It is Thursday, 2:14 p.m. Your VP of Marketing has generated 42 landing page variants for next week’s campaign. Each one has different copy, different claims, different pricing callouts, different social proof, different disclaimer posture. Six months ago she would have shipped four. Today she has 42, because her team is using AI end to end (briefs, first drafts, headline variants, visuals, QA) and the work that used to take a week takes a morning.
She sends the batch to Legal for review at 2:30. Your GC has one associate. They have 11 open contract reviews, three customer DPAs, a privacy impact assessment for the product team’s new feature, a subpoena, two employment matters, and 31 other review requests already in the queue. Forty-two landing pages are now numbers 91 through 132.
On Tuesday of next week, campaign launch day, 40 of the 42 pages will ship without legal review. Not because anyone decided to skip it. Because the alternative was not launching.
This is the story of every company in 2026. It is happening right now at yours.
What actually happened
The input side of every business function just compressed by 10 to 20x. Marketing content, engineering features, sales collateral, product documentation, research memos, recruiting pipelines. All of them now move at the speed of the tool, not the speed of the human. The rate limiter that used to sit in front of every output, a human typing, drawing, coding, or writing, lifted.
One function did not get the lift. Legal review is not generation work. It is judgment work against a body of law, a regulatory regime, a contract, a policy, a risk appetite, and an ethical rulebook. AI accelerates parts of it (research, summarization, redlining against a known playbook, first-pass contract review) but the sign-off itself still requires a licensed person who can be liable for the call. A lawyer’s signature is load-bearing in ways a marketer’s is not.
So the input side of the company scaled, and the review side did not. The queue at Legal’s door is now 90 items deep. It used to be nine. [S: nine to ninety in eighteen months.]
What breaks first
Four specific failures, usually in this order.
Review becomes optional in practice, whether or not it is in policy. When the queue gets long enough that waiting means missing the launch, teams ship anyway. Nobody announces this. Nobody writes a memo. It just happens. A marketer launches a campaign, an engineer merges a feature, a sales rep sends a proposal, all without the review the policy says is required. The policy stops being a policy. It becomes a decoration.
Risk tiering happens by default, badly. Teams start self-classifying their own work as “low risk” to justify skipping review. A discount claim, an SLA commitment, a non-standard indemnity in a sales contract, an API deprecation. Each becomes “probably fine” to the person who wrote it. The person who decides what needs a lawyer is now the same person whose work would be slowed down by one.
Liability migrates from prevention to remediation. Problems that used to be caught at the pre-publication gate now show up later, as customer complaints, regulatory inquiries, takedown demands, class actions, insurance claims, and quiet indemnity payouts. The cost does not disappear. It shifts from a prevention budget the CFO can see into a remediation budget that shows up 18 to 36 months later, in line items no one connects to the velocity decision that caused them.
Legal absorbs the blame for a choice the company made. When something finally breaks, the postmortem names Legal as the bottleneck that was routed around. The actual failure, a company that 20x’d its output without 20x’ing its review capacity, and made no structural decision about where to absorb the new risk, does not get named, because no one person owns it.
What scales in legal work, and what does not
Not all of it is equally stuck. Contract review against a playbook, clause extraction, research memos, first-draft redlines, form generation, clause library maintenance, legal-request triage, NDA classification, vendor status lookups, e-signature routing, and privacy impact screening all move faster with AI. Any task that is pattern recognition or synthesis across a known library compresses, the same way every other function compressed.
Final judgment on a material contract does not. Regulator-facing advocacy does not. Litigation strategy, privilege calls, conflict waivers, fiduciary advice, and the decision to kill a deal do not. Anything where a specific licensed human has to put their signature on a malpractice-insured line does not. Bar rules in most jurisdictions explicitly require lawyer supervision for the work that matters. Malpractice carriers price around it. Regulators expect it. None of that is going away because generation got cheap. [M: supervision is the constrained step.]
