Contract review is one of the highest-value AI automation targets in legal and compliance teams. A junior lawyer or paralegal spends 2-4 hours reviewing a standard vendor contract. Most of that time is scanning for deviations from standard positions - an inherently pattern-matching task that LLMs handle well.

The Problem

Legal document review has two failure modes. Speed-driven review misses non-standard clauses because reviewers are under time pressure. Thorough review is expensive because it requires senior attention on documents that are often mostly standard.

The typical contract review checklist - indemnification scope, limitation of liability, IP ownership, termination rights, data processing obligations, governing law - is static and well-defined. The work is not analytical judgment on every clause; it is identifying which clauses deviate from expected positions and flagging them for attention.

The AI Approach

LLMs are well-suited to clause extraction and comparison tasks. Given a contract and a set of standard clause positions (your playbook), a model can identify each relevant clause, extract its key terms, and flag deviations from standard language.

This is not replacing legal judgment - it is replacing the scanning work. The lawyer still makes decisions; the AI handles the reading and flagging.

Three-Step Build

Step 1 - Define your playbook as a prompt. Translate your standard contract positions into a structured list of criteria. For each clause type (e.g., indemnification), specify: what you typically accept, what is a yellow flag requiring attention, and what is a red flag requiring negotiation. This playbook becomes the system prompt.

Step 2 - Extract and analyze. Send the contract text to a Bedrock model (Claude Sonnet handles long documents well) with the playbook and a request to: identify each relevant clause, extract its key terms as structured JSON, and classify each as standard/yellow/red against the playbook criteria. For contracts over 50 pages, process section by section to stay within context limits.

Step 3 - Generate a review report. Format the model output as a review memo: executive summary, red flags requiring negotiation, yellow flags for attention, and a clause-by-clause breakdown. Output as a structured document that the reviewing lawyer can work from directly.

Where It Breaks

The model may miss ambiguous clause language that a domain expert would flag as problematic. Novel clause structures that do not match expected patterns may be passed as standard when they are not. Always treat AI review as a first-pass triage, not a complete review - the output reduces the lawyer’s workload but does not eliminate their review.

Data sensitivity is also a concern. Contracts contain confidential business terms. For external vendor contracts especially, confirm your Bedrock data handling configuration before sending contract text to any model.

The Production Path

Start with a specific contract type - NDAs are ideal because they are short, frequent, and structurally consistent. Build the playbook for that contract type, run on a batch of historical contracts (where you already know the review outcome), and measure how well the AI flags match what the lawyer flagged. Refine the playbook based on misses, then expand to additional contract types.