From a GC seat, AI reporting is set to reshape obligations tracking over the next 18 to 24 months.

Most of us are already using AI somewhere in our contract stack. The shift now is from “AI helping with review” to “AI producing obligations dashboards the business can actually run on.”

I see five big changes coming.

1. Obligations will move from ad hoc tracking to portfolio-level visibility

Today, many organizations still track obligations in spreadsheets, SharePoint lists, or scattered reminders. Research on contract value loss from WorldCC and partners shows that companies continue to forfeit meaningful value through mismanaged contracts and poor follow-through on obligations, especially as AI adoption remains uneven across the lifecycle.

The WorldCC benchmarking work on the “contract AI chasm” points out that obligations tracking is one of the most painful friction points for many legal and commercial teams.

AI reporting changes this by treating obligations as a dataset, not a notes field. Instead of a few manually curated trackers, you end up with portfolio-level views: all audit rights, all termination-for-convenience clauses, all data retention commitments, all price escalators, all third-party flow-down requirements. As a GC, that means when the board or audit committee asks a blunt question, you answer with structured data, not anecdotes.

In my day job, a lot of this runs through Concord. Its reporting and extraction stack is already moving us away from Excel toward dynamic obligation views that are generated from the actual contracts, not someone’s manually maintained log.

2. Extraction will go from “good enough text search” to structured metrics

Traditional obligations tracking depends on people reading contracts and populating fields. AI-enabled CLM tools now extract clauses and classify them, but the next step is turning that extracted content into reliable metrics, not just raw text. Concord’s own perspective on reporting makes this point clearly: the real evolution is from manual tracking to AI-powered reporting that can support compliance and performance analytics on top of the contract repository.

At maturity, AI reporting will not just say “this contract has an audit clause.” It will categorize the obligation (frequency, scope, trigger events), link it to counterparts in related contracts, and roll it into dashboards that show coverage, gaps, and outliers. That is the difference between AI “helping” and AI producing something a CFO or CISO can actually act on.

The WorldCC AI adoption in contracting underscores that the real opportunity is in pairing AI extraction with defined processes and change management, not just dropping a model on top of messy data.

3. Obligations tracking will be pulled into AI governance and audit

As AI systems become central to obligations reporting, they themselves become part of the control environment. ISACA’s guidance on AI governance makes it very clear that organizations need to validate AI systems across their lifecycle, including data quality, accuracy, and alignment with strategic objectives.
For example, the ISACA artificial intelligence governance brief frames governance as an end-to-end discipline, not a one-time risk assessment.

Their follow-on work applying the COBIT framework to AI governance goes a step further. It describes how enterprises can use COBIT practices to govern AI tools used in critical processes, including decision-support systems in compliance and risk management. See ISACA’s white paper Leveraging COBIT for effective AI system governance.

For obligations tracking, this means AI reports will eventually be subject to audit. Auditors will not just ask “Did you track obligations?” They will ask how the AI model was trained, what confidence thresholds you use, how exceptions are handled, and what controls exist around manual overrides. ISACA’s AI audit toolkit and governance guidance give a preview of the evidence they will expect.

Practically, that pushes GCs to work with risk and internal audit to treat AI reporting as a monitored system, not a black box.

4. Compliance teams will demand continuous, near real-time obligation monitoring

Obligations tracking used to be a quarterly or annual exercise. That cadence no longer matches regulatory expectations or operational risk. ISACA’s broader work on AI risk and digital trust, and MIT’s research on AI risk taxonomies, both point toward continuous monitoring models, where risks and obligations are tracked as they evolve rather than at static intervals.

For example, MIT’s AI Risk Repository is designed as a living database of AI risks, continuously updated and categorized for ongoing oversight.

Translating that mindset to contracts, AI reporting will be expected to refresh obligations views as new contracts are signed, as amendments are executed, and as laws change. Compliance and risk teams will want alerts when an obligation is approaching a deadline, when a vendor’s contractual commitments no longer match new regulatory baselines, or when concentrations of risk (for example, all vendors with weak audit rights) exceed defined thresholds.

The Wall Street Journal’s coverage of AI in compliance captures the tension well: AI can remove a lot of manual “slog,” but executives are not yet ready to fully trust it without oversight and clear error handling.

As a GC, I expect to be asked how our obligations reports are populated, how often they refresh, what the exception process is, and how we validate their accuracy.

5. Legal will need a risk framework for AI use in obligations reporting

AI reporting introduces its own risk profile. Not every use case should be treated equally. MIT Sloan’s work on AI risk frameworks proposes categorizing AI applications into different risk levels, with governance requirements scaling accordingly. A useful example is the red-light, yellow-light, green-light framework described in MIT Sloan’s article on AI risk assessment.

Using that lens, AI obligations reporting would likely sit in a “medium risk” band: it informs important decisions, but a human can and should review the outputs. That implies specific controls: validation sampling, escalation paths when the model flags something high-impact, and clarity on which decisions may not be delegated to AI at all.

WorldCC’s AI lifecycle research, particularly its collaboration with consulting partners on AI and contract management, reinforces that AI should augment contract professionals rather than replace them.

For obligations tracking, that means AI should surface commitments and risks at scale, but legal, compliance, and business owners remain accountable for how those obligations are interpreted and acted upon.

6. CLM configuration will become part of the obligations control environment

Finally, AI reporting only works if the underlying CLM is configured correctly. If your repository is fragmented or your metadata is unreliable, AI will faithfully scale your confusion. Analysts and practitioners repeatedly highlight the importance of centralization and structured data in contract management. Concord’s own CLM material emphasizes that contract management software must centralize, automate, and track obligations and renewals as part of a unified lifecycle.

From a GC standpoint, that means I can no longer treat CLM configuration as “IT plumbing.” The way we define fields, standardize templates, and design workflows directly influences the quality of our AI-driven obligations reports. When those reports begin to drive board discussions, audit responses, or regulatory interactions, the CLM configuration becomes part of my formal control environment.

In my own practice, AI reporting is not a bolt-on feature. It is the visible surface of a deeper contract data model. If we get that model right, obligations tracking becomes proactive, auditable, and defensible. If we get it wrong, AI just helps us miss the same commitments faster.