Executive Summary
The BBNJ Agreement — the first binding international treaty on the conservation and sustainable use of marine biodiversity beyond national jurisdiction — introduces new environmental obligations that directly intersect with offshore oil and gas operations on the high seas. For Compliance teams at Oil & Gas firms operating in international jurisdictions, understanding the treaty's environmental impact assessment (EIA) requirements is not optional: it determines which planned activities must undergo formal screening before proceeding.
In the one aggregated question tested against AI tools on this regulation, AI gave an incorrect answer — misrepresenting both the EIA trigger threshold and the article it came from. The error was not trivial: the AI substituted a narrower, higher-bar standard for the treaty's actual precautionary threshold, meaning a firm relying on that answer could conclude an EIA is not required when the treaty says it is.
How AI gets this regulation wrong
When AI tools were asked about this regulation's EIA screening rules, the pattern of failure was confident but subtly wrong: the AI stated an incorrect legal standard and cited the wrong article, then — when pressed — acknowledged it was uncertain about the details. The table below shows how AI got this regulation wrong: replacing the treaty's actual precautionary trigger with a stricter formulation that would reduce the number of activities caught by the EIA requirement.
| AI's Failure Mode | Count | Affected findings |
|---|---|---|
| Exposed Fabrication | 1 | Finding#1 |
What that means for your team
For Compliance teams at Oil & Gas firms, getting the EIA threshold wrong on the high seas is a regulatory enforcement exposure: activities that should have been screened — and potentially halted or conditioned — proceed without that gate, leaving the firm in breach of the treaty's obligations as implemented through flag state or flag state-adjacent regulatory frameworks. The table below maps this finding to its risk category so teams can assess where in their compliance workflow the exposure sits.
| Risk Impact | Count | Affected findings |
|---|---|---|
| Regulatory enforcement | 1 | Finding#1 |
When this affects your department
Compliance teams at Oil & Gas firms operating internationally encounter the BBNJ Agreement in a growing range of workflows: scoping new deepwater exploration or drilling programmes beyond the 200-nautical-mile exclusive economic zone, updating internal environmental assessment procedures to reflect the treaty's EIA obligations, briefing business development teams on which planned activities require formal screening before sign-off, and advising vessel operators, contractors, and joint-venture partners on what the treaty requires of them.
As states begin to implement the agreement domestically and flag states formalise their obligations, Compliance functions will increasingly be asked to map the treaty's provisions onto operational activity plans and supply-chain due-diligence frameworks.
If AI tools are used in any of these contexts — drafting a policy note, preparing a regulatory summary for a business line, or responding to a due-diligence questionnaire from a partner or investor — and the AI's answer misrepresents the EIA screening threshold, the firm's written outputs carry that error forward. An internal policy that codifies the wrong trigger standard will cause the firm to skip EIA screening for activities that the treaty actually requires it to assess.
That gap becomes visible only when a regulatory authority, an NGO, or a counterparty's legal team examines the firm's procedures against the treaty text.
The stakes extend beyond administrative inconvenience. Parties to the BBNJ Agreement are required to ensure their nationals and flag-state vessels comply with EIA obligations; enforcement mechanisms under international treaty frameworks can include flag-state sanctions, exclusion from treaty-governed areas, and reputational consequences in an environment where multilateral environmental commitments are increasingly scrutinised by investors, insurers, and co-venturers.
A Compliance function that produces internally inconsistent guidance — because it relied on AI for a foundational legal question and received a confidently wrong answer — faces the added burden of remediation: correcting the policy, retraining personnel, and demonstrating to external stakeholders that the error has been contained.
The findings at a glance
The table below summarises the one finding from AI testing on the BBNJ Agreement that is relevant to Compliance teams at Oil & Gas firms in international jurisdictions, identifying the question area, the nature of the AI error, and the risk category it triggers.
| # | Finding title | Type | Citation ID |
|---|---|---|---|
| 1 | EIA trigger threshold and article reference | Hallucination | RLB-F-INT-UNTC-BBNJ-HIGH-SEAS-BIODIVERSITY-AGREEMENT-2023-Q001 |
Aggregate impact
The single finding from AI testing on this regulation targets the EIA screening threshold — arguably the most operationally consequential provision of the BBNJ Agreement for offshore oil and gas operations. The treaty sets a precautionary standard: an EIA is required for activities that "may have more than a minor or transitory effect" on the marine environment, or whose effects are "unknown or poorly understood." AI tools we tested replaced "may have" with "likely to have" — a shift that narrows the trigger and would lead a reader to conclude that fewer activities require EIA screening.
