When people talk about AI transformation, they tend to focus on models, use cases, and speed.
Increasingly, the conversation has shifted from whether AI can assist work to whether AI agents can actually perform meaningful parts of the work — evaluating facts, taking action within defined parameters, escalating when judgment is required, and learning from repeated workflows. That evolution makes the question of ownership even more important: who is responsible for making sure AI is deployed in a way that is effective, safe, accountable, and aligned with the business?
As we began exploring how AI could reshape both our internal operations and the products we deliver, it became clear that this wasn’t just a technology initiative. It was an organization-wide shift, one that introduced new forms of risk across data, security, compliance, reputation, employee experience, commercial decision-making, and legal judgment. Someone needed to take a holistic view, and Legal was already structured to do exactly that.
What has changed over the past year is the ambition. Early AI programs were often framed around productivity: faster summaries, faster drafting, faster research. Today, agentic AI is pushing us toward something more significant: AI-enabled legal and business operations that can run end-to-end within clear guardrails. For in-house legal teams, that is not a threat to the role of counsel. It is an opportunity to elevate it. Done correctly, agentic AI gives every in-house lawyer the leverage to operate more like a GC or CLO — focusing less on repetitive execution and more on judgment, governance, strategy, and risk allocation.
Start With Governance, Not Unbounded Experimentation
One of the first lessons we learned is that AI cannot be treated like a side project.
There’s a natural temptation to move quickly, to experiment broadly, to give teams access to tools, and to figure things out along the way. But in an enterprise environment, especially one where trust and precision are non-negotiable, that approach creates more risk than value.
We made a deliberate decision early on to establish a cross-functional governance model before scaling adoption. That meant bringing together stakeholders from legal, security, IT, R&D, and finance to define how AI would be evaluated, approved, and deployed.
This was not about slowing things down. It was about making speed repeatable. The more autonomous AI becomes, the more important it is to define the lanes in which it can operate, the decisions it can make, the data it can access, and the points at which it must escalate to a person.
In many ways, the challenge felt similar to earlier regulatory inflection points. When new data privacy requirements emerged, organizations that treated compliance as a design principle rather than a last-minute checkbox were far better positioned. We applied the same mindset here: build the guardrails early, so innovation can move faster within them.
That principle is even more important with AI agents. A chatbot can give a bad answer. An agent can take a bad action. The distinction matters. Governance for agentic AI has to address not only what the system says, but what it is authorized to do.
Treat AI as a “Greenfield” Problem
Another important realization is that there was no universal playbook for AI adoption when we started last year – and there still is not one for agentic AI at enterprise scale.
The legal, ethical, and regulatory boundaries are still evolving in real time. That makes AI fundamentally different from most enterprise technologies. You’re not implementing against a fixed set of rules; you’re helping define those rules as you go.
That uncertainty can be uncomfortable, but it also creates an opportunity. Instead of waiting for external standards to solidify, we focused on establishing our own internal principles, grounded in risk management, transparency, and accountability. The key is alignment. You need cross-functional agreement on what “responsible AI” actually means for your organization, because that definition will guide every decision that follows.
For us, “responsible AI” no longer means simply requiring a human to review every output. That may be appropriate in some contexts, but it is too blunt a model for where the technology is going. Responsible AI now means designing systems with the right level of autonomy for the task: clear authority, clear parameters, clear audit trails, clear escalation paths, and clear accountability.
In some workflows, that may mean AI prepares a recommendation. In others, it may mean an agent completes a task independently within pre-approved boundaries. The legal function’s role is to help define those boundaries before the business scales the workflow.
Protect Your IP and Your Data, Early and Often
One of the most immediate risks we encountered wasn’t in the product. It was in day-to-day experimentation. Employees are eager to use AI tools to improve productivity, and there are hundreds of new solutions entering the market every month. But not all of them meet enterprise-grade standards for security or data handling.
We quickly realized that without clear guidance, well-intentioned experimentation could expose sensitive intellectual property or introduce compliance risks.
In one case, a team wanted to pilot an AI-assisted development tool. After reviewing its data practices, we determined that we couldn’t confidently ensure that proprietary code wouldn’t be retained or reused externally. We chose not to move forward. That decision reinforced an important principle: faster isn’t better if it compromises trust.
At the same time, we didn’t want governance to become synonymous with restriction. So we created a structured approval process for AI tools. Once vetted, tools were added to an approved list, giving employees the freedom to experiment safely within defined boundaries.
With agentic AI, those boundaries need to be even more specific. It is not enough to ask whether a tool can protect data. You also have to ask what systems the agent can access, what actions it can initiate, what records it creates, what approvals it requires, and how its decisions can be reviewed. Access control, privilege management, logging, and retention become legal issues as much as technical ones.
Apply The Same Rigor Internally And Externally
It’s easy to think about AI governance in the context of customer-facing products. But internal use cases require just as much scrutiny. We approached both in parallel.
