Start with the number, because the number is the story. A database compiled by researcher Damien Charlotin has now catalogued more than 1,300 cases globally in which a court or tribunal has commented on AI-generated hallucinations in legal filings. A year ago, that figure was 200. New documented cases are now arriving at five to six per day. On one recent day, 10 cases from 10 different courts.
This is not a handful of careless practitioners. It is a structural failure unfolding in real time, and it has reached the top of the profession on both sides of the Atlantic. The recent UK and US incidents share an uncomfortable anatomy: AI-assisted work product reaching court without verification, senior sign-off processes that did not know what they were signing off and initial responses that compounded rather than contained the damage.
The cover-up beats the crime
The sharpest lesson from recent cases is an old one in crisis management: how you respond determines the outcome more than the original failure. An isolated hallucination incident is unlikely, in itself, to carry the requisite seriousness for SRA enforcement. What changes that calculus sharply is what comes next.
In the most prominent UK example, the court indicated that an immediate, candid admission and proper apology might have produced a different result. Instead, a second AI-assisted letter attempting to explain the first deepened the breach. US disciplinary analysis points the same way: misrepresentation to a court converts an AI error into a candour violation, which is a categorically more serious offence. A firm that is exposed by a court judgment and then seeks to minimise the error faces a materially different regulatory outcome. Honesty and integrity are not optional extras in that moment – they are the difference between a contained failure and an aggravated one.
For firms, this collapses the traditional distinction between a regulatory problem and a reputational one. The judgment that triggers the regulator’s interest is the same document that makes the front page of the legal press. There is no longer a quiet way to fail.
The regulatory ground is moving faster than firms realise
It would be a mistake to read the SRA’s posture as passive. The regulator has substantially rewritten its supervision guidance, expanding it from nine pages to 24, and now explicitly states that whilst firms may use AI tools to support their work, an authorised individual must remain accountable for the process and the work produced. Its chief executive has told MPs that the onus is on solicitors and firms to use professional judgement and have proportionate processes in place.
The duties engaged by AI-assisted work – competence, proper supervision and candour to the court – are foundational obligations, not novel ones. No new regulatory framework is needed for enforcement; the existing one fits. What the recent incidents demonstrate is how those duties fail in practice: not through bad intent, but through governance that exists on paper and evaporates under deadline pressure.
When the SRA investigates, its primary focus in systemic failures tends to fall on those with supervisory responsibility – the partner who approved the document, the senior associate who reviewed the draft, the COLP (compliance officer for legal practice) accountable for the firm’s systems. Junior lawyers are not invisible to the regulator, but the adequacy of the training and supervision they received will bear directly on their individual culpability.
That, however, cuts both ways. The question firms should be asking now is not only how they would defend a junior’s conduct, but whether, when an incident occurs, they will stand behind that junior or use them as the explanation. Firms that are seen to have handed AI tools to undertrained associates, applied deadline pressure and then pointed downward when things went wrong are likely to find that approach increases rather than reduces their own exposure.
When a complaint lands on the SRA’s desk, the question will not just be whether the firm had a policy. It will be whether the firm can evidence that the policy operated: supervision records, verification steps, a clear account of who knew what was AI-assisted and when. Firms that cannot produce that evidence are defending two fronts at once – the regulatory case and the public narrative.
Why this keeps happening
Three structural factors make further incidents close to inevitable.
First, the technology is persuasive precisely when it is wrong. Hallucinated authorities arrive fluent, confident and correctly formatted. Generative AI produces convincing fictions dressed in perfect citation format faster than the profession has built verification infrastructure to catch them.
Second, juniors carry the exposure. They are the most likely to be handed AI tools, the most exposed to turnaround pressure and the least equipped to spot a plausible-but-fabricated authority. That is a system design problem, and responsibility for system design sits with leadership – a point the courts are increasingly making by criticising supervising lawyers by name.
Third, the efficiency dividend is being spent in the wrong place. If AI compresses a four-hour task into 40 minutes, well-governed firms reinvest some of that saving in verification. Pressured firms absorb it as throughput. Commercial gravity pulls toward the latter, and the sanctions data shows where that leads.
What separates the survivors
The firms that emerge from this period with reputations intact will not be those that avoided incidents through luck. They will be the ones that can evidence three things: that senior lawyers knew when AI had touched the work they approved; that verification was a documented step, not an assumption; and that clients were told, proactively, how AI was being used on their matters.
That last point is coming whether firms choose it or not. The direction of travel in courts, among regulators and increasingly among sophisticated clients, is toward disclosure. Firms that get there voluntarily will look principled. Firms that get there under compulsion will look like they had something to hide.
AI governance has quietly stopped being an internal risk-management exercise and become a client-facing commitment, tested in public, in court and in the regulator’s caseload – often all at once. The 1,300 cases already on the record suggest the testing has begun. The question is no longer whether your firm will face scrutiny. It is whether, when that moment arrives, you will be the firm that handled it well.
Michael Evans is co-managing director at Byfield Consultancy and Julie Norris is a partner at Kingsley Napley.
Email your news and story ideas to: [email protected]
