Congregation of Best Consultants to Manage and Mitigate Legal Risk.

Legal risk remains one of the most challenging and least understood risks to manage. Companies, their boards and General Counsels (GCs) face a challenging business environment with exposure to financial and reputation losses if legal risks develop.

Most companies undertake at least some degree of legal risk management every day, via in-house lawyers or consulting with external legal advisers. But as day-to-day tasks and urgencies pile up, it is all too easy to lose sight of the greater picture and the mutually-affecting risks across contracts, departments, and subsidiaries.

WLA Risk Group seeks to uncover these “hidden” risks, including those mutually affecting or mutually accumulating risks that could potentially evolve into a ‘perfect storm’, even if each of those risks individually might have been manageable if only it had been identified sooner.

What constitutes a legal risk, how it should be approached and managed, and by who. General counsel, compliance officers, contract managers, other legal professionals can implement legal risk management within their own domain.

Legal risk management in companies big and small

Whatever the size of a company, the legal risks can vary greatly from section to section, organisation to organisation, etc. Subsidiaries, sections, and employees each have their respective responsibilities, projects, businesses, and authorizations.

If they launch initiatives independently that are mutually conflicting or which, when combined, serve to expose the company to risks, problems can arise sooner than you know it.

Risks may also come about as a result of changes to laws and regulations, outdated routines and procedures, or because the company’s growth or development has caused it to move into other risk zones.

Corporate legal teams handle risk management, legal governance, and compliance issues. In an increasingly regulatory environment that is enhanced by citizen watchdog agencies with large social media followings, legal teams face a challenging task in making sure their companies control legal risks and stay protected from a lawsuit. To do that, enterprises need to ensure that they are accurately capturing, monitoring, and controlling legal risks.

What is the value of a legal risk management plan?

Primarily, these plans help you allocate the resources you need to identify, prevent, and address potential incidents that can put your company at risk of legal backlash.

Strategies for managing risk, complying with legal requirements, communicating with shareholders, and preparing for known uncertainties evolve constantly.

We work with you and your board of directors to avoid problems and resolve those that arise.

We combine deep regulatory and industry knowledge with extensive experience in government relations, litigation, internal investigations, and securities law compliance to provide a comprehensive and holistic approach to problem solving. We provide innovative, cost-effective, and value-added solutions for uncertainties that must be managed carefully, proactively, and with proper guidance.

Our areas of work include:

Business ethics and anti-corruption
Crisis management
Dispute resolution and litigation
Employment and labor, including employee benefits and executive compensation
Insurance, including director and officer indemnifications
Internal investigations
Professional negligence
Regulation and investigations
Reputation and defamation protection
Risk advisory
Securities, regulation and enforcement
Shareholder engagement

Identify your legal risk with WLA Risk Assistance

As business increases in complexity, pace and connectivity, managing risk has become the cornerstone of informed decision-making. However, before you can take steps to manage risks, you need to first identify and assess the risks, including how those risks may interact with other potential risks. Try our Legal Risk Radar, which gives you an indication of some of the potential risks to which your company is exposed

If you are uncertain as to the relevance of having a legal risk management review of your business, we will be happy to talk to you about what kind of risk profile your company has and what we would propose to do in order to identify the risks that your company is facing.

We can assist in the structuring of a legal risk management process, conduct the review of specific documents and procedures, assist with the setting up of a legal risk management reporting system and a document management system and a stream lining of various contractual terms across the contract portfolio in order ensure corporate compliance with the risk strategy.

The WLA Risk Management Process

Preparation and delimitation

First, and most importantly, you need to know where your company stands in terms of risks:

  • What are your risks?
  • What strategic/commercial initiatives do you expect to make in the coming period of time?
  • Who are authorized to do what?
  • What kind of risk management have you had so far?


You should convene an initial meeting to assemble a cross-functional team with representatives from i.a. the BoD, management, legal department, and any other relevant employees who can help identify your risk profile. Consider involving an external advisor to help assess your risks.

Based on your company’s risk profile the team will typically identify a handful of primary risk areas. From there, you will work out each party’s tasks and responsibilities in the process.

Risk analysis

The next step is to carefully analyse your company’s risks. The team will need to go through relevant contracts, agreements and other documents, also to identify any mutually affecting risks, such as:

  • Loan agreements
  • Partnership agreements
  • Licence agreements
  • Supply and purchase agreements
  • Insurance.


