Thursday, June 30, 2016

WEBINAR: Managing External Vendor Risk (Drivers, Trends & Approaches)

Here's an upcoming webinar, on a timely topic, which may be of interest: Vendor Procurement, Risk and Relationship Management.

Jointly produced by Intapp and HBR Consulting, this event will explore the various factors causing firms to pay even closer attention to the way they select, evaluate and manager their external vendors. (Client information security mandates are just one of several drivers.)

Scott Springer and Mark Denner from HBR will review industry trends and how innovative approaches, supported by new technology, enable firms to streamline procurement, evaluate vendors and address increasingly stringent client and industry requirements.

They will also review the vendor lifecycle and demonstration of HBR Consulting's procurement management solutions, built leveraging Intapp Flow to manage the entire vendor lifecycle, including:
  •     Evaluation & on-boarding
  •     Information security review
  •     Performance monitoring
  •     Audit & compliance
  •     Off-boarding
(They've nicknamed it "NVI." V for vendor, in the same way firms have an "NBI" approach for business.)

Attendance is limited. For more detail and to request an invitation, please visit the webinar registration page.

Wednesday, June 29, 2016

UPDATE: 2016 Risk Survey Reports Published

An exciting update to share (inasmuch as risk news actually excites – though, since I'm talking to "my people" in this corner of the internet, I feel safe using the adjective): "2016 Law Firm Risk Roundtable Survey Highlights Evolving Risk Landscape Across the US, UK, Canada and Australia."

Participants should be receiving the promised copies of their report in the days ahead, so watch your inboxes. (Thank you again to everyone who took the time to contribute their insights – particularly those offering extensive color commentary, the quotes are always my personal favorite element of these.) And, if you did not participate, there's always next time...

Produced by the Law Firm Risk Roundtable initiative and sponsored by Intapp, the Law Firm Risk Roundtable Survey provides statistical information and commentary about the top priorities and concerns for law firm risk, IT and management stakeholders.

Key themes in this year's survey include information security, conflicts management and client-related risks. Some of the trends identified in the 2016 Law Firm Risk Roundtable Survey include:
  • Information security was ranked as the No. 1 risk management priority by over half of firms in the UK and Canada, and by more than one-third of respondents in the US and Australia. Data breaches, data loss and exposure of confidential client information – resulting from cyberattacks and/or internal leaks or failures – were frequently cited as key concerns. Many firms reported that information security questionnaires and audits from clients were becoming more frequent and more onerous.
  • Concern about managing conflicts of interest is growing in many countries, including the US, where 37% of respondents ranked it as their topmost risk management concern in 2016 – up from 22% in 2014. Respondents cited a range of factors that contribute to missed conflicts and inadvertent conflicts, including the volume and complexity of conflicts checks in large growing firms, particularly internationally; lack of awareness of "who is the client" (including subsidiaries and affiliates); and business and commercial conflicts.
  • A growing number of larger clients are imposing outside counsel guidelines, often introducing complex terms that many firms find challenging to track, manage and comply with. The 2016 Law Firm Risk Roundtable Survey provides an interesting overview of how firms are responding to outside counsel guidelines, and how they are viewed by lawyers and staff.
  • Survey respondents were asked to comment specifically on their risk stance toward cloud-based services and storage for the first time. Firms are generally divided on the issue. Even in the US, where 47% of firms reported that they were already using cloud services, respondents generally reported a cautious approach to the cloud, requiring service providers to meet rigorous standards. While some firms reported that they did not allow client information to be stored in the cloud, others reported that in some instances, it was the clients themselves who were requiring them to use cloud services.
Also worth noting: While these surveys were conducted well in advance of the UK referendum on EU membership, it’s interesting to note that Geopolitical risks (including terrorism and business continuity in “unsafe jurisdictions,” as well as the possibility of Brexit) did emerge as one of the top 10 risk management concerns among law firms in the UK report.

