SlideShare a Scribd company logo
1 of 23
Download to read offline
Law Firm Risk Management:
Can It Grow Profitability?
Moderator: Adam Hansen
Director of Information Security, Sonnenschein Nath & Rosenthal

Panel:
Pat Archbold, VP of Risk Practice, IntApp
David Cunningham, Managing Director, Baker Robbins & Company
Agenda
 •   Risk Defined
 •   Legal Risk Types
 •   Business Benefits
 •   UK vs. US Risk Environment
 •   Risk Roles and Organization
 •   Risk Management Approach
 •   Future of Risk Management
 •   Three Next Steps
 •   Questions and Answers
Risk Defined
Risk is the uncertainty caused by the occurrence of an
event that might affect the achievement of objectives.
 •   The management of a law firm’s risks involves decisions that are not
     simply about avoiding a negative impact but also about pursuing a
     positive (but un-guaranteed) impact on business opportunities.

 •   Consequently, effective risk management not only mitigates losses but
     can also positively contribute to the competitive standing of a firm.

 •   This tension between adverse risks and desirable business opportunities
     makes risk management an essential element of firm governance.
Legal Risk Types
Risk Types                                Example Risks                                     Key Roles
IT              Systems: Continuity, Recovery, Security, and Access Management.                CIO,
                Data: Confidentiality, Integrity, Ethical Walls, Retention, Data          General Counsel
                Protection, Data Transfers, Hosting of Third-Party or Client Data.
                Third Party Suppliers: Maintenance/Support, Contracts and
                Outsourcing.

Financial       Audit, Financial Internal Controls, Financial Transparency and                  CFO
                Disclosure, Anti-Money Laundering, Counter-Terrorist Financing,
                Credit, Firm Investments, Currency, and Portfolio Risks.

Practice        Client Relations, Lateral, Professional Responsibilities (including   Practice Leaders, General
Management      malpractice, conflicts, records, and litigation support), and           Counsel, Directors of
                Professional Development Risks.                                         Conflicts, Records, Lit
                                                                                      Support, Library, and KM.
Strategic /     Firm Governance, Risk Management Governance, Reputational,               Managing Partner,
Corporate       Marketing, and Market Risks.                                             Marketing Director,
                                                                                          General Counsel
Operational     Employment, Fraud, Damage to Assets, and Insurance Mediation             HR Director, COO,
                Risks.                                                                    General Counsel
Environmental   Natural Disasters, Epidemics, and Resource Access Risks.              COO, Business Continuity
                                                                                              Team
Business Benefits
 •   Loss Prevention
 •   Cost Savings
 •   Departmental Efficiencies
 •   Competitive Edge
     –   Growth in Lateral Talent
     –   Growth and Retention of Clients
     –   Quality of Client Relationships
     –   Alternative Fee Arrangements
 • Quality of Working Environment
 • Reputation
In the News…
(03/10/2009)
Top five risks identified as facing law firms (order of severity):
• Bankruptcy or acquisition of significant clients
• IT security
• Pressure on fees and the need for 'instant' advice leading to claims
• Conflicts of interest
•Errors made by staff/lawyers on complex, high-value transactions


A firm’s responses to application questions about risk management and loss
prevention programs are often among the most important qualitative information
an insurer uses to gauge the risk it may pose, according to Stuart Pattison, a vice
president at Chicago-based CNA, one of the nation’s largest commercial insurers.
UK vs. US Risk Environment
In the News…
(05/21/2009)
“The Financial Services Authority      (03/13/2009)
(FSA) has brought charges of           “In a much-touted speech on
insider trading against two            Thursday (12 March), FSA chief
lawyers – including a current          executive Hector Sants outlined a
partner in the London office of        break with light-touch, principles-
Dorsey & Whitney – it has              based regulation, arguing the
emerged.                               City should be ‘very
                                       frightened’ of the body.”
The move marks a more
aggressive stance from the
FSA, which earlier this year
secured its first successful insider
trading prosecution…”
US News
3/20/2009
                                          08/06/2009
The FTC Strikes Back: (Essentially)
Everyone Should Be Complying              Dept. of Heath and Human Services
With Red Flags Rules, Especially          45 CFR Parts 160 and 164
The Healthcare Industry
                                          Examples of business associates include
      The FTC, with unusual               third party administrators or pharmacy
frankness, emphasizes that no             benefit managers for health plans, claims
industry is exempt as a “creditor”
                                          processing or billing companies,
…….The FTC also pulls no punches
when identifying potential “creditors,”   transcription companies, and persons who
listing a wide range of industries and    perform legal, actuarial, accounting,
businesses, including physicians,         management, or administrative services for
lawyers, merchants”                       covered entities and who require access to
                                          protected health information.
Who’s Ultimately Responsible for Risk Management?

