Governed before it runs, not just checked after.
Every other tool governs the output. LegalAI Space governs the decision to proceed. Conflict, jurisdiction and PII are cleared before any work begins. Every citation is re-fetched and checked against the source. Every output is a draft for a qualified lawyer, never advice that ships on its own. The whole run is written to a signed record you can hand to the SRA. This is the layer that lets your firm actually use the agents. It is built into the product, not a separate tool you bolt on.
Before the work
Conflict, jurisdiction and PII guardrails clear the matter
The work
The agent runs against a written, approved plan
After the work
Citations re-fetched, output checked rule by rule
The record
A signed, reproducible audit entry for the whole run
The guardrails
Two protocols. One before the work, one after.
Governance is not a setting a fee earner can switch off. Named guardrails run automatically on every agent. One protocol clears the matter before any work begins; the other checks the output before a lawyer ever sees it. Nothing skips them.
19 named protocols and gates ship with the platform, 6 of them deterministic Layer-3 gates enforced in code, not by a model. Each agent implements them through its own protocol stack. Nothing skips them.
Pre-run protocolsCleared before anything happens
These sit in front of the agent, not behind it. They decide whether the work should run at all, and on what.
Conflict Check
Screens the matter against connected CRM and practice-management data before a single keystroke of work. A conflicted matter never starts.
Jurisdiction Gatekeeper
Blocks work that mixes jurisdictions the matter is not configured for. A Scottish authority cannot reach an English matter.
PII Redaction
Detects and redacts personal data from agent inputs before processing — confidentiality enforced at the door, not audited after.
Planning Protocol
Writes a step-by-step plan before execution — jurisdictions, authorities, privilege concerns — and holds it for approval. The run is deliberate, not improvised.
In-run & post-run protocolsChecked before a lawyer sees it
These sit between the agent and the fee earner. The output is verified and scored before it is shown.
Legal Citation Verifier
Independently re-fetches and verifies every citation against the primary source: format, existence, current status. We do not trust the model's recall — we re-check its homework.
Regulatory Compliance Check
Evaluates the output against the SRA Code, FCA rules, ICO guidance and the EU AI Act — rule by rule, with a severity on every finding.
Output gate — draft, never advice
Every output is marked a draft for a qualified lawyer. Send-gated agents (pre-action, cease-and-desist, DSAR) never deliver on their own. A person sends them.
The guardrails named above are not the whole set. 19 protocols and gates ship in the catalogue. The rest run on the same automatic basis, none of them optional.

The AI does the legal work
The first agent does the task — research, contract review, due diligence, drafting, or compliance monitoring. The same power you expect from any AI tool, but governed from the first keystroke.
- Legal research across multiple sources
- Contract analysis with clause extraction
- Due diligence document review
- Drafting from templates that fit the jurisdiction
- Compliance monitoring across your regulators
Query
What are the landlord's obligations under a commercial lease when the tenant requests consent to assign?
Statutory Framework
3 sourcesLandlord and Tenant Act 1927, s.19(1)(a) implies that consent shall not be unreasonably withheld...
Case Law Analysis
4 authoritiesInternational Drilling Fluids Ltd v Louisville Investments (Uxbridge) Ltd [1986] established that...
Approval gates
A draft is where the agent stops.
LegalAI Space does not give advice. It produces drafts. A qualified lawyer reviews, edits and signs off every output before it does anything in the real world. The platform makes that review the default, not a courtesy.
Every output is a draft
The Privacy agent drafts for the DPO. The Employment agent drafts for a qualified employment lawyer. The Litigation agent drafts for a litigator. The named owner reviews before anything is sent.
Send-gated by design
Pre-action demands, cease-and-desist letters, takedowns and DSAR responses are held behind an explicit human approval. The agent prepares them. A person sends them.
The reviewer is captured
Who reviewed, what they changed and when is recorded in the audit entry alongside the work itself. The human step is part of the evidence, not separate from it.
Proposed plan
- 1Confirm matter jurisdiction: England & Wales
- 2Research consent-to-assign obligations in commercial leases
- 3Re-fetch & verify every authority cited
- 4Check output against SRA Code, rule by rule
The agent does not run until a person approves the plan.
Every citation, re-fetched and verified.
The agent that does the work does not vouch for its own sources. A separate check looks up every citation in the real databases and confirms it. Invented cases, repealed statutes and wrong-jurisdiction references are caught before a lawyer reads them.
- Every case is confirmed against BAILII: court, neutral citation, parties, date and current treatment.
- Every statute is confirmed on legislation.gov.uk: amendments, commencement, repeal status and territorial extent.
- EU authorities are confirmed against EUR-Lex.
- Each authority carries a treatment signal, so overruled or distinguished law is flagged, not quietly cited.
- Every verified result links back to its source and is written into the audit record.

