Full profile
On July 4, 2026, law firms have 29 days before the EU AI Act’s August 2, 2026 deadline for high-risk AI systems listed in Annex III. The pending AI Omnibus may still change that timetable, but as of today it has not been formally enacted. For EU AI Act legal services compliance, August 2 remains the operative date, not a planning hypothetical.

The deadline matters because the Act’s phased application brings high-risk Annex III obligations into force on August 2, 2026, while the AI literacy obligation under Article 4 has applied since February 2, 2025.[1] The penalty ceiling is not cosmetic: prohibited-practice violations can reach up to €35 million or 7% of global annual turnover, high-risk non-compliance can reach up to €15 million or 3%, and supplying incorrect information can reach up to €7.5 million or 1.5%.[2] Actual fines will depend on national implementation and enforcement discretion, but those ceilings are enough to make a vague “we have an AI policy” answer inadequate.
The practical work is not to debate the entire AI Act from first principles. For that broader framework, including the deployer/provider distinction and extended timelines, firms can use this general law-firm compliance guide. The urgent job now is narrower: identify the AI systems actually in use, classify them with enough care to survive later review, and build the evidence trail around the systems that may fall into the high-risk category.
The 8-Step Compliance Cascade
A managing partner does not need a 90-page memo before assigning work. The August 2 package can be compressed into eight linked tasks:
| Step | Work product | Owner to name |
|---|---|---|
| 1. Inventory every AI system | Firmwide AI register covering practice, business services, litigation support, HR, and client-facing tools | Compliance, legal ops, IT, practice group leads |
| 2. Classify risk | Documented risk assessment for each system under the AI Act framework and Annex III | Compliance counsel with practice-area reviewer |
| 3. Audit prohibited practices | Article 5 screen for banned uses and escalation notes | Risk or general counsel |
| 4. Compile technical documentation | Provider documentation, internal use case notes, instructions, model/tool records, and Annex IV file where applicable | Vendor management and system owner |
| 5. Align GDPR DPIAs | DPIA decision record and GDPR Article 35 DPIA where required | Privacy counsel or DPO |
| 6. Assign human oversight | Named competent reviewers with authority to intervene, override, or stop use | Practice group leadership |
| 7. Deliver AI literacy training | Training record for staff using or supervising AI systems | Learning, compliance, and HR |
| 8. Monitor and report | Log-retention process, incident triage, and serious-incident reporting path | Compliance, IT security, system owner |

The order matters. A firm cannot classify what it has not found. It cannot assign meaningful human oversight to an unnamed workflow. It cannot prove literacy training covered the relevant users if no one knows which teams are using which tools.
Step 1: Build the Inventory Before You Argue About Risk
The first failure point is usually not a legal interpretation. It is the inventory. “We use AI” may mean a document review platform in litigation, a drafting assistant inside a word processor, a legal research LLM, a contract analysis tool in corporate, a client intake chatbot, an e-discovery analytics feature, a marketing automation tool, or an HR screening system. In some firms, it also means a personal account used by a senior associate because the sanctioned tool was too slow.
The register should not be limited to tools branded as artificial intelligence. It should ask what the system does: generates text, ranks candidates, extracts clauses, predicts relevance, summarizes evidence, translates witness material, recommends next steps, flags privilege, scores risk, or routes a client query. Procurement records are a starting point, not an inventory. Litigation support vendors, alternative legal service providers, knowledge management teams, HR, finance, marketing, and individual practice groups all need to be checked.
At minimum, each entry should capture the tool name, provider, business owner, user group, purpose, jurisdictional touchpoints, data categories processed, whether personal data is involved, whether the system is client-facing, whether outputs are reviewed by a lawyer, whether the tool is used in court, tribunal, arbitration, or ADR-related work, and whether the firm is using it as a customer, modifying it, or supplying it to others.
- Ask practice groups for tools used in live matters, not just tools bought centrally.
- Ask litigation support which AI features are turned on inside review platforms.
- Ask knowledge teams which research or drafting tools have pilot users.
