A piece in Met. Corp. Counsel, June 2011 at 12, concerns Enterprise Risk Management (ERM). Aimed at a company level, I tried to bring it down to the legal department level and apply one of its teachings. The authors write that “Linking your risks to strategic objectives is the most powerful tool for prioritization [of risks].”
Let’s reflect on that seemingly innocent bit of advice. Your law department knows your corporation’s strategic objectives. If they are “organic growth,” “new product development,” and “targeted acquisitions,” let’s say, just how useful is it for the department to identify the major legal risks that lurk around each goal? “Organic growth” – hmmm, that could stretch to involve a class action suit over wages and hours? “New product development” – you could fail to patent a good idea or allow an unsubstantiated claim in an ad? “Targeted acquisitions” could lead to a shareholder derivative suit or breach of a lockup provision? None of these legal risks seem either probable or very threatening.
My point is that lawyers can tag any corporate goal with some conceivable legal risks, even potentially major ones, but that exercise hardly seems useful. What comes from a nice chart with colored bubbles that links legal pitfalls with high-level company objectives?