2007                        2009
Single Individual: 36%      Single Individual: 63%
Risk Roles and Organization
 • Firm Internal Roles
   –   General Counsel
   –   Directors of Loss Prevention, Conflicts, Records
   –   Professional Responsibility Partners/Ethics Partner
   –   CIO or IT Director
   –   Directors of Security, Business Continuity
   –   Business Departmental Directors
   –   Partners / Lawyers
   –   Committees

 • External Roles
   – Insurance Underwriters/brokers
   – Clients
   – External Assessors
Risk Management Becomes
a Department in Law Firms
Risk and IT Speak
in Different Languages
               DR,            Engagement Letters,
           Malware, VPN,      Vicarious Disqualification,
        LDAP, SharePoint,     Rule 1.10,
         SLAs, Five-9s, P2P   Advanced Waivers,




                 Consider:
    Matter Centricity + Search= Exposure
Future Org Chart?
Risk Management Approach
 • Successful Risk Management Environment
   –   Communicate and Consult
   –   Establish the Context
   –   Promote Self Assessment
   –   Monitor and Review
Risk Management Approach
 • Risk Assessment Process




 • Risk Treatment Process
   – Identify Options
   – Evaluate and Select Options
   – Prepare and Implement Treatment Plans
Future: Risk Register/ERM
     The Risk:   The Consequence
     What can      of an Event     Adequacy
                   Happening                     Consequence   Likelihood   Level of    Risk
#   Happen and                     of Existing
                                                   Rating        Rating      Risk      Priority
    How Can it   Conse-    Like-    Controls
     Happen?     quence   lihood
Future: Client Requests
2007                           2009
Clients have asked firm for    Clients have asked firm for
 additional protections: 61%    additional protections: 86%
Intake and Insider List
 Next Steps: Integrate Risk and
         Management
       TechnologyManagement List
                         Insider
                                                    Management




 Workflow software to
manage intake processes
                          Matter designated
                             “confidential”
                                                Tracks access, locks across
                          “firm confidential”
                                                   systems, hides matter
                           “price sensitive”
                                                          names
Next Steps: Leverage Risk Management Budgets
Next Steps: Plan for Certification
Adam Hansen
Director of Information
Security, Sonnenschein Nath &
Rosenthal
ahansen@sonnenschein.com

Pat Archbold
VP of Risk Practice, IntApp
pat.archbold@intapp.com

David Cunningham
Managing Director, Baker
Robbins & Company
dcunningham@brco.com
SRA Rule 5:
http://www.sra.org.uk/solicitors/code-of-conduct/215.article

Marsh UK Risk Study-Insurance Journal:
http://www.insurancejournal.com/news/international/2009/03/10/98539.htm

KornFerry Evolution of Law Firm Risk Management Article:
http://www.insurancejournal.com/news/international/2009/03/10/98539.htm

UK Conflicts Rule Changes Article-Legalweek
http://www.legalweek.com/legal-week/analysis/1156494/conflicts-comfort

Red Flag Rules Article:
http://www.securityprivacyandthelaw.com/2009/03/articles/recent-legislation-1/the-ftc-strikes-back-essentially-
     everyone-should-be-complying-with-red-flags-rules-especially-the-healthcare-industry/

HITECH Act Update, DHHS:
http://www.federalregister.gov/OFRUpload/OFRData/2009-20169_PI.pdf

Risk Roundtable
www.riskroundtable.com

West Legal Education, Practice Area Ethics and Professional Responsibility
http://westlegaledcenter.com/home/homepage.jsf

More Related Content

What's hot

The Honeybee
The HoneybeeThe Honeybee
The HoneybeeMarekay
 
Introduction to beekeeping
Introduction to beekeepingIntroduction to beekeeping
Introduction to beekeepingschajer
 