A real run. Two quotes didn't match the source word-for-word — so the platform flagged them for a human instead of letting them through. That honesty is the feature.
Inside a real run
Every authority, verified
A real agent run, governed start to finish: the guardrails clear the matter, every authority is confirmed against the real source, and a made-up case is caught before it reaches the lawyer.


“How this was produced” — the EU AI Act Art. 13 transparency record, written in plain English as the run happens, with a technical-detail view one toggle away.
What governance changes
Governed, the made-up case never reaches the lawyer.
Toggle to compare. Raw AI lets fabricated cases and outdated statutes slip through. With LegalAI Space, every authority is verified, bad ones are caught, and a signed audit record proves it happened.
AI Research Output — Professional Negligence
Every source checkedHedley Byrne & Co Ltd v Heller & Partners Ltd [1964] AC 465
Verified on BAILII — binding authority, still good law
Henderson & Partners v Stuart & Webb [2019] EWHC 1847 (Ch)
Caught — no match on BAILII, so it never reaches the memo
Limitation Act 1980, s.2 — 6 year limitation period
Verified on legislation.gov.uk — current and in force
SRA Code of Conduct rule 3.3 — Competence
Compliance check passed — competence obligation met
Mapped to the rules you are measured against.
The Regulatory Compliance Check does not apply a generic policy. It evaluates each output against the specific SRA rules a firm answers to, and it judges a litigation matter differently from a corporate deal.
Rule 2.1
Not misleading the court or others
Flags unverifiable assertions and unsupported authority before an output is relied on.
Rule 2.2
Not abusing process
Holds adversarial outputs (pre-action, demands) behind a human gate.
Rule 2.5
Drawing the court's attention to relevant law
Surfaces adverse and current authority, with treatment signals, not only supportive cases.
Rule 3.3
Competent, up-to-date service
Re-fetches live law on every run, so outputs rest on current sources, not stale ones.
Principle 7
Acting in the client's best interests
Keeps every output a reviewable draft for the responsible lawyer, never an unchecked answer.
EU AI Act
Built for the duties that fall on high-risk AI.
Regulation (EU) 2024/1689 places real obligations on AI used in legal work, with high-risk obligations for legal AI applying from 2 December 2027 under the Digital Omnibus adopted in June 2026. LegalAI Space is built to meet them where they apply, for firms with EU clients.
High-risk classification
AI used in the administration of justice is treated as high-risk. We build to that standard rather than assuming we sit outside it.
Transparency
Every run is traceable: the sources used, the checks applied and the result are recorded and reproducible.
Human oversight
Output is a draft for a qualified person. The human approval gate is the design, not an add-on. That is what Art. 14 asks for.
Penalties
Non-compliance carries penalties up to €15M or 3% of global turnover for high-risk AI, and up to €35M or 7% for prohibited practices. The controls are built in for exactly this reason.
Tamper-proof, signed, and reproducible.
Every run leaves a signed record of what was asked, which sources were touched, what each guardrail found, who reviewed it and what they changed. Re-run it and you get the same evidence. It is the artefact a COLP hands to an inspector — written as the work happens, not assembled the night before.
The plan written and approved before the run
Conflict, jurisdiction and PII gates passed
Every citation re-fetched against the source
The named lawyer's edits and sign-off captured
Sealed with an integrity hash, ready to export
The record exports as ready-made evidence packs — one click from the COLP's view:
For your compliance officer, your insurer, your clients, and an EU AI Act inspection — generated from the same signed chain, never assembled by hand.
Provenance
Every source carries its receipt.
Authorities are not recalled from a model's memory. They are fetched live through OpenLaw, and each one arrives with its primary-source URL, a content hash, and a treatment signal — so you can see it is good law, and prove where it came from.
Source provenance
Every fetch through OpenLaw is stamped with where it came from and what it contained — no sign-in, no copied content, just the primary source and a hash that proves it has not changed.
- Source URL
- bailii.org/ew/cases/EWCA/Civ/2014/...
- Content hash
- sha256:9f2c…a14e
- Fetched at
- 2026-04-01T09:14:47Z
Case treatment — good-law check
A citation that exists is not enough. Each authority carries a treatment signal, so overruled or distinguished law is flagged before it is relied on.
- FHR European Ventures [ 2014 ] UKSC 45Good law
- Regal (Hastings) v Gulliver [ 1942 ] UKHL 1Followed
- Henderson v Stuart [ 2019 ] EWHC 1847Not found — flagged

