Integrity and Coherence for Legal Advisory Agents

Regulatory Framework

Five overlapping regimes govern AI-assisted legal advice. The ABA Model Rules, adopted in some form by every U.S. jurisdiction, impose three duties that bind any lawyer using a generative system. Rule 1.1 (competence) requires reasonable understanding of the technology's benefits and risks; the 2012 Comment 8 amendment makes this an affirmative obligation. Rule 1.6 (confidentiality) prohibits the lawyer from exposing client information to third-party systems without informed consent and reasonable safeguards. Rule 5.5 prohibits the lawyer from facilitating unauthorized practice, which includes deploying an unsupervised agent that gives advice to non-clients.

ABA Formal Opinion 512 (July 2024) operationalizes these duties for generative AI. It requires lawyers to verify outputs, maintain confidentiality through vendor diligence, supervise the tool as if it were a non-lawyer assistant under Rule 5.3, communicate use to clients where material, and bill only for time actually spent. Mata v. Avianca, 678 F. Supp. 3d 443 (S.D.N.Y. 2023), made the consequences concrete: sanctions under FRCP 11 and 28 U.S.C. Section 1927 for citations to non-existent cases generated by ChatGPT. FRCP 26(g) extends the certification duty to discovery responses, and FRE 901 requires authentication of any AI-generated artifact offered into evidence.

The EU AI Act classifies systems used in the administration of justice and democratic processes as high-risk under Annex III paragraph 8, imposing the full Article 9 through 15 stack: risk management, data governance, technical documentation, record-keeping, transparency, human oversight, and accuracy. GDPR Article 22 separately prohibits decisions based solely on automated processing that produce legal or similarly significant effects, requiring meaningful human involvement and the right to contest. A legal advisory agent that drafts a client memorandum, a discovery response, or a brief touches all of these regimes simultaneously.

Architectural Requirement

The regulatory stack reduces to three runtime invariants. First, every assertion that purports to state law must be traceable to a verifiable authority that the agent has actually retrieved, not paraphrased from training distribution. Second, the agent's normative positions must be stable across matters: the same statutory provision interpreted for Client A on Monday must produce the same interpretation for Client B on Tuesday absent distinguishing facts that the agent makes explicit. Third, every output must carry an auditable provenance chain sufficient to support a Rule 11 certification and an FRE 901 authentication.

These invariants are not satisfiable by prompt engineering or by retrieval augmentation alone. Retrieval addresses citation grounding but not cross-matter consistency; a RAG system retrieves the same statute for both clients and may still generate divergent interpretations because the generation step is stochastic. Prompt-based instructions to "be consistent" provide no enforcement mechanism and no audit artifact. What is required is a control primitive that holds the agent's normative state outside the language model and gates output emission on a computable consistency check.

Why Procedural Compliance Fails

The dominant compliance pattern for legal AI today is procedural: a human-in-the-loop reviews outputs before they reach the client or the court. ABA Opinion 512 endorses this pattern, and it is necessary, but it is not sufficient under volume. A reviewing attorney who confirms one citation in a fifty-page memorandum has not authenticated the other forty-nine. The Mata sanctions order turned on exactly this failure: the lawyers signed a brief whose citations they had not verified, relying on the model's apparent fluency as a proxy for accuracy.

Procedural compliance also fails the cross-matter consistency requirement. No human reviewer holds in working memory the agent's positions across a firm's entire matter portfolio. When the agent advises one client that a force majeure clause is enforceable under a given fact pattern and advises a second client that an identical clause is unenforceable under the same fact pattern, no individual reviewer detects the contradiction. The firm discovers the inconsistency only when opposing counsel produces both memoranda in discovery, at which point the malpractice exposure is fixed.

Watermarking, output filtering, and post-hoc logging address none of these problems. A watermark proves the text was generated by a particular model; it does not prove the model's assertions were true or consistent. Output filters catch obvious hallucinations such as fabricated case names but cannot evaluate whether a paraphrase of a holding is faithful to the source. Post-hoc logs record what was emitted but cannot reconstruct the normative state that produced it. Compliance built on these mechanisms collapses on contact with adversarial scrutiny.

