Legal, Risk & Compliance

Top Priorities for

Legal, Risk &
Compliance
Factors Influencing the Business and Regulatory Environment

Disruption factors

Economic Regulatory Instability Shifts in Public Values and Business Model Operational
Uncertainty and Fragmentation Expectations for Changes Change
Companies

Additional new disruption factors

Emerging Geopolitical Instability and Macroeconomic Labor Shortages Continued Supply Chain
COVID-19 Variants Uncertainty Volatility and the Great Resignation Disruptions
Top 5 Challenges for Legal & Risk and Compliance

1- Day-to-day demands limiting strategic

effectiveness

2- Complexity of third-party risk

management outpacing governance and
technology

3- Compliance program not keeping pace

with stakeholder expectations

4- policies and procedures not keeping pace

with changing regulations

5- Inefficient tools for tracking and

communicating regulatory changes
.
 Misalignment
Between Time
Spend and Priorities
 Step 1: Identify key activities

(sample)

Main categories and activities should account for your major responsibilities but
exclude operational responsibilities (e.g., responding to emails).

Work Categories Activities Comparative Advantage Strategic Importance

Draft supplier agreements Low Low

Legal department work and
management
Manage material litigation High Medium

Corporate strategy and Design crisis management response

High High
execution and strategy
Step 2: Find what’s important

Example: below is a model for determining which work to focus on

Assess the strategic importance and comparative advantage regarding each activity identified in Step 1

Task’s Strategic Importance

• Does this work relate to Knowledge of the
the organization’s strategic Organization
objectives?
• How important is this
activity to helping the
organization achieve its
strategic goals?
• Does the organization
Understanding GC Work
need to develop the of Business Sweet Spot
underlying capability to Strategy
conduct this activity?
Ability to take
on Risk

Comparative Advantage
• Do others possess the
skills, tools and experiences
Legal necessary to complete
Expertise the task?
• Does the work require
specific expertise
• Does the work require an
executive or enterprise-level
perspective?
• How urgent is this task?
Step 3: Delegate

Group Counsel Delegation Matrix

1. Equip staff to handle the work

Provide training, tools and guidance to ensure

legal staff have the skills and insights necessary
to accomplish the tasks.

2. Identify the right person

Consider each staff member’s seniority, skills and
expertise when determining where to delegate work.

3. Delegate early
Delegate appropriate tasks as soon as they reach to
ensure adequate time for completion.

4. Set the right expectations

Communicate expectations and desired outcomes
to reduce the escalation of work and questions to
legal department
1010000000000000
1010000000000000
1010000000000000
Step 4: Third-Party Risks appears after Due Diligence and before recertification. Implementing an iterative approach to Third-Party risk
management will help towards reducing risks.
 Comprehensive Monitoring of Third-Party Risk
(example)

1
.
.
Key Benefits of Effective Strategic Planning

1
Properly aligns legal and
compliance’s goals and
strategic objectives with
those of the company. Aligns Department
Goals With
Company Goals
2
Clearly defines the purpose
of the legal and compliance
Establishes Success department and establishes
Defines Goals
Measures and realistic goals and
Objectives objectives.
4
Provides measurements of
progress and establishes
a mechanism for informed Ensures Effective
change when needed. Use of Resources 3
Ensures effective use of the
department’s resources by
focusing on key priorities.
Step 5: The strategy must support the most critical goals
Process for Building a Strategic Agenda (example)

Corporate Goal
The goal is clear, outcome-oriented, and
challenging but realistic.
Compliance’s Goal

Objectives

Activity Activity Tasks needed to complete in order to meet the

objective.

Metric Metric Numerical values that measure the performance

of activities or behaviors.

Strategic planning requires a realistic

Assess current state of the department
assessment of the current state.
Step 6: Functional Activity Map for Legal and Compliance

The Legal and Compliance functional activity map can help prioritize department investments by assessing the
function’s current performance across core objectives.
Step 7: Sample Legal Strategy on a Page

1 Statement of Legal Strategy:

To help achieve company goals of improving profitability by providing streamlined compliance and legal services and innovations that reduce compliance
and legal risks and enable cost and operational efficiencies

Statement of Legal 2023:

3 Top Urgency Drivers (one or two) 5
Statement of Legal 2023:
2
Top 4-7 metrics describing initial 1. Digitalization is accelerating legal and compliance risks. Top 4-7 metrics describing end
state State
2. Legal drag is inhibiting department growth.

