Last week I had the privilege of co-hosting the KBLA’s first seminar on Legal and Operational Risk Management. The primary focus was on legal risk management (LRM) and how risk management techniques can be used by in house counsel and managers to proactively address legal risks within a corporation. The interest in the seminar was overwhelming with many in house counsel, managers and even CFOs showing up. I want to thank those who attended the seminar for showing interest in a topic that in the long rum is of vital importance to the long term interests of today’s companies and organizations.
The lessons I tried to impart to the younger lawyers in the audience was the fact that though they are trained to be reactive ( the practice of law is by its very nature reactive) they must start thinking in risk management terms if they want to properly manage and mitigate legal risks. This is especially true when thinking about using scarce resources to address certain risks within a corporation. The solution is to think in terms of risk management. So, we discussed how to identify legal risks, analyze them and implement a risk mitigation plan that mitigates, controls and even transfer risks. And of course, we talked about risk versus opportunities. Risk can in fact be a good thing but at what cost?
I also addressed to topic of legal risk management to the managers in the audience as well. Though I pushed the lawyers to think like risk managers, it doesn’t help if management, especially line managers and middle managers, refuse to offer assistance. Much of the data that is needed as well as the support will come from management, such as the IT folks, finance, marketing and sales. Even logistics or supply chain. Obviously, if there is a risk regarding unauthorized publication of confidential information, the IT department must get involved. If there is a risk that product will not be delivered as per contract for supply chain reasons, the logistics department may have to get involved.
In essence, managing risk is not only something that should concern risk managers, or even lawyers, but all layers of management. Risks are everywhere. They are increasing at an unprecedented rate due to the internet and the digital society we find ourselves in. Not only are companies exposed to crisis they did not have to worry about 20 years ago but the fact that today’s business environment is an unfriendly one for many companies speaks volumes about the risks facing companies.
So fromWhen a legal standpoint, stop thinking only in terms of reacting. Stop thinking only defensively after the fact. Think proactively. If you don’t think proactively, it may be too late once the risk event actually happens.