Most companies undertake at least some degree of legal risk management every day, via in-house lawyers or consulting with external legal advisers. But as day-to-day tasks and urgencies pile up, it is all too easy to lose sight of the greater picture and the mutually-affecting risks across contracts, departments, and subsidiaries.
WLA Risk Group seeks to uncover these “hidden” risks, including those mutually affecting or mutually accumulating risks that could potentially evolve into a ‘perfect storm’, even if each of those risks individually might have been manageable if only it had been identified sooner.
What constitutes a legal risk, how it should be approached and managed, and by who. General counsel, compliance officers, contract managers, other legal professionals can implement legal risk management within their own domain.
Whatever the size of a company, the legal risks can vary greatly from section to section, organisation to organisation, etc. Subsidiaries, sections, and employees each have their respective responsibilities, projects, businesses, and authorizations.
If they launch initiatives independently that are mutually conflicting or which, when combined, serve to expose the company to risks, problems can arise sooner than you know it.
Risks may also come about as a result of changes to laws and regulations, outdated routines and procedures, or because the company’s growth or development has caused it to move into other risk zones.
Corporate legal teams handle risk management, legal governance, and compliance issues. In an increasingly regulatory environment that is enhanced by citizen watchdog agencies with large social media followings, legal teams face a challenging task in making sure their companies control legal risks and stay protected from a lawsuit. To do that, enterprises need to ensure that they are accurately capturing, monitoring, and controlling legal risks.
Primarily, these plans help you allocate the resources you need to identify, prevent, and address potential incidents that can put your company at risk of legal backlash.
We combine deep regulatory and industry knowledge with extensive experience in government relations, litigation, internal investigations, and securities law compliance to provide a comprehensive and holistic approach to problem solving. We provide innovative, cost-effective, and value-added solutions for uncertainties that must be managed carefully, proactively, and with proper guidance.
Business ethics and anti-corruption
Dispute resolution and litigation
Employment and labor, including employee benefits and executive compensation
Insurance, including director and officer indemnifications
Regulation and investigations
Reputation and defamation protection
Securities, regulation and enforcement
As business increases in complexity, pace and connectivity, managing risk has become the cornerstone of informed decision-making. However, before you can take steps to manage risks, you need to first identify and assess the risks, including how those risks may interact with other potential risks. Try our Legal Risk Radar, which gives you an indication of some of the potential risks to which your company is exposed
If you are uncertain as to the relevance of having a legal risk management review of your business, we will be happy to talk to you about what kind of risk profile your company has and what we would propose to do in order to identify the risks that your company is facing.
We can assist in the structuring of a legal risk management process, conduct the review of specific documents and procedures, assist with the setting up of a legal risk management reporting system and a document management system and a stream lining of various contractual terms across the contract portfolio in order ensure corporate compliance with the risk strategy.
First, and most importantly, you need to know where your company stands in terms of risks:
You should convene an initial meeting to assemble a cross-functional team with representatives from i.a. the BoD, management, legal department, and any other relevant employees who can help identify your risk profile. Consider involving an external advisor to help assess your risks.
Based on your company’s risk profile the team will typically identify a handful of primary risk areas. From there, you will work out each party’s tasks and responsibilities in the process.
The next step is to carefully analyse your company’s risks. The team will need to go through relevant contracts, agreements and other documents, also to identify any mutually affecting risks, such as:
The team should also consider, on a regular basis, the need to adjust the scope of the investigation. For example, the investigations might uncover new risks to be examined. Questions arising should be dealt with continuously, e.g. by interviewing relevant personnel.
Building on the aggregate knowledge accumulated through the initial meetings, the risk analysis, and any interviews conducted, the team will draft a report on the risks identified, including any risks that might potentially arise from any contemplated strategic/commercial initiatives.
At this point, you need to go over the risk analysis with all relevant parties, including the team, the management, and the BoD. Go for an open and constructive discussion and allow everyone to comment on the conclusions and recommendations in the report.
You have now mapped all relevant information about your risk profile and used the data to analyse what you need to do to stay safe in the future.
Now what you need to do is to translate your recommendations into actions. You could do this by drafting an action plan, which might also be the starting point of your new legal risk management strategy. The plan should be realistic and identify what areas you wish to prioritize.
It should include suggestions on what to do about:
Also, your action plan could include suggestions for changed procedures and internal rules.
When implementing new procedures and security measures, it is vital that you make sure to properly communicate these new initiatives and your new risk strategy. You need to convey the message to your staff in a way that makes it something they can relate to; they must know what to do in practical terms.
Moreover, and using the recommendations arrived at, the team should consider the following:
This will give you a clearer view of your company’s risks and (depending on the focus of your investigation) help you avoid lawsuits, ensure compliance, and stand better equipped to tolerate market fluctuations.
To make sure you keep the overview at all times and keep your risk strategy up-to-date on market developments and your own development, it is necessary that your management/BoD ensures periodic follow-ups. These follow-ups could be at management level and with the persons responsible for each area, but which basically includes a test of the assumptions made, a match against the then current risk strategy and corporate strategy and a renewed analysis of the risks at hand – which should now be mapped in the system.
Fraudulent or illegal activities can bring down mammoth organizations, destroy carefully built reputations, and even send employees to prison.
If your legal team isn’t adequately prepared to handle massive fraud cases or if it doesn’t have a plan in place if fraud were to occur, you are leaving your organization open to extreme vulnerabilities.
Increasing numbers of customers are prioritizing green companies. Environmental conscientiousness is also important to many watchdog groups and regulatory agencies.
Poor sustainability practices that do not reduce an organization’s energy footprint or that actually accelerate anthropocentric climate change can hurt a company’s reputation and place it in legal jeopardy. Thankfully, most green initiatives are not complicated to launch and can pay off in real dollars saved. For instance, lower energy use means lower overhead costs. A less toxic environment reduces worker’s compensation claims. Promoting green eating in the company cafeteria can lower health insurance costs.
Companies doing business in highly regulated industries like banking, healthcare, and energy need to be especially cognizant of the latest changes in laws and best practices. If an organization’s employees are unable to manage new and changing legal or regulatory requirements, that organization puts itself at grave legal risk.
Loss of intellectual property occurs when an organization fails to protect and/or enforce its intellectual property rights. Particularly prescient for companies that engage in extensive research and development, loss of intellectual property is a serious threat in a global economic environment.
Due to conflicting national laws and the varied ability of national governments to enforce them, companies that do business across borders run high risks of getting ripped off by unscrupulous hackers, and often, police agencies can do little to stop them. Luxury fashion brands and media production companies have historically borne the brunt of fake reproductions, but today, hackers and thieves can steal any scientific and technological knowledge not protected by secure cyber borders and crack legal teams. Perhaps most disturbing, many technological innovations could be co-opted for nefarious purposes and sold on the international black market.