Tuesday, June 28, 2016

Brexit, Stage Risk

Brexit is making big news and big waves. Here are some of the latest stories on this significant development:

"Law Firms Face Uncertain Future As Brexit Result Hits Markets" --
  • "Clifford Chance senior partner Malcolm Sweeting said the so-called Brexit will have 'serious implications,' while K&L Gates’ European managing partner Martin Lane said it will 'create shockwaves across the globe.'"
    "Law firms are braced for a period of intense activity, with lawyers already receiving floods of inquiries from clients trying to figure out what the result means for their businesses... The longer-term impact of the unprecedented move is unknown, however."
"Brexit A Bonanza For London Law Firms ... For Now" --
  • "The U.K.’s seismic decision to be the only country to leave the 28-nation bloc will keep law firms busy helping clients cope as the U.K. unwinds four decades of legal and regulatory integration with the EU and negotiates its new relationship. The complex and potentially rancorous divorce process is likely to run for years and will provide ample opportunity for firms to rack up billable hours."
  • "The downside for London legal powerhouse firms is that, in the long term, London could lose its status as the European entry port for global legal services if the country is denied future access to the EU’s single market for financial and legal services."
"Seven ways Brexit will impact international law firms" --

  • "Most major firms are running 24-hour hotlines to deal with the massive levels of client demand. Once this initial frenzy subsides, lawyers will then play a crucial role in helping clients navigate one of the largest programmes of regulatory and legislative reform ever seen. The event has once again shown the degree to which the legal sector is insulated against wider economic and market malaise."
  • "While trade, regulatory and financial services lawyers can ‘look forward' to 80-hour weeks for the foreseeable future, transactional lawyers may be left checking to see if their phones are still working."
  • "Transactional practices are key drivers of law firm revenue generation. That engine is now likely to splutter. The sort of advisory work that firms did in the run-up to Brexit can be profitable and is a great way of strengthening relationships with clients. But it doesn't bolster the bottom line in the same way as big-ticket transactions, which can keep entire floors of lawyers across multiple practice areas busy for months."
  • "One London-based partner joked that the UK, traditionally home to some of the world's most expensive lawyers, may now become a 'low cost jurisdiction.'"
  • "One of the more esoteric effects of a Brexit is that lawyers risk losing their rights to European Union (EU) professional legal privilege. This is of particular concern to UK competition lawyers, who may also no longer have the right to plead before the European Court of Justice in Luxembourg."

"Comment: Brexit and the Legal IT sector impact" --
  • "The consensus appears to be that law firms will experience an upturn in inquiries regarding the impact of Brexit, translating into short term advisory opportunities, but that in the medium term transactional work will inevitably be adversely affected, mitigated only slightly by work undertaken as clients reposition themselves and the future shape of the UK’s trade relationships begins to be known. And then finally we will settle into a new, and as yet unknown, normal."
  • "The longer term outlook will be quite interesting and will I think be a bellwether that could inform us as to exactly how much law firm leadership has really changed in the last 10 years. Or not, as the case may be."
  • "Moving forward to the last few years however we have seen investment and innovation apparently being embraced by law firms as they seek to cope with the challenging circumstances brought about by globalisation, the 2008 ‘crisis’ fallout, Jackson reforms, sustainable cost reduction, ABAs and the new IT landscape of AI, SSaS and ‘the cloud’… plus others. In many ways Legal IT has been an enabler in this, and there have been undoubted opportunities for the sector as law firms have realised that not changing in a changing world is really not an option."

Tuesday, June 7, 2016

Outside Counsel Guidelines (Threats & Risks) are Just in the Air...

