If businesses are to prosper in a risky environment, it is vital that in-house lawyers instruct the board on future strategy, says Bond Pearce's Nathan Peacey

In a telling observation one corporate counsel commented at Legal Week's recent Corporate Governance and Risk Forum: "Someone has to step up and take the lead in ensuring that your company has a strong corporate culture."

In-house lawyers have a real opportunity to add value to their business in the increasingly complex risk environment that we operate. Corporate counsel are increasingly seen as part of management team, sought out for decisions based on values as much as the law and are finding themselves increasingly being held to account. This is in stark contrast to the traditional arm's-length legal adviser role. It brings with it a strong leadership position for GCs to influence the board's approach to managing risk and compliance. An increasing number see this as a chance to infuse a positive approach to managed risk to allow their organisations to prosper. 

peacey-nathan-webThe regulatory and risk context 

Regulatory change and risk management is a concern for 80% of in-house lawyers according to a recent Deloitte survey. It is part of the wider overall risk management landscape of all businesses and a key component of sound corporate governance.

Effective risk management increasingly requires a holistic view to be taken by the business. The financial crisis and the increasingly crowded global marketplace means international and e-commerce markets are often the only realistic source of growth.

There is also real pressure on natural resources and mounting demand to be sustainable from a variety of stakeholders, investors, consumers, non-governmental organisations, employees and the media. This creates a whole raft of physical, political and reputational risks alongside purely legal regulatory risks (eg the nationalisation of Repsol in Argentina).

In-house legal teams are well placed to play a key role encouraging, cajoling and challenging to ensure a holistic and strategic response to these myriad risks. They understand the legal perspective and the risk and reputation elements.

Engaged corporate counsel have an understanding of the jigsaw puzzle that makes up the business, the link between regulatory compliance to brand, reputation and value. A good legal function refreshes more parts of the business than most other functions reach.

From compliance to commercial thinking

Legal advice is no longer just about 'not getting it wrong' – it's about getting it right and adding value. At the event we observed GCs from a range of backgrounds enthusiastically describe how they had taken a proactive approach to finding solutions and delivering competitive advantage.

One described this as ripping up the handbook. The drive and commerciality was evident, as was the notable desire of this group to be at the heart of their business, which augurs well for the future. 

Different ways in which legal functions exert influence emerged. For some, formal membership of business committees ensured involvement at the early stages of projects.

Several GCs agreed this was a way of guaranteeing the business always involved legal. Others felt formal roles weren't necessary as long as you advised on how to do business and get round obstacles which gave credibility. The key message was to rise above pure legal and make sound judgement calls.

GCs now feel most of their time is spent on influencing and implementing solutions, with only a fraction of this spent on legal risk evaluation. Explicit legal evaluation is only really required when the initial response is not trusted by business. 

Robert Ivens of Marks & Spencer believes that early involvement in their Plan A project to become a more sustainable business meant that while there were regulatory issues, these were identified and dealt with early on and did not impede progress. 

Janet McCarthy, from Mitsui & Co Precious Metals felt she earned trust by sitting among her colleagues on the trading floor and actively helping them do business. By very visibly demonstrating how lawyers can help she had achieved the trusted adviser position. 

Breaking down barriers to risk management 

Different departments often have responsibility for different areas of risk in an organisation – an anti-corruption investigation might be outsourced to lawyers (as with Macfarlanes' role in the Bumi investigation), data protection may be a compliance function and the safety, health and environment team might respond to fire safety enforcement action. Who deals with regulatory compliance within overseas supply chain or indeed the ethical behaviour of the overseas supply chain?

Legal will always be drafted in when something goes wrong – and they then need to ensure lessons are learnt and governance across the whole organisation is enhanced. But legal can also break down internal silos by inquisitive questioning and by taking on formal risk roles.

We have heard of a fascinating example where management agreed to make those who are responsible for driving business results also accountable for the associated risks. For instance, marketing having a formal responsibility for ensuring data protection compliance. 

In house can factor 'non-legal' into risk analysis

GCs say risk management is not discussed enough at board level. GCs can change that. They can do this by playing on reputation, balancing the savings that may be made from taking short cuts against the risks of getting caught.

The example of BP getting sued in Texas for allegedly misleading statements in its annual report about its safety record succinctly demonstrates the potential risks.

More enlightened businesses have effective mechanisms to engage legal in that process by including representatives on risk, compliance and even audit committees.

Lawyers' skills and analytical approach enables them to lead those groups in the proactive presentation to the board of a prioritised list of risks (broader than, but including legal risks) collated from across the business.

We have seen a range of roles for legal in that. Some are formal. We know of at least two large multi-nationals where a lawyer heads the risk committee wearing a business, as opposed to legal, hat.

For many GCs, the Holy Grail is to establish a reputation that makes them a sounding board for the business heads. 

Where corporate counsel has a company secretarial role they have a real opportunity to influence the board agenda to ensure the executive engage in robust discussions on strategy. An effective board will have identified which risks it seeks to generate a return from and which risks it seeks to avoid. It will also re-visit and re-examine the risks to the strategy and review the risk appetite and legal can help this through its various avenues of influence.

Landscape scanning 

Legal teams can also take the initiative by finding the time to scan the horizon for changes that will influence how their organisations do business three or five years hence. And by using that to adapt ahead of time, find first mover advantage or at least not be caught unawares.

Savvy external lawyers with relevant sector expertise are helping their clients do exactly that. Savvy in-house lawyers are re-engineering their legal function to give themselves headroom – for example, by outsourcing blocks of work to regional firms and non-law firm providers to create thinking time. 

Justine Campbell from Vodafone commented that operational risk is relatively easy to define. The real value is looking three years ahead at legislation and political change and assessing the business impacts. Creating the time to step back to do this as well as educate the business that forthcoming legislation requires change and lead in time is critical. 

Ivens felt legal had to get the business to focus on what is coming down the tracks in up to three years' time. This helps the business set an acceptable level of risk – while not eliminating it completely and still remembering that the business owns the risk not the lawyer. 

The sustainable legal function

In larger organisations, GCs rely on their legal function to support this changing role. An emerging risk management theme for GCs is to build and maintain an effective legal function. The need for a sustainable legal function as it evolves into a complex structure larger than many law firms dovetails neatly with the broader theme of sustainable business.

This challenge takes on numerous guises. Meeting the more for less challenge is an obvious one. Building and motivating an effective team where the career structure leads to only one GC is another, as is the training needs of junior lawyers adapting to in-house. An effective and sustainable legal function, to support an effective and sustainable business must be the aim.

Risk, like ethics, must be the collective responsibility of the board. But corporate counsel can and should act as guides on risk, as they do with ethics.

While legal may still to varying degrees be pedalling uphill, they can ensure their influence, their broad perspective and their independence is used to draw together the compliance, risk, audit and legal function to facilitate a boardroom strategic response to risk. In an increasingly transparent business world, the temptation of a risk-averse approach is clear but it is those who proactively manage risk with a carefully balanced approach who will see commercial success.

Nathan Peacey (pictured, top) is head of regulatory at Bond Pearce.