Beekeeping theory disease and pests of honey bee
Beekeeping theory   disease and pests of honey beeBeekeeping theory   disease and pests of honey bee
Beekeeping theory disease and pests of honey beeBeeTogetherLux
 
SUMMER MANAGEMENT OF BEE COLONIES BY SACHIN.R.KONDAGURI.pptx
SUMMER MANAGEMENT OF BEE COLONIES BY SACHIN.R.KONDAGURI.pptxSUMMER MANAGEMENT OF BEE COLONIES BY SACHIN.R.KONDAGURI.pptx
SUMMER MANAGEMENT OF BEE COLONIES BY SACHIN.R.KONDAGURI.pptxshantabayiabbigeri
 
D Part 5 Revision 6 Pack
D  Part 5 Revision 6 PackD  Part 5 Revision 6 Pack
D Part 5 Revision 6 Packguest2dac56
 
Contractor Management - How to Manage Contractor Health and Safety
Contractor Management - How to Manage Contractor Health and SafetyContractor Management - How to Manage Contractor Health and Safety
Contractor Management - How to Manage Contractor Health and SafetyCraig Thornton
 
Contractor safety management system
Contractor safety management systemContractor safety management system
Contractor safety management systemgraha katiga
 
All about bees slideshow
All about bees slideshowAll about bees slideshow
All about bees slideshowLeanne Lonergan
 
Top 10 health and safety manager interview questions and answers
Top 10 health and safety manager interview questions and answersTop 10 health and safety manager interview questions and answers
Top 10 health and safety manager interview questions and answersrichket1
 
Containers, basckets & ccu's
Containers, basckets & ccu'sContainers, basckets & ccu's
Containers, basckets & ccu'sAlexandru Rizescu
 
Bee presentation
Bee presentationBee presentation
Bee presentationBiji Saro
 

What's hot (20)

The Honeybee
The HoneybeeThe Honeybee
The Honeybee
 
Hse alert 43 forklift safety
Hse alert 43 forklift safetyHse alert 43 forklift safety
Hse alert 43 forklift safety
 
Introduction to beekeeping
Introduction to beekeepingIntroduction to beekeeping
Introduction to beekeeping
 
Beekeeping theory disease and pests of honey bee
Beekeeping theory   disease and pests of honey beeBeekeeping theory   disease and pests of honey bee
Beekeeping theory disease and pests of honey bee
 
SUMMER MANAGEMENT OF BEE COLONIES BY SACHIN.R.KONDAGURI.pptx
SUMMER MANAGEMENT OF BEE COLONIES BY SACHIN.R.KONDAGURI.pptxSUMMER MANAGEMENT OF BEE COLONIES BY SACHIN.R.KONDAGURI.pptx
SUMMER MANAGEMENT OF BEE COLONIES BY SACHIN.R.KONDAGURI.pptx
 
D Part 5 Revision 6 Pack
D  Part 5 Revision 6 PackD  Part 5 Revision 6 Pack
D Part 5 Revision 6 Pack
 
Contractor Management - How to Manage Contractor Health and Safety
Contractor Management - How to Manage Contractor Health and SafetyContractor Management - How to Manage Contractor Health and Safety
Contractor Management - How to Manage Contractor Health and Safety
 
Safety leadership
Safety leadershipSafety leadership
Safety leadership
 
COLONY ORGANIZATION AND LIFE CYCLE OF HONEY BEE
COLONY ORGANIZATION AND LIFE CYCLE OF HONEY BEECOLONY ORGANIZATION AND LIFE CYCLE OF HONEY BEE
COLONY ORGANIZATION AND LIFE CYCLE OF HONEY BEE
 
Sop for security
Sop for securitySop for security
Sop for security
 
Diseases of honey bees
Diseases of honey bees Diseases of honey bees
Diseases of honey bees
 
Apiculture Bee keeping
Apiculture Bee keepingApiculture Bee keeping
Apiculture Bee keeping
 
Contractor safety management system
Contractor safety management systemContractor safety management system
Contractor safety management system
 
Apiculture
ApicultureApiculture
Apiculture
 
Bee enemies and diseases
Bee enemies and diseasesBee enemies and diseases
Bee enemies and diseases
 
apiculture
apiculture apiculture
apiculture
 
All about bees slideshow
All about bees slideshowAll about bees slideshow
All about bees slideshow
 
