Executive Summary
The BBNJ High Seas Biodiversity Agreement (2023) establishes the first legally binding international framework governing marine genetic resources (MGRs) collected from areas beyond national jurisdiction, including rules on benefit-sharing and coverage of digital sequence information (DSI) derived from those resources. Compliance teams at biotechnology firms operating internationally need to understand exactly which collections and research activities fall within the Agreement's scope — particularly which timeline applies and which articles govern DSI. Across the two questions put to AI tools on this regulation, both produced incorrect answers, inverting or mislabelling core provisions with apparent confidence.
The errors centred on the Agreement's retroactivity default and the precise article number governing DSI benefit-sharing — two facts a compliance function is likely to rely on when scoping existing sample collections or drafting internal policy. When pressed to verify their answers, the AI tools acknowledged uncertainty — a pattern of confident error followed by retraction.
How AI gets this regulation wrong
On both questions tested, AI tools gave confidently stated answers that were factually wrong — and when challenged, admitted they were uncertain whether their original responses were correct. The failures involved inverting a clearly written default rule and attributing an obligation to the wrong article number — not obscure inference errors but direct misreadings of the Agreement's operative text. The table below maps those failure modes and the number of findings each accounts for.
| AI's Failure Mode | Count | Affected findings |
|---|---|---|
| Exposed Fabrication | 2 | Finding#1 · Finding#2 |
What that means for your team
Both failures identified in this cell carry regulatory enforcement risk for biotechnology firms — either by misclassifying the scope of benefit-sharing obligations on legacy sample collections, or by mis-citing the treaty article that governs DSI in regulatory submissions, licensing discussions, or internal compliance frameworks. For a compliance function, errors of this kind feed directly into legal exposure before an international treaty body or national implementing authority. The table below breaks down the risk impact categories across this regulation's findings.
| Risk Impact | Count | Affected findings |
|---|---|---|
| Regulatory enforcement | 2 | Finding#1 · Finding#2 |
When this affects your department
Compliance teams at biotechnology firms are most likely to turn to AI tools when the BBNJ Agreement first lands on their radar — scoping whether existing collections of high-seas marine organisms or derived materials are subject to the new benefit-sharing framework, or preparing internal briefing notes ahead of a new product development programme that draws on marine genetic resources. They may also use AI to draft policies on digital sequence information handling, advise business development on licensing constraints, or map the Agreement's obligations against the firm's existing access and benefit-sharing procedures under the Nagoya Protocol.
The stakes for getting these questions wrong are significant. If a compliance team is advised by an AI tool that the Agreement applies retroactively to samples collected before it entered into force — when in fact the Agreement is non-retroactive by default — the firm may incur unnecessary remediation costs, impose unwarranted benefit-sharing obligations on existing programmes, or misrepresent its legal position to partners and investors.
Equally, if internal documentation cites the wrong article as the DSI benefit-sharing anchor, submissions to a national implementing authority or a Clearing-House Mechanism filing may contain a cross-reference that regulators can immediately identify as incorrect, undermining the firm's credibility and creating questions about the rigour of its compliance review.
The findings at a glance
The table below summarises each finding in this cell — the question type, the AI failure observed, and the risk category it creates for a compliance function at a biotechnology firm.
Aggregate impact
Both findings in this cell concern the same core challenge: AI tools misread or misrepresented the operative text of the BBNJ Agreement on the two questions most likely to arise early in a compliance team's engagement with it. The first finding shows AI tools completely inverting the Agreement's retroactivity default — asserting that benefit-sharing obligations apply to collections made before entry into force (with an opt-out), when the Agreement states the exact opposite: obligations apply only to post-entry-into-force collections, with no retroactive reach.
The second finding shows a different but equally damaging error: correct identification of the DSI benefit-sharing obligation, but attribution to the wrong article number.
The pattern is not one of AI tools venturing into genuinely ambiguous interpretive territory — these are clear, textual questions about a published treaty. The failures reflect a tendency to produce plausible-sounding, internally consistent answers that happen to invert or misplace the source text. Both AI tools also shared a further characteristic: when challenged, they acknowledged the uncertainty of their original answers. That self-correction only occurs under pressure; a compliance team relying on the first-pass response would not encounter it.
For biotechnology firms operating across multiple jurisdictions — each of which may be implementing the Agreement differently through domestic law — an error on the retroactivity default is particularly costly. Firms with legacy marine collections need to know with precision whether they owe anything under the new framework; a wrong answer in either direction (falsely triggering obligations, or falsely excluding them) has direct legal and commercial consequences.
The clustering of errors on foundational scope questions means that AI tools currently present the highest risk to compliance teams at precisely the moment they are most likely to be consulted: the initial scoping and policy-drafting phase.
What your team should do
The default position for compliance teams at biotechnology firms should be to treat AI-generated answers on BBNJ Agreement scope and article-level obligations as unverified drafts, not as regulatory conclusions. Given that both errors identified in this cell involved confident, citation-bearing responses that were nevertheless wrong, the absence of pushback from an AI tool is not a reliable signal of accuracy.
Any AI answer that purports to tell you which collections are in scope, what the retroactivity position is, or which specific article governs an obligation should be checked directly against the published treaty text before it informs an internal policy, a regulatory submission, or a communication to a partner organisation.
For practical safeguards: when using AI tools to orient the compliance team on the Agreement, frame the AI output as a first-pass map rather than a definitive read, and assign a team member to verify article citations against the United Nations Treaty Collection's published text. Maintain a standing reference document — verified once against the treaty — on the retroactivity position, the DSI coverage provision, and the benefit-sharing mechanism, so that AI-assisted drafting is checked against a known-good internal baseline rather than re-derived from scratch each time.
Where AI tools remain genuinely useful for compliance work on this regulation: summarising the Agreement's broader architecture and chapter structure, generating a checklist of implementation steps or stakeholder questions, or helping draft communications that will be reviewed by legal counsel before use. AI is less reliable — and requires explicit verification — whenever the question concerns precise article numbers, the scope of temporal application, or the exact wording of obligations. Those are the questions where the errors in this cell occurred, and they are also the questions compliance functions are most likely to need to answer correctly.
How RLB Can Help
RegLeg's published Hallucination Research gives Compliance teams at Biotechnology firms a ready-made pre-flight check before acting on AI-generated output. Because the research is independent and publicly available, it can be referenced in internal governance documentation, audit trails, and board reporting without any additional procurement or disclosure — providing an objective external reference point wherever AI tools have been consulted on regulatory questions.
Beyond the public research, RegLeg works with Biotechnology Compliance functions on bespoke regulator deep-dives. These map the specific AI-supported workflows your team relies on — from pharmacovigilance reporting obligations and clinical-trial disclosure rules to GxP documentation and cross-border market-authorisation requirements — against the hallucination failure modes most frequently observed for those regulatory domains. The output is a prioritised exposure register your team can take directly into risk committee discussions or feed into your wider AI governance framework.
RegLeg also offers confidential review of your firm's existing AI-use policy, benchmarking it against the full failure-mode catalogue and returning a structured remediation roadmap ranked by regulatory consequence.
For teams building internal capability, RegLeg provides training material and CPD-aligned content designed for Compliance professionals rather than technical audiences. Sessions are framed around practical decision rules — when to trust AI output, when to verify independently, and how to document the rationale either way — so that staff at every level can apply consistent judgement in their day-to-day work. All materials can be tailored to the specific regulators and jurisdictions your firm operates under.