A vendor sent me a 47-page MSA last spring. The kind with three exhibits, an SLA, a data processing addendum, and a pricing schedule that referenced a different document I hadn’t been given yet. My finance counterpart wanted a turnaround by end of week. Two years ago, I would have blocked out a Tuesday afternoon, made coffee, and started highlighting in yellow.
Instead I dropped it into our AI tool, asked for a summary of the key business terms, and got something back in about ninety seconds. Termination for convenience: 60 days. Auto-renew: yes, 12 months, with a 90-day notice window. Limitation of liability: capped at 12 months of fees. Indemnity: mutual, with carve-outs for IP and confidentiality. Data residency: US only.
Then I opened the contract and checked all of it myself.
Three of those answers were right. One was almost right but missed a “subject to Section 14.3” qualifier that completely changed how the cap worked. And one was just wrong. The AI had pulled the auto-renew language from a paragraph that was actually describing a different agreement type referenced in the recitals.
That’s where I’ve landed on AI contract management. It’s the best assistant I’ve ever had. It’s also the most confident liar. So I treat it like a smart, fast intern who has never been wrong on purpose and never been right by accident either. Useful, but supervised.
Why this is hard for normal companies
Most companies adopting AI for contracts are doing one of two things, and both create problems.
The first is they bought a CLM that added AI features in the last 18 months and now there’s a “summarize” button next to every document. Nobody told the team what to do with it. Nobody set rules. People use it inconsistently. Sometimes the AI summary becomes the file note. Sometimes it gets pasted into a Slack message to a stakeholder. Nobody checks the source.
The second is the opposite: legal got nervous, IT got nervous, and AI is officially banned. So everyone uses ChatGPT on their personal laptop and pretends they don’t.
Neither of those is a policy. They’re just what happens when a tool shows up faster than the rules around it.
What you actually need is a short, plain-language policy that says: here’s what AI is allowed to do on contracts, here’s where a human has to look, here’s what to do when the document is weird, and here’s where AI doesn’t get a vote at all. You can write that in an afternoon. I did.
What I let AI do
These are the tasks where I’ve decided the productivity gain is worth the supervision cost, and where the worst-case error is recoverable.
First-pass summaries. Give me the business terms in a one-page format: parties, term, renewal, payment terms, termination rights, liability cap, governing law. I read these on every contract now. Even when they’re a little off, they orient me before I open the document. Saves me twenty minutes per agreement, easy.
Clause extraction into the tracker. When I’m loading a contract into our repository, I let AI pre-fill the metadata fields: effective date, expiration date, renewal date, notice period, counterparty entity name. A human still has to approve each field before it gets saved. But pre-filling is faster than typing.
Comparing to our playbook. I have a markdown file with our standard positions on the twenty things we negotiate most. Liability caps, indemnity scope, IP ownership, data handling, audit rights, and so on. AI is good at reading an incoming contract and telling me which of those positions the vendor is asking us to give up. It’s a starting point for the redline conversation, not the conversation itself.
Drafting boring language. Notice provisions, definitions sections, signature blocks, addendum cover pages. The stuff that’s mostly form. I still read it.
Translating legalese for stakeholders. When sales asks me “what does this mean,” I can have AI rewrite a clause in plain English faster than I can. I always check the rewrite, but it saves the back-and-forth.
Finding things across the portfolio. “Which of our vendor contracts have an auto-renew in the next 90 days?” “Which contracts mention SOC 2?” “Which contracts have a limitation of liability under $500K?” This is genuinely the thing AI is best at, and it’s the thing I trusted least at first. I now spot-check the results against the source, and I’ve gotten comfortable with about a 95% accuracy rate on these queries, which is still better than my old spreadsheet, which was about 70% accurate on a good day.
What I always check myself
Here’s my list. It’s not theoretical. Each one is on the list because AI got it wrong at least once.
Dollar amounts and dates that drive money. Liability caps, fee schedules, renewal dates, payment terms, late fee triggers. If a number controls when we pay or how much we lose, I read it from the source document. Always.
Anything with “subject to” or “notwithstanding” or “except as set forth in.” AI is bad at cross-references. It will summarize a clause and miss that the clause is overridden by a different section. The longer the chain of references, the more likely the summary is wrong in a quiet, expensive way.