Top 10 health and safety manager interview questions and answers
Top 10 health and safety manager interview questions and answersTop 10 health and safety manager interview questions and answers
Top 10 health and safety manager interview questions and answers
 
Containers, basckets & ccu's
Containers, basckets & ccu'sContainers, basckets & ccu's
Containers, basckets & ccu's
 
Bee presentation
Bee presentationBee presentation
Bee presentation
 

Viewers also liked

Risk management for law firms chapter 2 ark 2009 by meg block
Risk management for law firms   chapter 2 ark 2009 by meg blockRisk management for law firms   chapter 2 ark 2009 by meg block
Risk management for law firms chapter 2 ark 2009 by meg blockDavid Cunningham
 
How to measure and manage legal risk
How to measure and manage legal riskHow to measure and manage legal risk
How to measure and manage legal riskBerkman Solutions
 
6 Steps to Legal Risk Management
6 Steps to Legal Risk Management6 Steps to Legal Risk Management
6 Steps to Legal Risk ManagementBerkman Solutions
 

Viewers also liked (6)

Risk management for law firms chapter 2 ark 2009 by meg block
Risk management for law firms   chapter 2 ark 2009 by meg blockRisk management for law firms   chapter 2 ark 2009 by meg block
Risk management for law firms chapter 2 ark 2009 by meg block
 
Legal Risk Advisory Services
Legal Risk Advisory ServicesLegal Risk Advisory Services
Legal Risk Advisory Services
 
Accounting Payroll Outsourcing Services
Accounting  Payroll Outsourcing   ServicesAccounting  Payroll Outsourcing   Services
Accounting Payroll Outsourcing Services
 
Legal Risk - New Thinking
Legal Risk - New ThinkingLegal Risk - New Thinking
Legal Risk - New Thinking
 
How to measure and manage legal risk
How to measure and manage legal riskHow to measure and manage legal risk
How to measure and manage legal risk
 
6 Steps to Legal Risk Management
6 Steps to Legal Risk Management6 Steps to Legal Risk Management
6 Steps to Legal Risk Management
 

Similar to Ilta09 Law Firm Risk Management D Cunningham

Ilta 2009 law firm risk management can it grow profitability - panel member...
Ilta 2009 law firm risk management   can it grow profitability - panel member...Ilta 2009 law firm risk management   can it grow profitability - panel member...
Ilta 2009 law firm risk management can it grow profitability - panel member...David Cunningham
 
ERM Presentation
ERM PresentationERM Presentation
ERM PresentationH Contrex
 
Risk Monitoring and Management Trends In Commodities
Risk Monitoring and Management Trends In CommoditiesRisk Monitoring and Management Trends In Commodities
Risk Monitoring and Management Trends In CommoditiesCTRM Center
 
Iaccm Risk Slides
Iaccm Risk SlidesIaccm Risk Slides
Iaccm Risk Slidesguest49199
 
Trends shaping the future of legal risk management by dave cunningham and m...
Trends shaping the future of legal risk management   by dave cunningham and m...Trends shaping the future of legal risk management   by dave cunningham and m...
Trends shaping the future of legal risk management by dave cunningham and m...David Cunningham
 
Deloitte es grc_sostenibilidad-reputation-survey
Deloitte es grc_sostenibilidad-reputation-surveyDeloitte es grc_sostenibilidad-reputation-survey
Deloitte es grc_sostenibilidad-reputation-surveyBluemap Consulting Group
 
Risk management for law firms chapter 1 ark 2009 by dave cunningham
Risk management for law firms   chapter 1 ark 2009 by dave cunninghamRisk management for law firms   chapter 1 ark 2009 by dave cunningham
Risk management for law firms chapter 1 ark 2009 by dave cunninghamDavid Cunningham
 
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...ypytlik
 
Information Risk And Its Effects On Financial And...
Information Risk And Its Effects On Financial And...Information Risk And Its Effects On Financial And...
Information Risk And Its Effects On Financial And...Lindsey Rivera
 
ERM: DIFFERENCES BETWEEN SECTORS
ERM: DIFFERENCES BETWEEN SECTORSERM: DIFFERENCES BETWEEN SECTORS
ERM: DIFFERENCES BETWEEN SECTORSMichel Rochette
 
