ARTICLE
26 March 2026

Singapore’s Guide On Generative AI In The Legal Sector: What In-house Legal Teams Need To Know

L
Lexplosion Solutions Private Limited

Contributor

Lexplosion Solutions Private Limited logo
Lexplosion Solutions is a leading Legal-Tech company providing legal risk management solutions in areas of compliance management, audits, contract lifecycle management, litigation management and corporate governance. Lexplosion merges disruptive technology with legal domain expertise to create solutions that have increase efficiency and reduce costs.
Explore Firm Details
In September 2025, the Ministry of Law in Singapore issued a draft Guide on Using Generative AI in the Legal Sector to create...
Singapore Technology
Swapna Umakanth and Snigdha Sanganeria
Lexplosion Solutions Private Limited are most popular:
  • within Technology, Energy and Natural Resources and Accounting and Audit topic(s)
  • with Senior Company Executives, HR and Inhouse Counsel
  • with readers working within the Environment & Waste Management and Law Firm industries

In September 2025, the Ministry of Law in Singapore issued a draft Guide on Using Generative AI in the Legal Sector to create a framework for ethical and effective adoption of generative AI (GenAI) tools in legal practice and invited public feedback.

Lexplosion had submitted feedback to the Ministry and also analysed the compliance implications of the draft guide in a blog post.

On 6th March 2026, the Ministry has released the final version of the Guide with important clarifications and enhancements. We are pleased to note that Lexplosion is acknowledged in the list of contributors and that some of the suggestions we provided have been reflected or further clarified in the final Guide, particularly on aspects such as the risk-based approach, greater transparency around data handling and the inclusion of a sample disclosure clause for client communications.

While the Guide is non-binding, it sets out practical principles and recommended safeguards for organisations adopting GenAI in legal work, especially around professional responsibility, confidentiality and transparency, all of which are highly relevant for in-house legal teams.

What does the Guide emphasise?

The Guide focuses on three core principles:

  1. Professional responsibility remains with lawyers: Even when using GenAI tools, legal professionals remain fully accountable for the quality and accuracy of their work.
  2. Confidentiality is critical: The Guide highlights risk such as data leakage through prompts, use of inputs for model training and third-party access to sensitive information. It emphasises reviewing vendor terms and implementing safeguards before using GenAI tools.
  3. Transparency with clients and stakeholders: Legal teams should consider disclosure where GenAI is materially used in work product, where it affects costs or delivery, or where data handling practices may impact client interests.

Compliance Implications for In-House Legal Teams

While the Guide is not legally binding, it directly intersects with internal governance and existing data protection frameworks.

Here's what in-house teams should be thinking about:

1. Scope and accountability:

The Guide applies to a wide range of stakeholders in the legal ecosystem. This includes allied legal professionals like paralegals, legal secretaries, legal technologists and legal project managers, both in private practice and in-house teams. Additionally, the Guide explicitly mentions alternative legal service providers, law students and even providers of GenAI tools for the legal sector.

Implication for In-House Teams: This enhanced scope ensures that all individuals and organizations involved in legal work, from junior staff to tech providers, are aware of the Guide. In-house legal teams, in particular, should ensure that their entire legal and technology teams; whether they are dealing with the technology or applying it, are familiar with the Guide.

The scope and applicability of the Guide reinforce the need for internal GenAI policies and oversight structures.

Key takeaway:

  • GenAI use should sit within existing legal risk and governance frameworks
  • Legal teams remain responsible for outputs, not vendors

2. Data governance

The Guide places emphasis on transparency, including encouraging greater visibility into how GenAI systems operate and how data is handled.

Implication for In-House Teams: Legal teams should seek appropriate information from GenAI vendors on data handling practices, including understanding whether inputs may be used for training and assessing relevant security safeguards, particularly when dealing with sensitive information.

Key takeaway:

  • Vendor due diligence is essential.
  • GenAI is not just a procurement risk but also a legal risk

3. Data protection and confidentiality risks increase

In-house teams should align GenAI use with internal data classification policies, confidentiality obligations and PDPA considerations.

