I was privileged to present on the topic of contract risk at the recent 2020 LegalWeek, along with Lee Matthews of Wolters Kluwer, one of HBR’s technology partners. The presentation centered around the types and sources of contract risk and how to combat them.
After the presentation, I had a chance to speak with a general counsel from the audience. It was clear this was front of mind to him, but the ability to combat the risk seemed out of reach – he cited the sheer volume of emails and contract issues being volleyed at him any given day. Our conversation caused me to reflect: are we asking too much to be proactive in contract risk? Is reaction the best we can manage when something this large comes our way? The overwhelming number of contracts, abundance of risks and just keeping up with day-to-day management can make the idea of being proactive seem unreachable.
Insidious Contract Risks
It can be difficult enough to keep up with our contracts’ everyday risks related to renewals, obligations, terms, etc. But there are also abundant regulatory risks within our contracts that can incite sheer terror in those not prepared. For example, in the financial industry, LIBOR (London Interbank Offer Rate) has long been the most widely used benchmark for short-term rates. But now regulators plan to phase it out by the end of 2021, a deadline few companies are ready for. There are literally trillions of dollars’ worth of contracts that require revision to provide a reference to a new baseline rate. Is there enough time to identify, draft and execute all the amendments needed, even if you start today?
Another example is the CCPA (California Consumer Privacy Act) that went into effect at the beginning of this year, and the fear of not being able to comply to its requirements. Another 10 states are about to pass similar laws, all of which require some monitoring and control over consumer data and any third parties using that data on your behalf. Many companies are struggling with how to trace the path of their data through their own company, much less any third-party data transfers and whether their contracts have adequate protective language.
Just Get Started
Some organizations are now attempting to mitigate these risks. Do we consider those acting now as proactive, or are they merely the first ones to react? It can be easy to feel overwhelmed and wonder if there is any hope to proactively combat risk, when it seems like it will strike at any time.
My advice to that frustrated general counsel was this...just get started. Start to put together your risk plan. Even with the onslaught of “email bombs” (my phrase for things that blow up on you), knowing that you can start working to identify, combat and avoid risk is an empowering thought.
Here are three steps that anyone can take to get started:
Whether you’re just getting started or in the middle of a rollout, HBR can help. We design programs that pair technology with processes to ensure greater risk mitigation and efficiencies. Please email me if you have questions or if HBR can be of assistance in mitigating your contract risk.