← Back to home

ABA Op 512 Alignment

We don’t comply with ABA Formal Opinion 512 by checkbox. We comply by schema.

Most “AI compliance” claims in legaltech are policy-level — promises in marketing copy that could be revoked by a config change. Pleadly’s posture is schema-level: the Postgres database itself refuses operations that would violate the duty. The mapping below shows each of ABA Op 512’s six duties tied to a specific Pleadly schema or code citation a careful reader can verify.

Why now (2026-05-01)

  • Sullivan & Cromwell, Apr 18, 2026. One of the most prestigious Wall Street firms filed an emergency “please don’t sanction us” letter for a motion that “cited a case that did not exist.” If S&C cannot catch hallucinated citations, your three-attorney PI firm cannot bet a $90K demand on a tool that warns instead of blocks.
  • $145K+ in Q1 2026 attorney AI sanctions across Oregon ($110K record), Nebraska (first indefinite license suspension), the 6th Circuit ($30K), and others. LexisNexis and Bloomberg now track 700+ cases with AI-hallucinated content in court filings.
  • California COPRAC approved amendments to Rules 1.1 / 1.4 / 1.6 / 3.3 / 5.1 / 5.3 at its March 13, 2026 meeting — the exact six duties of ABA Op 512. Board of Trustees votes May 2026 with disciplinary authority.

Competence

Rule 1.1

Every fact in a demand is bound to a source document by ID, page, and span.

Citations carry a grounding score; facts below 0.7 are auto-downgraded to a maximum 0.5 confidence. Source documents themselves carry an OCR confidence tier (Excellent / Good / Fair / Poor) that propagates to every extraction.

Citations a reviewer can verify

  • src/lib/morgan/grounding.ts
  • supabase/migrations/085_ocr_confidence_tiers.sql
  • src/lib/demand/contradictions.ts

Confidentiality

Rule 1.6

Customer data is partitioned by org_id and enforced by Postgres row-level security.

44 explicit cross-tenant assertions in the test suite — each attempts an attack (cross-org read, JOIN-leak, INSERT-into-other-org) and asserts that RLS rejects it. Inference happens on locally-hosted LLM endpoints; no client data is transmitted to OpenAI, Anthropic, Google, or any third-party AI vendor.

Citations a reviewer can verify

  • supabase/tests/rls-policies.test.sql (44 assertions)
  • src/lib/log-redact.ts
  • /legal/ai-policy

Communication

Rule 1.4

Every high-trust AI action lands in an immutable, append-only audit log.

The audit log is RLS-scoped (org admins read their own log) and write-blocked at the user level — only the service role can insert. Pleadly also generates an AI billing disclosure for engagement letters and invoices, portable across states with explicit Florida Bar Op 24-1 alignment.

Citations a reviewer can verify

  • supabase/migrations/093_audit_log.sql
  • src/lib/audit/log.ts
  • src/lib/audit/actions.ts
  • src/lib/disclosure/ai-billing-disclosure.ts

Candor

Rules 3.1 & 3.3

The export route refuses to ship a demand with unresolved unsupported claims.

Not a warning that can be dismissed — a 400 response. The attorney must dismiss, address, or accept-the-risk on each flagged claim before export succeeds. Every resolution outcome is audit-logged with a distinct action key.

Citations a reviewer can verify

  • supabase/migrations/084_attorney_review_enforcement.sql
  • supabase/migrations/066_unsupported_claims.sql
  • src/app/api/demands/[id]/export/route.ts
  • src/app/api/demands/[id]/unsupported-claims/[claimId]/resolve/route.ts

Supervision

Rule 5.3

AI is treated as a nonlawyer subject to attorney supervision, enforced at the database.

The demand_status table holds reviewed_by, reviewed_at, and locked_after_review columns populated only by an attorney accept action. The export route reads locked_after_review; if null, the demand cannot ship. Every accepted disposition writes an audit row identifying the attorney by user_id and denormalized email.

Citations a reviewer can verify

  • supabase/migrations/084_attorney_review_enforcement.sql
  • src/app/api/demands/[id]/disposition/route.ts
  • AUDIT_ACTIONS.DEMAND_REVIEW_ACCEPTED

Reasonable fees

Rule 1.5

Pleadly bills firms on predictable per-month or per-case terms — never per-hour.

Pleadly does not mark up AI inference cost as if it were attorney time. The AI billing disclosure generator produces an attorney-portable disclosure clarifying this to the client at intake or invoice.

Citations a reviewer can verify

  • src/lib/stripe/config.ts
  • src/lib/disclosure/ai-billing-disclosure.ts

Tested in production

The mechanisms above are independently exercised by 113+ Jest and SQL tests covering each intelligence route, the audit-log helper and admin surface, the BAA acceptance flow, the AI billing disclosure generator, and 44 cross-tenant RLS assertions.

See supabase/tests/rls-policies.test.sql and src/app/api/cases/[id]/*/__tests__/ for the full test surface.

What this page does not claim

  • Pleadly is not a malpractice insurance product. This alignment helps firms make AI-assisted work product defensible; it does not replace malpractice carrier review or counsel-of-record professional judgment.
  • Pleadly does not handle conflict checking. Firms must run their own conflict checks.
  • Pleadly is not currently SOC 2 Type II audited. A readiness commitment is in flight; audit window Q3–Q4 2026.
  • State-level rules evolve. Where a state imposes a duty beyond ABA 512 (Florida Op 24-1, CA COPRAC), Pleadly mirrors the state-specific requirement in feature design rather than asserting blanket compliance.

Security overview · AI risk inventory · BAA template

Internal source-of-truth: docs/compliance/aba-512-alignment.md. Reviewed quarterly. Last review: 2026-05-01.