19th May 2020
19th May 2020
By Sarvarth Misra, Co-founder and CEO at ContractPodAi
Today's corporate legal teams may not need to possess superhuman powers. Yet, in the real world, they need to be able to take on a crisis at a moment’s notice.
With this in mind, they should not wait for situations like the COVID-19 (coronavirus) pandemic to test the crisis readiness of their corporate legal team. They should already be safeguarding businesses from risks, such as:
Here are four crisis readiness mandates, along with crucial challenges that your in-house legal team should be equipped to face.
One of the best ways to manage a crisis is to prepare for it before it ever happens. Stephen Covey, the author of 7 Habits of Highly Effective People, writes that "if you don’t choose to do it in leadership time upfront, you do it in crisis management time down the road."
Business continuity and disaster recovery planning should not be placed entirely on the shoulders of the IT and finance departments. Instead, corporate legal should play a significant role in damage control and business recovery. This is following catastrophes, whether natural or human-made.
Corporate legal teams are often called upon to:
Former U.S. President John F. Kennedy famously said: “When written in Chinese, the word ‘crisis’ is composed of two characters. One represents danger, and the other represents opportunity.”
So it is often the legal team’s crisis response that determines where a company’s fate lies.
There are many scenarios in which a company faces adversity, and requires internal or external guidance. This may be a crisis like the one aerospace company Boeing went through: the crashes and subsequent grounding of their 737 Max aircrafts.
Boeing and its former CEO Dennis Muilenburg were seen as slow and ineffective in responding to two of its planes crashing shortly after takeoff in Indonesia and Ethiopia. Now, Boeing’s in-house and outside attorneys are working through lawsuits involving various airlines and the families of the 350 passengers who lost their lives. They also are working through investigations by the U.S. Federal Aviation Administration and are expected to spend about $5 billion on the fallout from the malfunctioning aircraft.
If businesses that do not effectively manage strategic communications during - and after - a disaster like Boeing’s, they allow their competitors, the media, and the public to shape the narrative.
Automotive manufacturers Toyota and Volkswagen often come to mind when one thinks about product recalls. Events like the VW emissions recall and fuel economy settlement of nearly $98 million in 2017; or Toyota’s braking and “unintended acceleration” recalls a decade ago. Other automotive manufacturers have had far more recalls over their lifetimes. But the PR mistakes that these companies made were disastrous.
Still, product risk management for products - ranging from cars to food and medication - is more than putting out PR fires whenever a product causes injury or death. According to London-based risk consultancy firm Control Risks, it is a full lifecycle of risk readiness, response, and recovery.
In this digital age, information is often referred to as a company’s second most valuable asset. In this regard, Equifax and Yahoo each showed how to fail at crisis management, according to many experts.
In recent years, Yahoo was found to have failed to investigate a breach properly and inform investors. Equifax did not patch a widely known security vulnerability in its software, allowing cybercriminals to exploit the data security gap over a period of nearly three months. Then, they did not publicize or inform those whose data was exposed in the breach for months afterward.
Because of these events, governments in the EU, the U.S., and beyond have increased data protection security and privacy regulations such as the GDPR. Compliance requirements are far stricter for the collection and handling of personal information. And the penalties for non-compliance have increased greatly.
Meanwhile, global accounting firm Deloitte has developed a data breach crisis management lifecycle framework. It defines a series of activities from breach readiness and crisis planning, through to real-time response, communications, and post-crisis assessment.
There are many reasons why businesses fail at crisis management. Some are just beyond their control. But the fact remains that these companies did not have adequate plans in place to deal with the catastrophes that occurred. They did not effectively communicate the circumstances to their investors, customers, government regulators, or the press either. As a result, the recovery effort by all of these companies is ongoing.
So does your organization have contingency plans to manage a crisis like a natural disaster, global pandemic, or a human-made catastrophe like a data breach? Do you have a crisis-ready legal team that can navigate events like the ones described above?
Check out our latest whitepaper, “Contract Management Crisis Preparedness for GCs.” And discover the difference that a proper contract management solution can make in your corporate risk management strategy.
Co-founder and CEO
Connect with us on LinkedIn
ContractPodAi empowers your team to assemble, send, sign and approve all kinds of contracts – from NDAs to sales contracts – anywhere, anytime and using any device.
Automated contact & document assembly
Highly configurable approval workflows
Central collaboration & negotiation
Sign using DocuSign eSignatures