• Legal’s cost as a % of revenue: 1.2% • Legal’s cost as a % of revenue: 1.0%

4 Legal Initiatives (four to seven)
• Percentage of contracts turned
around within designated time frame:
87%
• Increase in satisfaction score
relating to contract turnaround
year- over-year: 0.5 pts
• Total outside counsel cost savings
due to department efficiencies: OMR
200K
• Decrease in percentage of
code violations year-over-year:
7.5%
• Percentage of contracts turned
1. Establish a global counsel shared services center to around within designated time frame:
reduce overall costs. 90%
2. Implement a contracts management system to • Increase in satisfaction score
enhance functionality and improve efficiency of key relating to contract turnaround
processes. year- over-year: 0.5 pts
3. Develop no less than three contract templates for • Total outside counsel cost savings
commonly used agreements. to department efficiencies:
4. Work with IT to create a breach response plan that fits OMR100K
within the current incident response plan. • Decrease in percentage of code
5. Develop a training calendar for key legal and compliance risks; violations year-over-year: 5%
roll out at least two new training sessions by the end of 20XX.

.
6 shifts to make in the legal operating model within 12 months. (suggested plan )

Executing these shifts will enable the legal department to guide the business more effectively

Value driver: The unique contributions and outcomes that the department delivers to the business

- Assess issues rapidly with business-unit leaders to understand how legal creates organizational drag.
- Ensure that leadership consistently champions and incentivizes adherence to processes and technology
- Legal must move beyond providing cost-efficient legal advice, and focus on the speed with which it develops appropriate guidance and efficient governance so business partners
can quickly make good risk-adjusted decisions and pivot with changing conditions

Service portfolio: The essential function and services (e.g., contract drafting and review) the department provides to the business

- How legal services are accessed and consumed by the business units
- critical capabilities, competencies and alignment (to the business) of both individual roles (GC,) and department In fact, 20% of legal department time spent on unplanned, high-
urgency work is wasted.
- Focus on what legal can do to drive the biggest impact on enterprise decision making,
- Understand organizational goals and prioritize enabling legal’s contribution to the decisions needed to meet those goals
- Align resources to decisions that pose high risk to business goals or have high legal and operational uncertainty.
- Agree with functional and business leadership on appropriate service levels for upcoming corporate decisions. Determine which upcoming decisions pose novel legal questions;
codify guidance and try to integrate into business partner workflows. Use business outcomes to evaluate service offerings and decommission legal support as needed.

Delivery model and responsiveness: Enterprise-level responsiveness.

- Fewer touchpoints between legal and the business

- More processes to standardize and embed guidance in business partner workflows
- Faster processes to develop guidance within legal quickly.
- Ensure adequate governance.
Sourcing model: Create a task-based network. Many legal departments now use law firms for the vast majority of outsourced work, but that approach is costly and often time-
consuming

- Network of law firms, alternative legal service providers, project management support and other non-legal providers.

- Types of common legal work mapped to the tasks within each matter category, and the most efficient and effective providers for each task

- Identify strengths and weaknesses of potential providers. Align providers to tasks and risks accordingly (at the right cost).

Technology strategy:

- Active experimentation with capabilities of modern foundational platforms (e.g., Office 365, Google Workspace) and promising situational technologies (e.g., advanced contract
analytics.
- Identify and prioritize technology solutions which can improve legal processes, operational capabilities and business outcomes.
- Work with stakeholders to identify future needs, pressure-test hypotheses and co-create potential solution designs.

Talent strategy

- Skills gaps and mix are identified and adjusted and processes reengineered to align to skills.
- Lawyers and nonlawyers have skills that help build organizational resilience, including analytics, technology, process management and change management skills.
- HR and legal work closely to identify untapped skills within the department, borrow talent from other functions and hire outside of traditional pipelines to find qualified talent.
- HR and legal to create a shared skills inventory across the organization to find available talent with skills to support legal.
- Motivate legal staff to build important new skills by changing goals and incentives