It’s difficult to be part of any business and not hear about “risk.” It’s everywhere. Risk is the new black. It’s on the lips of every CEO, CFO, and board member, as it should be. And, anything that is important to the board and the C-Suite, is important to the legal department. In fact, over the past five or so years, one of the key responsibilities businesses are placing on in-house lawyers is spotting and managing risk. The business wants its in-house lawyers to be the ones who sniff through virtually every situation looking for risk (legal or otherwise). What this means is that, more and more, in-house counsel need to be masters of the company’s business operations and strategy (both short and long term), because you cannot successfully spot and manage risk unless you understand how the company operates and where it wants to go.
Generally, when asked about risk, most in-house lawyers respond retroactively, i.e., they talk about risk in terms of things the company has already experienced – a recent lawsuit, a data breach, an internal investigation, etc. While this is helpful, it is only part of calculus of identifying risk. The harder part (and the more valuable skill) is being able to look forward and see risk. While a more valuable skill, my experience is that there is little to no training around how to “look for risk,” let alone how to evaluate it or report it out. For many in-house lawyers, it is largely a self-taught skill. My goal here is not to write a treatise about risk or risk management. I have read enough of those types of articles to know that they look really impressive, have complicated charts, graphs, and formulas, but most are hard to apply in the everyday, fast-paced in-house world. I want to set out a handful of simple ideas and processes you can use to spot and identify forward-looking risk and to evaluate and manage that risk alongside the business. This edition of “Ten Things” will discuss a few guidelines that will help you be better able to fulfill the demand from the business that you become “Risk Spotter in Chief” or, as I was often called, the “Risk Guy:”
As I mentioned in my last post (January 8), over the next few weeks I will dive deeper into some of the sample department “goals” I set out in that article. Today I will focus on this goal: “Build and retain extraordinary team with exceptional people.” I always put my “people goal” first because I truly believe that nothing gets done in legal unless you have top talent that is motivated and happy in their jobs. How do you keep and reward people so they stick around? The obvious answer is to pay them well, have a good performance bonus program in place, and let them share in equity plans. The problem is, for many reasons, it usually is not fully in your control to make any of these three things happen. For purposes of this article, I am going to assume that you are doing what you can for your team around salary, bonuses and equity and, instead, focus on some low-cost ways you can reward/recognize employees.
It’s hard to recall a more disconcerting feeling than getting a copy of a lawsuit filed against your company. If you have no experience with litigation, this can be a panic-inducing moment. And no matter how experienced you are handling litigation, your stomach will start to flutter as you read through the allegations.
I was a litigator in private practice and I definitely saw my share of litigation, big and small as in-house counsel. Over the course of that time, I developed a standard list of “things to do” when a lawsuit came across my desk. I did this because it’s easy to forget some basic things you need to do up-front to put yourself in the best position to defend the claim. Below are ten things to do when your company gets sued (I have added links to additional resources in key spots).
As in-house counsel, you already know that poorly drafted documents, especially emails, can hurt your company, e.g., M&A deals can get derailed or litigation extended. You can find examples every day of “bad” emails being read in court. Labels like “confidential,” “company private,” “restricted,” and “proprietary” will not protect documents from being obtained through proper legal process.
Document requests in litigation or government investigations are broad, typically calling for correspondence, hand-written notes, agreements, drafts, email (email back-up tapes), sent files, deleted emails, calendars, spreadsheets, documents on tablets and smartphones, graphs, expense reports, voice mail, meeting agenda, calendar entries, copies of media articles, etc. Consequently, it’s important that your business colleagues understand the importance of properly prepared documents and emails (and the potential harm from not doing so).
Below are ten things you can use in your daily dealings and conversations with the business to help limit problems that can arise from poorly prepared documents. I have included some links to other resources as well. A lot is focused on emails, but the rules apply to pretty much any written communication (including instant messages and recorded voicemails). Feel free to cut and paste these into your own check-list or email (or however you best can get the word out at your company).
As we head into the holiday season, this is the perfect time to give your anti-bribery program a health check. For those in the U.S., we tend to focus on the Foreign Corrupt Practices Act when thinking about anti-bribery laws. However, if you work for a company that operates globally, you know that many countries have anti-bribery laws and you need to be aware of those requirements as well. Enforcement of the FCPA/anti-bribery laws is not going away. In fact, in my opinion, it will get even more intense over the next few years. Given the level of fines and the reputational risk at stake, it’s important to ensure you are taking the right steps to give your employees the tools they need to stay on the right side of the line. At my prior company, we typically used the advent of the holiday season as the time to take a number of steps relating to FCPA/anti-bribery compliance. Below are ten things you can do now to help ensure compliance with anti-bribery laws. In key spots, I have included links to articles or websites with additional information you might find helpful.