The SRA's Standards and Regulations do not mention large language models, and they do not need to. The rules that govern how you run a file already reach every tool you use to run it. When a member of staff drafts with AI, researches with it or summarises a bundle with it, the same Principles apply as when they pick up a pen.

Start with the Principles

The SRA Principles require you to act with integrity, in a way that upholds public trust, and in the best interests of each client. None of that changes because a machine produced the first draft. If a tool leads to advice that is wrong, the responsibility rests with the solicitor, not the software. Treat AI as you would a junior who works quickly and sounds confident, but whose work you would never send out unread.

Competence and supervision

The Code of Conduct expects you to provide a competent service and to keep your knowledge and skills up to date. Competence now takes in a working understanding of the tools your firm relies on, enough to know what they do well and where they fail. Supervisors carry this further. A firm should be able to show who may use which tool, for what, and how the output is checked before it reaches a client or a court.

Assess before you adopt

The duty sits at firm level as well as at the desk. The SRA expects proper oversight when new technology comes in, with the compliance officer answerable for it, and a risk and impact assessment before a tool is adopted rather than after something has gone wrong. A short assessment of what the tool does with client data, where it fails and who signs it off belongs on file before the first live matter.

Tell clients where AI touches their matter

The SRA expects a firm to make clear where a client is interfacing with AI. A plain line in your client care information covers the general position, and on any matter where AI does more than sit in the background a short note to the client keeps you the right side of that expectation. The client should also know who to turn to if something goes wrong, which is the firm and not the tool.

Confidentiality runs through everything

Confidentiality is the duty most easily lost with AI. Every prompt that carries client information is a disclosure to whoever runs the tool. Before anything touches client data, you should know where that data goes, whether it trains the provider's models, and who can read it. We set this out in client confidentiality when using AI tools.

Write it down

The thread that joins these duties is the ability to account for your choices. A short written policy, a record of the tools in use and a note of the checks performed turn a vague sense of caution into something you can show a regulator, a client or an insurer.

Used this way, AI is consistent with the duties that define the profession. The discipline sits around the tool, not inside it.

The regulator's own words are in its compliance tips on AI and technology, updated in February 2026.

If you would like your firm measured against these expectations before the SRA does the measuring, that is precisely what our compliance check does: see how it works.