Why AI assurance is a board-level issue

The recent case involving Pinsent Masons is another warning that professionals need to check AI-generated work before it reaches a client, a court, or a regulator. But that only gets us so far.

The next version of this problem won't be a junior solicitor using a general-purpose AI tool, but someone relying on a client-facing AI tool built on top of a foundation model from Anthropic, OpenAI, or Microsoft.

If that AI-assisted output is wrong, hallucinated, or misleading, it won't be enough for the supplier to say that the user should have checked it. "It seems to work and the underlying model is reputable" won't be an adequate defence, especially when a tool is being sold to legal, financial, advisory or professional services firms.

Once your client-facing AI tool is in the market, its risks aren't just technical but commercial, contractual, and reputational. And those risks sit with the organisation, not just with the people who wrote the code.

This is why I advocate for AI assurance to move up the management agenda. Not as a box-ticking exercise, and not as a way to slow product teams down, but as a way for leadership to understand how those risks have been assessed and managed.

Because the uncomfortable question after a failure won't be "did the answer look OK?" but "what did you know, what did you test, and why did you decide this was safe to put in front of clients?"