Artificial Intelligence in focus

WHy Agentic AI IS A CORE ENTERPRISE AND GOVERNANCE RISK

Agentic artificial intelligence represents a significant development beyond conventional generative AI. Rather than simply responding to prompts, agentic AI systems can set goals, plan actions, use tools, interact with systems and execute multi-step tasks with limited human intervention. For the legal sector, this creates substantial opportunities to improve productivity, matter management, research, contract review, client service and operational efficiency. It also introduces material risks relating to professional judgement, confidentiality, regulatory accountability, liability, supervision and client trust. Law firms should therefore treat agentic AI as an enterprise risk and governance issue, not merely a technology procurement decision.

What is Agentic AI?

Agentic AI refers to AI systems that can pursue objectives and complete tasks with a degree of autonomy. Traditional generative AI produces content when prompted. For example, a draft email, a summary, or a research note. Agentic AI goes further. It can break a task into steps, decide what information it needs, access approved tools, retrieve documents, compare options, trigger workflows, and refine its output based on new information.

For the legal sector, this creates substantial opportunities to improve productivity, matter management, research, contract review, client services, and operational efficiency. An agentic AI system might monitor a transaction checklist, identify missing documents, draft reminder emails, search an internal knowledge bank, update a matter plan, and escalate risks to the supervising lawyer. It might assist with due diligence by reviewing a data room, categorising documents, flagging unusual clauses, and preparing a risk summary. It may also support compliance teams by triaging alerts, preparing file review reports, or monitoring regulatory change.

This distinction – between AI that is generative, and AI that is agentic – is important. When AI moves from producing content to taking action, risk profiles change. While a drafting tool can be reviewed before use, an agentic system may interact with documents, systems, people, or workflows before a human has considered each step. That has implications for supervision, accountability, and professional standards.

Opportunities for firms

The potential benefits of agentic AI are considerable. Properly governed agentic AI could reduce administrative burden, improve matter visibility, enhance consistency and allow lawyers to focus on judgement, strategy and client relationships. It could accelerate legal research, automate routine document management, support project management and improve responsiveness to clients. In compliance and risk functions, it could help identify missing client due diligence, track policy attestations, monitor sanctions alerts and generate management information for boards and risk committees.

However, those benefits will only be sustainable if firms embed controls from the outset. The legal sector cannot approach agentic AI as a simple efficiency tool. Because legal advice carries professional obligations, the deployment of autonomous or semi-autonomous systems must preserve confidentiality, competence, independence, accountability and client confidence.

Key risks for the legal sector

Law firms should treat agentic AI as an enterprise risk and governance issue, not merely a technology procurement decision. AI can introduce material risks relating to professional judgement, confidentiality, regulatory accountability, liability, supervision, and client trust.

Benefits will only be sustainable if firms embed controls from the outset, the legal sector cannot approach agentic AI as a simple efficiency tool. Because legal advice carries professional obligations, the deployment of autonomous or semi-autonomous systems must preserve confidentiality, competence, independence, accountability, and client confidence.

The following list looks at the pertinent risks in more depth:

1

Professional judgement and over-reliance

The most significant risk is the gradual substitution of legal judgement with automated output. An agentic AI system may appear confident, efficient, and logical, but it may misunderstand context, misapply law, miss nuance, or generate incorrect conclusions. If lawyers rely on its actions without proper review and verification, the firm may face negligence, conduct, and client service risks.

2

Confidentiality and data protection

Agentic AI may need access to emails, documents, document management systems, practice management platforms, and client files. Without clear permissions, data boundaries, and vendor controls, confidential information could be exposed, used for model training, accessed by the wrong users, or transferred outside of approved environments.

3

Accountability and liability

Agentic AI challenges traditional lines of responsibility. If a system sends a communication, updates a matter status, misses a deadline, or escalates an issue incorrectly, the firm must be able to determine who authorised the action, what controls were applied, and how the decision was reviewed. Clients and regulators will expect clear human accountability.

4

Regulatory and ethical compliance

Firms must consider duties of competence, supervision, client care, confidentiality, and transparency. Where AI assists in legal work, firms should consider whether clients should be informed, engagement terms need updating, and outputs require enhanced review. There may also be implications for equality, bias, data retention, outsourcing, and third-party risk management.

