Most Swiss law firms have AI on their agenda - but the gap between "we should look into this" and a working deployment in daily practice is wider than a tool subscription. This guide covers what actually matters when introducing AI in a law firm: the legal framework, concrete use cases, professional secrecy risk profiles, and practical steps for teams that do not want a months-long rollout.
Why AI adoption in Swiss law firms follows its own logic
In Germany and the EU, the EU AI Act introduced an AI competence obligation for companies using AI systems as of February 2025 (Art. 4 EU AI Act). Swiss firms without an EU presence are not directly subject to this rule - but those working regularly with EU clients or processing data in EU systems will encounter its core principles regardless.
More directly relevant is the revised Federal Act on Data Protection (revFADP), which has applied since 1 September 2023. Art. 6 revFADP sets out the principles of lawfulness, purpose limitation, and proportionality in data processing. Art. 9 revFADP governs commissioned data processing: firms that engage third parties to process personal data must ensure those processors apply the same data protection obligations. For AI providers handling law firm data, a data processing agreement (DPA) is therefore not optional - it is a statutory requirement. Violations of these processing duties can trigger criminal sanctions under Art. 60-66 revFADP; for breaches of due diligence in commissioned processing, Art. 61 lit. a revFADP provides for fines of up to CHF 250,000 against the responsible individual.
Firms using AI tools that transfer data to the United States also need a solid basis under Art. 16 revFADP governing disclosure abroad - or they can choose tools that avoid US transfers entirely.
Professional law adds another layer. Attorney-client privilege under Art. 13 BGFA covers client matter data arising from profession-specific legal work - it does not extend to non-specific activities such as asset management or board mandates. Under Art. 13 para. 2 BGFA, a lawyer must ensure that any auxiliary persons observe professional secrecy, and Art. 321 no. 1 of the Swiss Criminal Code (StGB) extends professional secrecy under criminal law to those auxiliary persons. The duty of confidentiality therefore cannot be weakened through the involvement of external service providers. AI tools that send contract content or pleadings to external servers must be secured contractually and technically to rule out unauthorised disclosure.
A current development worth noting: in May 2025, the Federal Data Protection and Information Commissioner (FDPIC) confirmed that the existing Data Protection Act applies directly to AI - there is no regulatory gap, and AI-based processing must meet the same revFADP principles as any other processing. For professions bound by statutory confidentiality, this means AI use must be assessed against existing data protection and professional-secrecy law, not deferred until AI-specific rules arrive. The Swiss Bar Association (SAV) addressed this in its "Guidance on dealing with AI", adopted on 14 June 2024 and published in Anwaltsrevue 9/2024.
Professional secrecy risk map: how each CASUS module sits on the risk spectrum
Not all AI workflows carry the same professional secrecy exposure. The following framework looks at the degree of client matter data involvement and the reversibility of outputs.
Green - low risk profile
The Proofread workflow operates at the document surface level, checking spelling, terminology consistency, cross-references, and placeholders. It does not alter legal substance or produce legal conclusions. The risk profile is low, provided the document itself does not contain specially sensitive personal data.
The Benchmark workflow compares a document against a self-defined playbook. Because the reference standard stays internal and the output consists of structured deviation flags, the professional-law risk is modest.
Yellow - medium risk profile
The Risk & Quality Review analyses contract clauses substantively and identifies risks with drafting suggestions. It processes client matter data with legal content. The risk lies not in the workflow itself but in the unchecked adoption of suggestions without legal review. Firms that use the review as a structured first pass and verify outputs before use are operating in a professionally sound way.
The AI Chat with Agent Mode can insert clauses, adjust wording, and maintain consistency across a document. The risk profile is medium because changes take effect directly in the document. Firms should establish internally at what level of change a mandatory manual second review applies.
Orange - elevated risk profile requiring additional safeguards
The AI Data Room potentially processes dozens or hundreds of documents in parallel, including contracts that may contain health data, HR records, or identity document copies. Before bulk upload, firms should check whether documents contain specially sensitive personal data under Art. 5(c) revFADP. If so, a documented processing purpose, a data protection impact assessment, and an explicit anonymisation step before upload are appropriate.
The Legal Research function carries low substantive risk since it works with publicly available sources. The organisational consideration is that source-based research outputs should not flow unreviewed into client documents - they are a starting point for legal analysis, not a substitute for it.
A concrete example from practice
A four-lawyer Zurich commercial practice faced a problem most firms recognise: NDA reviews for smaller mandates took 45 to 60 minutes per document because each clause had to be manually checked against the internal playbook. After introducing the Benchmark workflow alongside the Risk & Quality Review, a structured first-pass review of an NDA now typically takes 8 to 12 minutes. Across a batch of twelve documents, that represents a time saving of around six hours per run. The lawyer's final sign-off remains unchanged; the AI workflow provides the structured starting point.
A comparable pattern at an in-house legal team of a Basel pharmaceutical company: the team regularly reviews framework agreements with contract manufacturing organisations. The AI Data Room lets them extract liability caps, IP ownership clauses, and termination provisions across 80 supplier contracts and present the results as a table. Work that previously took a junior lawyer two full days is now available as a clause matrix in under two hours, with anomalies already flagged - for example, liability without a cap, or notice periods exceeding twelve months.
