Advanta is currently undergoing final system calibration ahead of launch. Selected infrastructure and experiences may still be in active refinement.

advanta

HomeModule Library

AI Risk Register

·

Initial setup 4–6 weeks; 2–4 hours per quarterly review cycle

GOV-03 — AI Risk Register

Purpose

The AI Risk Register is the operational risk management instrument for legal departments deploying AI. It provides a systematic framework for identifying, scoring, and mitigating AI-related risks organised around the canonical Risk Taxonomy 2026 — nine risk classes that define the legal AI risk landscape.

This Module operates within the Defensible AI Governance Framework (GOV-01), alongside the AI Use Policy (GOV-02) and AI Incident Response Playbook (GOV-05). The completed Risk Register is a primary evidence artefact for the Defensibility Posture Statement (DPS) Risk section.

When to use this Module

Use this Module when:

  • Establishing AI governance for the first time under GOV-01
  • Onboarding a new AI vendor or tool into the AI Bill of Materials (AI BoM)
  • Responding to a regulatory inquiry about AI risk management practices
  • Conducting the quarterly risk review mandated by GOV-01
  • Updating the DPS Risk section after a GOV-05 incident

Owner: AI Risk Committee (chair: General Counsel or Chief Risk Officer)

Duration: Initial setup 4–6 weeks; quarterly reviews ongoing

Operating cadence: Quarterly

Scope

This risk register covers all AI systems in the AI Bill of Materials (AI BoM) and all AI-related activities described in the AI Use Policy (GOV-02). It applies to:

  • All approved AI tools and platforms used by legal department personnel
  • Third-party AI-enabled services handling legal or client data
  • Agentic AI systems (autonomous multi-step task execution)
  • AI development or customisation work undertaken on behalf of clients

Section 1 — Risk scoring methodology

Likelihood scale (1–5)

| Score | Level | Definition |

|—|—|—|

| 1 | Very Low | Less than 5% probability within 12 months |

| 2 | Low | 5–20% probability within 12 months |

| 3 | Medium | 21–50% probability within 12 months |

| 4 | High | 51–80% probability within 12 months |

| 5 | Very High | Greater than 80% probability within 12 months |

Impact scale (1–5)

| Score | Level | Definition |

|—|—|—|

| 1 | Very Low | Minimal impact; manageable with existing resources |

| 2 | Low | Minor disruption; limited additional resources required |

| 3 | Medium | Moderate impact; significant management attention required |

| 4 | High | Major impact; significant client, operational, or regulatory consequence |

| 5 | Very High | Severe impact; threatens regulatory standing or client relationships |

Risk score = Likelihood x Impact

| Score | Level | Response |

|—|—|—|

| 1–4 | Low | Routine monitoring; quarterly review |

| 5–9 | Medium | Active monitoring; monthly review |

| 10–16 | High | Intensive monitoring; weekly review; AI Risk Committee approval required |

| 17–25 | Very High | Immediate action; executive escalation; board notification within 24 hours |

Section 2 — Risk Taxonomy 2026

The Risk Taxonomy 2026 defines nine canonical risk classes for AI use in legal practice. All risks in this register are tagged to one primary class. Risks that span multiple classes are tagged as cross-class.

Class 1 — Hallucination and accuracy

AI systems generate plausible but factually incorrect outputs — fabricated case citations, incorrect statutory interpretations, or erroneous contract terms. Affects all generative AI use in legal practice.

Legal exposure: Malpractice liability; court sanctions for filing documents with fabricated citations; client harm from incorrect advice.

Canonical controls: Human verification of all AI outputs before reliance; attorney sign-off before delivery to clients or courts; flagging of AI-generated content in review workflows.

Class 2 — Privilege and confidentiality

Client confidential information is inadvertently disclosed through AI tools — by uploading privileged documents to unapproved platforms, through vendor data handling practices, or through insecure integrations.

Legal exposure: ABA Rule 1.6 violations; privilege waiver; professional discipline; client malpractice claims.

Canonical controls: AI BoM restricts tools to those with compliant data processing agreements; Shadow AI controls per GOV-02 Section 3; quarterly vendor compliance certification.

Class 3 — Bias and fairness

AI systems exhibit systematic bias that produces discriminatory outcomes in case strategy recommendations, contract risk flagging, or personnel-related legal advice. Bias may originate in training data, model design, or deployment context.

Legal exposure: Civil rights liability; professional ethics violations; regulatory scrutiny under emerging AI fairness laws.

Canonical controls: Bias testing on AI BoM tools before deployment; periodic re-testing; documented bias remediation procedures maintained by the AI Task Force.

Class 4 — Privacy and data protection

AI systems process personal data in ways that violate applicable privacy law — including GDPR, CCPA, and state-level AI transparency statutes. May arise through AI training on client data, inadequate data minimisation, or cross-border data flows.

Legal exposure: GDPR Article 83 regulatory fines; state enforcement actions; client contractual liability.

