CompanyScope
by Janus Compliance

AIR-2026-005 · AI Agent Incident Register

Ayinde v Haringey: the UK High Court on lawyers who filed AI-fabricated case law

Incident: 2025-06-06 · Parties: R (Ayinde) v Haringey LBC; Al-Haroun v Qatar National Bank. [2025] EWHC 1383 (Admin), Divisional Court

Liability locus: Deployer-carried. the organisation that deployed the agent answers for its output.

Legal analysis by Michael K. Onyekwere, CIPP/E · Janus Compliance · Published 2026-07-04 · Last reviewed 2026-07-06. Analysis of public facts. Not legal advice.

Share this AIR-2026-005 profile:Share on XBluesky

What happened

On 6 June 2025 the Divisional Court (Dame Victoria Sharp, President of the King's Bench Division, sitting with Mr Justice Johnson) handed down a single judgment in two unrelated cases joined because they raised the same problem: lawyers had placed fabricated legal authorities, generated by AI, before the court. The court acted under its Hamid jurisdiction, the inherent power to regulate proceedings and enforce lawyers' duties to the court.

In Ayinde, a judicial review against the London Borough of Haringey, the claimant's grounds cited five authorities that did not exist. When the court asked for copies, they could not be produced. The court referred the barrister, whom it described as extremely junior, to the Bar Standards Board, and the supervising solicitor to the Solicitors Regulation Authority; it found no fault on the part of a paralegal involved.

In Al-Haroun, a claim against Qatar National Bank, a witness statement relied on forty-five citations, eighteen of them entirely fictitious and most of the rest misquoted or irrelevant. The source was striking: the client had run his own legal research through publicly available generative-AI tools and passed the results to his solicitor, who incorporated them without independent verification. The court referred the solicitor and his firm to the SRA. It treated the lay client as someone let down by unreliable tools and poor advice, not as the party at fault.

The court considered whether the conduct crossed the threshold for contempt and decided, on these facts, to refer the lawyers to their regulators rather than initiate contempt proceedings, citing matters such as the barrister's seniority, unresolved questions about her supervision and pupillage sign-off, and the fact that she had already been criticised in a public judgment and referred to her regulator.

The duty engaged

This is professional-conduct law, not data protection, and that is what makes it useful: it isolates the bare principle of accountability for an agent's output.

The duty to the court. A lawyer owes the court a duty of candour and accuracy. Citing authority that does not exist breaches it whether the fabrication was deliberate or the product of an unchecked tool. The court's position is that the source of the error does not dissolve the duty: the professional who puts material before the court warrants that they have a proper basis for it.

The verification duty, made explicit. The court stated the standard for the AI era in terms. Freely available generative-AI tools "are not capable of conducting reliable legal research" (at [6]). Those who use them anyway "have a professional duty therefore to check the accuracy of such research by reference to authoritative sources, before using it in the course of their professional work" (at [7]). The judgment names those sources: the Government's legislation database, the National Archives' database of judgments, the official Law Reports, and reputable legal publishers' databases. That converts a general professional obligation into a concrete operating rule for any lawyer using these tools.

The regulatory layer. Conduct of this kind engages the SRA Standards and Regulations for solicitors and the BSB Handbook for barristers. Referral to the regulator, rather than contempt, was the court's chosen route here, but the judgment is explicit that the threshold for more serious consequences can be met.

For readers outside the UK, the principle travels: every jurisdiction with a duty of candour to the court now has, or will soon have, its own version of this ruling. The US sanctions decisions (the fabricated-citation cases that produced fines) reach the same place by a different procedural road.

The liability chain

The case is a clean study in where accountability lands when an AI tool produces the work.

The AI tool cannot be the responsible party. It has no duty to the court. The entire weight of the obligation sits on the human who relied on it. This is the same allocation as Moffatt v Air Canada (AIR-2026-003): the company could not hand its liability to its chatbot, and a lawyer cannot hand professional responsibility to a model. The agent's output is the principal's responsibility.

The professional who filed it carries it. In Ayinde the barrister who signed the grounds and the solicitor who supervised were the accountable parties, referred to their respective regulators. Seniority and supervision affected the consequence (referral rather than contempt) but not the locus of responsibility.

Al-Haroun shows the inversion that should never happen. There, the solicitor relied on the client's AI-generated research rather than conducting and verifying his own. The court found it extraordinary that the lawyer was depending on the client for the accuracy of the law. That is the supervision failure stated at its sharpest: the professional outsourced the one thing that was irreducibly his to a layperson with a chatbot.

The practical lesson for any firm or in-house team: an AI tool in the workflow does not redistribute professional liability, it concentrates the verification duty on whoever signs. Procurement and policy should be written from that fact.

What would have prevented it

Mapped controls

Sources

Corrections


Cite this entry as AIR-2026-005 (https://companyscope.io/register/air-2026-005). Entry IDs are stable; corrections publish as dated addenda on this page.

Share this AIR-2026-005 profile:Share on XBluesky

Talk to Michael about your agent deployment — or your AI vendor governance more broadly

CompanyScope's public profiles cover the general picture. Michael runs Janus DPO-as-a-Service for businesses that need ongoing AI vendor governance, and writes one-off CIPP/E-reviewed Vendor Risk Notes for specific procurement decisions. Tell him what you're actually trying to clear.

A sentence or two is plenty.

Your context goes only to Michael. We don't share with the vendor or anyone else. Privacy notice.

Subscribe to the AI Agent Incident Register

Every new Register entry delivered with the legal analysis: the incident, the duty engaged, who is liable across the chain, and what governance would have prevented it. Written by Michael K. Onyekwere, CIPP/E. Free.

Subscribe — free

Delivered via Compliance Engineering on Substack, which handles your subscription and consent. Unsubscribe any time. Privacy notice.

This analysis is the work Janus Compliance does for clients before the incident. For a fixed-scope read of your own EU AI Act Article 50 exposure, see the Article 50 teardown; for ongoing agent governance, Janus DPO-as-a-Service. Browse the full register or the vendor compliance index.