A lawyer still signs every contract: inside Corveth Legal's playbook-driven AI review
Corveth Legal encoded its commercial-contract negotiation playbook into an AI agent that reads inbound agreements, applies the firm's positions, and drafts redlines. Partner Priya Anand explains where the machine helps and where the lawyer stays accountable.

For a boutique corporate firm, the economics of commercial contract review have always been awkward. A seed-stage company needs its inbound SaaS agreements, mutual NDAs, and vendor terms read with care, yet it cannot comfortably absorb hours billed at senior rates for work that is largely repetitive. Corveth Legal, which productizes legal work into fixed-fee, technology-enabled services for startups and growth companies, spent roughly two years encoding its own negotiation playbook into an AI review system. We spoke with Priya Anand, a Partner at the firm, about what that took, where it fails, and why an attorney still signs every review.
Begin with the commercial problem. Why was contract review so hard to price and deliver for the clients you serve?
Our clients live on inbound paper. A twenty-person company sees a steady flow of vendor agreements, customer order forms, NDAs, and reseller terms, and most of it is routine but not trivial. The old model priced that by the hour, which produced two bad outcomes. Either a partner reviewed a standard SaaS agreement and the client paid a bill that felt disproportionate to a mechanical task, or an associate did it under time pressure and the review came out inconsistent from one contract to the next.
The deeper problem was predictability. Founders cannot forecast a legal spend that scales with deal volume, so many of them stopped sending us the smaller contracts and self-reviewed, or signed without reading. That is where real exposure lives: a broad indemnity or an auto-renewing term that nobody flagged because the matter was too small to justify the fee. We wanted to serve that volume properly, at a price a startup could plan around. Hourly billing made that close to impossible.
Firms have talked about automating contract review for a decade. What actually changed so that it works now rather than five years ago?
The earlier tools were built on keyword and clause-template matching. They could find a clause that looked like a governing-law provision, but they were brittle. Draft the same idea in unusual language and the system missed it, which is exactly where you want a second set of eyes.
Two things shifted. First, language models can now read a clause for meaning rather than form. If a limitation of liability is buried inside a schedule and phrased oddly, the model still recognizes what it is and what it does. Second, retrieval-augmented generation lets us ground the system in our own material. Rather than relying on whatever a general model absorbed from the open internet, the agent works against our playbook and our approved language, and it cites the position it applied. None of this makes the tool trustworthy on its own. It makes it good enough at a first pass to be worth a lawyer's supervision, which was not true before.
Walk me through what happens, concretely, when a client's contract enters the system.
The contract comes in, usually as a Word file or PDF. Document extraction parses it into its structure: clauses, defined terms, schedules, and cross-references. The agent then uses semantic search to map each provision to the corresponding position in our playbook, matching a payment clause to our payment position, an indemnity to our indemnity position.
For each matched clause it makes a classification. Is this consistent with our standard position, within our acceptable fallback range, or a deviation that falls outside it? Where the language is unfavorable, it drafts a redline that moves the clause toward our preferred position and attaches the fallback we would accept if the counterparty pushes back. It also writes a short rationale for each change, referencing the playbook rule applied. The output is a marked-up document plus an issues memo that ranks the deviations by significance. Nothing has gone to the client yet. A lawyer works through the flags, corrects what the machine got wrong, and decides what actually matters for that deal.
The whole system depends on the playbook. How did you turn a firm's judgment into something a machine can apply?
A playbook, done properly, is an explicit statement of how the firm negotiates each clause. For every provision type we wrote down the standard position we open with, the fallback positions we will accept in order, the thresholds that change our stance, and the lines we will not cross. Some of that already lived as informal knowledge in partners' heads. Most had never been written down in a form precise enough for anyone, human or machine, to apply the same way twice.
That surfaced disagreements. Two partners would review the same cap on liability and want different things, and we had to reconcile that into a single documented rule with clear conditions. Building the agent was, in large part, the work of forcing our own practice to be consistent. The encoding exercise has value even before the software runs, because it standardizes the service and makes it teachable. The model is only as disciplined as the playbook behind it, and a vague playbook produces vague review.
Client contracts are confidential and sometimes privileged. How do you handle data governance and your ethics obligations?
We treated this as non-negotiable before anything went live. The relevant duties are familiar: confidentiality under Model Rule 1.6, competence under 1.1, and supervision of nonlawyer assistance under 5.3, which the state bars have made clear extends to AI output. In practice, that meant not putting client material into consumer tools. We use enterprise arrangements where the vendor is contractually barred from training on our data, with defined data residency, retention limits, and deletion rights.
Access is controlled per matter, so the system cannot surface one client's terms while another client's contract is under review. We disclose our use of AI in the engagement letter rather than burying it, and we treat the output as privileged work product inside the same controls as any draft. Several state bars have published guidance in the last two years, and the direction is consistent: understand the tool, protect the data, verify the work. We built to that standard rather than wait for a rule to compel it.
How do you validate accuracy, and who is ultimately accountable for the work product?
We hold out a set of contracts that experienced attorneys have already reviewed and marked, then run the agent against them and measure where it agrees, where it over-flags, and where it misses. In that testing it applied the correct playbook position about 92% of the time. I am careful with that number. It describes controlled testing against representative agreements, not a guarantee on any given contract, and it is a floor we manage rather than a headline.
