Over the past decade, many of the legal risks facing companies under US law have narrowed dramatically while others have proliferated. The advent of streaming news and social media means that local issues can become global concerns in minutes. The nature of risk is evolving, and more than ever, companies need to be prepared to do the right things faster—especially in assembling the right team so that better choices can be made sooner.
Risk today is a much broader and more complex concept than 20 years ago. It is global, diffuse and often transcends corporate boundaries. Anti-corruption and antitrust laws are far-reaching in their impact. It is now common for a regulatory investigation into a company’s operations in one jurisdiction to be followed by multiple investigations in others. A business disaster in one country now has the potential to hurt others in the same industry globally.
These new risks come with both legal and nonlegal drivers, and the two often move in different directions.
“The scope of US jurisdiction has been shrinking over the past 10 - 12 years, arguably in an attempt to make the US legal system less ‘imperialistic,’” says Owen Pell, a White & Case commercial litigation partner based in New York. “In stark contrast to earlier courts, the current US Supreme Court, under Justice Roberts, is interpreting the reach of US jurisdiction more narrowly, especially in cases where alleged wrong-doing did not occur on US territory and does not involve many or any US parties.”
In the landmark Daimler A.G. v. Bauman decision in January 2014, the Supreme Court issued a ruling that significantly limits where corporations may be sued for claims that do not relate to business they may do in the United States.
“Just because you are a multinational company doing business in the US doesn’t mean that you can be sued in the US for everything you may do around the world,” explains Pell. “Meanwhile, other recent Supreme Court cases, like Morrison v. National Australia Bank and Kiobel v. Royal Dutch Petroleum Co, have limited the territorial reach of substantive US law with respect to civil liability and certain areas of criminal and administrative liability.”
These rulings will significantly affect how companies can try to use their corporate structures to manage certain risks relating to US litigation. Using these decisions, companies could plan to separate or “ring-fence” certain risks: “By keeping certain management or officer functions abroad, companies may be able to limit their exposure to US litigation or certain types of investigations, even in the rarer cases in which individual executives are accused of wrongdoing,” explains Pell.
The effects of these rulings have already created one area in which companies can be assiduous in anticipating problems and managing risk, with a view toward prevention being better than a cure.
In the capital markets arena, one response has been an increasing number of European corporates making use of provisions under the US Securities Act—Rule 144A—to tap credit markets in the US while managing exposure to US lawsuits.
Rule 144A exempts offerings of non-US securities into the US from certain registration requirements under US securities laws. Also, US purchasers in such offerings must meet certain qualifications, arguably making it harder for those purchasers to bring certain types of US securities claims. A restricted offering into the US can be combined with an unrestricted placement of securities offshore under the provisions of Regulation S (Reg S), which can be held by holders outside the US.
The scope of US jurisdiction has been shrinking over the past 10 – 12 years, arguably in an attempt to make the US legal system less “imperialistic.”
European views on issuing debt into international markets are evolving, says Rob Mathews, a London-based partner in White & Case’s capital markets group: “To get the best investor base, you want to be able to sell securities into the US, but not be subject to US rules regarding liability to the extent they can be avoided. Rule 144A-Reg S deals mean companies don’t have to go through the time-consuming and expensive process of registration.”
A series of recent federal court rulings in New York has made it much harder for US investors in non-US securities to pursue US securities law claims. This will encourage more institutional investors outside the US with deep pockets to fund transactions denominated in US dollars. If more entities are issuing out of Italy or the UK, there’s now less reason to go through the laborious and riskier US registration process.
“The availability of significant investment capital outside the US creates an environment where large transactions can be structured to substantially mitigate the risk of exposure to US securities laws,” says Mathews.
But during this same period, other legal risks have increased, and they are not so easily ring-fenced. For example, many forms of government regulation have increased dramatically in the past 15 - 20 years. This is particularly true in areas like anti-corruption, anti-terrorism, anti-money laundering, economic sanctions, environmental compliance and banking regulation. These areas often include broad criminal and administrative jurisdictions and relate to how a company does business in certain markets—and alleged violations of law can often open the door to parallel claims for civil damages against companies.
In addition, many of the laws that have developed over the past 15 years have included provisions designed to increase corporate transparency. There have been enhanced disclosure regimes with prosecutors increasingly stressing that companies should report problems before the government learns of them, and whistleblower provisions encouraging corporate insiders to reveal information to the government. This makes it much more likely that problems, when they occur, will enter the public domain where they can quickly explode.
This enhanced exposure to certain types of legal risks brings into play nonlegal risk drivers that have changed significantly over the same period. Advances in technology and social media mean that when information is disclosed or leaks, or a crisis hits, companies no longer have the luxury of time to assess potential problems, determine strategy and respond appropriately. For example:
Transaction velocity has increased exponentially; as business moves faster, so the potential for damages will rise, with major incidents impacting both corporate and consumer transactions.
Increased velocity and networking also mean that businesses today face huge reputational risks, and brands can take a substantial battering in the wake of a corporate crisis. Moreover, when information breaks now, it tends to do so in ways that are nonlinear or asymmetrical, so that companies have much less time to marshal facts and decide how to manage information.
There is increased public and fiscal pressure on governments to intervene in domestic market business wrongdoing or disasters. Such interventions offer the added benefit of providing cash injections into national budgets, given that governments can impose large fines on corporations, for any number of violations.
Developing nations are attempting to replicate tools and mechanisms used in mature economies as a way to boost their budding legal and justice systems— for example, several Latin American and African nations are developing US-style tort claims systems. Whether you are a pharmaceutical company looking to do clinical trials or a mining company worried about potential groundwater pollution, the prospect of US-style tort litigation raises serious business issues.
