Corporate legal departments have been cautious about AI in high-stakes workflows. That caution was rational. The early generation of legal AI tools — document review platforms, contract analysis assistants, legal research tools — required significant human oversight to catch errors, produced outputs with variable reliability, and created professional responsibility questions for the attorneys who relied on them. The standard guidance from legal ethics counsel: AI is a useful starting point, not a final answer. Review everything the AI touches.
That guidance hasn't changed. What has changed is the risk calculus for a specific category of legal work: first-pass provision review in M&A diligence.
Why diligence is different from other legal AI applications
The professional responsibility concern with AI in legal work is primarily about AI generating substantive legal conclusions — an AI that tells you what a contract means, or what the legal consequence of a provision is, or what advice to give a client. Those are judgment tasks that require a lawyer.
First-pass provision review is a different task. It's a categorization and extraction task: find the assignment restriction clauses in these 4,000 documents, tell me what each one says, flag the ones that present obvious risk given the deal structure. That task requires reading comprehension and pattern recognition. It does not require legal judgment in the same way that advising on what to do about a high-risk assignment restriction does.
The distinction matters for the risk calculus. When AI assists with a task that requires legal judgment, the attorney's supervisory obligation is heavy — the AI output may be wrong in ways that only become visible with legal expertise. When AI assists with a document extraction task, the attorney's supervisory obligation is more manageable: review the flagged high-risk findings, spot-check the extraction output against source documents, and apply legal judgment to the structured findings the extraction produced.
That supervisory structure is meaningful. It's not "trust the AI." It's "use the AI to produce structured input that a lawyer can review and act on."
What shifted in the past two years
Two things changed the adoption calculus for in-house counsel: accuracy at the provision level improved, and the data room security question became answerable.
On accuracy: extraction models that are trained on domain-specific legal text — agreement-structured documents rather than general text — produce provision findings that are reliable enough to serve as diligence inputs rather than starting-point suggestions. The error rate in provision identification is low enough that a deal team reviewing extraction output as their primary diligence memo source, rather than as a supplementary tool, is not accepting unmanageable risk. This doesn't mean no errors. It means the error rate, combined with attorney review of the high-risk subset, produces diligence that is at least as complete as the sample-based manual approach — and more complete in terms of data room coverage.
On security: data room documents are among the most sensitive materials in any transaction — pre-announcement M&A information, target company financial data, management personnel details. The early legal AI tools raised legitimate questions about data handling: where do the documents go, who has access, what happens after the engagement? Those questions now have architecture-specific answers from vendors who built specifically for the deal-team context: per-engagement isolation, deletion on delivery, no model training on client documents, NDA as standard practice. The security conversation has moved from "we can't answer that" to "here is our architecture, here is our deletion policy, here is our access control model."
The highest-leverage entry point
M&A diligence is the highest-leverage entry point for legal AI adoption in corporate practice for a specific structural reason: the bottleneck is document volume, and document volume is precisely what extraction scales to address. A corporate legal department that uses AI assistance for contract drafting or legal research gets an incremental benefit — maybe 20% faster on specific tasks. A corporate legal department that uses extraction-based diligence gets a structural change — the first-pass review step that consumed the majority of junior attorney hours in each acquisition is replaced by a process that runs in hours, not weeks.
The leverage ratio makes the adoption risk/benefit calculation straightforward for M&A-active legal departments. The downside risk is errors in the extraction output — mitigated by attorney review of the structured memo. The upside is a reallocation of attorney time from document search to analysis and negotiation strategy, applied to every acquisition the team runs.
What this doesn't mean
AI-assisted diligence does not reduce the need for attorney judgment. It changes where attorney judgment is applied. Instead of spending three weeks on first-pass review to identify what the provisions say, deal counsel spends that time on what the provisions mean for the deal and what to do about the high-risk ones. The total attorney hours in a diligence process may or may not decrease — that depends on deal complexity and what the attorney does with the time freed from document review. The quality of the diligence output, measured by data room coverage, increases.
It also does not mean that every corporate legal department is ready to adopt today. In-house counsel at organizations with existing AI governance frameworks and vendor evaluation processes are better positioned than those navigating the AI vendor question for the first time. The security and ethical review takes time. For departments with active acquisition pipelines who have done that review, the calculus increasingly favors adoption.