The output of a legal department can move 3 to 5x faster with AI. It cannot move 20x faster, because the constrained step is not generation. It is accountability.
This gap, output up 20x on one side of the desk and up 5x on the other, is the entire problem.1
Where the pressure shows up
Four places to watch.
The GC’s inbox. Review requests queue up. Turnaround slips from two days to two weeks. The GC knows. The business knows. Nobody talks about it because the number embarrasses everyone.
The approval-waiver conversation. Product and marketing leaders start asking for standing approvals, blanket pre-clearances, or “just this once” exceptions. Each one is individually reasonable. In aggregate they are the dismantling of review.
The insurance renewal. E&O, cyber, and D&O carriers are beginning to ask about AI-generated content pipelines and the governance attached to them. The questions are not yet on the main form. They are in the follow-up after the initial application. They will be on the main form within two renewal cycles. Premiums will reflect the answers. [S: the carrier is reading.]
The regulator inquiry. Enforcement lag is real, but it is a lag, not a pardon. The first waves of FTC actions on AI-generated advertising claims, SEC actions on AI-assisted disclosures, and state AG actions on AI-enabled privacy harms are landing now. The companies named are not the ones operating in egregious bad faith. They are the ones who shipped volume without review.
If your team is regularly waiting on legal review for decisions that should take hours instead of weeks, the bottleneck has a structural cause.
Talk to a Talairis attorney →What to do
The cemented answer: move review upstream into the tools themselves. Brand voice enforcement, pre-cleared claim libraries, approved-pricing lookups, contract playbooks, automatic privacy-impact triage at the moment of authoring. The point is to prevent non-compliant output from being generated in the first place, not to catch it on the way out. You cannot review your way out of a 20x volume increase. You have to shape the generation. [M: shape the generation, not the review.]
Beyond that, options.
Publish an honest risk tier and take review off the table for the bottom tier: self-service templates, pre-cleared language, hard-coded guardrails. Free the GC’s queue for the work that actually requires judgment. An unwritten risk tier, applied by the people whose work it gates, is worse than no tier at all. Staff the in-house function to match the new volume, or outsource the review load to a firm that has done the tooling work. The 2020-vintage two-lawyer-and-a-paralegal department does not survive contact with a 20x business.2
What does not work
For completeness.
Hiring one more junior associate does not fix a 20x problem with a 1.1x input. Mandating that everyone “go faster” does not survive contact with bar rules. Cutting the review list without publishing the cut moves the risk from the lawyer to the business leader, which is the opposite of what in-house counsel is for. Declaring victory because “we use AI too” without changing the workflow, the guardrails, or the staffing is the most common failure mode, and the most expensive one.
Get counsel before the next planning cycle
This is a structural decision, not a workflow fix. Your customer contracts, your marketing claim posture, your privacy compliance, your employment practices, your trade secret protections, and your regulatory exposure all run through the same bottleneck. You can decide, deliberately, where to absorb the new risk the compression has created. In better generation tooling. In a scaled review function. In tighter risk tiering. In an outside-counsel partnership. Or some combination. Or you can decide it implicitly, by doing nothing, and let the company route around Legal until the first enforcement action tells you how the decision got made.
The GCs and firms who have done this work can tell you which levers their clients pulled and how it turned out. Have that conversation before the next planning cycle, not after the next incident.
A closing thought
The human limiter came off marketing, engineering, product, and sales. It did not come off legal, and it will not, because the signature that makes legal work legal work is the thing that cannot be automated.
Legal is the new bottleneck.
The worst response is pretending it isn’t.
In 2026, the clients will start asking why.
- The bar rules and the malpractice carriers price around the same fact. Someone has to be liable for the call. Generation can be automated to anyone or nothing. Accountability cannot be. Until that changes, every legal function has a hard ceiling on how much it can compress, regardless of how good the tools get. ↩
- Most GCs in 2026 a ↩
