AI Contract Review in India 2026

Indian enterprises sign enormous volumes of contracts — vendor master agreements, employment contracts, customer MSAs, NDAs, distribution agreements, lease deeds, shareholder agreements, services agreements — and the legal team has always been the bottleneck. In 2026, AI contract review has moved from pilot to production in most listed Indian companies, most large private firms, and a rapidly growing chunk of the mid-market. This guide is a practical walkthrough of what the stack looks like, how the workflow runs, and what India-specific legal guardrails to respect.

Key Takeaways

• SpotDraft leads the India market. Indian-origin, 50,000 monthly active users, 1M+ contracts processed annually, $92M total funding, Qualcomm-backed for on-device AI.
• The canonical workflow is: playbook → AI first-pass → risk score → lawyer review → counterparty response. Skipping the lawyer review step is where firms get burned.
• The Indian Contract Act 1872 sets the substantive framework. AI handles form and structure; Indian lawyers handle stamp duty, registration, specific performance, and sector regulation.
• DPDP Act compliance is non-negotiable. Use India-region or on-device deployments for personal data. Have data processing agreements with vendors.
• Risk scoring is now a GC-dashboard capability, not a per-contract novelty. GCs watch portfolio-level risk at weekly cadence.

The Indian AI Contract Review Tool Landscape

The 2026 tool landscape for Indian enterprises has three tiers:

Tier 1 — India-native leaders

SpotDraft is the dominant name. Founded in 2017, headquartered in Bengaluru and San Francisco, it crossed 700 customers in 2026, processed over a million contracts annually, and reported 100 percent year-on-year customer growth. Its VerifAI product runs on-device on Snapdragon X Elite laptops — contract review, risk scoring, and automated redlining execute completely offline, which solves the DPDP-confidentiality objection for highly regulated clients. SpotDraft closed an $8M extended Series B from Qualcomm Ventures in January 2026, bringing total funding to $92M at a valuation approaching $400M.

Tier 2 — Global enterprise players with India deployment

Ironclad is the enterprise standard for global groups with India operations. Sirion Labs (Indian-origin, global) is strong on enterprise procurement contracts and vendor risk. Juro serves SME SaaS companies. Luminance specialises in M&A due diligence. Kira Systems (a Litera subsidiary) is common in Tier-1 law firms for M&A work.

Tier 3 — Custom and narrow-purpose

Contractbook is used by startups for low-complexity contracts. HeyLaw and Lawrbit serve India-specific compliance wrappers. Several large Indian groups have built custom CLMs on Azure OpenAI or AWS Bedrock — Reliance, Tata, Adani, Mahindra, and Infosys are all running internal deployments for their own contract estates.

The Canonical AI Contract Review Workflow

A production workflow inside an Indian GC office typically runs in five steps.

Step 1 — Build the playbook

The playbook is the company's pre-agreed position on every clause that appears in commercial contracts. Example positions:

• Indemnity cap: 100 percent of annual contract value, never unlimited
• Limitation of liability: direct damages only, consequential damages excluded
• Termination for convenience: 30-90 days depending on contract type
• Governing law: Indian law, seat of arbitration Delhi/Mumbai
• Dispute resolution: arbitration under the Arbitration and Conciliation Act, 1996, three-arbitrator panel for disputes above ₹5 crore
• IP assignment: work made for hire, moral rights waived
• Data protection: DPDP-compliant, India-region processing, breach notification within 72 hours
• Payment terms: 30 days from invoice receipt, no auto-renewal without written consent

The playbook sits in the AI system as structured data plus natural-language guidance, typically 30-80 pages after a proper first-draft workshop with the business.

Step 2 — AI first-pass redlining

When a counterparty contract arrives (MSA, SOW, NDA, vendor agreement, employment contract), the AI:

1. Classifies the contract type and identifies applicable playbook sections
2. Parses every clause and matches it to the playbook position
3. Flags deviations as red (unacceptable), amber (negotiable), green (in line)
4. Suggests fallback language for each amber/red clause from the playbook
5. Produces a Word document with track-changes redlines and margin comments

Typical time on this step: 2-5 minutes per NDA, 10-20 minutes per MSA, 30-60 minutes per SPA.

Step 3 — Risk scoring and dashboard

Each reviewed contract produces a risk score. Dashboards surface portfolio-level trends: which business units sign the highest-risk contracts, which counterparties consistently push back on the playbook, which clauses have been given up most often. This is how GC offices use AI to drive negotiation strategy rather than just speed up paperwork.

Step 4 — Lawyer final review

A lawyer reviews the AI redline before it goes to the counterparty. This step is non-negotiable — it is the line that separates AI-assisted legal work from unauthorised practice of law and is required by every responsible firm's internal policy. The lawyer's job is:

• Sanity-check the risk scores against commercial context
• Verify India-specific elements (stamp duty, registration, state-level requirements)
• Apply judgement to deviations the AI may have over or under-scored
• Sign off on the redline before it is shared

Typical time on this step: 10-30 percent of what pre-AI review used to take.

Step 5 — Negotiation and execution

The AI can then track negotiation rounds — which clauses the counterparty pushed back on, which fallback positions the legal team accepted, how the final document compares to the playbook. Post-execution, the contract is tagged, stored in the CLM, and indexed for future search.

