Identifying and Managing Corporate Risk from Internal and External Stressors

I’ve been asked the same simple question time and time again by clients who are faced with litigation – How did this happen?  Sometimes they are referring to a looming dispute over large accounts receivable, employee misconduct, a cyber security issue, or a fight with their landlord.  In response, I find myself saying over and over again; well let’s take a look at what your internal policies and procedures say about the situation.  Their general response is a sigh.

Minimizing litigation and the associated distraction from productivity, as well as, unavoidable expense begins with identifying corporate risk from internal and external stressors through proactive methods.  Anything short of being proactive results in being reactionary and companies should expect that the cost associated with reaction will always be a significant multiple of the upfront cost of being proactive.  Risk avoidance is not the same as risk mitigation. Initially, I recommend that companies devote attention to each of the following identified areas of risk:

• Human Resources and Employment Matters
• Credit Management and Accounts Receivable
• Data Security and Intellectual Property
• Contract Negotiation Procedures
• Real Estate
• Succession Planning

Proper assessment of these areas of risk requires that your company: (i) determine if it has a current policy in place to address the risk and if that policy is being followed; (ii) evaluate that current policy to ensure that it has evolved accordingly since it was first implemented; (iii) adopt any policy that is absent or lacking; (iv) present updated policies to management and employees for immediate incorporation into standard operating procedures; and (v) relate these updated policies back to your Employee Handbook for future performance assessment or necessary disciplinary actions.

Examples of appropriate protocols designed to address the aforementioned risks include: (i) an Employee Handbook that complies with current statutory mandates; (ii) a Data Breach Response Plan and Breach Response Notification Policy; (iii) a Standardized Sale Process with accompanying DSO and Credit Policies; (iv) a Contract “Playbook” for purchasing; (v) a Document Retention Policy; (vi) a Buy/Sell Agreement and Succession Plan; and (vii) Real Estate Management Policies for leased and owned properties. For additional information, contact your Tucker Arensberg attorney.