AI Detection Model
What this document is:
An overview of how Clawscan uses artificial intelligence to identify potential legal and compliance risks in internal communications.
Why this matters:
Organizations evaluating Clawscan need to understand how AI contributes to risk detection while ensuring transparency, proportionality, and human oversight.
Who should read this:
Legal teams, compliance officers, DPOs, HR teams, and IT/security reviewers.
When to use this:
AI governance reviews, regulatory assessments, internal compliance evaluations.
Role of AI in Clawscan
Clawscan uses artificial intelligence to assist organizations in identifying communications that may expose the organization to legal or regulatory risks.
Examples of risk categories may include:
- competition law risks
- anti-corruption concerns
- inappropriate coordination or information sharing
- other compliance-relevant signals depending on configured detection domains
AI helps detect patterns that may otherwise remain unnoticed in large volumes of communications.
The system is designed to support compliance monitoring, not to replace legal judgement.
See also:
AI as a risk detection tool
The AI system analyzes communications and produces risk indicators, which may include:
- a classification of potential compliance risk
- a numerical risk score
- a concise reasoning summary explaining the detection
These outputs are intended to assist compliance teams in identifying communications that may require further review.
AI outputs therefore function as risk signals, not legal conclusions.
No automated legal decisions
Clawscan does not make automated legal or disciplinary decisions.
The system highlights communications that may warrant attention, but human review remains essential for:
- contextual interpretation
- legal qualification
- internal decision-making
Organizations remain responsible for determining how risk signals are used within their internal compliance processes.
Minimising false negatives
Clawscan prioritizes early risk detection.
In practice, this means the system is designed to avoid false negatives whenever reasonably possible, even if this may occasionally result in false positives.
This approach reflects the objective of compliance monitoring:
- missing a potential compliance issue may expose the organization to significant legal risk
- reviewing a flagged communication is generally less costly than overlooking a critical signal
Organizations should configure internal review processes to manage the resulting alerts appropriately.
Transparency and explainability
To support transparency, Clawscan provides structured explanations of AI detections.
Each detection may include a reasoning summary describing:
- the general factors that contributed to the classification
- the type of compliance concern detected
This explanation is intended to help reviewers understand why a communication was flagged.
Clawscan does not expose internal model parameters, prompts, or tuning mechanisms.
Privacy and data protection
AI analysis occurs within the client’s own environment, following the tenant-resident architecture described in:
As a result:
- communication content remains inside the client tenant
- GOlegal infrastructure does not receive raw communication data
Derived analysis results and telemetry may be transmitted to the Clawscan control plane for operational purposes.
Human oversight
Organizations deploying Clawscan remain responsible for defining how AI-generated signals are used.
Typical governance practices may include:
- compliance team review of alerts
- internal investigation procedures
- escalation protocols for high-risk signals
Clawscan provides the technical capability to support such processes but does not determine organizational policy.
AI governance considerations
The use of AI within Clawscan is designed to align with emerging regulatory frameworks governing AI systems used in organizational contexts.
Relevant considerations include:
- proportionality of monitoring
- transparency toward employees
- human oversight mechanisms
- internal governance procedures
See:
Configurable detection domains
Clawscan allows organizations to activate specific detection domains, which correspond to different categories of compliance risks.
Examples include:
- competition law
- anti-corruption
- other regulatory or policy domains depending on organizational needs
Each detection domain uses dedicated analysis logic adapted to the relevant compliance context.
Detection configuration and customization
Clawscan provides organizations with additional flexibility in how compliance detection is configured.
Organizations may:
- rely on standard detection configurations provided by Clawscan
- request tailored configurations aligned with their specific risk profile or regulatory context
These configurations are designed to support:
- alignment with internal compliance policies
- proportional and targeted monitoring
- adaptation to jurisdictional or sector-specific requirements
Custom configurations are developed and maintained by GOlegal as part of the Clawscan platform, ensuring consistency, quality control, and ongoing improvement.
Scope of AI analysis
The AI components used within Clawscan analyze communication content to identify potential compliance risk indicators.
The system does not create behavioural profiles, employee risk scores, or monitoring dashboards relating to individuals.
AI outputs represent risk signals associated with specific communications and must be reviewed by human compliance personnel.