Indemnity scope. This one is hard for humans too, but AI has a particular weakness for it. It will tell you “mutual indemnity” when it’s actually one-sided, or miss a carve-out for gross negligence, or confuse defense obligations with indemnification obligations. I read indemnity clauses with my own eyes every time.
Governing law and venue. Easy for AI to read. Easy to assume it got it right. Has been wrong on me twice. Both times I had told a stakeholder the wrong answer before I caught it.
Anything the counterparty marked up. When you get a redline back, the AI summary is going to describe the document as if it’s whole. It’s not going to flag that they deleted the audit rights clause unless you specifically ask. I do a side-by-side of the redline. With my eyes.
Signature pages. This is dumb but it bears saying: AI does not know if a contract is actually signed. It will happily describe an “executed” agreement that has a blank signature block on page 41. Pull up the signature page yourself.
The scanned-document exception
This deserves its own section because it’s where I see the most quiet errors in the wild.
If a contract is a scanned PDF, especially an old one, especially one that’s been faxed at some point in its life, AI is reading the output of OCR. And OCR makes mistakes. It reads “1” as “l,” it reads “0” as “O,” and it sometimes drops whole words in the margins.
I had a contract where OCR turned “$1,500,000” into “1,500,000” with the dollar sign in a separate cell, and AI confidently told me the liability cap was 1.5 million units of nothing. Funny in hindsight. Less funny if I’d quoted that number to leadership.
My rule: if a document is a scan, AI output is a hint, not an answer. I’ll use it to point me at the right page. I won’t use it to populate metadata or to answer a question without reading the source. If your repository has a lot of legacy scans, this is the single biggest discipline problem you’ll have, and no amount of better prompting will fully solve it. Better OCR helps. Reading the page helps more.
Where AI doesn’t get a vote
Some decisions are not AI-assisted in my workflow. Not because the tools can’t do them. Because the cost of being wrong is bigger than the time saved.
Final approval on a signed contract. A human owns this. Always. The metadata in the repository, the renewal date, the contract value, the counterparty name. A human approves each field before the record is locked.
Legal advice to stakeholders. When a salesperson asks “can we agree to this?” the answer comes from a human. AI can help me think it through. It does not answer the question for me.
Risk flagging for the board or audit. If contract data is rolling up into a board deck or an audit response, that data has been touched by a human. I am not going to be the person who has to explain that the number on slide 14 came from an AI hallucination.
Negotiation strategy. AI can tell me what the contract says. It cannot tell me what to push back on this week given my relationship with that vendor, what they conceded last year, and what my CFO actually cares about. That’s judgment. AI doesn’t have any.
A simple policy you can write this week
You do not need a 40-page AI governance document. You need one page. Mine has six sections:
- Allowed uses. Listed, specific, with examples.
- Required human review points. What gets checked, by whom, before what.
- Source check rules. When AI summaries become inputs to decisions, what’s verified.
- Scanned-document exception. Lower trust threshold for OCR’d files.
- Forbidden uses. What AI is not the decision-maker on.
- Tooling. Which AI tools are approved, and which are not. (This usually means: the one inside our CLM is fine. The free chatbot you’re using on your phone is not, because contract text shouldn’t go into a tool we have no DPA with.)
If you don’t have a CLM with built-in AI yet, you can still write this policy. Start with a shared doc, a contract intake form that names the reviewer, and a rule that AI summaries get pasted into the file note with a tag that says they’re AI-generated and pending human verification. It’s not glamorous. It works.
What to do this week
Pick the next contract that lands on your desk. Run it through whatever AI tool you already have access to, even if that’s just inside your email or document platform. Get a summary.
Then read the contract.
Mark every place the AI got it wrong, missed a cross-reference, or guessed. Save that list. Do it again on the next three contracts. After a week, you’ll have a clear, specific picture of what your AI is actually good at, what it’s bad at, and where you personally need to keep your eyes on the page.
That list is your policy. Everything else is just dressing it up.
I’m Dave, and I write about contract management the way it actually works. No jargon, no sales pitch, just what I’ve learned from 15+ years of doing this job. If this was useful, stick around.
Leave a Reply