The Risk Zeitgeist of the day continues to focus on OCGs and terms of business. Nancy Beauchemin from InOutsource recently published her own analysis and insight on these issues in Corporate Counsel magazine: "Hidden Compliance Threats to Outside Counsel Guidelines" --
  • "To protect businesses and ensure compliance with internal budgets, data privacy, security requirements and other legal statutes, corporate legal departments often require outside law firms to agree to stringent outside counsel guidelines. These were originally established to control legal costs and are one of the ways in-house counsel maintain control of outside firms. However, how can corporate counsel be sure that these guidelines are adhered to within a law firm environment? This article will address some of the inherent challenges."
  • "The first step a law firm needs to take to comply with outside counsel guidelines is to become aware that they exist. All too often, the attorney primarily responsible for the relationship with the corporate legal department will agree to the guidelines without first vetting the language with those individuals and departments within the firm that need to establish procedures and technology to comply with them."
  • "Establishing a policy to ensure that all outside counsel guidelines are reviewed prior to being executed will go a long way to ensuring attorneys are not putting their law firm at risk. This review should be completed by someone who understands the implications of the terms, such as the law firm’s general counsel. The responsible attorney or practice group leader who has a vested interest in either accepting a new engagement or continuing work for an existing client cannot be given the authority to review or accept outside counsel guidelines on behalf of the firm."
  • "Much of what is required involves restricting access to client information. Law firms often implement technology to confine access to matter information only to those individuals working on the matter. Often these programs are intended to work with enterprise document management systems, which are designed to provide a single, organized collaborative repository to manage client matter content. The problem is that, by default, most document management systems are open to anyone within the firm."
  • "Outside counsel guidelines often have some aspect of loyalty to the client. But a key issue is understanding who the client is. The guidelines may stipulate that the duty of loyalty extends to all subsidiaries and affiliates of the client organization. Yet, an all-encompassing view of the client could limit a law firm’s ability to accept future business."

Monday, June 6, 2016

IP Matters, IP Conflicts, IP Insights

Michael E. McCabe, Jr. does some excellent reporting and analysis on IP matters. Here's some of his latest work worth noting:

"Mass. Court Nixes Conflict Claim Against Gillette Former In-House IP Attorney Who Provided Competitor With Infringement Opinions Regarding Ex-Client’s Patents" --
  • “On May 5, 2016, a Massachusetts state court dismissed Gillette’s claims for breach of fiduciary duty against its former in-house IP counsel who left Gillette and went to work for a competitor, where he used allegedly privileged information gained during his prior employment and helped his new employer analyze and avoid infringement of Gillette’s patents—including patents over which he oversaw prosecution.”
  • “The court held that Gillette’s amended complaint failed to state claims for breach of fiduciary duty as a matter of law.  Consequently, the court dismissed with prejudice Gillette’s claims against its former in-house attorney.   See The Gillette Co. v. Provost, No. 1584CV00149-BLS2 (Mass. Super. Ct. May 5, 2016) (order granting motion to dismiss).”
  • “The court noted at the outset that Mr. Cekala’s fiduciary duty as former counsel to Gillette is “narrower” than the broad and undivided duty of loyalty that Mr. Cekala owed to Gillette when he represented the company as its in-house patent counsel. Since Gillette was Mr. Cekala’s former client, his ethical duties were limited by Massachusetts law, in particular Mass. R. Prof. Conduct 1.9, to preserve his former client’s confidential information and secrets.”
  • “Second, the fact that Mr. Cekala “developed expertise” regarding the scope of some of Gillette’s patents while he worked for Gillette are “beside the point” since issued patents are public documents.  The court explained that, “nothing in Rule 1.9 bars a lawyer from using publicly available information” or expertise acquired while representing a former client to help a new client compete against the former client.”
"IP Conflicts of Interest, Hot Potatoes, and “The Game of [Litigation] Life”"--
  • “Plaintiffs, alleged owners of the IP rights to the “The Game of Life”, want to end up on Millionaire Estates.  Defendants, including the toy company that has been making and selling “The Game” for decades, are trying to keep themselves out of the Poor Farm.  All of them are lawyered up and “spinning the wheel” of federal district court IP litigation.  See Markham Concepts, Inc. v. Hasbro, Inc., Case No. 1:15-cv-419-S-PAS (D.R.I. Oct. 2, 2015).”
  • “Just like real life (and frankly The Game of Life itself), the litigation, which has been pending for seven months, recently spawned an unexpected turn.  No, it was not the birth of twins or an income tax bill, as might occur in the Game.  Instead, defendants have moved to disqualify plaintiff’s IP counsel, the law firm of Greenberg Traurig, for an alleged concurrent client conflict of interest.”
  • “At issue in this case is whether a law firm which knows that it is about to become adverse to a current client, and which requested and was denied a waiver of the conflict from its client, can then withdraw from representing the client and promptly represent a party adverse to its “former” client.  In ethics parlance, a “withdrawal” under these circumstances is sometimes referred to as a “hot potato drop.”  Also at issue is whether a purported advanced waiver of conflicts, which states that a client will not “unreasonably” withhold its consent to a future conflict, is enforceable, and even if it is enforceable, whether the law firm under the facts of this matter “unreasonably” withheld its consent to the waiver.”