- Ask HR and recruiting whether any screening, ranking, or assessment AI is used.
- Ask vendor management for embedded AI clauses, subprocessors, and product-change notices.
The most useful inventory is not pretty. It is complete enough that a compliance officer can point to a specific tool and say: this is the use case, this is the owner, this is the data, this is the preliminary risk tier, and this is the evidence we have.
Step 2: Classify the Use Case, Not the Marketing Category
Risk classification is where law firms are most likely to overstate certainty. The EU AI Act uses a risk-based structure, and Annex III includes high-risk categories. Point 8(a) covers AI systems intended to be used by a judicial authority or on its behalf to assist in researching and interpreting facts and the law and in applying the law to a concrete set of facts, or to be used in a similar way in alternative dispute resolution.[3]

That wording does not make every legal drafting tool high-risk. It also does not let a firm wave away every legal AI system as merely internal productivity software. Context is doing the work. A contract drafting assistant used by a corporate associate under lawyer review is not the same as a system used by or on behalf of a court or ADR body to assist in applying law to facts. A litigation research tool used internally to prepare submissions is not automatically the same as a tool used in an adjudicative function. But when a firm’s AI use moves closer to court, tribunal, or ADR decision support, the Annex III analysis becomes more serious.
External commentary reaches the same practical point: legal AI tools used for contract analysis and document drafting may sit in limited-risk territory, particularly where transparency obligations apply, while legal AI used in adjudicative contexts can trigger high-risk treatment.[4][5] The Cambridge European Journal of Risk Regulation has also warned that the Act’s approach to AI in law and rule-making leaves hard questions around legal and adjudicative uses rather than eliminating them.[6]
The classification file should therefore show the reasoning, not just the conclusion. For each system, record the intended purpose, actual use, user population, whether the firm is acting as deployer or has provider-like responsibilities, whether the system is used by or on behalf of a judicial or ADR body, whether personal data is processed, whether the system influences rights or access to services, and whether human review is real or nominal.
For deeper use-case mapping, firms can maintain a separate working analysis against legal AI risk classification categories. The August 2 file does not need to resolve every academic boundary. It does need to show that the firm did not default to “minimal risk” because the vendor called the tool a productivity assistant.
A workable classification record
| Question | Why it matters |
|---|---|
| What is the system’s intended purpose? | The Act’s obligations attach to intended use as well as actual deployment. |
| Who uses it and in what matter type? | A generic tool may carry different risk when used in litigation, ADR, HR, or client intake. |
| Is it used by or on behalf of a judicial or ADR body? | This is central to the Annex III point 8(a) analysis. |
| Does it process personal data or special category data? | This determines whether GDPR DPIA and Article 9 issues need to be addressed. |
| Can a human reviewer override the output? | High-risk deployer obligations require competent human oversight, not decorative review. |
| What evidence supports the classification? | Provider instructions, use policies, workflow screenshots, logs, and approval records matter later. |
Step 3: Screen for Prohibited Practices
The prohibited-practices audit is a separate gate. It should not be buried inside a general risk memo. Article 5 bans certain uses outright, and violations carry the highest penalty ceiling under the Act.[2] For many law firms, the most likely immediate work is confirming that no firm tool is being used for banned manipulative, exploitative, or impermissible biometric or social-scoring purposes. That conclusion should be documented.
This screen is especially important outside the legal practice groups. HR, recruiting, office security, marketing, and client intake can create AI Act exposure even when the partnership’s attention is fixed on brief drafting and document review. If the firm uses AI to screen candidates, rank applicants, infer traits, segment people, or route individuals into different treatment categories, the Article 5 and Annex III review should be explicit rather than assumed.
Steps 4 and 5: Build the Proof File and Reconcile GDPR
Technical documentation is not just a provider problem. Providers carry core documentation duties, but law firms using off-the-shelf systems are still deployers with operational duties: use systems according to provider instructions, assign human oversight, retain logs where under their control, and report serious incidents where required.[2][7] The deployer file is the bridge between the vendor’s documentation and the firm’s actual use.