5

Operational and cyber risk

Agentic AI is likely to connect with multiple systems through integrations and application programming interfaces. This can increase efficiency, but also widen attack surfaces. A compromised agent could access sensitive files, send misleading communications, or trigger inappropriate workflows at scale. Poorly configured permissions could allow actions beyond the intended authority of the system.

6

Market and workforce impact

Agentic AI may reshape resourcing models, fee structures, and client expectations. Junior lawyers may lose opportunities to develop skills if routine tasks are automated without a training strategy. Conversely, firms that fail to adopt AI responsibly may become less competitive as clients expect faster, more transparent, and more cost-effective delivery.

7

Chatbots and AI meeting assistants

A growing risk is the use of chatbots or AI note-taking assistants that join client calls, internal strategy meetings, board meetings, or regulatory discussions. These tools may record, transcribe, summarise, and store discussions, creating permanent and searchable records that may not otherwise have existed. In a legal sector context, this can create risks around confidentiality, legal professional privilege, data protection, client consent, retention, discovery, and cyber security. AI-generated transcripts may also misinterpret nuance, attribute comments incorrectly, or produce sum-maries that differ from formal minutes – creating evidential and reputational risk if later relied on by clients, regula-tors, or opponents in litigation.

Mitigating agentic AI risk

Firms should establish an AI governance framework approved by senior leadership. This should define permitted use cases, prohibited activities, approved tools, data handling rules, escalation routes and accountability. Higher-risk uses, such as legal research, client communications, contract analysis or regulatory advice, should require documented human review before reliance or external use.

Access controls should be designed on a least-privilege basis. Agentic systems should only access the documents, systems and functions required for the approved task. Firms should maintain audit trails showing prompts, source material, decisions, actions, approvals and outputs. This is essential for supervision, dispute resolution, regulatory engagement and professional indemnity analysis.

Vendor due diligence is critical. Contracts should address confidentiality, data processing, model training, data location, security standards, incident notification, audit rights, service continuity, liability and termination. Firms should avoid deploying tools where they cannot understand how data is used or where the vendor terms are inconsistent with professional obligations.

Firms should also classify AI use cases by risk. Low-risk internal productivity tasks may require lighter controls. Higher-risk applications that affect legal advice, client communications, deadlines, regulatory compliance or financial transactions should be subject to formal approval, testing, monitoring and periodic assurance. No agentic AI system should be permitted to bind the firm, submit filings, provide legal advice, transfer funds or communicate externally without appropriate human authorisation.

Training should focus on practical judgement. Lawyers and business services teams need to understand what agentic AI can do, where it can fail, how to verify outputs and when to escalate concerns. Supervision arrangements should be updated so that partners and managers understand their responsibilities when work has been supported by AI. Firms should also ensure that junior lawyers continue to develop core analytical and drafting skills.

Firms should adopt specific controls for chatbots and AI meeting assistants. These should include a clear policy on when such tools are permitted or prohibited, particularly for privileged, confidential, board-level, employment, investigation or regulatory meetings. Participants should be told in advance if AI recording, transcription or summarisation will be used, and consent requirements should be considered. AI meeting tools should be disabled by default for sensitive meetings unless expressly approved. Where use is permitted, firms should define who owns the transcript, who may access it, how long it is retained, whether it is the official record, and whether it must be reviewed before circulation.

Additional safeguards should include approved vendor lists, contractual restrictions on model training, secure storage, deletion rights, audit logs, access controls and guidance on third-party bots invited by clients or counterparties. Meeting organisers should have a process to remove unapproved AI attendees, pause recording when privileged advice is discussed, and ensure any AI-generated notes are clearly marked as draft, reviewed by a human and superseded by approved minutes or agreed attendance notes where appropriate.

Conclusion

Agentic AI is likely to become an important part of legal service delivery. Its value lies not simply in producing faster outputs, but in orchestrating workflows, connecting systems and supporting more efficient decision-making. Yet its autonomy creates a materially different risk profile from traditional AI tools. For law firms, the question is not whether agentic AI should be used, but how it can be used responsibly, transparently and within a clear governance framework.

Firms that adopt agentic AI with strong controls, clear accountability and effective supervision will be better positioned to improve efficiency while protecting clients, satisfying regulators and preserving professional trust. Those that allow unmanaged adoption risk creating systems that are powerful, opaque and difficult to control. In the legal sector, responsible innovation must remain anchored in professional judgement, client confidentiality and human accountability.

Outlook