The firm needs to decide whether saved time creates capacity, changes a fixed fee or affects a billable-hour target. We include finance and matter owners in the value case so the commercial effect is agreed before the workflow is rolled out.
Does our COLP have to do anything new?
Yes, and we make their job easier rather than harder. The SRA's line is that the COLP carries the can when new technology is introduced. We hand them the policy, the audit log, the supplier list and the training records, in a form they can show the regulator. Their evidence pack is built as we go, not back-filled later.
We're a small firm. Is this realistic for us?
Especially for you. The SRA's Risk Outlook on AI put sole-practitioner and small-firm adoption at around 14%, against roughly three-quarters of the largest firms already using it. That gap's a competitive one now. A focused stack for a 5 to 50 fee-earner firm doesn't need an in-house engineering team.
Can we use Harvey, Lexis+ AI or Thomson Reuters CoCounsel instead?
Sometimes that's the right answer and we'll tell you when. The big vendor tools are strong on research and contract review out of the box. They're weaker on the things specific to your firm: your precedents, your matter management, your intake forms, your billing system. We often run a small private stack alongside a vendor product, with each doing what it's good at.
How long does it take?
The first phase covers one defined use case, representative matters, source checking and professional review. We agree the success and stop criteria before the firm commits to wider use.
Who owns it at the end?
The agreement states ownership of code, prompts, precedent indexes and audit records. Hosting, support, access and handover are agreed with the firm's technology and information-security owners.
Talk to us about AI in your firm
Tell us what fee earners use today, which matters and data are in scope and who owns professional standards. We will identify a first workflow and the controls it needs before wider use.