Sunday, June 5, 2016

Panama Lessons ("On business intake" or "Be careful with those clients, Eugene...")

"Law Firms Look for Lessons—and Clients—in Panama Papers Leak" --
  • "While many firms are getting updates and looking for opportunities in the wake of the leak, at least one, Sheppard, Mullin, Richter & Hampton, has formally set up a multipractice group devoted to Panama Papers-related developments."
  • "At least 30 Am Law 100 firms, including some that no longer exist, and dozens of other law firms around the world appeared in the searchable database that was published Monday by the ICIJ. The firms and other entities listed came from the Panama Papers leak and a separate ICIJ investigation from 2013."
  • "Regardless of whether they appear in the database, law firms should view the Panama Papers as a wake-up call, said Hinshaw & Culbertson professional liability partner Janis Meyer. 'Firms would be well served to take this opportunity to review their client intake procedures,' Meyer said. While large firms typically do have systems in place to alert them if a potential client has been flagged by a law enforcement agency, every jurisdiction has its own rules regarding what kind of due diligence is mandatory."
  • "In the U.K., for example, 'there are procedures to ensure that you know your client,' said Meyer, who was general counsel at Dewey & LeBoeuf before the firm went bankrupt in 2012. 'We don’t have any mandatory procedures for that here [in the U.S.], but good lawyers do it.'"
"Panama Papers spotlight danger of failing to screen for problem clients" --
  • “But the Panama Papers also shine a light on some failures of Mossack Fonesca to screen out problematic clients — failures of due diligence that the firm itself recognized.”
  • “One case in point is Petropars Ltd., which the ICIJ described as an Iranian-government- controlled intermediary between foreign companies and Iran’s oil ministry.  Through its offices in Dubai and London, Petropars was also a player in the development of Iran’s multibillion-dollar South Pars natural gas field.”
  • “Mossack raised the alarm in an internal e-mail addressed to the firm’s “Compliance Department,” among others.  He wrote “This is dangerous! … Everybody knows that there are United Nations sanctions against Iran and we certainly want no business with regimes and individuals from such places.”
  • “He called into question how Petropars had been vetted as a firm client to begin with, and blasted the firm’s United Kingdom office:  ‘It would appear Mossfon UK are not doing their Due Diligence [sic] thoroughly (or maybe none at all), and maybe from now on we ourselves will have to do the DD on all clients that Mossfon UK have with us, present and future!’
  • “Mossack wrote that ‘Anybody having had to do anything with this company [sic], … should have realized immediately that the names associated with it were Iranian names.  A red flag should have been raised immediately.’ The firm resigned as Petropars’ registered agent in October 2010.”

Thursday, June 2, 2016

Cyberpunks, Cybermen, Cyber Risk ("Cyber" is scary...)

Plenty has been written about the unfolding Panama Papers event, and the ripples hitting risk, information security and more.

