One of the many lasting consequences of the downturn has been a prolonged expansion of the globalised compliance framework. Increased oversight of financial markets has been at the forefront of this development, as reflected by the passage of the US Dodd-Frank Act in 2010 and a succession of EU directives. This trend has also witnessed a heightened focus on white-collar crime, targeting areas such as fraud, corruption, tax evasion, terrorism financing and money laundering. Existing laws, such as Canada’s Corruption of Foreign Public Officials Act, have been strengthened, and new legislation, such as the UK Bribery Act, has been introduced.
Compounding this heightened enforcement climate has been the expansion of the global sanctions regime, underwritten by the fallout from the Arab Spring, Russian intervention in Ukraine, the Syrian conflict and the ongoing struggle against ISIS. And although the partial lifting of measures against Iran has now raised the prospect of investing in a promising new market, the fact that important limitations still apply has arguably complicated the sanctions compliance burden. There is also the possibility that the snapback mechanism for the re-imposition of economic sanctions could be triggered if Iran does not comply with its obligations. In short, the sanctions landscape is fluid and liable to change quickly, increasing the scope for regulatory confusion.
Investigation and prosecution activities have also surged in parallel with this expanding legal framework. Authorities from the US have been particularly active in terms of enforcement, with Washington’s extraterritorial reach facilitated by the centrality of the US dollar to the global financial system and the broad definition of US persons. It is not unusual to see nine-figure penalties for breaches of the Office of Foreign Assets Control’s sanction regime, and the Securities and Exchange Commission and Department of Justice have been equally assertive in terms of Foreign Account Tax Compliance Act-related investigations and fines.
Against the backdrop of a more exacting – and potentially more punitive – compliance landscape, clients are increasingly looking to their legal advisers to shoulder more of their own wider risk burden. This has meant a growing expectation that law firms go beyond the strict scope of a particular matter, adding value by providing wider risk analysis to complement standard risk assessment services. This is a clear departure from traditional mandate-driven legal services, fostering the emergence in law firms of a far more integrated and holistic approach to risk.
Within law firms, such an approach is witnessing the development of homegrown risk lawyers, with knowledge of particular jurisdictions and sectors that complements their traditional legal skills and experience. This new breed of risk adviser can add value by providing deeper insight into why, for example, particular sectors are that much more susceptible to corruption, or give geopolitical context to a new wave of sanctions. In the future, the services of this emerging breed of lawyers may increasingly be seen as a marque practice area in their own right, shaking off their tag as a support function.
Together with the wider risk and compliance function, such risk practitioners can work across business divisions to foster a more cohesive, global approach to risk. In doing so, they can surmount the barriers that can sometimes develop in firms between the siloed expertise of particular practice areas. Furthermore, because they have visibility of all the matters being dealt with, the risk team will benefit from a bird’s eye view of the firm’s activities and be in a strong position to identify future business opportunities. Generic data collected and centrally stored as part of the risk assessment process can be utilised to inform strategic decisions and make sure growth areas are fully exploited. Digital technology is playing an increasingly important role in this development. Bespoke software is already being employed to expedite conflict checks, incept new clients and conduct new matter risk assessments. However, these functions are also increasingly complemented by an array of data-driven digital tools that boost efficiencies for the client and increase the firm’s overall competitiveness. Such web-based tools are fuelled by a broader client appetite for online dashboards and interactive portals which help them navigate an ever-more complex risk and compliance landscape.
So, as their compliance burden grows, clients are looking to their legal service providers to augment their traditional offering with broader risk services. From a client’s perspective, this more integrated approach is attractive because its risk and legal requirements can be catered for under one roof, negating the need for additional consultancy expense. For law firms, conducting risk management in both an efficient and commercial manner helps maintain competitiveness in an increasingly globalised but crowded legal market.
The need to optimise the balance between risk and opportunity has never been more important for clients, particularly those drawn from the financial services and natural resources sectors most exposed to this more exacting regulatory climate. Rethinking the broader use of risk management to help cater to this need should be increasingly high on the law firm agenda.
Ben Tidswell (pictured) is chair of Ashurst.