# Letter to the Financial Conduct Authority **Sterling & Co. LLP** · Solicitors · Mortimer House · 37–41 Mortimer Street · London W1T 3JH The Markets Policy Department **Financial Conduct Authority** 12 Endeavour Square · London E20 1JN For the attention of: **Iona Whitcomb**, Head of Wholesale Conduct Policy Date: 28 April 2026 Our ref: ZEN/2026/041 / FCA-INFO-RESP-001 By email and recorded delivery Dear Ms Whitcomb, ## Information request dated 21 April 2026 — use of AI tooling in connection with the proposed acquisition of NimbusLogistics Group Ltd by Zenith Holdings plc We refer to your information request dated 21 April 2026 (FCA Ref: WCD-2026-0418) and respond on behalf of our client, Zenith Holdings plc ("**Zenith**"). For the avoidance of doubt, this letter is provided on the basis of legal professional privilege between Sterling & Co. and Zenith, save in respect of the information you have specifically requested, which is provided to you as a regulator on the standard basis. Your request relates to: > *"the artificial-intelligence tooling, if any, deployed by the Sterling & Co. LLP transaction team in advising Zenith on the proposed acquisition, and the safeguards in place against the disclosure of price-sensitive information to third parties."* We address your request in three sections, in line with the structure of paragraph 4 of your letter. ### 1. The AI tooling deployed Sterling & Co. has used **DONNA** (open-source delegation orchestration; project home: donnaoss.com; repository: github.com/chiefofstaff-legal/donna) for the following functions on this matter: a) **voice-captured time entries** by partners and associates working on the transaction; b) **intra-team task delegation routing** (e.g. Catherine Marlowe delegating drafting tasks to Sarah O'Donnell with deadlines, copy-recipients, and follow-up reminders); c) **first-draft generation of a small subset of working documents** (for example, the AI-clause sub-clauses of the Mutual NDA executed on 16 April 2026), in each case followed by partner review and approval before any external use; d) **the firm's IDR (Intent Decision Record) audit chain**, which records — and signs — every model invocation, every delegated decision, every prompt, every output identifier, and every approval. DONNA is **self-hosted on Sterling & Co. infrastructure**. The model invoked on this matter is `donna-router/0.1.0+local-llama-3.3-70b`, running on the firm's on-premises GPU cluster in Holborn. **No part of any matter, document, or communication has been transmitted to a third-party AI service at any point**. This is enforced by network segmentation: the matter VLAN has no egress route to external AI APIs. ### 2. The safeguards in place The safeguards are architectural, not policy-only. They are: a) **Network segmentation** — the matter VLAN has no egress to external AI providers. Network controls are independently audited annually under ISO/IEC 27001:2022 (most recent surveillance audit: 7 March 2026; certificate available on request). b) **PII anonymisation at the client boundary** — every model invocation passes through DONNA's anonymisation pre-processor, which replaces client names, matter names, person names, and counterparty names with opaque identifiers (e.g. `CLIENT_42`, `ZEN-041`, `s.odonnell`). The de-anonymised log lives in the firm's encrypted matter store; the model invocation never sees the real names. Anonymisation is verifiable by replay against the IDR chain. c) **Cryptographic audit chain** — every model invocation produces an IDR record. Each IDR contains: timestamp, actor, voice intent (where voice was used), structured intent, model identifier, model temperature, model seed, output identifier, confidence, supervising partner, and an HMAC-SHA256 signature linked to the previous IDR via the `previous_hash` field. The chain is tamper-evident: any alteration of any record invalidates every subsequent record's signature. d) **Partner attestation per matter** — the supervising partner signs a Partner Attestation (annex C of the engagement letter dated 14 April 2026), which records the partner's acknowledgement that DONNA was used in compliance with SRA *AI in Legal Services* guidance (October 2025), the EU AI Act high-risk obligations (binding from 2 August 2026), and the firm's internal AI policy v3.2. e) **Independent verification** — the firm's General Counsel may at any time invoke `bin/notarise verify --chain --key ` (open-source verifier; AGPL-3.0) and confirm that the chain has not been altered. The verifier is a thin Python script with no dependencies; the firm's internal audit team has reviewed it. ### 3. Information you have requested — IDR Audit Chain export Pursuant to your request and our duty of candour to the Authority, **we enclose a complete export of the IDR Audit Chain for matter ZEN-041 from inception (14 April 2026) to the date of this letter** (Annex A — "FCA Evidence Pack"). The pack contains 47 IDR records covering: - 1 matter-creation decision; - 12 delegation decisions; - 9 first-draft-generation decisions (each followed by partner review); - 4 contract-clause-drafting decisions (the AI clauses in the Mutual NDA executed 16 April 2026); - 14 voice-captured time entries; - 7 audit-pack-export decisions (including this one). For each decision, the pack records the original voice intent (where applicable), the structured intent, the model identifier and parameters, the output reference, the supervising partner's approval, and the cryptographic signature. The pack is signed end-to-end. **You will be able to verify it independently using the open-source `notarise` verifier referenced in section 2(e) above**, with no requirement to install any Sterling & Co. software. We have included a one-page note explaining the verification command in Annex B. ### 4. A note on *Munir* We anticipate the Authority will read this letter against the backdrop of *Munir v Secretary of State for the Home Department* [2026] UKUT 81. Sterling & Co. has read *Munir* with care. The judgment at [37]–[41] is, on its terms, directly applicable to public AI services where client material is transmitted outside the firm's exclusive control. The judgment's *ratio* is that such transmission is disclosure to the public domain. The firm's deliberate architectural choice — self-hosting all model inference inside the firm's own infrastructure, with no egress to third-party AI services — is precisely the design pattern *Munir* contemplates as acceptable at [38]: *"closed-source AI tools which do not place information in the public domain"*. The firm's AI policy treats *Munir* as the **architectural** authority for legal-technology choices, not merely the policy authority. We trust this is responsive to your information request. We are at the Authority's disposal for any follow-up enquiries; if the Authority would value a 30-minute walk-through of the IDR Audit Chain, our General Counsel and Head of IT Security would be pleased to attend, with audit-chain replay running in real time on the firm's infrastructure. Yours sincerely, **Catherine Marlowe** *Partner, Corporate & M&A* For and on behalf of Sterling & Co. LLP cc: Henrik Vester, Group General Counsel, Zenith Holdings plc cc: Geoffrey Templar, General Counsel, Sterling & Co. LLP cc: ICO (notified per UK GDPR Article 33 incident-management policy — for completeness; no incident is occurring) --- **Annexes** A — FCA Evidence Pack: complete IDR Audit Chain export for matter ZEN-041 (cryptographically signed, 47 records) B — `notarise` verifier — one-page command reference C — Sterling & Co. AI Policy v3.2 (March 2026 — published) D — ISO/IEC 27001:2022 surveillance certificate (March 2026) --- > **Demo note**: this letter is the natural endpoint of the matter's audit chain. Every IDR linked above is reachable from `idr-audit-log.json`. The FCA can verify the chain independently with `bin/notarise verify` from the OSS Donna repo — no dependency on Sterling & Co.'s software. That is the point. The audit chain is *separable* from the firm; the verifier is open. *Donna probat.*