Canonical controls: Data minimisation requirements in vendor contracts; geographic data routing controls; Data Protection Impact Assessments (DPIAs) for high-risk AI processing activities.

Class 5 — Supply chain and vendor dependency

AI vendors cease operations, change terms, or fail to maintain security and compliance standards. Single-vendor dependency creates continuity risk. Vendor model updates may alter output quality without notice.

Legal exposure: Business continuity failures during active matters; undetected accuracy degradation; contractual liability for service gaps.

Canonical controls: AI BoM vendor evaluation includes continuity assessment; diversified vendor strategy; vendor-change notification requirements in contracts; model versioning controls.

Class 6 — Shadow AI and policy circumvention

Legal personnel use AI tools not listed in the AI BoM, or use approved tools in ways that circumvent the AI Use Policy. Shadow AI is the most prevalent vector for Class 2 (privilege) and Class 4 (privacy) incidents.

Legal exposure: Privilege waiver; professional discipline; regulatory non-compliance; potential voiding of cyber insurance coverage.

Canonical controls: Network monitoring for unauthorised AI endpoints; annual attestation by all personnel; Shadow AI incident protocol under GOV-05; AI Use Policy enforcement per GOV-02 Section 3.

Class 7 — Regulatory compliance drift

The legal and regulatory landscape for AI use changes faster than internal AI governance. Obligations under the EU AI Act, ABA guidelines, state bar ethics opinions, and state AI transparency statutes may impose new requirements not reflected in current practice.

Legal exposure: Regulatory sanctions; professional discipline; reputational damage from publicised non-compliance.

Canonical controls: Quarterly regulatory scan included in AI Risk Committee agenda; GOV-01 annual review updated for regulatory changes; methodology version tracking (current: v2026.1).

Class 8 — IP and licensing exposure

AI tools trained on third-party materials may expose the firm or clients to intellectual property infringement claims. AI-generated work product may lack copyright protection. Vendor licensing terms may restrict commercial use of AI outputs.

Legal exposure: IP infringement liability; loss of copyright protection in AI-assisted work product; licensing breach and vendor disputes.

Canonical controls: IP terms reviewed in AI BoM vendor evaluation; disclosure to clients of AI-generated elements where copyright status is uncertain; periodic IP counsel review of AI tool output licensing.

Class 9 — Operational resilience

AI system failures, service outages, or degraded performance disrupt matter work and client service delivery. Agentic AI systems introduce additional risk of unexpected autonomous actions that create operational or legal consequences without human intervention.

Legal exposure: Missed deadlines; breach of service agreements; professional liability for failure to supervise agentic AI systems.

Canonical controls: AI system uptime SLAs in vendor contracts; business continuity procedures for AI system failures; agentic AI checkpoint controls per GOV-02 Section 3; incident classification under GOV-05.

Section 3 — Risk register format

Each risk entry in this register uses the following standard format:

  • Risk ID: [Format: YYYY-C#-###, e.g. 2026-C1-001]
  • Risk class: [Class 1–9 or cross-class per Risk Taxonomy 2026]
  • Risk title: Concise description (10 words or fewer)
  • Description: How the risk manifests in this organisation
  • Likelihood: 1–5
  • Impact: 1–5
  • Risk score: Likelihood x Impact

Key Takeaways

  • Establish a single, standardised AI risk register across all legal AI systems.

  • Score risks consistently using defined likelihood, impact, and escalation thresholds.

  • Map every risk to the nine-class Risk Taxonomy 2026 for completeness.

  • Assign clear risk ownership via the AI Risk Committee and role table.

  • Track mitigation actions with owners, dates, and target residual risk scores.

  • Use KRIs and automatic triggers to drive timely escalation and review.

  • Provide DPS-grade evidence of AI risk management to regulators and clients.

Get This Module

This module is available as part of an Advanta Advisory engagement.

Explore Advisory

Module Details

Type

Duration

Initial setup 4–6 weeks; 2–4 hours per quarterly review cycle

Related Resources

Module Library →Take the Maturity Diagnostic →

Share this module

Related Modules

View all Modules →

Governance

P4

Defensible AI Governance Framework

Framework · 2–4 weeks first run; 1 day annual review

AI Incident Response Playbook

· Per incident; 15 minutes to activate; resolution timeline by severity; PIR within 30 days for Level 1–2

P1

AI Task Force Charter

· Initial setup 90 days; ongoing 2–4 hours/month per core member plus quarterly reviews.

P1

ROAI Matrix Framework

· Initial setup 2–4 weeks; 1–2 days per quarter for updates and reporting

ADVISORY

Need help implementing this — and the 49 modules around it?

Advanta Advisory works with legal departments to deploy the full Legal AI OS framework — governance design, implementation roadmap, and team capability — structured around your maturity baseline.

Explore Advisory →Run the Diagnostic first
← Back to Module Library