The difference between a clever individual using AI to draft and a function that depends on it is documentation. A clever individual holds the steps in their head and adjusts on instinct. A function needs a process that produces the same quality whether the expert or the new hire runs it, and whether it is Tuesday morning or Friday at five.
This article turns prompting for legal and compliance writing into exactly that: a documented, repeatable workflow with defined inputs, steps, checks, and handoffs. The goal is a process that a second person can pick up cold and run correctly, because a process that only one person can execute is a single point of failure, not a capability.
A workflow is the linear backbone. It does not replace situational judgment, but it ensures that the common path is consistent and that the checks that protect against legal risk are never skipped under pressure.
Defining the Inputs
A repeatable process starts by being explicit about what goes in.
The grounding material
Every workflow run begins with the actual source text the draft must rest on: the statute, contract, regulation, or policy. The standing input rule is that the model drafts from supplied material, never from memory. If grounding material is missing, the workflow stops here until it is gathered.
The task specification
Capture what is being drafted, for whom, in what jurisdiction, and at what stakes. This specification determines which approved prompt to use and which approval gate applies. Vague specifications produce inconsistent output, so make this a filled-in form rather than a mental note.
The approved prompt
Pull the versioned, approved prompt for this task type from the library rather than improvising. The prompt is an input to the workflow, not something assembled fresh each time. Consistent inputs are what make consistent outputs possible.
The Drafting Step
With inputs assembled, generation runs under fixed constraints.
Run with the house-style preamble
Every draft runs with the standard preamble: citation format, required disclaimers, the instruction to flag assumptions, and the refuse-rather-than-guess rule. These constraints travel with every run so that no draft is produced without them.
Capture the raw output verbatim
Save the unedited model output before anyone touches it. This raw artifact is part of the audit trail and lets you see what the model actually produced versus what the human corrected, which matters if a document is ever questioned.
Flag uncertainty in the draft
Instruct the model to mark every assumption and every claim it could not ground in the supplied material. These flags become the reviewer's worklist in the next step, turning hidden uncertainty into explicit items to resolve.
Decompose when the document is complex
For documents complex enough to bundle several distinct decisions, do not draft in one pass. Split the drafting into ordered sub-steps, extract the relevant provisions, draft from them, then check, so each intermediate is inspectable. This keeps the workflow's verification step meaningful, because checking one opaque generation is far weaker than checking a chain of visible intermediates. The mechanics are covered in Running a Complex Task Through One Sub-Prompt at a Time.
The Verification Step
This step is where the workflow earns its keep.
Work the verification checklist
Check every citation against a real source, every figure and date against the grounding material, and the modal force of every obligation. The checklist is a required gate; a draft cannot advance with any item unchecked. The errors this catches are the ones that look correct, which is precisely why they need a deliberate step.
Resolve every model-flagged item
Go through the assumptions and ungrounded claims the model marked and resolve each one explicitly. Leaving a flagged item unresolved is how a known gap becomes a shipped error.
Compare any simplification to source
For plain-language conversions, compare against the original specifically for dropped qualifiers. Fidelity, not readability, is what this check verifies. The full set of failure modes these checks defend against is catalogued in The Quiet Liabilities Buried in Prompting for Legal Text.
The Approval and Handoff Step
A workflow has to survive being passed between people.
Gate external documents with human approval
Any document headed to a client, regulator, court, or counterparty passes to a qualified human approver who reviews, corrects, and signs. The approver owns every word; the model produced a draft, and the human makes the representation.
Make handoffs explicit
Define who hands what to whom at each transition: drafter to verifier, verifier to approver. Explicit handoffs prevent the gaps where a draft sits half-checked because each person assumed the other had it. This is what lets the process survive a vacation or a staffing change.
Carry the verification record with the document
When a draft moves from verifier to approver, the completed verification checklist travels with it. The approver should see what was checked, not just the finished text, so they can focus their review where the upstream checks were weakest. A handoff that drops the verification record forces the approver to either redo every check or trust blindly, and both defeat the purpose of the gate.
Record provenance at release
On release, record the source material, the prompt, the raw output, and the review. This audit trail is what makes the workflow defensible and is itself a workflow output, not an optional extra.
Keeping the Workflow Alive
A documented process decays if nobody tends it.
Version the workflow itself
Treat the workflow document like any controlled document, with versions and change notes. When a step changes, everyone should be running the same updated version, not a personal variant.
Fold in near-misses
When verification catches an error, feed the lesson back into the workflow or the prompt library. The process should get tighter over time as it learns from what it catches. The broader cadence for this improvement sits in the team-rollout approach in Standardizing AI Drafting Across a Legal and Compliance Function, and the situational decision points live in How Experienced Teams Run AI Drafting of Regulated Text.
Watch where people route around the process
The most useful maintenance signal is where drafters quietly bypass the workflow. A skipped step usually means the step is impractical or a needed prompt is missing, not that people are careless. Treat each bypass as a diagnosis of a real friction point and fix the underlying cause, because a workflow people route around is a workflow that no longer protects anyone.
Adapting the Workflow to Task Stakes
One linear process does not mean one rigid gate for everything. The workflow flexes by stakes while keeping its backbone intact.
Lighter gates for internal, low-stakes drafting
For internal summaries and routine drafts, the verification checklist still runs, but the approval gate can be a single competent reviewer rather than a senior sign-off. Keeping the checks while right-sizing the approval keeps low-stakes work fast without abandoning the controls that catch the errors that look correct.
Heavier gates as consequence rises
For anything headed to a regulator, court, or counterparty, the workflow adds the qualified human approver and full provenance capture. The backbone, grounded inputs, verification, recorded handoffs, never changes; what scales is the weight of the approval and the rigor of the audit trail. Matching gate weight to stakes is what makes the single workflow practical across the full range of the function's work.
Frequently Asked Questions
What makes a workflow genuinely repeatable?
Explicit inputs, fixed steps, required checks, and defined handoffs that a second person can run cold and get the same result. If any step depends on undocumented judgment held in one person's head, the workflow is not yet repeatable.
Why save the raw model output?
Because it is part of the audit trail and shows what the model produced versus what the human corrected. If a document is later questioned, the raw artifact and the record of corrections demonstrate the process that was followed.
How is the workflow different from the playbook?
The workflow is the linear path every common task follows. The playbook adds situational plays and branching for novelty and escalation. Most work runs the workflow; the playbook handles the decision points where it branches.
What if a step slows the team down too much?
Slowness usually signals a missing approved prompt or an impractical check, not a reason to drop the step. Fix the input or the check rather than removing a control, since the controls are what make the output defensible.
Who owns the workflow document?
A coordinator maintains the shared workflow with input from practice-area prompt owners. It is a versioned, controlled document so that everyone runs the same current version rather than personal variants.
Can compliance staff run this without an attorney at each step?
For internal, low-stakes drafting, yes, with verification and a defined approval gate. Anything external or constituting advice routes to a qualified human approver. The workflow defines exactly where that gate sits for each task class.
Key Takeaways
- A repeatable workflow has explicit inputs, fixed steps, required checks, and defined handoffs anyone can run.
- Grounding material and an approved prompt are inputs, not improvisations.
- The verification step is a required gate that catches the errors that look correct.
- Saving raw output and recording provenance create the audit trail that makes the process defensible.
- Explicit handoffs let the workflow survive staffing changes and deadline pressure.
- Version the workflow and fold in near-misses so it tightens over time instead of decaying.