The global business climate is changing rapidly and today’s Chief Legal Officers (CLO) have to be quick to support their company’s changing strategy, as well as being very meticulous in ensuring their business is protected from reputational and financial risks brought by the growing number of regulations and data security matters.
The CLO’s advice and input has become an integral part of business decisions, as well as organizational strategy.
We see three important aspects affecting the role of Chief Legal Officer today:
Increased speed of business: new business models are calling for flexibility of all functions without sacrificing the results, which requires the legal function to be agile, yet firm on meeting necessary requirements locally;
Data management and protection: cyber security, data regulations and e-commerce compliance matters land on CLO’s desk, demanding new skills to be included in the legal departments;
Regulatory compliance: although not new for legal departments, the number of requirements is growing very fast and is proportional to the growing risks. This month, we saw the first conviction of crime for FATCA non-compliance.
These aspects show that the CLO’s role has moved from exclusively being a legal expert to gaining the role of a business strategist at the same time. In addition, it has become an integral part of the role to ensure that regulatory trends are closely and constantly monitored, to provide legal and strategic input to the CEO and the board based on new compliance regulations that vary country by country, and the mitigation of risks that could be detrimental to the company. The CLO role is emerging into the safeguard for digital economy opportunities and successful business strategy.
One of the main reasons for this shift in the role of the CLO role is the increased liability that comes with non-compliance to regulations, data breaches and cybersecurity attacks. New compliance and regulatory obligations like General Data Protection Regulation (GDPR), fall on the CLO. According to the Association of Corporate Counsel’s Chief Legal Officers 2018 Survey, 74% of respondents rated regulatory or governmental changes as the biggest issue that keeps them up at night. It was closely followed by data breaches and protection of corporate data at 70%. These risks have now become more of a concern since regulations and compliance obligations are constantly changing and are different in every jurisdiction. If a company does not follow a certain regulation it can not only affect the business through fines, penalties and time but also their reputation. Depending on the way a company is organized, the CLO could personally be held responsible and pay fines and possibly serve jail time.
Data breaches and data privacy are very real concerns, with 27% of CLO’s reporting that their companies have experienced a data breach in 2016/17, according to the survey. Understanding the potential risks that can affect a company and putting together the correct procedures and policies to prevent these risks from affecting business are already part of the daily tasks of the CLO. The threat of lawsuits and other regulatory actions, audits and fines have put the CLOs and their departments in a position where they must lead the way to enforce digital legal compliance requirements.
With the growth of responsibility and concerns, CLOs are anticipating an increase to their budgets as well as adding to their in-house lawyer teams. And it is expected that the CLO’s role will continue to evolve as more and more jurisdictions around the world increase their regulations and compliance requirements.
Embracing partnerships and technological innovations
Using partners and technology to support the new responsibilities of the CLO is adamant to ensure efficiency and save on costs. Full visibility of the organization operations and obtaining regulatory updates from local trustworthy sources are key to support the CLOs in the developments of their role.
The enterprise legal management market presents consolidated use-case-focused point solutions, which allow for compliance management, document management, workflow and collaboration, among others. Nevertheless, introduction of technology requires not only investment, but also a behaviour change of the legal department, as enterprise legal management tools as useful as the accuracy of data and documents that are updated in them.
In this evolving role, the CLO must have access to the most reliable and updated legal and regulatory information and knowledge which varies in every jurisdiction around the world.