Identify, measure, and communicate legal and compliance risk in a whole new way. Lawyers, compliance officers, contract managers, and other legal professionals can discover how to measure and manage legal risk more effectively. "6 Steps to Legal Risk Management" provides practical guidance on developing a risk management framework and adapting it to legal and compliance risk. The approach is based on the internal risk management standard: ISO 31000.
6. Quantitative model
Predictive analytics
Empirical, internal data
Relevant external data
Validated external models
No risk management
Incident response
Ad hoc case management
Constant surprise
Assumed uniqueness
Qualitative model
Expert based assessment
Empirical data
Forward leaning
RISK MANAGEMENT
7. Objectives of the framework
!
Simple but not simplistic
!
Scalable but not overbearing
!
Adaptable but with clear guidance
!
Practical but not regimented
22. Recognize legal risks
!
Hazards: physical harm
!
Events: single occurrence
!
Situations: enter new foreign market
!
Scenarios: counterparty does X, Y, or Z
23. Record legal risks
Risk register: list
!
Risks: name
!
Likelihood: simple scale
!
Consequence: simple scale
!
Risk rating: simple scale, combination
28. Likelihood of legal risks
!
!
Discovery: likelihood that other party learns
Decision: likelihood of adverse decision
29. Likelihood of discovery
!
Contracts: counterparty learns and sues
Regulations: agency attention and review
!
Litigation: aggrieved party motivated
!
Structural changes: legislative, industry focus
30. Likelihood of decision
!
Contracts: validity of legal theory
Regulations: certainty of violation
!
Litigation: probability of adverse decision
!
Structural changes: certainty of adoption
31. Consequences of legal risk
!
!
!
Damages: (primarily) economic loss (or gain)
Frequency: number of occurrences
32. Damages from legal risk
!
Contracts: agreed, implied fees and penalties
Regulations: fines, penalties, orders
!
Litigation: range of damages, attorney’s fees
!
Statutory changes: operations, reporting, …
!
!
!
33. Frequency of legal risk
!
Contracts: form contracts, repeat behavior
Regulations: single incident, business practice
!
Litigation: jurisdictions, plaintiffs
!
Statutory changes: jurisdictions, scope
!
!
!
36. Legal risk register, simple
Risk title to easily find and refer to item
!
Risk description to capture the scope
!
Likelihood rating with 5 point scale
!
Consequences rating with 5 point scale
!
Risk rating which is a combined rating
!
37. Legal risk register, less simple
(the simple list, plus)
!
Risk control process, tool to prevent risk
!
Risk control effectiveness effect on rating
!
Risk treatment process, tool to change risk
!
Risk treatment effectiveness effect on rating
!
44. Legal risk treatment options
!
!
!
Modify risks so that residual risk is tolerable
!
45. Legal risk treatment options
Avoid by not starting or continuing
!
Increase to pursue opportunity
!
Remove source of risk
!
Change likelihood and/or consequences
!
Share with contract or insurance
!
!