Enterprise risk management
Enterprise risk managementEnterprise risk management
Enterprise risk managementAnu Damodaran
 
Enterprise Risk Management for the Digital Transformation Age
Enterprise Risk Management for the Digital Transformation AgeEnterprise Risk Management for the Digital Transformation Age
Enterprise Risk Management for the Digital Transformation AgeCareer Communications Group
 
Lecture 4Evaluation and Mitigation of RisksCrucial considera.docx
Lecture 4Evaluation and Mitigation of RisksCrucial considera.docxLecture 4Evaluation and Mitigation of RisksCrucial considera.docx
Lecture 4Evaluation and Mitigation of RisksCrucial considera.docxwashingtonrosy
 
Lecture 4Evaluation and Mitigation of RisksCrucial considera.docx
Lecture 4Evaluation and Mitigation of RisksCrucial considera.docxLecture 4Evaluation and Mitigation of RisksCrucial considera.docx
Lecture 4Evaluation and Mitigation of RisksCrucial considera.docxmanningchassidy
 
Chartered Accountant’s Role in an Enterprise Risk Management
Chartered Accountant’s Role in an Enterprise Risk ManagementChartered Accountant’s Role in an Enterprise Risk Management
Chartered Accountant’s Role in an Enterprise Risk ManagementCA. (Dr.) Rajkumar Adukia
 
Lit con 2009 collaborate to mitigate panel - facilitated by dave cunningham...
Lit con 2009   collaborate to mitigate panel - facilitated by dave cunningham...Lit con 2009   collaborate to mitigate panel - facilitated by dave cunningham...
Lit con 2009 collaborate to mitigate panel - facilitated by dave cunningham...David Cunningham
 
Measuring operational risk
Measuring operational riskMeasuring operational risk
Measuring operational riskUjjwal 'Shanu'
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk ManagementAnu Damodaran
 
FORUM 2013 Entreprise risk management: fact or fiction
FORUM 2013 Entreprise risk management: fact or fictionFORUM 2013 Entreprise risk management: fact or fiction
FORUM 2013 Entreprise risk management: fact or fictionFERMA
 

Similar to Ilta09 Law Firm Risk Management D Cunningham (20)

Ilta 2009 law firm risk management can it grow profitability - panel member...
Ilta 2009 law firm risk management   can it grow profitability - panel member...Ilta 2009 law firm risk management   can it grow profitability - panel member...
Ilta 2009 law firm risk management can it grow profitability - panel member...
 
ERM Presentation
ERM PresentationERM Presentation
ERM Presentation
 
Risk Monitoring and Management Trends In Commodities
Risk Monitoring and Management Trends In CommoditiesRisk Monitoring and Management Trends In Commodities
Risk Monitoring and Management Trends In Commodities
 
Iaccm Risk Slides
Iaccm Risk SlidesIaccm Risk Slides
Iaccm Risk Slides
 
Trends shaping the future of legal risk management by dave cunningham and m...
Trends shaping the future of legal risk management   by dave cunningham and m...Trends shaping the future of legal risk management   by dave cunningham and m...
Trends shaping the future of legal risk management by dave cunningham and m...
 
Deloitte es grc_sostenibilidad-reputation-survey
Deloitte es grc_sostenibilidad-reputation-surveyDeloitte es grc_sostenibilidad-reputation-survey
Deloitte es grc_sostenibilidad-reputation-survey
 
Risk management for law firms chapter 1 ark 2009 by dave cunningham
Risk management for law firms   chapter 1 ark 2009 by dave cunninghamRisk management for law firms   chapter 1 ark 2009 by dave cunningham
Risk management for law firms chapter 1 ark 2009 by dave cunningham
 
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...
Yvonne I Pytlik Journal Of Securities Law, Regulation & Compliance April ...
 
Information Risk And Its Effects On Financial And...
Information Risk And Its Effects On Financial And...Information Risk And Its Effects On Financial And...
Information Risk And Its Effects On Financial And...
 
