When negotiating an agreement recently I asked the counterparty's Lawyer, who was being unnecessarily intransigent, “What level of risk do you think your client would accept?” His answer, “none”.
We come across this 'black letter' view of risk often, particularly with more junior Lawyers.
There are other equally limiting perspectives:
We will call this the one-dimensional view of Legal risk management – risks of any impact should be avoided.
This frustrates counterparties, slows down transactions and creates a drag on business. It is perhaps the central reason Lawyers get branded as ‘un-commercial’.
Leading Legal professionals take a different view. They understand the key to risk management is moving insightful risk information from the 'informed' (i.e. Legal) to the 'risk empowered' (i.e. management) to respond.
Putting this simple concept in action, however, requires investment in core risk competencies such as: expansive risk sourcing, consistent risk prioritisation, agile risk response, and the ability to translate Legal risk into commercial consequences.
The very nature of any contract implies both parties accept some form of transactional risk, and Legal risk is typically only a small percentage of the overall enterprise risk. In fact, research by CEB (a consultancy) suggests that ‘Legal and Compliance Risks’ have triggered only 6% of significant risk events in the last 50 years of corporate history. And the majority of that was a result of regulatory actions and large litigation.
Conventional wisdom has suggested risks are two-dimensional, in other words, risks should be prioritised based on their impact and probability.
However, there is still a blind spot. This methodology suggests that two similarly rated risks have the same potential to destroy shareholder value.
It doesn't take into account the speed at which the risk will materialise or the relative potential to mitigate the risk. There needs to be a third dimension of risk management.
Take an example from everyday life. As an Australian male I am 13 times more likely to die from heart disease than from a transport accident. Clearly both risks are high impact, yet heart disease is many times higher in probability.
Here is where the traditional two dimensions fall down; with heart disease I am likely to have many years and opportunities to mitigate the risk – avoiding cream buns for example. A car crash will happen in seconds, and I won’t be able to do much to save myself in those few seconds.
What we need is a third criterion that embraces the velocity of the risk and the potential to mitigate it. At Plexus we call this ‘risk resilience’.
We define resilience as 'the speed to which an organisation can detect and mitigate a risk'.
A manufacturing client of ours recently shared an example of where this played out.
They had prioritised their review of procurement contracts based on the dollar value of the agreement.
An engineer purchased a $1,000 piece of equipment which, because of its quantum, did not require any Legal review. The equipment subsequently failed, shutting down the plant and costing the company tens of millions of dollars. They discovered they had no recourse for consequential loss in the vendor’s agreement.
Hence, although the risk in this agreement was, at first glance, low impact/low probability the company had very low resilience if the product failed.
Placing an importance on acknowledging the future of risk management, Plexus applies the simple matrix above to help Legal functions more effectively prioritise their involvement in activities like contract review.
Not only does this improve prioritisation of potential risks, the business loves the approach. It increases the responsiveness of the Legal function and, when applied on an individual contract (clause) level, it gives a far clearer picture of the risks within a contract, allowing them to make informed commercial decisions with future risk management in mind.
As Machiavelli said ‘All courses of action are risky, so prudence is not in avoiding risk, but calculating risk and acting decisively.’
As the global economy moves faster and becomes increasingly volatile, organisations must radically evolve their operating models to more dynamically identify and respond to opportunities and threats. Plexus helps leading GCs shift their organisational design, evolve their talent competencies and digitise their functions to deliver faster, most cost-effective and more agile legal support.
One of our consultants will be in touch ASAP to answer your questions and determine your requirements.
Want to speak to someone instead? Call us on 1300 983 907
One of our consultants will reach out to you shortly.
No matter where you are in your legal transformation journey, these resources will help you refine your strategy to stay best-in-class.
Read the guide
Digital technologies have proven to be highly valuable in improving efficiencies and reducing costs in Biotech operations. This is particularly evident within their Legal functions.
Read the article
Plexus CEO, Andrew Mellett, shares the 5 trends that will drive Legal strategies in 2023.
Read the article
We’ve crawled the internet to find the best legal industry podcasts so you don’t have to.
Read the article
Building on the helpful tips from conversations with General Counsel, Anna Lozynski former GC L'Oréal shares her tips on securing budget for legal technology.
Read the article
Find out how Lendi Group's marketers are launching their campaigns faster with legal compliance automation.
View the case study