For a high-risk or potentially high-risk system, the firm should collect provider instructions for use, conformity or compliance materials made available by the vendor, system descriptions, configuration choices, access controls, training materials, output-review procedures, logs, incident records, data-processing terms, and internal approvals. Annex IV technical documentation is provider-focused, but deployers need enough of the same factual record to show that the system was understood and used within controlled boundaries.
The GDPR work should run in parallel, not after the AI file is finished. High-risk AI systems that process personal data can require data protection impact assessments under GDPR Article 35, and Article 10(5) of the AI Act creates a narrow route for processing special category data for bias detection that still has to be reconciled with GDPR Article 9.[2][7] A firm that treats the AI Act and GDPR as two unrelated exercises will duplicate work and miss conflicts.
The DPIA file should answer practical questions: what personal data enters the system, whether client confidential data is included, whether special category data appears in training, testing, monitoring, or bias assessment, where data is hosted, whether outputs are used to make decisions about individuals, how long logs are retained, who can access them, and what mitigation reduces the risk to affected people.
- Keep one master record linking the AI Act classification, vendor materials, DPIA decision, and human oversight plan.
- Do not accept a vendor’s generic AI policy as proof that the firm’s specific use is compliant.
- Record configuration choices, especially if the firm disables training on client data or limits output types.
- Preserve evidence of legal review for systems used in litigation, ADR, HR, or client-facing workflows.
Step 6: Name the Human Overseer and Give Them Authority
Article 26 deployer obligations are not satisfied by saying “a lawyer reviews the output.” For high-risk systems, deployers must use the system in accordance with instructions, ensure human oversight by people with necessary competence, and monitor operation based on instructions for use.[2][7] The overseer has to be identifiable, trained, and able to intervene.
In a law firm, that means the oversight record should state who reviews outputs, what they are reviewing for, when they must reject or escalate an output, and whether they can stop use of the system in a matter. A senior associate who is under deadline pressure and has no authority to change the workflow is not a strong oversight control. A practice group lead who approves the workflow but never sees the outputs is not enough either.
For document review, oversight may involve sampling, privilege checks, validation against agreed protocols, and escalation when the system behaves unexpectedly. For drafting or research tools, it may involve source verification, legal accuracy review, confidentiality checks, and matter-specific approval before use. For HR screening, it may involve human review before adverse decisions and documented checks for discriminatory effects. The controls should match the consequence of the output.
Step 7: Fix the AI Literacy Gap Now
AI literacy is already late. Article 4 has applied since February 2, 2025, and legal-sector commentary has treated AI literacy as a live professional obligation rather than a future deadline.[1][8] A firm that waits until August 2026 to train users is not preparing early; it is remediating.
The training does not need to turn every lawyer into a machine-learning engineer. It does need to be role-specific. Lawyers using research or drafting tools need to understand hallucination, source verification, confidentiality limits, input hygiene, and the boundary between assistance and legal judgment. Litigation teams need to understand review validation, privilege risks, and tool-specific limits. HR users need to understand screening risk, discrimination controls, and when human review is required. Business services teams need to understand vendor approvals and incident escalation.
Training evidence should include the curriculum, attendance records, affected roles, date completed, tool-specific modules, and the policy version in force at the time. The missing artifact after an incident is rarely a brilliant slide deck. It is the record showing that the person who used the tool had been trained on the exact risk that later became relevant.
Step 8: Monitor, Retain Logs, and Report Serious Incidents
Compliance does not end on August 2. Deployer obligations include log retention where logs are under the deployer’s control, with commentary identifying a retention period of at least six months, and serious-incident reporting obligations also form part of the high-risk operating model.[2][7] Article 73 serious-incident reporting should be built into the same escalation path the firm uses for security, privacy, and professional-responsibility incidents.
Monitoring should not be abstract. The system owner should know which logs exist, who can retrieve them, how long they are kept, which anomalies trigger review, how provider product changes are tracked, and who decides whether a serious incident has occurred. If a vendor changes model behavior, turns on a new AI feature, or changes data handling, the inventory and classification record should be updated.