ERM: DIFFERENCES BETWEEN SECTORS
ERM: DIFFERENCES BETWEEN SECTORSERM: DIFFERENCES BETWEEN SECTORS
ERM: DIFFERENCES BETWEEN SECTORS
 
Enterprise risk management
Enterprise risk managementEnterprise risk management
Enterprise risk management
 
Enterprise Risk Management for the Digital Transformation Age
Enterprise Risk Management for the Digital Transformation AgeEnterprise Risk Management for the Digital Transformation Age
Enterprise Risk Management for the Digital Transformation Age
 
Lecture 4Evaluation and Mitigation of RisksCrucial considera.docx
Lecture 4Evaluation and Mitigation of RisksCrucial considera.docxLecture 4Evaluation and Mitigation of RisksCrucial considera.docx
Lecture 4Evaluation and Mitigation of RisksCrucial considera.docx
 
Lecture 4Evaluation and Mitigation of RisksCrucial considera.docx
Lecture 4Evaluation and Mitigation of RisksCrucial considera.docxLecture 4Evaluation and Mitigation of RisksCrucial considera.docx
Lecture 4Evaluation and Mitigation of RisksCrucial considera.docx
 
CroweHorwath
CroweHorwathCroweHorwath
CroweHorwath
 
Chartered Accountant’s Role in an Enterprise Risk Management
Chartered Accountant’s Role in an Enterprise Risk ManagementChartered Accountant’s Role in an Enterprise Risk Management
Chartered Accountant’s Role in an Enterprise Risk Management
 
Lit con 2009 collaborate to mitigate panel - facilitated by dave cunningham...
Lit con 2009   collaborate to mitigate panel - facilitated by dave cunningham...Lit con 2009   collaborate to mitigate panel - facilitated by dave cunningham...
Lit con 2009 collaborate to mitigate panel - facilitated by dave cunningham...
 
Measuring operational risk
Measuring operational riskMeasuring operational risk
Measuring operational risk
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk Management
 
FORUM 2013 Entreprise risk management: fact or fiction
FORUM 2013 Entreprise risk management: fact or fictionFORUM 2013 Entreprise risk management: fact or fiction
FORUM 2013 Entreprise risk management: fact or fiction
 

More from Baker Robbins & Company

A Few Things You Might Not Know About Elite 3 E
A Few Things You Might Not Know About Elite 3 EA Few Things You Might Not Know About Elite 3 E
A Few Things You Might Not Know About Elite 3 EBaker Robbins & Company
 
Making The Most Of Work Site Environment (Ilta Webinar 9 28 From Baker Robbin...
Making The Most Of Work Site Environment (Ilta Webinar 9 28 From Baker Robbin...Making The Most Of Work Site Environment (Ilta Webinar 9 28 From Baker Robbin...
Making The Most Of Work Site Environment (Ilta Webinar 9 28 From Baker Robbin...Baker Robbins & Company
 
Ilta09 Globalization Presentation Loc J Bennitt
Ilta09 Globalization Presentation Loc J BennittIlta09 Globalization Presentation Loc J Bennitt
Ilta09 Globalization Presentation Loc J BennittBaker Robbins & Company
 
Ilta09 Lateral Hires And Records Management S Fiorillo
Ilta09 Lateral Hires And Records Management S FiorilloIlta09 Lateral Hires And Records Management S Fiorillo
Ilta09 Lateral Hires And Records Management S FiorilloBaker Robbins & Company
 
Ilta09 Business Process Management S Gonzalez
Ilta09 Business Process Management S GonzalezIlta09 Business Process Management S Gonzalez
Ilta09 Business Process Management S GonzalezBaker Robbins & Company
 
Ilta09 Managing Preceptions Of Value S Gonzalez
Ilta09 Managing Preceptions Of Value S GonzalezIlta09 Managing Preceptions Of Value S Gonzalez
Ilta09 Managing Preceptions Of Value S GonzalezBaker Robbins & Company
 

More from Baker Robbins & Company (6)

A Few Things You Might Not Know About Elite 3 E
A Few Things You Might Not Know About Elite 3 EA Few Things You Might Not Know About Elite 3 E
A Few Things You Might Not Know About Elite 3 E
 
Making The Most Of Work Site Environment (Ilta Webinar 9 28 From Baker Robbin...
Making The Most Of Work Site Environment (Ilta Webinar 9 28 From Baker Robbin...Making The Most Of Work Site Environment (Ilta Webinar 9 28 From Baker Robbin...
Making The Most Of Work Site Environment (Ilta Webinar 9 28 From Baker Robbin...
 