The COLP's view
Every AI-assisted matter, in one place.
The dashboard is the COLP's daily view: each matter, its verification status, its compliance score and anything flagged. When an SRA inspection comes, the audit-ready report is already written.


Every governed run can issue a numbered certificate — reviewed by a named partner, issued with a timestamp, exportable for inspection in one click.
Three kinds of trust
Security-grade is not governance-grade.
Most legal AI sells one of two kinds of trust. Both are necessary. Neither is the one a regulator signs off.
Vault-and-certificate trust
SOC 2, ISO 27001, GDPR, SSO. It proves the data is locked away. It says nothing about whether the work was allowed to happen.
Provenance-of-answer trust
A citation ledger inside one provider's own content. Better than nothing — but it grades the answer, not the conduct, and not against your regulator's rules.
LegalAI Space
Guardrails that run before the work, citations re-fetched against the primary source, and a signed record mapped to the SRA Code and the EU AI Act. The kind a regulator, a COLP and a supervising partner can all stand behind.
Live for the SRA. Built to extend.
UK SRA rule sets
The full SRA Standards and Regulations applied automatically. Deep links to UK legal databases. Our launch jurisdiction, live with pilot firms.
EU AI Act conformity assessment
A conformity-assessment module for firms serving EU clients, aligned to the high-risk obligations that apply from 2 December 2027 under the Digital Omnibus adopted in June 2026.
Further common-law jurisdictions
Extending to common-law jurisdictions with comparable regulatory structures, one rule set at a time.
Custom rule sets per firm
Bespoke rule sets for your own policies, insurer requirements, and sector-specific regulations.
Governance, before the regulator asks for it.
See how every agent runs inside the SRA and EU AI Act controls, and how the signed record proves it.
- 01
LegalAI Space is a technology platform. We are not a law firm and do not provide legal advice. Our governance layer assists with compliance monitoring but does not replace qualified legal counsel.
- 02
References to the SRA Standards and Regulations and the EU AI Act (Regulation (EU) 2024/1689) are for informational purposes. EU AI Act penalties are tiered: up to €15M or 3% of turnover for high-risk AI non-compliance (Art. 99(4)); up to €35M or 7% for prohibited practices (Art. 99(3)).
- 03
Product features described on this page — including verification databases, compliance rule engines, audit records, and integrations — represent planned or in-development capabilities. Final functionality may vary.
- 04
References to third-party systems (iManage, NetDocuments, OpenLaw) are for illustrative purposes. LegalAI Space is not affiliated with these providers. Integration availability may vary.