The team should also consider, on a regular basis, the need to adjust the scope of the investigation. For example, the investigations might uncover new risks to be examined. Questions arising should be dealt with continuously, e.g. by interviewing relevant personnel.

Building on the aggregate knowledge accumulated through the initial meetings, the risk analysis, and any interviews conducted, the team will draft a report on the risks identified, including any risks that might potentially arise from any contemplated strategic/commercial initiatives.

Action plan and recommendations

At this point, you need to go over the risk analysis with all relevant parties, including the team, the management, and the BoD. Go for an open and constructive discussion and allow everyone to comment on the conclusions and recommendations in the report.

You have now mapped all relevant information about your risk profile and used the data to analyse what you need to do to stay safe in the future.

Now what you need to do is to translate your recommendations into actions. You could do this by drafting an action plan, which might also be the starting point of your new legal risk management strategy. The plan should be realistic and identify what areas you wish to prioritize.

It should include suggestions on what to do about:

  • Current risks, based on current situation
  • Potential future risks, based on future strategic and commercial plans
  • The immediate threats that are facing all businesses due to the global, general uncertainty.


Also, your action plan could include suggestions for changed procedures and internal rules.


When implementing new procedures and security measures, it is vital that you make sure to properly communicate these new initiatives and your new risk strategy. You need to convey the message to your staff in a way that makes it something they can relate to; they must know what to do in practical terms.

Moreover, and using the recommendations arrived at, the team should consider the following:

  • Renegotiation of agreements
  • Corporate-law changes
  • New internal authorizations
  • Employee matters, e.g. rectifying invalid clauses
  • Negotiations with authorities and other parties
  • Insurance matters, e.g. avoiding under-insurance
  • Drafting of new standard contracts
  • Information letters
  • Implementation of document handling and risk categorization systems, etc.


This will give you a clearer view of your company’s risks and (depending on the focus of your investigation) help you avoid lawsuits, ensure compliance, and stand better equipped to tolerate market fluctuations.

Periodic follow-up

To make sure you keep the overview at all times and keep your risk strategy up-to-date on market developments and your own development, it is necessary that your management/BoD ensures periodic follow-ups. These follow-ups could be at management level and with the persons responsible for each area, but which basically includes a test of the assumptions made, a match against the then current risk strategy and corporate strategy and a renewed analysis of the risks at hand – which should now be mapped in the system.

Here are the top risks that concern legal teams


Fraudulent or illegal activities can bring down mammoth organizations, destroy carefully built reputations, and even send employees to prison.

If your legal team isn’t adequately prepared to handle massive fraud cases or if it doesn’t have a plan in place if fraud were to occur, you are leaving your organization open to extreme vulnerabilities.

Lack of adequate energy management strategies

Increasing numbers of customers are prioritizing green companies. Environmental conscientiousness is also important to many watchdog groups and regulatory agencies.

Poor sustainability practices that do not reduce an organization’s energy footprint or that actually accelerate anthropocentric climate change can hurt a company’s reputation and place it in legal jeopardy. Thankfully, most green initiatives are not complicated to launch and can pay off in real dollars saved. For instance, lower energy use means lower overhead costs. A less toxic environment reduces worker’s compensation claims. Promoting green eating in the company cafeteria can lower health insurance costs.

New and changing regulations

Companies doing business in highly regulated industries like banking, healthcare, and energy need to be especially cognizant of the latest changes in laws and best practices. If an organization’s employees are unable to manage new and changing legal or regulatory requirements, that organization puts itself at grave legal risk.

Loss of intellectual property

Loss of intellectual property occurs when an organization fails to protect and/or enforce its intellectual property rights. Particularly prescient for companies that engage in extensive research and development, loss of intellectual property is a serious threat in a global economic environment.

Due to conflicting national laws and the varied ability of national governments to enforce them, companies that do business across borders run high risks of getting ripped off by unscrupulous hackers, and often, police agencies can do little to stop them. Luxury fashion brands and media production companies have historically borne the brunt of fake reproductions, but today, hackers and thieves can steal any scientific and technological knowledge not protected by secure cyber borders and crack legal teams. Perhaps most disturbing, many technological innovations could be co-opted for nefarious purposes and sold on the international black market.