The explosion in transparency has created a new risk—the risk that something becomes viewed as endemic rather than contained. If a bank is accused of wrongdoing or poor controls, it becomes easier for others in the industry to face crises as the entire system falls under suspicion. The old concept of a run on a bank in one city becomes a risk of a run on multiple banks in multiple markets—or a run on the currency of an entire country.
All this has created significant implications for corporate risk management. A new gospel has emerged: assemble teams faster, be nimble and be committed. This is not easy, and the premium on how to react is enormous.
15 – 20 years
Many forms of regulation have increased dramatically in the past 15 – 20 years in areas such as anti-corruption.
“It’s very difficult to train for disaster risk management, but it is worth the effort. Developing emergency contingency plans and conducting practice crisis management sessions will highlight strengths and weaknesses if those exercises are taken seriously,” says Greg Little, a White & Case commercial litigation partner based in New York.
The 2008 financial crisis showed how the risk equation has changed. According to Little, if the financial crisis demonstrated anything, it’s that an initial problem in New York can affect firms just as easily in Tokyo, London, Moscow or Dubai: “Not only must you pay attention to local problems, you must also coordinate with regulatory authorities and legislators in other countries—and they don’t all have the same laws, emphases or outlooks. A resolution in one place does not necessarily move the ball forward in other jurisdictions,” says Little.
Moreover, the drive toward greater transparency and accountability has multiplied the dimensions of serious corporate problems. “It’s about more than legal causation—which used to be the main focus,” adds Little. “Now, it may also be about corporate ‘responsibility,’ and the spectrum of risk has expanded to include, in some cases, societal and product market losses on top of criminal or civil legal exposure.”
A Scandinavian company with a product that is manufactured in China, tested in Africa and sold in Europe and the US could easily be faced with a US lawsuit arising out of regulatory problems encountered in Africa or the EU; these problems could undermine supply contracts and sales around the world and, if serious, cause consumers to question other similar products in the industry.
An intelligent strategy would be to consider risk-limiting strategies ahead of time, consider who needs to be involved within the company and, when the crisis hits, invest early in developing both case theories and expert analysis so that as much as possible the spectrum of potential risks is viewed more widely and dealt with aggressively rather than passively or reactively.
“You have to ask, where is the damage going to arise? Where will my adversary think it is most advantageous to bring actions? You need to consider ways to focus the dispute on a jurisdiction where your chances are most favorable, whether with suppliers, subcontractors or customers,” says Little.
“It also means being creative; is it better to wait for the other side to initiate action or do you have a more favorable forum where you might be proactive? Is there a jurisdiction where we should self-report or settle first? These are not always simple questions.”
Fifteen years ago, according to Little, there was a tendency to think that if you were right on the facts and right on the law, then in the long run you shouldn’t have problems. But there are now so many stakeholders, each with their different interests that go beyond legal liability, that being right on the facts and the law in the long run may not be enough to protect a business.
“You can’t just consider the technical legal arguments,” he says. “You also need to think about public perceptions, dealing with the media, shareholders, legislators and regulators. To add to the challenge, in the age of social media, you can’t say one thing to one group and send a different message to another because everything you say will be out in the public immediately. Consistency is key.”
What this means is that there is now more of a premium on assembling the right team faster—and making sure that your team covers the broader range of stakeholders than used to be at the table when legal problems developed in a slower, more linear fashion.
“Bringing outside counsel in earlier, including to help coordinate different constituencies within and outside the company, can do a great deal to help gauge and manage rapidly developing risks,” says Pell.
He adds that “compressed timelines and rapidly changing facts make it smarter to engage consulting experts sooner than in the past, because even before litigation breaks out, understanding how different or shifting facts may impact the shape of investigations or claims, or how insights into the economics of an industry may change potential claims or damages, has huge value to a company in managing risk.”
Another potential shift in legal risk management is emanating from the rise of so-called industry ombudsmen taking over duties from the courts, which are increasingly deemed too slow and expensive.
You can’t just consider the technical legal arguments. You also need to think about public perceptions, dealing with the media, shareholders, legislators and regulators
Greg Little, partner, New York
In Europe, a pan-continental claims system, similar to the US tort system, is slowly forming, shifting dispute resolution from the courts to alternative dispute resolution (ADR) mechanisms. Professor Chris Hodges of Oxford University’s Centre for Socio-Legal Studies chairs a committee that is looking into creating a European claims system for dissatisfied consumers.
“Arbitration is outside the courts and has a different architecture to the court system. That’s being used in a wide range of circumstances from straightforward commercial arbitration, through international arbitration to dealing with consumers and online traders,” says Hodges.
Industry ombudsmen are viewed by the businesses they represent as a viable means of resolving their customers’ complaints.
“Companies are finding modern versions, some set up by statute, such as various financial ombudsmen, and some created by industry bodies, such as Germany’s insurance ombudsman set up 14 years ago. These ADR systems are being expanded into a pan-European framework as a result of the EU Consumer ADR Directive of 2013,” says Hodges.
The rise of consumer ADR creates the potential for a different means for resolving certain types of disputes, in ways very different from how we think about court cases.
Taken as a whole, these are seismic changes that are recalibrating the nature of risk and risk management. Companies need to keep abreast of these shifts and constantly look for what is over the horizon.
“Companies know that wherever they do business, they experience risk,” says Pell. “They can start to think about separating their risks, about how they can use their corporate structures, and even insurance, strategically. There may not be a manual, but there is still much that they can do in advance to be prepared to do the right things and ensure they make the right choices when time is short and pressure is high.”