Ilta09 Globalization Presentation Loc J Bennitt
Ilta09 Globalization Presentation Loc J BennittIlta09 Globalization Presentation Loc J Bennitt
Ilta09 Globalization Presentation Loc J Bennitt
 
Ilta09 Lateral Hires And Records Management S Fiorillo
Ilta09 Lateral Hires And Records Management S FiorilloIlta09 Lateral Hires And Records Management S Fiorillo
Ilta09 Lateral Hires And Records Management S Fiorillo
 
Ilta09 Business Process Management S Gonzalez
Ilta09 Business Process Management S GonzalezIlta09 Business Process Management S Gonzalez
Ilta09 Business Process Management S Gonzalez
 
Ilta09 Managing Preceptions Of Value S Gonzalez
Ilta09 Managing Preceptions Of Value S GonzalezIlta09 Managing Preceptions Of Value S Gonzalez
Ilta09 Managing Preceptions Of Value S Gonzalez
 

Recently uploaded

OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 

Recently uploaded (20)

OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 

Ilta09 Law Firm Risk Management D Cunningham

  • 1. Law Firm Risk Management: Can It Grow Profitability? Moderator: Adam Hansen Director of Information Security, Sonnenschein Nath & Rosenthal Panel: Pat Archbold, VP of Risk Practice, IntApp David Cunningham, Managing Director, Baker Robbins & Company
  • 2. Agenda • Risk Defined • Legal Risk Types • Business Benefits • UK vs. US Risk Environment • Risk Roles and Organization • Risk Management Approach • Future of Risk Management • Three Next Steps • Questions and Answers
  • 3. Risk Defined Risk is the uncertainty caused by the occurrence of an event that might affect the achievement of objectives. • The management of a law firm’s risks involves decisions that are not simply about avoiding a negative impact but also about pursuing a positive (but un-guaranteed) impact on business opportunities. • Consequently, effective risk management not only mitigates losses but can also positively contribute to the competitive standing of a firm. • This tension between adverse risks and desirable business opportunities makes risk management an essential element of firm governance.
  • 4. Legal Risk Types Risk Types Example Risks Key Roles IT Systems: Continuity, Recovery, Security, and Access Management. CIO, Data: Confidentiality, Integrity, Ethical Walls, Retention, Data General Counsel Protection, Data Transfers, Hosting of Third-Party or Client Data. Third Party Suppliers: Maintenance/Support, Contracts and Outsourcing. Financial Audit, Financial Internal Controls, Financial Transparency and CFO Disclosure, Anti-Money Laundering, Counter-Terrorist Financing, Credit, Firm Investments, Currency, and Portfolio Risks. Practice Client Relations, Lateral, Professional Responsibilities (including Practice Leaders, General Management malpractice, conflicts, records, and litigation support), and Counsel, Directors of Professional Development Risks. Conflicts, Records, Lit Support, Library, and KM. Strategic / Firm Governance, Risk Management Governance, Reputational, Managing Partner, Corporate Marketing, and Market Risks. Marketing Director, General Counsel Operational Employment, Fraud, Damage to Assets, and Insurance Mediation HR Director, COO, Risks. General Counsel Environmental Natural Disasters, Epidemics, and Resource Access Risks. COO, Business Continuity Team
  • 5. Business Benefits • Loss Prevention • Cost Savings • Departmental Efficiencies • Competitive Edge – Growth in Lateral Talent – Growth and Retention of Clients – Quality of Client Relationships – Alternative Fee Arrangements • Quality of Working Environment • Reputation
  • 6. In the News… (03/10/2009) Top five risks identified as facing law firms (order of severity): • Bankruptcy or acquisition of significant clients • IT security • Pressure on fees and the need for 'instant' advice leading to claims • Conflicts of interest •Errors made by staff/lawyers on complex, high-value transactions A firm’s responses to application questions about risk management and loss prevention programs are often among the most important qualitative information an insurer uses to gauge the risk it may pose, according to Stuart Pattison, a vice president at Chicago-based CNA, one of the nation’s largest commercial insurers.
  • 7. UK vs. US Risk Environment