What comes before choosing a tool
The most common mistake in AI adoption is starting with the tool. Before evaluating any vendor, three questions are worth working through first.
Which processes actually consume the most time? Contract analysis, legal research, proofreading, and due diligence extraction are the typical candidates. Matter management or deadline monitoring are less so - those require a different category of systems.
What data is involved? If a process involves client matter data, special categories of personal data under Art. 5(c) revFADP, or trade secrets, the requirements for hosting, contracts, and access controls are higher.
Who is accountable for the outputs? AI outputs do not replace legal judgment. They speed up the path toward it. Making this clear internally from the outset reduces liability exposure later - including under Art. 97 OR in the relationship with the client.
These questions should feed into an internal AI policy - even a short, one-page version is more useful than none.
The shadow AI problem: why bans alone do not work
Firms that do not communicate a clear AI policy tend to see the same pattern: staff use personal ChatGPT accounts or AI-enabled Microsoft Teams licences because the productivity gains are real and no one has explicitly said no. The issue is not intent - it is consequence.
A concrete pitfall observed in practice: firms that roll out Microsoft 365 Copilot licences often discover at their first data protection audit that Copilot conversations are stored within the tenant as part of the user's activity history and remain subject to the tenant's standard retention rules - which continue to apply unless an explicit retention policy is configured. IT administrators frequently assume the productivity licence handles this automatically. The result: client matter data from contract drafts is retained without an explicit data processing agreement covering that retention - which does not satisfy the requirements of Art. 9 revFADP.
Shadow AI does not disappear through prohibition. It disappears when there is an approved tool that genuinely reduces workload and meets professional legal requirements. Firms that offer no approved alternative create the incentive for workarounds themselves.
Data protection and security requirements in practice
Law firms face particularly strict requirements when adopting AI. The following points should be reviewed before signing a contract with any AI vendor.
Hosting and data residency
Where is data processed? Swiss and EU hosting is considerably easier to handle under data protection law than US hosting. With US-based providers, US access laws such as the CLOUD Act create residual risk even where standard contractual clauses are in place. Under FDPIC practice in the light of Schrems II, standard contractual clauses alone are sufficient only where additional technical measures provide equivalent protection.
Data retention and model training
Are firm data used to train AI models? If so, this is difficult to reconcile with attorney-client privilege under Art. 13 BGFA. Providers with a genuine zero-data-retention policy and no human review offer more legal certainty.
Data processing agreement
A DPA under Art. 9 revFADP is mandatory when an external provider processes personal data. For special categories of data or client matter information, that agreement alone is not sufficient - additional technical and contractual safeguards are required.
CASUS hosts all data in Switzerland and the EU, does not transfer data to the United States, and operates with neither human review nor data retention. This significantly simplifies the data protection assessment for Swiss law firms. Details are at /security.
Which use cases deliver the greatest benefit
Contract analysis and risk review
Working through a 40-page contract to identify liability clauses, notice periods, and one-sided wording takes hours without support. A structured AI review can prioritise risks by severity - low, medium, or high - and link each finding directly to drafting alternatives.
CASUS' Risk & Quality Review identifies the contracting parties, analyses risks from each party's perspective, and delivers improvement suggestions that can be applied directly in Microsoft Word - no copy-paste required.
Benchmark against internal standards
Firms that regularly handle similar contract types - NDA, SPA, DPA - benefit from automated comparison against an internal playbook. Missing clauses, incomplete provisions, and deviations from the standard become immediately visible, including a percentage match score. The Benchmark workflow closes those gaps with a single click, correctly formatted, at the right place in the document.
Legal research
Structured first assessments based on statutes and case law take considerable time when done manually. CASUS' Legal Research searches over 660,000 cantonal and federal court decisions as well as statutory provisions, and delivers source-based, traceable outputs - directly in the chat, with inline previews of relevant reasoning sections, without having to open individual decisions. The Federal Supreme Court publishes several thousand new decisions each year; manual coverage is simply not scalable for small teams.
Due diligence and bulk document review
In M&A transactions or compliance reviews involving many documents, manually extracting clauses is inefficient. The AI Data Room supports uploading dozens or hundreds of documents and extracting defined fields into a table - suitable for clause matrices, liability comparisons, SLA reviews, or data protection audits under the revFADP.
Proofreading before sending
A pleading with a wrong cross-reference or an undefined term looks unprofessional and can, in the worst case, create genuine ambiguity about contractual content - which carries professional liability implications. The Proofread module checks Swiss spelling conventions (ss instead of ss), terminology consistency, cross-references, definitions, annexes, and placeholders - without altering the legal substance.
Pilot project: what a sensible entry looks like
A 90-day pilot is more realistic for most firms than a large-scale rollout.
Weeks 1-2: Complete process selection and data protection review. Select the tool, sign the DPA. Designate two or three people as initial users - ideally from different experience levels, because senior and junior usage patterns differ and that contrast is instructive.