Accountability has not moved. The attorney who reviews the file signs the work and owns it, exactly as with a junior's draft. The agent never delivers to a client on its own. The two failure modes we watch for are the missed issue, where a real deviation is classified as acceptable, and the fabricated one, where the model asserts a position that is not in the playbook. Grounding every redline in a cited rule reduces the second. Human review is the only reliable control for the first, which is why skipping it is not an option.
How did your lawyers react, and what went wrong first?
The first reaction was skepticism, and some of it was warranted. Our earliest version over-flagged badly. It treated minor stylistic variances as deviations and produced memos with forty items when six mattered. Lawyers who wade through that noise conclude the tool is wasting their time, and trust is hard to rebuild once lost. We spent real effort tuning the thresholds so the issues memo reflected what a senior lawyer would actually raise.
The other concern was the associate pipeline. Reviewing routine contracts is how junior lawyers learn what a market-standard indemnity looks like, and there was a fair worry that automating the first pass would hollow out that training. We addressed it directly. Associates now review the agent's output, which means they see more contracts and are asked to judge which flags matter, instead of hunting for the clauses in the first place. That is a different skill, arguably a more valuable one, but it has to be taught deliberately.
What have the measurable outcomes actually been?
The clearest change is time. A first-pass review that took a lawyer a few hours now takes minutes for the agent to produce, and the lawyer's time goes to judgment rather than extraction. That is what makes the fixed fee possible. When the cost of the routine work is predictable, we can quote a flat price a founder can plan around instead of an hourly estimate that drifts.
I would frame the benefit as predictability first and speed second. Clients tell us the value is knowing what the review will cost and getting it back the same day, not shaving a percentage off a bill. The caveats matter. This works for routine commercial agreements: SaaS terms, NDAs, vendor and reseller contracts, standard order forms. It does not do our bespoke work, a negotiated acquisition or a complex financing, where the judgment is the whole engagement. We scoped the product to the volume tier where it genuinely performs, rather than overselling it.
What would you say to a skeptical peer who thinks this is either risky or a gimmick?
I would agree the risk is real, then be specific about where it sits. The danger is not the technology producing a bad redline; a lawyer catches that. The danger is a lawyer who stops reading because the memo looks complete. Automation bias is the genuine hazard, and it grows precisely as the tool gets better and earns more trust. Our controls exist to keep the human engaged, not to certify the machine.
To the peer who calls it a gimmick, I would point to the discipline it forced on our own practice, which has value independent of the software. To a nervous client, I say the plainest version of the truth: an attorney reviews and signs every contract, the fixed fee does not mean your agreement was handled by a machine unsupervised, and we will tell you when a matter falls outside what the product is built for. A firm that cannot make those statements truthfully has automated the wrong part of the work.
Give me a specific moment where this mattered.
A representative example, and one close to cases we see regularly. A client sent us an inbound SaaS subscription agreement to sign. The body carried an ordinary, mutual limitation of liability, the kind you would skim and accept. Buried in a schedule was a carve-out that pulled a broad set of data-related claims outside that cap, effectively giving the vendor uncapped exposure against our client on the issue most likely to actually arise.
It did not resemble a standard indemnity, and under deadline pressure it is the sort of thing a tired reviewer can pass over. The agent mapped the schedule language back to our liability position, saw that it fell outside our acceptable fallback range, and flagged it as a significant deviation with a drafted fix. The attorney then did the part that is not automatable: judged that this carve-out was worth pushing back on for this particular client, and negotiated it down. The tool found the needle. The lawyer decided it was worth pulling.
Looking ahead, what does this mean for the profession and for your client relationships?
The billing model is the visible change. Routine review is drifting from hourly toward fixed and productized pricing across the market, and I do not think that reverses. Once a competitor can quote a flat fee for a category of work, clients start expecting it from everyone. Firms that depend on billing hours for commoditized review will feel that pressure first.
The more interesting shift is where a firm's value concentrates. When the first pass is cheap and fast, the differentiation moves to the quality of the playbook, the soundness of the judgment applied to the flags, and the trust the client places in the lawyer who signs. Those are harder to replicate than a review tool. I expect the client relationship to become more advisory and less transactional, because we spend our time on the decisions that carry consequences rather than on locating clauses. I would rather compete on judgment than on volume of hours, and that is what makes a boutique firm defensible instead of squeezed.
Results in context
Corveth Legal frames its results as improvements to a specific tier of work, routine commercial contracts, with an attorney reviewing and finalizing every file. The figures below come from internal testing and practice, not independent audit, and should be read as indicative of the firm's experience rather than a guarantee on any single matter.
- In controlled testing against attorney-reviewed contracts, the agent applied the correct playbook position roughly 92% of the time, a floor the firm manages rather than a promise on any single agreement.
- Routine commercial review is now delivered on a fixed fee a founder can forecast, in place of an hourly bill that scaled with deal volume and discouraged clients from sending smaller contracts at all.
- A first-pass review that once took a lawyer several hours is produced by the agent in minutes, redirecting attorney time toward the judgment calls on the flagged deviations.
- Every review is opened, corrected, and signed by an attorney, so accountability for the work product sits with the firm exactly as it did before the system existed.
About Corveth Legal
Corveth Legal is a boutique corporate firm serving startups and growth companies, known for productizing legal work into fixed-fee, technology-enabled services.