  • 8. In the News… (05/21/2009) “The Financial Services Authority (03/13/2009) (FSA) has brought charges of “In a much-touted speech on insider trading against two Thursday (12 March), FSA chief lawyers – including a current executive Hector Sants outlined a partner in the London office of break with light-touch, principles- Dorsey & Whitney – it has based regulation, arguing the emerged. City should be ‘very frightened’ of the body.” The move marks a more aggressive stance from the FSA, which earlier this year secured its first successful insider trading prosecution…”
  • 9. US News 3/20/2009 08/06/2009 The FTC Strikes Back: (Essentially) Everyone Should Be Complying Dept. of Heath and Human Services With Red Flags Rules, Especially 45 CFR Parts 160 and 164 The Healthcare Industry Examples of business associates include The FTC, with unusual third party administrators or pharmacy frankness, emphasizes that no benefit managers for health plans, claims industry is exempt as a “creditor” processing or billing companies, …….The FTC also pulls no punches when identifying potential “creditors,” transcription companies, and persons who listing a wide range of industries and perform legal, actuarial, accounting, businesses, including physicians, management, or administrative services for lawyers, merchants” covered entities and who require access to protected health information.
  • 10. Who’s Ultimately Responsible for Risk Management? 2007 2009 Single Individual: 36% Single Individual: 63%
  • 11. Risk Roles and Organization • Firm Internal Roles – General Counsel – Directors of Loss Prevention, Conflicts, Records – Professional Responsibility Partners/Ethics Partner – CIO or IT Director – Directors of Security, Business Continuity – Business Departmental Directors – Partners / Lawyers – Committees • External Roles – Insurance Underwriters/brokers – Clients – External Assessors
  • 12. Risk Management Becomes a Department in Law Firms
  • 13. Risk and IT Speak in Different Languages DR, Engagement Letters, Malware, VPN, Vicarious Disqualification, LDAP, SharePoint, Rule 1.10, SLAs, Five-9s, P2P Advanced Waivers, Consider: Matter Centricity + Search= Exposure
  • 15. Risk Management Approach • Successful Risk Management Environment – Communicate and Consult – Establish the Context – Promote Self Assessment – Monitor and Review
  • 16. Risk Management Approach • Risk Assessment Process • Risk Treatment Process – Identify Options – Evaluate and Select Options – Prepare and Implement Treatment Plans
  • 17. Future: Risk Register/ERM The Risk: The Consequence What can of an Event Adequacy Happening Consequence Likelihood Level of Risk # Happen and of Existing Rating Rating Risk Priority How Can it Conse- Like- Controls Happen? quence lihood
  • 18. Future: Client Requests 2007 2009 Clients have asked firm for Clients have asked firm for additional protections: 61% additional protections: 86%
  • 19. Intake and Insider List Next Steps: Integrate Risk and Management TechnologyManagement List Insider Management Workflow software to manage intake processes Matter designated “confidential” Tracks access, locks across “firm confidential” systems, hides matter “price sensitive” names
  • 20. Next Steps: Leverage Risk Management Budgets
  • 21. Next Steps: Plan for Certification
  • 22. Adam Hansen Director of Information Security, Sonnenschein Nath & Rosenthal ahansen@sonnenschein.com Pat Archbold VP of Risk Practice, IntApp pat.archbold@intapp.com David Cunningham Managing Director, Baker Robbins & Company dcunningham@brco.com
  • 23. SRA Rule 5: http://www.sra.org.uk/solicitors/code-of-conduct/215.article Marsh UK Risk Study-Insurance Journal: http://www.insurancejournal.com/news/international/2009/03/10/98539.htm KornFerry Evolution of Law Firm Risk Management Article: http://www.insurancejournal.com/news/international/2009/03/10/98539.htm UK Conflicts Rule Changes Article-Legalweek http://www.legalweek.com/legal-week/analysis/1156494/conflicts-comfort Red Flag Rules Article: http://www.securityprivacyandthelaw.com/2009/03/articles/recent-legislation-1/the-ftc-strikes-back-essentially- everyone-should-be-complying-with-red-flags-rules-especially-the-healthcare-industry/ HITECH Act Update, DHHS: http://www.federalregister.gov/OFRUpload/OFRData/2009-20169_PI.pdf Risk Roundtable www.riskroundtable.com West Legal Education, Practice Area Ethics and Professional Responsibility http://westlegaledcenter.com/home/homepage.jsf