What AI policy, audit log and verification rules should chambers set before barristers use AI in client work?

Why chambers need AI rules before barristers use tools on client work

Chambers should not treat AI use as an informal productivity choice. The Bar Standards Board guidance, valid from 18 May 2026, frames AI adoption as a competence, practice management, confidentiality and record keeping issue. That means barristers and chambers need a practical policy before client material goes near an AI system.

The policy does not need to be long. It does need to be specific enough that a barrister, clerk, pupil supervisor or chambers manager can tell which tools are approved, which data is prohibited, what records must be kept and who checks the work before it is used.

The safest approach is a short policy, mandatory records and independent verification

Before barristers use AI in client work, chambers should set three non-negotiables: an AI use policy, an audit log for material uses and a verification rule that prevents unverified AI output being relied on in advice, pleadings, research notes or correspondence.

The BSB guidance points to confidentiality, personal data, practice management, competent procurement and proper records. In practice, that means every AI-enabled workflow should be able to answer: what tool was used, what category of information was entered, what output was produced, who checked it and what final professional judgement was applied.

Review AI risks in your professional services workflow

What the chambers AI policy should cover

A useful policy should be written around real work, not abstract technology. Start with approved and prohibited uses.

• Approved tools: name the AI tools or embedded features that may be used, including any approved settings for retention, training, privacy and access control.
• Prohibited data: state when client names, privileged material, special category data, witness information, unpublished advice or case strategy must not be entered.
• Permitted use cases: separate low-risk tasks such as first-pass summarisation of non-confidential public material from higher-risk work such as legal research, drafting, evidence analysis or client communications.
• Human responsibility: make clear that AI output is never the final professional judgement. The barrister remains responsible for accuracy, independence, confidentiality and duty to the court.
• Escalation: set a route for questions about unusual tools, client objections, suspected data exposure, hallucinated authorities or conflicts with court directions.

What the audit log should record

The audit log should be light enough to use and detailed enough to reconstruct the decision. A spreadsheet, matter management field or secure form can work if it is consistently used.

• matter or work reference, without unnecessary client-identifying detail in the log itself;
• date, user and tool used;
• purpose of use, such as research support, drafting support, chronology review or administrative summary;
• data category entered, such as public law, anonymised facts, confidential client facts or personal data;
• whether any prompt or output history is retained, and where;
• verification steps completed;
• final reviewer or responsible barrister;
• incidents, anomalies, hallucinated cases or corrections.

For sensitive client work, the log should show that confidentiality and data protection were considered before use, not after a problem appeared. The BSB guidance also points to proper records, which may include AI audit logs and prompt histories, so chambers should decide in advance what will be retained and for how long.

Verification rules for barristers using AI

The verification rule should be simple: no AI output is relied on until it has been checked against independent sources. This matters most where AI touches law, facts, authorities, quotations, chronology, calculations, evidence or client advice.

• Legal propositions: check against primary sources, current legislation, authoritative guidance or trusted legal databases.
• Cases and citations: verify that every authority exists, says what the output claims and remains good law.
• Facts: trace claims back to client documents, witness evidence, disclosed material or agreed instructions.
• Bias and protected characteristics: review whether prompts or outputs could introduce discriminatory assumptions.
• Client-ready drafting: review tone, privilege, confidentiality, accuracy and strategic judgement before anything leaves chambers.

A good test is whether the barrister could explain the check to a supervisor, client, regulator or court. If the answer is no, the output is not ready.

How chambers should manage governance and training

Policy only works if people know how to use it. Chambers should nominate an owner for AI governance, maintain an approved tools list, review settings after vendor changes and build short training into CPD or internal practice management sessions.

Training should cover confidentiality, prompt hygiene, verification, bias, record keeping and when to avoid AI altogether. It should also cover the ordinary reality of AI tools: they can sound confident while being wrong, incomplete or unsuitable for a legal context.

Set up practical AI governance for your firm or chambers

A practical starting checklist

• List the AI tools already being used in chambers, including embedded features in research, document, email and practice management systems.
• Classify use cases by risk: admin, public research, anonymised drafting support, confidential client work and court-facing work.
• Decide which tools are approved, restricted or banned.
• Set default privacy, retention and training settings for each approved tool.
• Create a one-page AI use log for material client work.
• Write verification rules for law, facts, citations, calculations and client communications.
• Define an incident route for accidental disclosure, wrong authorities or unsafe outputs.
• Review the policy every quarter or after major vendor, regulatory or court guidance changes.

Conclusion

Chambers do not need to ban AI to manage risk. They need to make AI use visible, bounded and reviewable. The right policy tells barristers what is allowed. The audit log creates accountability. The verification rule protects clients, the court and the barrister's own professional judgement.

Build an AI policy and audit trail that your team can actually use