AI agents are arriving in financial services legal teams. The question is no longer whether to adopt them, but how to do it in a way that holds up under commercial, legal and regulatory scrutiny. In highly regulated industries, accountability cannot be automated. A sound legal services operating model must come before any AI deployment.

This article covers:

  • Why your operating model, not the technology, determines whether AI delivers real value
  • How to structure a defensible rollout
  • What the regulatory landscape requires of firms deploying AI in legal workflows
  • Why the right partnerships are critical to achieving sustainable, measurable outcomes

Cognia Law and Wordsmith provide that partnership: legal engineering and operational delivery paired with a world-class AI platform, creating a complete pathway from strategy to business impact.

Justin Ridl,
General Counsel, Cognia Law

Mei-Lin Robertson,
Director of Legal Engineering, Wordsmith

In-house legal teams are under increasing pressure to deliver more value, faster at a lower cost. Transformed in-house teams leverage AI and automation to enable business to close deals faster and serve their clients better. However, in highly regulated industries, like financial services, the question is always, do it more efficiently, BUT, who is accountable when something goes wrong.

AI agents are arriving in financial services legal teams whether their teams are ready or not. The question is not whether to adopt them; it’s how to do it in a way that holds up under commercial, legal and regulatory scrutiny. In highly regulated industries, legal teams can’t simply switch on, license, or adopt an AI tool and hope for the best. They have to be able to define their processes, stipulate the data and MI they require, and defend what the agent is allowed to do, what it actually does, who reviews it and why the result is acceptable.

The financial services sector is well aware of what happens when automated processes run without effective controls. More often than not the technology is not the problem, the legal services operating model is. If you let the technology run the entire end to end process without human oversight it can lead to materially detrimental consequences for your organisation.

You can’t AI your way out of a poor operating model

The tools or technology is not the problem. The question isn’t whether AI can do more legal work, it can. Specialised tools built for legal work, like Wordsmith, can determine what gets logged, constrained, reused and reviewed. But you can’t AI your way out of a poor operating model.

Expertise is required to architect how an organisation uses AI in the first place. Someone has to decide which processes get automated, who supervises the outputs, how the team restructures, what the escalation logic looks like and how the operating model compounds over time to provide sustainable change with measurable outcomes.

A defensible rollout follows a familiar path, you’ll need to:

  • Review your processes – which can AI handle, based on your risk appetite and regulatory environment;
  • Develop your AI-assisted process design, escalation logic, quality controls, and a named human accountable for the output;
  • Get your basics right – review knowledge assets for AI readiness (templates and playbooks); and
  • Prepare your people – build a change management programme around AI adoption.

One major global bank came to Cognia with 350-plus pages of fragmented NDA guidance that no AI tool could meaningfully work with. Before any automation was deployed, Cognia collapsed that into a single playbook of under 50-pages, codifying risk positions, decision logic and escalation points. Only then did AI touch the workflow.

Partnerships are golden

To build an operating model that improves over time and results in sustainable change with measurable outcomes, the right partnerships make the difference.

You need a team of legal engineers who have the ability to translate legal requirements into scalable, tech-enabled systems workflows and automations, working with a specialised platform provider, who can support your organisation through this process is the golden triangle. By holding design and delivery together this partnership can evolve your legal services operating model, build it, run it and be accountable for what it produces. This partnership will ensure that your organisation can fully realise the value of your AI investment, through design, delivery and ongoing operations that are built to work together.

Wordsmith provides a world-class legal AI-technology platform, while Cognia delivers legal engineering, managed legal services and operational delivery. This creates a complete pathway from strategy through to measurable business impact, for an AI agent to become something a regulated team can stand behind, not a risk it has quietly taken on.

Handled as a change programme, the gains are real. Bought as software and switched on, they rarely arrive.

"Speed and unpredictability are defining market conditions, especially in highly regulated industries. Legal must move at the speed of business. The legal services operating model must evolve to embed AI and automation, where it’s best leveraged, to transform the legal function to not just cut costs but close deals faster and serve clients better."

Justin Ridl, General Counsel, Cognia Law

The proof is in delivery

Your organisation’s obligations to its regulator are not transferred by using third-party AI. This is why it’s imperative to work with people who understand your industry sector and risk and regulatory context.

The FCA has said firms deploying AI remain responsible for following its rules. The regimes differ. The EU AI Act sets specific obligations for high-risk systems, from logging and documentation to human oversight, and not every legal AI agent falls into that category. The Consumer Duty bites hardest where retail customer outcomes are affected.

But the direction of travel is consistent: firms must show control over the systems they deploy.

But legal remains a good place to start

Legal is a good place to start, and not only because the workflows repeat. Legal provides ideal conditions for AI agents to be governed because of these strict parameters: bounded tasks, known standards, existing review rights, clear escalation paths and documented outputs.

Below are three types of work that AI agents can support legal teams with. These are ranked from easiest/lowest risk to hardest/highest value:

  • Research agents – AI that looks things up and summarises findings. The key rule is that every answer must show its sources. This allows the lawyer (human-in-the-loop) to trace back exactly where the conclusion came from. This is low risk because the AI is merely gathering information and not making decisions.
  • Horizon-scanning agents – AI that keeps watch on the regulatory landscape and raises an alert when something changes that your organisation needs to pay attention to. Think of it as a permanent monitoring system that never sleeps. The governance challenge here is deciding what gets flagged and to whom. You don’t want AI crying wolf, but you also don’t want to miss something important.
  • Contract-remediation agents – AI that actually goes into contracts and suggests or makes changes to bring them into compliance. This is where the real money is, but also where the biggest risk is.

You need a detailed record of every change made at clause level, and a qualified lawyer must sign off before anything is finalised.

DORA illustrates exactly why contract-remediation agents matter. This new EU regulation that entered into application in January 2025 governing how financial firms manage their relationships with technology suppliers. Firms have to review and potentially renegotiate huge volumes of contracts to comply, which is exactly the kind of high-volume, high-stakes contract work where this type of AI agent would earn its keep.

The underlying message here is essentially: start with research agents to build confidence and work your way up to contract remediation as trust and governance mature.

Treated as governed legal infrastructure, not productivity software, agents are defensible.

Always remember: You can’t AI your way out of a bad legal services operating model.

If you found this interesting and would like to find out how we can collaborate with you, contact us here