On the product side, the stakes are obvious. When AI is making recommendations that could influence critical systems or decisions, accuracy and reliability are essential. Even a small error can have outsized consequences.
But internal applications also carry their own risks. Whether it’s analyzing contracts, generating code, or summarizing data, AI outputs can’t be treated as definitive. They need to be reviewed, validated, and understood in context.
One of our most impactful internal use cases has been in contract analysis and review. What used to take hours can now be done in minutes, with AI identifying key provisions across large volumes of agreements, comparing terms against playbooks, flagging deviations, and recommending next steps. The next stage is not merely faster review; it is AI-supported negotiation within pre approved parameters, with escalation to lawyers when business, legal, or risk thresholds are exceeded.
The same logic applies to employment workflows. Hiring, onboarding, performance management, and terminations involve repeatable processes, sensitive data, and significant legal risk. Those are exactly the kinds of workflows where legal-led AI agents can create enormous value — not by removing judgment, but by ensuring the right steps happen consistently, the right documentation is generated, the right policies are applied, and the right issues are escalated at the right time.
Build For Accountable Autonomy
If there’s one principle that underpins everything else, it’s this: autonomy and accountability have to be designed together. Earlier in our AI journey, it was natural to say that AI should assist decision-making, not replace it. That remains true for many high-risk decisions. But agentic AI requires a more sophisticated framework. The right question is no longer simply, “Is there a human in the loop?” The better question is: “What level of autonomy is appropriate for this workflow, and what controls are required for that level of autonomy?”
That question shapes how we design workflows, how we communicate expectations, and how we train employees. AI outputs are treated as inputs; not ultimate conclusions.
In some cases, AI outputs should be treated as inputs, with a person making the final call. In other cases, an AI agent may be permitted to make decisions or take actions within pre-defined parameters — for example, approving a low-risk contract change, routing an employment matter for required review, or generating a negotiation response that stays within an approved playbook. The key is that the system must know when it is inside the guardrails and when it must escalate.
This is not just about risk mitigation. It is about building confidence in the system. People are more willing to rely on AI when they understand its authority, its limitations, and the escalation model behind it. Accountability does not disappear because an agent takes action. It shifts upstream to the people who designed, approved, monitored, and governed the workflow.
Invest In Enablement, Not Just Control
Governance alone isn’t enough. If you want AI adoption to succeed, you also have to invest in education.
Most employees don’t fully understand the risks (or the opportunities) associated with AI. Without guidance, they may either avoid it altogether or use it in ways that create unintended exposure. We focused on both sides of that equation: clarifying what’s not allowed, and demonstrating how AI can be used safely to create real value.
That combination of clear boundaries and practical enablement helped to build a culture where AI is seen as a trusted tool, rather than a risky experiment.
The same is true for legal teams. Lawyers need to become not only users of AI, but designers of AI-enabled legal workflows. That means translating legal judgment into playbooks, risk thresholds, escalation rules, approval matrices, and feedback loops. Those are not purely technical tasks. They are legal leadership tasks.
This is why I believe agentic AI creates a unique opportunity for in-house counsel. The legal function has always been expected to understand the business, manage risk, and exercise judgment under uncertainty. AI gives lawyers the ability to scale that judgment across the organization. In that sense, every in-house counsel can begin to operate with the leverage of a GC or CLO.
Trust is the Outcome
Looking back, the biggest lesson is that responsible AI isn’t a constraint on innovation. It’s what makes innovation sustainable. Every decision we made, from tool selection, to product design, to internal usage, ultimately came back to trust. Trust in how data is handled. Trust in the outputs AI generates. Trust in the systems we’re building and the people who are using them.
AI introduces new capabilities, but it also raises expectations. Customers, employees, and stakeholders all want to understand not just what AI can do, but how it’s being governed. If you can answer that clearly, demonstrating that AI is being deployed with discipline, transparency, and accountability, then you can create a foundation that allows innovation to move faster, not slower.
And in a space that is moving from AI assistance to AI agency, that foundation matters more than ever. The organizations that succeed will not be the ones that simply adopt the most AI tools. They will be the ones that design the clearest operating models for AI decision-making: when agents can act, when they must escalate, how their work is reviewed, and who remains accountable.
For legal departments, that is the opportunity. We are not just being asked to approve AI. We are being asked to help architect how AI operates inside the enterprise. That is a very different role for legal — and a much more strategic one.
About the Author
Christian Na is Tufin’s General Counsel and leads the company’s global legal function, covering commercial transactions, corporate governance, risk management, and compliance. Christian brings 27+ years of legal experience that spans multiple industries at both growth-stage and large public companies. Most recently he led the legal teams at two PE-backed SaaS companies, driving transformative initiatives at Emburse and guiding Magnitude Software through its successful exit to a strategic buyer. Christian received dual B.S. degrees in psychology and sociology from Boston University and his J.D. from Boston University School of Law.