What the AQ Integrity-Coherence Primitive Provides

The AQ integrity-coherence primitive treats the agent's normative state as a first-class runtime object. Three integrity domains are tracked continuously. Behavioral integrity records the agent's analytical methods: which canons of construction it applied, which jurisdictions it treated as controlling, which interpretive framework it adopted. Normative integrity records the agent's positions on specific legal questions: how it construed a statute, which precedent it treated as dispositive, how it characterized a transaction. Relational integrity records consistency across the agent's client and matter relationships, ensuring that the depth and quality of analysis does not vary with engagement size or client identity.

The deviation function D = (N - T) divided by (E times S) computes a scalar distance between a proposed output's normative content and the agent's established positions, weighted by the empirical evidence and the salience of the question. When D exceeds a configured threshold, the agent's coping intercept fires before emission. The intercept does not silently suppress the output. It produces a structured artifact: the divergent prior position, the current proposed position, the evidence on which each rests, and a justification slot that must be filled either by a distinguishing fact, by an explicit revision of the prior position, or by a correction of the current draft. That artifact is the audit record that an FRCP 11 certification requires.

The coherence trifecta, which couples integrity with the empathy and self-esteem functions, prevents two failure modes that pure consistency checking would otherwise produce. Without empathy calibration, the agent would treat every minor variation as a deviation and flood the reviewer with noise. Without self-esteem calibration, the agent would either over-defer to its prior positions when new evidence justifies revision, or over-revise on weak signals. The trifecta produces calibrated self-correction: the agent revises when the evidence warrants and holds the line when it does not, and it documents the reasoning either way.

Compliance Mapping

Each component of the integrity-coherence runtime maps to a specific regulatory requirement. The normative integrity log satisfies ABA Opinion 512's verification duty by producing, for every cited authority, a record of the retrieval, the passage relied on, and the agent's interpretation. It satisfies FRCP 11(b)(2) by giving the certifying attorney a per-citation audit trail. It satisfies FRE 901 by producing the chain of custody required to authenticate a generated artifact.

The behavioral integrity log satisfies Model Rule 1.1's competence duty by demonstrating that the agent's analytical methods were the methods a competent lawyer would have applied. The relational integrity log satisfies Rule 1.6 by recording every information flow between matters and surfacing any cross-contamination of confidential material. The coping intercept satisfies GDPR Article 22 by ensuring that no advisory output reaches a data subject without a meaningful human review when D exceeds threshold; the intercept's artifact is the contestability record that Article 22(3) requires.

For EU AI Act Annex III paragraph 8 deployments, the integrity domains supply the technical documentation required by Article 11, the record-keeping required by Article 12, the transparency required by Article 13, the human oversight required by Article 14, and the accuracy and robustness evidence required by Article 15. The deviation function is a computable accuracy metric in the Article 15 sense, and the coping intercept is the human-oversight mechanism in the Article 14 sense.

Adoption Pathway

A firm adopting the integrity-coherence primitive does so in three stages. The first stage is shadow deployment: the agent runs alongside existing workflows, the integrity domains accumulate state, and the deviation function emits warnings without gating output. This stage establishes the firm's normative baseline and surfaces existing inconsistencies in the current matter portfolio without changing lawyer behavior.

The second stage is gated emission for defined practice areas. The firm selects a domain with high consistency requirements and bounded normative scope, typically transactional drafting or regulatory compliance memoranda, and configures the coping intercept to block emission when D exceeds threshold. Reviewing attorneys see the intercept artifact and decide whether to override, revise, or accept. The artifact is preserved as part of the matter file.

The third stage is full integration with the firm's matter management and conflict-checking systems. The relational integrity domain consumes the conflict database, the normative integrity domain feeds the firm's knowledge management system, and the audit log integrates with the firm's records retention policy. At this stage the integrity-coherence primitive is not a tool the lawyers use; it is the substrate on which the firm's AI-assisted practice runs, and the substrate that allows the firm to certify its work under Rule 11, Opinion 512, and the AI Act with evidence rather than with assertion.