PART ONE
A general guide to legal risk management and reporting
01
The business case for legal risk
How to articulate legal risk to your business
Legal risk is the risk of financial or reputational loss that can result from lack of awareness or misunderstanding of, ambiguity in, or reckless indifference to, the way law and regulation apply to your business, its relationships, processes, products and services.
Introduction
Legal risk is ill-defined and poorly understood in business. Surveys carried out by international law firm Berwin Leighton Paisner in 2013 and global professional services firm Ernst & Young in 2016 provide evidence of a striking lack of confidence in understanding legal risk; and a similar lack of confidence in businessesâ ability to prevent legal loss. There are many ways in which legal risk can result in legal loss, and legal losses often materialize through litigation costs and regulatory fines. Using this measure the cost of legal losses can be estimated at over $100 billion per year in just the financial services sector. Outside of financial services, businesses in the United Kingdom, United States, Brazil, Germany, Switzerland and Australia â and in energy and manufacturing, banking and insurance â have suffered billion dollar losses as a result of legal risk. In many cases the reputational damage has dwarfed the direct financial losses. Because the cost of getting legal risk wrong is so high, we believe there is a clear need for businesses across all sectors to improve their understanding, and invest in programmes to identify and manage legal risk proactively before losses are incurred.
The secret to managing legal risk proactively â and protecting your business from legal loss â is to understand where legal risk comes from. So although this book, and this chapter in particular, contains many examples and stories of how legal risk can lead to unwanted headlines and huge financial losses, at its heart we set out a system to identify, quantify and mitigate the root cause of these losses. Our system is founded on a simple definition of legal risk (above) that we will explain in full towards the end of the chapter. Our definition provides a clear scope to legal risk management in your business and grounds legal risk management in operational practice. We focus on operational practice deliberately. Although the law itself can change, and later in this book you will read how regulatory attitudes have moved ahead of common business practice in some sectors, your exposure to legal risk results from the way your business interacts with law and regulation in its current and future state.
In this chapter you will read about the cost of getting legal risk wrong. More important, you will learn the five key ways in which your business practices interact with the law, and read 18 descriptive examples that will enable you to pinpoint legal risk in your business and so take the first steps to mitigate its impact.
Legal risk definitions are central to proactive legal risk management. They set the boundaries for your discussions with the business.
How legal risk results in financial and reputational loss
Petrobras, Volkswagen and the financial services sector
The financial cost of legal risk is indisputable. In the banking sector, legal losses cost 10 of the worldâs largest banks $40 billion per year over the last five years (CCP Research Foundation, 2016). As an example of why those fines were imposed, in 2014 the cumulative fines for banks involved in fixing Libor rates added up to more than $3 billion. Libor is the overnight rate used to set inter-bank lending rates in the financial markets. When traders take advantageous positions through advance knowledge of what the rate will be, it is potentially a criminal offence and for the companies involved a clear failing in their duty of care to the market. Regulators in the United Kingdom and United States imposed eye-watering fines on the banks involved in fixing the rate, and the cost of the investigations, lost revenue and legal defence added up to many more billions.
However, it isnât just financial costs that you need to worry about. The reputational damage caused by Libor and other conduct-related scandals in the wake of the financial crisis has contributed to a shift in public perception of the banks and a much tougher regulatory regime. All banks have suffered and are being required to change the way they operate, invest heavily in new structures, and be transparent about the benefit they deliver to their customers/clients. The total cost to the sector of these changes could easily add up to trillions of dollars.
Outside of the banking sector, individual losses resulting from reckless indifference to law and regulation (a core element of legal risk) can be even more eye-watering. You will read more in the next section about how Petrobras lost 62 per cent of its market value in the wake of its corruption scandal, and how the cost to Volkswagen of its âcheat deviceâ was reported in 2015 at around $5 billion. These two companies are also clear examples of how legal risks can damage your brand and the long-term health of your business. They also provide data that help you quantify the reputational impact of legal risk on a business, a sector or a nation.
The impact of legal risk on Petrobras and brand Brazil
Petrobras (Petroleo Brasileiro SA) is the huge state-controlled Brazilian energy company at the heart of probably Brazilâs biggest corruption scandal. In March 2014 former Petrobras director Paulo Roberto Costa was arrested in connection with an investigation into alleged corruption charges. Despite vocal support for Petrobras from the Brazilian president, Dilma Roussef, in September that year Costa named government officials as being involved in the corruption. In 2015, as more details emerged, Petrobras continued to generate international headlines: prosecutors alleged that executives colluded to inflate the price of contracts, giving pay-offs to lawmakers and other officials to fund political campaigns. The immediate effect on the value of the company was significant, with a drop in market value of 62 per cent. The company replaced its executive team and created a new position of chief governance, risk and compliance officer to replace its previous chief international officer. Estimates at the time, based on a calculation of projects that were overstated, valued the cost to Petrobras of the corruption at $2 billion.
Many cases for anti-competitive behaviour are yet to be taken into account in those figures, but even so the numbers pale in comparison to the negative effect on the national brand of Brazil. Petrobrasâ individual contribution to direct loss of Brazilian GDP has been calculated as $27.1 billion (or 1 per cent of total GDP) (International Finance Magazine, 201...