Key takeaway:

  • Use of free/public tools may pose significantly higher risk

4. Risk-based approach for human oversight

The Guide sets out a structured risk-based approach to human oversight, where high-risk outputs (e.g. legal advice, contracts) require strict review. Lower-risk tasks may be under lighter supervision.

Implication for In-House Teams: Legal teams should now evaluate each GenAI tool based on its intended use and ensure that high-risk applications are accompanied by appropriate controls. They should develop internal incident response protocols in line with the risk-based approach outlined in the Guide.

Key takeaway:

  • Human oversight must be proportionate to the risk and task impact.

5. GenAI literacy becomes a compliance issue

The Guide highlights practices such as grounding techniques and retrieval-augmented generation (known as RAG) methods to minimize errors that could arise from hallucinations, inaccurate or fabricated information.

Implication for In-House Teams: Legal teams are expected to understand GenAI limitations (e.g. hallucinations, bias), apply proper verification processes and supervise junior staff using GenAI tools.

Key takeaway:

  • Legal teams must ensure training and proper oversight of AI-assisted work.

6. Transparency and client communication

The Guide has provided sample clauses for employee handbooks and a sample disclosure clause for client engagement. These are intended to help organisations communicate the use of GenAI in legal services to clients transparently.

Implication for In-House Teams: In-house legal teams may consider adopting the sample clauses for their employee handbook and also the sample disclosure clause and incorporate it when working with various business teams as a matter of good practice. This will ensure that all stakeholders are aware of the use of GenAI.

Key takeaway: Transparent communication on the use of GenAI is important.

Compliance Measures for In-House Legal Teams

While the Guide includes practical safeguards, sample clauses and checklists, in-house legal teams can consider the following key compliance measures based on the Guide to operationalise the principles:

Governance & Policy

  • Implement an internal GenAI usage policy
  • Define approved tools and prohibited use cases
  • Assign a GenAI lead or oversight function

Risk Assessment

  • Categorise GenAI use cases for human oversight (low / medium / high risk)
  • Process to apply proportionate human oversight (the Guide provides a sample evaluation checklist and a framework to assess this)
  • Have policies in place to avoid using GenAI autonomously for high-stakes legal outputs without appropriate oversight

Vendor Due Diligence

While the Guide provides a sample evaluation checklist, these are some of the key compliance issues for in-house teams to consider:

  • Process to procure solutions that are compliant with applicable cybersecurity standards, personal data protection and cross border transfer standards.
  • Review vendor terms on data retention and whether inputs are used for model training
  • Confirm confidentiality and security safeguards
  • Assess data storage location and access controls
  • Where appropriate, consider including provisions in vendor agreements or seeking assurance regarding the requirements.

Confidentiality Controls

  • Protocols to avoid inputting sensitive data into unsecured tools
  • Protocols for anonymisation where necessary
  • Policies to use enterprise tools with contractual safeguards

Output Verification

  • Process to ensure that all GenAI-generated legal content is verified independently
  • Check citations, reasoning and completeness
  • Ensure outputs are fit for purpose

Transparency & Disclosure

  • Process to consider when GenAI use should be disclosed
  • Monitoring and review to update engagement terms or internal policies as required
  • Documentation of GenAI use and safeguards

Training & Awareness

  • Train legal teams on GenAI risks (hallucinations, bias), prompt design and verification techniques
  • Process to ensure proper supervision of junior staff using GenAI

Conclusion

Singapore's Guide for Using GenAI in the legal sector has evolved significantly since its draft version. It offers clearer guidance on risk management, transparency, confidentiality and client communication with practical safeguards, sample clauses and evaluation checklists. These changes are a positive step towards ensuring responsible and ethical GenAI adoption in the legal sector.

The Guide, while not mandatory, serves as a practical framework to help organisations implement appropriate governance and controls to help mitigate legal and reputational damage that could arise from the unregulated use of GenAI.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

[View Source]
Authors
Person photo placeholder
Swapna Umakanth
Person photo placeholder
Snigdha Sanganeria
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More