Ahead of this month's Corporate Governance and Risk Forum 2013, Alex Newman hears from some of the in-house lawyers faced with managing an ever-expanding portfolio of risk management and reputation safeguarding

Beyond their day-to-day work looking after legal matters and relationships with external counsel, it is worth taking stock of the increasing amount of risk management advice being sought from a modern company's most senior lawyers. Increasingly – or so we hear from senior in-house counsel – corporate boards look to their general counsel to not only manage legal issues, but to have a role in all areas of governance and risk. Regulation, and the management of the company's relationship with regulators, is of course at the top of the work agenda for many GCs. But more and more in-house lawyers are being asked to help out in areas such as safeguarding and monitoring data protection and the threat of cyber-attack. Another crucial area for GCs is the legal team's contribution to reputational risk management. For Joanna Talbot, BAE Systems' chief counsel for compliance and regulation – who will chair this month's Legal Week Corporate Governance and Risk Forum – it is a trend she knows well, having moved into her current role this summer after five years as the weapons manufacturer's head of dispute resolution. As compliance head, the former Clyde & Co lawyer has overall global responsibility for compliance, export controls, litigation, anti-corruption and regulatory investigations at the defence and aerospace giant. "A lot of what a strong in-house team should do is look at both financial and non-financial risk," she comments. "Regulatory and compliance lawyers can't just be specialists in one or two areas. There is a trend towards the diversification of the role." Of the upcoming event, she says: "What is interesting about this year's forum is the variety of discussion topics. A few years ago, discussion would all be around anti-bribery and corruption, whereas now the broader programme reflects the breadth of risk management on in-house lawyers' desks." Given the complexity and size of its business – as well as its recent history – it is quite understandable to see a company such as BAE devote considerable resources to compliance and reputation management. In 2010, the company reached a $400m (£247m) settlement with the US Department of Justice over conspiracy to make false statements during an investigation into allegedly corrupt deals, as well as shelling out a £30m fine to the Serious Fraud Office over book-keeping irregularities. The challenge to smaller or less-resourced legal teams, which may not have had the experience of a sustained global investigation, is managing and prioritising reputational risk in all its forms.  Indeed, one of the sessions at the Corporate Governance and Risk Forum will explore this topic directly. Of course, the ideal position for a GC is to have a compliant company with a strong corporate governance culture and awareness of the key business risks. But even with such safeguards and forward planning, the nature of risk means it cannot be entirely mitigated: things will go wrong. Well-managed teams and clear procedures notwithstanding, one of the keys to effective risk management appears to be maintaining open channels of communication with the public, the regulator and the rest of the business. karen-clayton-cutout-webReputational risk One significant source of daily concern, particularly for listed companies subject to the whims of the stock market, is reputational risk. For Karen Clayton ( pictured), general counsel of National Grid, working with the public and media-facing elements within her organisation is paramount to both the prevention and limiting of legal risk. "In my role, I've been very lucky in that I've never had the problem of being kept out of the communications and PR arena," she commented at a recent Legal Week event for in-house lawyers. "It's always been the case that every significant commercial decision – whether it be an action, or a reaction – has involved the legal department." But while Clayton thinks legal and PR teams should be "joined at the hip" and acknowledges the shared interest "to act in the best interests of the company and protect shareholders", she nevertheless feels lawyers need to focus on legal risk, rather than brand. "My experience is that lawyers have erred on the side of giving less information to the public, whereas communications professions have erred on the side of giving more." For ITV general counsel Andrew Garard, one of his formative experiences in balancing reputational and legal risk came in 1998, when – as deputy general counsel of Reuters – he received a call saying that the FBI had arrested a number of the company's employees over an alleged theft of data from competitor Bloomberg. "It became very apparent that the company's legal and PR departments' strategies weren't aligned," says Garard. "We managed to persuade the chief executive that the company's value depended on fighting these allegations, and we did that by making sure – for a short time – that the PR team reported in directly to the legal team." In an arguably less dramatic event, but of equal reputational significance, Garard was in 2008 asked by then ITV chairman Michael Grade to lead the broadcaster's response to the phone vote-rigging scandal. His approach was to look to defuse any potential reputational and legal risks as quickly as possible. "We needed to be seen to be transparent and that we had nothing to hide," he recalls. "We adopted a line with the PR team straight away that we were going to apologise." For the GC of a company in the spotlight then, risk management is also a case of tactical acumen and communicating a message at the right time – to both regulatory and non-regulatory watchers. In the eyes of Elaine Harris, European GC at Bare Escentuals, risk management can also extend to working with external advisers who send a more co-operative message to the market. "I'd rather instruct someone who is 95% competent but who has a relationship with the regulator, rather than someone who is a leader in their field but overly aggressive, because it puts their backs up, and you get less," she recently acknowledged. For Garard, open channels with regulators themselves are essential to managing risk. "To a large extent it is about personal relationships," he says, noting that ITV now "achieves more through dialogue", having moved on from a more "combative" relationship with the media regulator Ofcom. Clayton, who at a recent event vied with Garard for the title of 'most regulated UK company' adds: "We have always been very minded not to be combative in our communications about or with the regulator, unless there is a shareholder value issue at play. You have to pick your battles." For more on this subject, see The risk revolution – how are corporate counsel tackling an ever-changing regulatory landscape? |