The focus of legal risk management or LRM is to control and manage an organization’s legal risks, which in countries such as the United States are numerous and diverse.
Legal risks includes risks such as product related risks, litigation and class action risks, data privacy risks, contract risks, antitrust related risks, IP risks, reputational risks and other risks such as employment, HR and credit.
Legal risk management processes are primarily designed and implemented to engage in preventative projects, such as counseling the organization regarding insurance matters, developing risk management processes, and administering training programs.
As well as involvement with legal defense activities, such as coordinating the company’s defenses against product safety litigation and claims, responding to product-related investigations, and analyzing governmental reporting responsibilities vis-à-vis the company’s various products.
Legal risk management not only plays an important part in the success or failure of a corporation, but it is so important that it must be elevated to the board of directors or governing body of a company or organization.
As the board of directors of a company owes a fiduciary duty and obligation to the corporation, such duty requires a board of directors (BOD) that is fully informed and knowledgeable on major issues of risk. Whether it is ERISA issues, compliance issues, SOX, currency risk, antitrust, M&A issues, etc., the BOD must be fully informed to make the appropriate decisions involving the management of the company.
Due to its very nature, the BOD or governing body cannot escape its fiduciary obligations with regard to understanding and approving LRM processes.
Therefore, not only does the legal, risk management, credit and insurance departments have a hand in managing LRM, but upper management including the BOD has a fiduciary obligation to review and oversee LRM processes as well.
By controlling and managing legal risk, an organization is able to control its future. Without adequate LRM processes, a company is exposed to claims, lawsuits, fines, and investigations. Not a day goes by where some governmental investigation or lawsuit is not reported in the local newspaper.
These days it is a common occurrence. Therefore, it is imperative that an organization understands the role that LRM plays in an organization and that adequate systems, processes, and procedures be implemented to minimize, control, and transfer such legal risk.