The AI also cited the wrong article, compounding the error by directing a user to incorrect provisions in the treaty text.
The failure pattern here — confident assertion of a subtly different legal standard, paired with a wrong cross-reference — is particularly dangerous for Compliance workflows because it is hard to detect without going back to the treaty text. A team member reading the AI's answer would find it plausible: the phrase "likely to have" sounds close to "may have," and the article number feels authoritative. Only a side-by-side comparison with the treaty reveals the divergence. When that comparison is not performed — as will often be the case in time-pressured compliance environments — the error propagates into internal documentation.
For Oil & Gas firms operating at scale across multiple high-seas areas or flag states, the compounding effect is material. If the firm's internal EIA screening policy embeds the narrower AI-derived threshold, every activity assessed under that policy is assessed against the wrong standard. The gap between what the firm did and what the treaty required will only become apparent after the fact — during a regulatory review, an ESG audit, or a dispute with a co-venturer or insurer who has read the treaty correctly.
What your team should do
The default position for Compliance teams using AI tools on the BBNJ Agreement should be: treat AI as a starting point for orientation, not as a source of legal precision. The treaty is recent (opened for signature in 2023), its domestic implementation is still evolving across flag states, and the academic and practitioner commentary is still being written. These are exactly the conditions under which AI tools are most likely to produce confident but unreliable answers — particularly on specific article references and threshold formulations, where a small change in wording has large operational consequences.
For EIA-related questions specifically, the practical safeguard is straightforward: any AI-generated summary of the EIA screening threshold should be verified against the treaty text before it is used in an internal policy document, a due-diligence response, or a briefing note. The relevant provisions are in the treaty itself, which is publicly available through the United Nations Treaty Collection. When a Compliance team member asks AI tools about thresholds, article numbers, or procedural requirements, the AI's answer should be treated as a draft to be checked — not as an authoritative statement.
AI tools are more reliably useful on this regulation for background orientation tasks: explaining what the BBNJ Agreement is and why it matters, summarising its general structure, identifying which categories of activity the treaty covers in broad terms, or drafting a first-pass list of questions to raise with external counsel. For any work-product that will be relied upon by a business line, submitted to a regulator, or incorporated into a contract or due-diligence certificate, the treaty text and qualified legal advice remain the authoritative sources.
How RLB Can Help
RegLeg's published Hallucination Research gives Compliance teams at Oil & Gas firms a practical pre-flight check before acting on AI-generated regulatory guidance. Because the research covers the specific regulators and rule sets most relevant to international energy operations — spanning environmental permitting, trading conduct, export controls, and health and safety obligations — your team can verify whether a given AI tool has a documented track record of error on a regulation before relying on its output in a compliance workflow.
This is not a substitute for legal review; it is a structured, evidence-based prompt to ask the right sceptical questions at the right moment.
Beyond the published research, RLB works with Compliance functions on bespoke regulator deep-dives tailored to the firm's actual workflow exposure. For an Oil & Gas compliance team, that typically means mapping which AI-supported tasks — drafting regulatory submissions, monitoring permit conditions, tracking cross-border sanction obligations, or synthesising HSE incident-reporting requirements — carry the highest hallucination risk given the current state of the underlying AI tooling. The output is a prioritised risk register the team can use to set internal thresholds for AI-assisted versus human-verified work.
RLB also offers a confidential review of the firm's existing AI-use policy against our failure-mode catalogue, with prioritised remediation recommendations ranked by regulatory materiality. Where gaps are identified, we can support the team in developing training material and CPD-aligned content for internal delivery — equipping compliance professionals with the conceptual vocabulary and practical judgment to work safely alongside AI tools rather than either over-trusting or categorically avoiding them.