The incident path should include legal, privacy, security, practice leadership, and vendor management. It should also distinguish client harm, data protection harm, court or tribunal impact, discriminatory effects, and system malfunction. A single mailbox called “AI issues” is not an incident process unless someone has authority to triage, preserve evidence, notify the right people, and stop use.
What the Omnibus and Draft Guidance Do Not Change Today
The May 7, 2026 AI Omnibus political agreement proposes deferring Annex III deadlines, and draft high-risk guidelines were released for consultation with a July 23, 2026 consultation deadline.[9] Both matter. Neither should be treated as a completed extension of the August 2 deadline on July 4, 2026.
The sensible response is to track the Omnibus, label draft guidance as draft, and keep executing the compliance cascade. If the deadline moves, the firm will have a better inventory, cleaner classifications, and a stronger proof file. If it does not move, the firm will not have spent July waiting for a political process to finish.
Cross-border arbitration deserves similar restraint. Territorial scope questions can be difficult where parties, seats, institutions, counsel, and data flows cross borders. The current August 2 action plan should identify arbitration and ADR-related AI uses and preserve the classification reasoning, but it should not pretend that every unresolved territorial scenario has a single answer.
What Must Be Done Today, This Week, and Before August 2
Today
- Appoint a single accountable owner for the August 2 AI Act workstream.
- Freeze new unsanctioned AI pilots unless compliance, privacy, and vendor review approve them.
- Send a mandatory inventory request to practice groups, litigation support, HR, IT, knowledge, marketing, and vendor management.
- Flag any AI use connected to courts, tribunals, ADR bodies, HR screening, client intake, or decisions about individuals.
- Start the AI literacy remediation plan for current AI users.
This week
- Complete the first version of the firmwide AI register.
- Classify each tool as prohibited, high-risk, limited-risk, or lower-risk, with a short written rationale.
- Request provider instructions, technical materials, data-processing terms, and AI Act compliance materials from vendors.
- Open DPIA reviews for systems processing personal data where risk is likely to be high.
- Name human overseers for each high-risk or potentially high-risk system.
Before August 2
- Finalize the classification record for every known AI system.
- Document prohibited-practices screening and escalation decisions.
- Complete the deployer proof file for high-risk and borderline systems.
- Finish role-specific AI literacy training for staff who use, approve, or supervise AI tools.
- Confirm log retention, monitoring, provider-change review, and serious-incident reporting procedures.
Firms that want a deeper enforcement analysis can separate that work from the operational sprint and review AI Act penalty exposure for U.S.-based legal teams. Firms also need to layer professional responsibility duties onto this framework; the overlap with ethics obligations is better handled in a separate AI compliance framework for law firms. Those are important tracks, but they do not replace the August 2 evidence file.
Law firms do not need perfect certainty on every AI Act edge case before August 2. They do need a documented inventory, a reasoned risk classification under Annex III, a prohibited-practices screen, provider and technical materials, GDPR DPIA alignment where required, named human oversight, overdue AI literacy training, and a monitoring process that can be explained later without reconstructing July from inbox fragments.
References
- Implementation Timeline, artificialintelligenceact.eu.
- A Lawyer's Guide to the EU AI Act, Bloomberg Law.
- Annex III, artificialintelligenceact.eu.
- A guide to high-risk AI systems under the EU AI Act, Pinsent Masons.
- AI Act: practical tips for lawyers, Larcier-Intersentia.
- Risks Without Rights? The EU AI Act's Approach to AI in Law and Rule-Making, Cambridge University Press / European Journal of Risk Regulation.
- Understanding the EU's Artificial Intelligence Act: Key Points for Legal and Compliance Professionals, CBIZ.
- How the EU's Artificial Intelligence Act will affect professionals, Thomson Reuters.
- We Still Need to Talk About the EU AI Act, Kluwer Arbitration Blog.
Comments
Join the discussion with an anonymous comment.