Weeks 3-8: Test the tool in real working conditions - with actual documents, not demos. Document experience: what saves time? Where is post-correction needed? What is the effective time investment per use case? Firms that do not collect these numbers cannot make an evidence-based decision at the end of the pilot.
Weeks 9-12: Evaluate. Does continued use make sense? Which processes should be expanded? What prompting rules or internal guidelines does the team need? Where were outputs adopted without review - and how can that be prevented systematically?
Realistic expectation management matters. AI tools speed up and structure work - they do not replace legal judgment under the mandate relationship governed by Art. 394 ff. OR. Communicating this clearly internally avoids disappointment and reduces liability exposure.
What an internal AI policy should cover
Even small firms benefit from a short internal framework. Minimum content:
Which categories of data may go into which tools? (Client matter data, special categories of personal data under Art. 5(c) revFADP, and public information all warrant different rules.)
Who is responsible for quality control of AI outputs?
How are AI outputs treated in pleadings or advisory documents?
Which tools are approved, and which are not - including personal accounts?
What happens in the event of a data incident? (Notification duty under Art. 24 revFADP: report to the FDPIC as soon as possible where there is a high risk to affected persons - Swiss law sets no fixed 72-hour deadline; that is the EU GDPR standard under Art. 33 GDPR.)
A one-page policy is more effective than a 30-page document nobody reads. The key is that it is communicated and updated, not that it is exhaustive.
CASUS for Swiss law firms
Firms looking to get started with AI-supported contract work can test CASUS at no cost. The platform runs directly in Microsoft Word or in the browser, all data stays in Switzerland or the EU, and there is no data retention and no human review. More on data security at /security, more about the company at /about.
FAQ
What does a Swiss law firm need to review legally before adopting AI?
At minimum four things: first, whether the chosen provider offers a data processing agreement under Art. 9 revFADP; second, where data is hosted - Switzerland or EU hosting is significantly less complicated than US hosting for professional secrecy purposes; third, whether the provider uses data for model training, which is generally incompatible with Art. 13 BGFA; fourth, whether a data protection impact assessment is required for the planned processing, particularly for workflows involving specially sensitive personal data under Art. 5(c) revFADP.
Is the EU AI Act relevant for Swiss law firms?
The EU AI Act does not apply directly to Swiss firms without an EU presence. Firms that regularly work with EU clients or process data in EU systems should nonetheless understand its core principles - particularly the AI competence obligation under Art. 4 - and factor them into internal practice. It also becomes relevant when clients are themselves subject to the EU AI Act and pass requirements down to their legal advisers.
Can AI outputs be used directly in pleadings or legal advice?
AI outputs are working tools, not finished legal texts. They accelerate analysis, drafting, and research - but any use in a pleading or client advice document requires legal review and professional accountability. Liability toward the client under Art. 97 OR remains with the firm; AI supports the process, not the responsibility.
Which use cases are best for getting started?
Contract analysis (risk review), proofreading, and structured legal research are natural starting points because time savings are immediately measurable and output quality is straightforward to verify. The benchmark workflow offers particular value for firms that handle the same contract types repeatedly - the efficiency gain compounds with each document processed.
How long does it take to introduce an AI tool in a law firm?
A structured pilot with a specialised legal AI tool can be set up within two to four weeks - data protection review, DPA signing, and initial testing included. A firm-wide rollout takes longer, but for most firms it is not the right first step. More important than speed is that the initial users experience concrete time savings - that creates the internal buy-in needed for broader adoption later.
What is "shadow AI" and why does it matter?
Shadow AI refers to unapproved use of AI tools by staff, often through personal or free accounts with general-purpose providers. The risk is concrete: client matter data may end up in systems not covered by a DPA under Art. 9 revFADP and not secured for professional confidentiality under Art. 13 BGFA. A specific pattern observed in practice: Microsoft 365 Copilot deployments where Copilot conversations retained under the tenant's standard rules were never assessed, because the DPA for the productivity licence and the privacy configuration for the AI feature must be managed separately. Firms that do not offer an approved alternative create the incentive for workarounds themselves.
How does CASUS differ from general AI tools like ChatGPT?
CASUS is built for legal document work, hosts data exclusively in Switzerland and the EU, does not transfer data to the United States, and operates with no human review and no data retention. This is not a marketing claim - it is an architecturally grounded data protection decision. Zero data retention means that after a session ends, no prompt or document data remains on CASUS servers. General AI tools like ChatGPT are not tailored to Swiss law and typically do not meet the data protection requirements for law firms without substantial additional configuration - and even then, the risk of US data transfer remains.
Does a law firm need an internal AI policy?
Yes - even a short one. It defines which tools are permitted, which data may be processed, and who is accountable for quality control of AI outputs. It also matters in the event of a data incident: a documented policy demonstrates that the firm fulfilled its duty of care. Without this foundation, a regulated, liability-conscious AI deployment is difficult to achieve - and in the event of an incident, there is no basis for the notification required under Art. 24 revFADP.