"Panama Papers Data Dump Includes BigLaw Intermediaries" --
  • “A group of international journalists that released the so-called Panama Papers, which exposed the use of shell companies by wealthy individuals to hide their money from tax authorities, released data on Monday [May 9] related to more than 200,000 such companies, including information about BigLaw firms named in a prior data leak.”
  • “The data, which can be found here, co-mingles information uncovered in both the Panama Papers, which were released in April, and a report from 2013 known as the Offshore Leaks investigation, which focused on actions by U.K. citizens and residents to set up anonymous shell companies in foreign jurisdictions.”
  • “The released papers do not necessarily reveal illegal activity or other wrongdoing by the law firms or their clients, but altogether do shine a light on the secretive and complex use of offshore shell companies to conduct business — some of which is controversial or linked to questionable persons and activities.”
  • “Edelson PC's recent putative privacy class action alleging a Chicago-based regional law firm failed to take measures to effectively safeguard sensitive client data highlights the need for firms to obtain expansive cyber liability coverage. There is a misconception among firms that adding a "network endorsement" to their lawyers' professional liability policy will cover most cyber risks, but that isn't the case, according to Eileen Garczynski, senior vice president of specialty insurance brokerage Ames & Gough... As a result, purchasing a standalone cyber policy has become a must for law firms, Garczynski said.”
  • “And because many cyber policies only cover claims resulting from the theft or inadvertent disclosure of personally identifiable information such as birth dates and Social Security numbers, it is crucial for a law firm to obtain a cyber policy with a definition of ‘confidential information’ that encompasses all materials that fall under the attorney-client privilege. ‘A law firm will have some [personally identifiable information], but perhaps the bigger concern is that someone will steal the firm's strategy, a client's intellectual property or confidential emails,’ Garczynski said.”
  • “Like other businesses, many law firms have started to store more data in the cloud rather than on computer servers located onsite. As a result, firms that use third-party cloud storage vendors to store sensitive data should make sure that a policy's definition of ‘computer network’ encompasses those cloud providers, experts say. Otherwise, any claims that ensue if confidential information is stolen from a cloud provider may not be covered.”

Wednesday, June 1, 2016

Effectively Coming to Terms with Client Terms (OCGs, Engagement Letters and Client Expectations)

"Intapp Transforms Terms of Business Management for Law Firms with Intapp Open" --
In April, Intapp announced the release of the Intapp Open terms of business management system. The terms management system helps law firms reduce risk by centralizing outside counsel guidelines, engagement letters and other client requirement documents, and making it easier for firms to access, view, analyze and take action on their most critical client commitments.

Orrick, Herrington & Sutcliffe LLP, a prominent global law firm with more than 1,100 lawyers across 25 offices, is implementing the complete Intapp Open business acceptance suite, including Intapp Open for terms management.
Said Mike Guernon, Director of New Business and Conflicts at Orrick:
  • “Law firms today are grappling with how to keep up with the growing volume and complexity of outside counsel guidelines we receive from clients. A seemingly simple question such as ‘Have we agreed to similar terms with other clients?’ could easily translate to hours of painstaking review,”
  •  “By moving to the Intapp Open terms management system, we’ve been able to centralize OCGs and provide deeper visibility into terms documents, making the review process more straightforward and efficient. The ability to send notifications to client teams and other key stakeholders and display relevant terms has tremendous potential to save time, reduce risk, and help the firm focus on closer collaboration with our clients.”
The Intapp Open terms management system brings structure and visibility to previously disorganized and siloed terms management processes. With a few keystrokes, a conflicts lawyer or staff member can find details about any specific term in place with a client, or retrieve information about a specific category of commitments across the firms’ clients. What used to take hours to research can now be done in minutes through the Intapp terms management system’s powerful search and filtering capabilities.

The terms management system provides a structured terms database to identify, capture and categorize terms information from multiple sources. Intapp also provides 65 terms templates – vetted by numerous law firms – to help firms quickly and consistently categorize clauses, while prioritizing the terms most important to the firm and to individual client teams. The system also enables users to flag exceptions to standard firm policies. Notifications can be sent to key stakeholders when terms have been updated or changed, with links to relevant sections of client documents to display terms in context.

Integration with other law firm systems helps to weave client requirements and compliance into key workflows. For example, a lawyer submitting a new matter intake request can be automatically shown relevant terms of business previously agreed with the client. When running a conflicts search, competitors identified in clients’ outside counsel guidelines can be automatically flagged as black book entries. When lawyers submit their time entries, the time recording system can enforce compliance with client billing guidelines.

Product Information