A Risk-Based Approach to AI for Law Firms

Artificial Intelligence (AI) technologies are increasingly being adopted in enterprise settings. They span different areas of practice and applications, evolving from older technologies like eDiscovery and contract analytics to more advanced applications.

AI is one of the more interesting technologies due to its unique adoption curve. Unlike traditional technologies that are typically deployed top-down, AI is characterized by a significant bottom-up surge of adoption. This is because AI has gained significant mindshare from consumers, who as employees are keen to bring it into their enterprises – a phenomenon which has been recently coined as “Shadow AI” (similar Shadow IT). According to a recent survey by Deloitte, over 60% of surveyed employees confirmed they used AI-enabled tooling at work. In another survey administered by Microsoft & LinkedIn 78% of respondents admitted to keeping quiet about using AI tools at work, primarily out of the fear their employers would not approve said usage.

In an industry that can skew risk-averse, law firms may feel uncertain in their AI adoption strategy. Law firm leaders can readily see the many benefits of AI tools, from increasing operational efficiencies to freeing up associates’ time, but are unsure how deep to dive in.

A helpful mental model for thinking about AI adoption is based on risks or stakes. It suggests thinking about AI applications on a continuum or spectrum, from low-stakes, less controversial applications with easily justifiable ROI, to high-stakes applications that are more controversial and require careful consideration.

Low-Stakes Scenarios

Low-stakes scenarios involve simpler applications that can be easily adopted. Examples include AI-based assistants like Microsoft’s Copilot or Google’s Gemini. These virtual assistants can perform tasks like summarizing extensive documents or generating more text from a smaller amount of text1.

Another low-stakes application is the use of API tooling for back-office automation, such as reading invoices faster using computer vision models or analyzing lengthy contracts for key clauses.

Mid-Level Stakes

Mid-level stakes involve applications that have already been deployed by larger peers with deeper pockets. Examples include eDiscovery tools like Relativity, which has a reliable, proven track record. However, these tools often require upfront investment in staff time to customize them for every given litigation or matter.

High-Stakes Applications

High-stakes applications involve newer generative AI-inspired or enabled technologies. These applications have known technological limitations. For instance, Generative AI models like GPT-3 always produce an answer, whether it’s correct or not. This can lead to “hallucinations,” where the model generates something that looks plausible but is not grounded in any fact.

To mitigate these risks, the content used in these applications should be thoroughly reviewed and curated. The generated answers should also be reviewed by both the system and a human. Some of the systems, like Google Gemini, have a feature which automatically checks facts in text generated with AI against its search index and highlighting possible factual errors.


Understanding the limitations of AI tools and knowing how they operate is crucial. However, selecting an AI tool requires careful consideration and understanding of its limitations. One of the simplest first steps an enterprise may take on the AI journey is to provide its employees with approved options in the form of Microsoft Copilot, OpenAI Enterprise, or Gemini for Google Workplace, and to kick start ideation work around applying these tools to internal processes.

Ultimately, the successful integration of AI will depend on a firm’s ability to balance the potential of AI with the practicalities of its implementation.

  1. This piece is classified as AI-E: AI was used in summarizing otherwise human-created content. The transcription of Val Orekhov’s presentation at Withum’s Spring 2024 Law Firm Leadership Roundtable was fed into Microsoft Copilot, which summarized and organized his thought leadership into this article. It was subsequently reviewed, edited and approved by Val before release. This is an example of low-stakes enterprise AI use. ↩︎

Contact Us

For more information on this topic, please contact a member of Withum’s Law Firms Services Team.