Do You Have a Crisis-Ready Legal Team? Fail to Plan, Plan to Fail

Do You Have a Crisis-Ready Legal Team? Fail to Plan, Plan to Fail
by Sarvarth Misra

Today’s corporate legal teams may not need to possess superhuman powers. Yet, in the real world, they need to be able to take on a crisis at a moment’s notice.

With this in mind, they should not wait for situations like the COVID-19 (coronavirus) pandemic to test the crisis readiness of their corporate legal team. They should already be safeguarding businesses from risks, such as:

  • Contract non-performance penalties should production be shut down or if services cannot be delivered
  • Financial hardship as a result of canceled events, unpaid invoices, and underutilized employees
  • Diminishing credit access despite reduced interest rates
  • Unsafe workplace conditions due to contamination or neglect from reduced staffing
  • Lowered morale, and fear among employees and executive leadership team

Here are four crisis readiness mandates, along with crucial challenges that your in-house legal team should be equipped to face.


One of the best ways to manage a crisis is to prepare for it before it ever happens. Stephen Covey, the author of 7 Habits of Highly Effective People, writes that “if you don’t choose to do it in leadership time upfront, you do it in crisis management time down the road.”

Business continuity and disaster recovery planning should not be placed entirely on the shoulders of the IT and finance departments. Instead, corporate legal should play a significant role in damage control and business recovery. This is following catastrophes, whether natural or human-made. One of the best ways to manage a crisis-ready legal team is to be prepared for it before it happens.

Corporate legal teams are often called upon to:Your legal team needs to unite their powers to safeguard your business from risks

  • Lead a contingency planning task force to make plans, go through a vetting exercise of existing plans, or to coordinate crisis simulations to pressure test plans
  • Set the tone of post-crisis communication to customers, suppliers, investors, and other stakeholders
  • Advise senior executives on how to best address any contractual challenges, including invoking a force majeure clause, should an Act of God prevent a company from meeting its obligations
  • Collaborate with human resources, finance, and other cross-functional teams should a business need to downsize or restructure post-crisis

Former U.S. President John F. Kennedy famously said: “When written in Chinese, the word ‘crisis’ is composed of two characters. One represents danger, and the other represents opportunity.”

So it is often the legal team’s crisis response that determines where a company’s fate lies.


There are many scenarios in which a company faces adversity, and requires internal or external guidance. This may be a crisis like the one aerospace company Boeing went through: the crashes and subsequent grounding of their 737 Max aircraft.

Boeing and its former CEO Dennis Muilenburg were seen as slow and ineffective in responding to two of its planes crashing shortly after takeoff in Indonesia and Ethiopia. Now, Boeing’s in-house and outside attorneys are working through lawsuits involving various airlines and the families of the 350 passengers who lost their lives. They also are working through investigations by the U.S. Federal Aviation Administration and are expected to spend about $5 billion on the fallout from the malfunctioning aircraft.

If businesses that do not effectively manage strategic communications during – and after – a disaster like Boeing’s, they allow their competitors, the media, and the public to shape the narrative.


Automotive manufacturers Toyota and Volkswagen often come to mind when one thinks about product recalls. Events like the VW emissions recall and fuel economy settlement of nearly $98 million in 2017; or Toyota’s braking and “unintended acceleration” recalls a decade ago. Other automotive manufacturers have had far more recalls over their lifetimes. But the PR mistakes that these companies made were disastrous.

Still, product risk management for products – ranging from cars to food and medication – is more than putting out PR fires whenever a product causes injury or death. According to London-based risk consultancy firm Control Risks, it is a full lifecycle of risk readiness, response, and recovery.


Your crisis-ready legal team needs to unite its powers to safeguard your business from risks. In this digital age, information is often referred to as a company’s second most valuable asset. In this regard, Equifax and Yahoo each showed how to fail at crisis management, according to many experts.

Recently, Yahoo was found to have failed to investigate a breach properly and inform investors. Equifax did not patch a widely known security vulnerability in its software, allowing cybercriminals to exploit the data security gap over a period of nearly three months. Then, they did not publicize or inform those whose data was exposed in the breach for months afterward.One of the best ways to manage a crisis is to be prepared for it before it happens

Because of these events, governments in the EU, the U.S., and beyond have increased data protection security and privacy regulations such as the GDPR. Compliance requirements are far stricter for the collection and handling of personal information. And the penalties for non-compliance have increased greatly.

Meanwhile, global accounting firm Deloitte has developed a data breach crisis management lifecycle framework. It defines a series of activities from breach readiness and crisis planning, through to real-time response, communications, and post-crisis assessment.

There are many reasons why businesses fail at crisis management. Some are just beyond their control. But the fact remains that these companies did not have adequate plans in place to deal with the catastrophes that occurred. They did not effectively communicate the circumstances to their investors, customers, government regulators, or the press either. As a result, the recovery effort by all of these companies is ongoing.


So does your organization have contingency plans to manage a crisis like a natural disaster, global pandemic, or a human-made catastrophe like a data breach? Do you have a crisis-ready legal team that can navigate events like the ones described above?

Check out our latest whitepaper, “Contract Management Crisis Preparedness for GCs.” And discover the difference that a proper contract management solution can make in your corporate risk management strategy.

Sarvarth Misra

 Sarvarth Misra
 Connect with us on Linkedin

Request a demo

Contact us today for your personalised demo.