Indian Contract Act 1872 and AI Review

Modern LLMs — Claude Sonnet 4.6, GPT-4.1, Gemini 2.5 Pro — have reliable knowledge of the Indian Contract Act's core doctrines. They can correctly identify issues with consideration, consent, capacity, and lawful object. They can draft standard consideration clauses, representation and warranty blocks, and indemnity formulations that align with Section 124-125 of the Act.

Where they are less reliable and require lawyer review:

• State-level Stamp Act compliance — every Indian state has its own Stamp Act with different duty rates and registration requirements. AI will often generate a generic stamp duty clause that misses the state-specific rate.
• Specific Relief Act 1963 — the availability of specific performance, particularly after the 2018 amendment, is nuanced. AI drafts rarely get the negative covenant injunction language right.
• Sector-specific overlays — IT Act 2000 for data agreements, RERA for real estate, Companies Act for shareholder agreements, SEBI regulations for listed company contracts. The AI does not always surface these in the redline.
• Registration Act 1908 — which documents must be registered to be admissible as evidence; AI sometimes drafts contracts that would fall foul of the registration requirement.

Best practice: the playbook explicitly encodes the state-specific requirements for the company's major contracting states (typically Maharashtra, Karnataka, Delhi, Tamil Nadu, Telangana), and the AI is configured to flag deviations.

Risk Scoring — How GCs Actually Use It

The value of risk scoring is not per-contract — it is portfolio. A GC dashboard in 2026 typically shows:

• Total active contracts by risk band (low/medium/high)
• Deviations from playbook by counterparty (helps negotiate master positions)
• Deviations by business unit (identifies training gaps or commercial pressure points)
• Aging of high-risk contracts (upcoming renewals where the playbook has shifted)
• Auto-flag of contracts that need refresh due to regulatory change (e.g., DPDP operationalisation triggered a wave of data-protection clause updates)

This is how a modern GC functions as a risk-management function rather than a paperwork function.

DPDP Act Compliance in AI Contract Review

The Digital Personal Data Protection Act, 2023, matters for contract review in three ways.

First, contracts themselves often contain personal data — names of employees, vendors, directors, consumers. Sending these to a cloud AI without proper controls is a DPDP exposure. Mitigations:

• India-region deployment only (SpotDraft on AWS Mumbai, Azure OpenAI India Central, AWS Bedrock Mumbai for Claude)
• Data processing agreement with the vendor, including breach notification terms
• Purpose limitation — the AI uses the contract only for review, not for training
• On-device deployment for highly sensitive documents (SpotDraft's Snapdragon X Elite integration is the flagship example)

Second, the contracts being reviewed may themselves need DPDP-compliant clauses on data processing, consent, breach notification, and cross-border transfer. The playbook should encode a standard DPDP clause for data-touching contracts.

Third, AI vendor contracts themselves need DPDP review. Firms have to treat SpotDraft, Ironclad, Sirion as data processors (or sub-processors) and apply appropriate due diligence.

For deeper coverage of the legal-sector AI landscape, see Legal AI in India 2026. For prompting tactics Indian lawyers use in contract drafting, see AI for lawyers India. For the research side, see AI legal research for Indian advocates. Prompt engineering fundamentals for drafting AI prompts are in our prompt engineering hub.

INR Pricing Benchmarks (2026)

Ballpark costs for Indian deployments:

• SpotDraft — starts around ₹2-3 lakh per month for a mid-size GC team of 5-10 lawyers, scales with contract volume and modules. Enterprise deals run ₹10-25 lakh/month.
• Ironclad — enterprise-only, typically ₹15-40 lakh/month for large Indian groups with global operations.
• Sirion — enterprise procurement focus, ₹20-50 lakh/month depending on scope.
• Juro — SME-friendly, ₹40,000-1.5 lakh/month.
• Custom Azure OpenAI + SharePoint deployment — infrastructure at ₹1-3 lakh/month plus a build cost of ₹30-80 lakh for a custom UI and playbook layer.

ROI math typically works if the GC team processes 500+ contracts per month; below that the tools are useful but hard to justify on pure finance terms.

Implementation Playbook

For an Indian enterprise adopting AI contract review in 2026:

1. Month 1 — Audit the contract estate. Count by type, volume, complexity, pain points.
2. Month 2 — Build the playbook with the business. Workshop with procurement, sales, HR, IT, finance heads.
3. Month 3 — Vendor selection. Shortlist 2-3 tools, run a pilot on 50-100 live contracts, measure time saved and redline quality.
4. Month 4 — Deploy the chosen tool, migrate historical contracts (at least last 3 years), train lawyers and business users.
5. Month 5-6 — Turn on risk scoring dashboards. Integrate with Salesforce/SAP for contract-trigger workflows.
6. Ongoing — Quarterly playbook refresh, monthly risk review with GC and business heads.

Further Reading

• Legal AI in India 2026 — the sector hub covering courts, firms, LPO
• AI legal research for Indian advocates — SCC, Manupatra, CaseMine
• AI for lawyers India — practical prompts for solo and boutique firms
• AI governance frameworks for Indian companies — broader enterprise AI governance context
• Prompt engineering for legal documents — foundational prompt patterns

Sources

• SpotDraft press releases and TechCrunch coverage, January 2026
• Qualcomm Snapdragon Summit 2025 partnership announcement
• Indian Contract Act, 1872; Specific Relief Act, 1963; Arbitration and Conciliation Act, 1996
• Digital Personal Data Protection Act, 2023 and Data Protection Board rules, 2025
• SpotDraft customer case studies (Apollo.io, Panasonic, Zeplin, Whatfix)