Legal risk

Last updated

Basel II classified legal risk as a subset of operational risk in 2003. This conception is based on a business perspective, recognizing that there are threats entailed in the business operating environment. The idea is that businesses do not operate in a vacuum and in the exploitation of opportunities and their engagement with other businesses, their activities tend to become subjects of legal liabilities and obligations. [1]

Contents

One of the primary reasons why legal risk is associated with operational risk involves fraud since it is recognized as the most significant category of operational loss events and considered to be a legal issue as well. [2] This, however, does not mean that legal risk is only confined to this conceptualization. For instance, there are specific sets of legal risks that are defined by European Union (EU) Law. In 2005, the European Central Bank declared that it will develop its own legal risk definition to help "facilitate proper risk assessment and risk management, as well as ensure a consistent approach between EU credit institutions." [3]

Further developing legitimate risk the board for any organization does not require many steps. This process won't prevent each lawsuit or administrative punishment, however, it can reduce lawful risks and enhance the organization's responses. [4]

Hazard is intrinsic in any business undertaking, and great danger management is a fundamental part of maintaining a fruitful business. An organization's management has shifting degrees of control concerning hazards. A few dangers can be straightforwardly overseen; different dangers are largely outside the ability to control organization management. Everything an organization can manage is to attempt to expect potential dangers, survey the possible effect on the organization's business, and be ready with an arrangement to respond to unfavorable occasions. [5]

Definitions

There is no standard definition, but there are at least two primary/secondary definition sets in circulation.

McCormick, R. 2004

Legal risk is the risk of loss to an institution which is primarily caused by:
(a) a defective transaction; or
(b) a claim (including a defense to a claim or a counterclaim) being made or some other event occurring which results in a liability for the institution or other loss (for example, as a result of the termination of a contract) or;
(c) failing to take appropriate measures to protect assets (for example, intellectual property) owned by the institution; or
(d) change in law. [6]

McCormick, R. 2004

Management of legal risk is not a precise science and subjective to the situation of the institution, and primarily caused by the lack of proper communication channel, undefined institutional objectives (such as the lack of policies and regulations), unclarified information flow between different personnel and department, lack of delegation of power to specify task on mitigation of risks. [7]

Johnson & Swanson. 2007

The expenses of litigation of a company. [8]

Whalley, M. 2016

Legal risk is the risk of financial or reputational loss that can result from lack of awareness or misunderstanding of, ambiguity in, or reckless indifference to, the way law and regulation apply to your business, its relationships, processes, products and services. [9]

Tsui TC. 2013

The cost and loss of income caused by legal uncertainty, multiplied by possibility of the individual event or legal environment as a whole. [10] One of the most obvious legal risks of doing business not mentioned in the above definitions is the risk of arrest and prosecution.

Types

Consequences

Legal risk can lead to fines and administrative penalties, the need for monetary damages, deterioration of reputation, deterioration of the bank's market position, narrowing opportunities for development, reducing the opportunities for development or legal enforcement of agreements.

Related Research Articles

<span class="mw-page-title-main">Derivative (finance)</span> Financial contract whose value comes from the underlying entitys performance

In finance, a derivative is a contract that derives its value from the performance of an underlying entity. This underlying entity can be an asset, index, or interest rate, and is often simply called the "underlying". Derivatives can be used for a number of purposes, including insuring against price movements (hedging), increasing exposure to price movements for speculation, or getting access to otherwise hard-to-trade assets or markets.

<span class="mw-page-title-main">Risk management</span> Identification, evaluation, and prioritization of risks

Risk management is the identification, evaluation, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability or impact of unfortunate events or to maximize the realization of opportunities.

Regulation is the management of complex systems according to a set of rules and trends. In systems theory, these types of rules exist in various fields of biology and society, but the term has slightly different meanings according to context. For example:

<span class="mw-page-title-main">Due diligence</span> Standard of care before entering into a contract with another party

Due diligence is the investigation or exercise of care that a reasonable business or person is normally expected to take before entering into an agreement or contract with another party or an act with a certain standard of care.

Operational risk is the risk of losses caused by flawed or failed processes, policies, systems or events that disrupt business operations. Employee errors, criminal activity such as fraud, and physical events are among the factors that can trigger operational risk. The process to manage operational risk is known as operational risk management. The definition of operational risk, adopted by the European Solvency II Directive for insurers, is a variation adopted from the Basel II regulations for banks: "The risk of a change in value caused by the fact that actual losses, incurred for inadequate or failed internal processes, people and systems, or from external events, differ from the expected losses". The scope of operational risk is then broad, and can also include other classes of risks, such as fraud, security, privacy protection, legal risks, physical or environmental risks. Operational risks similarly may impact broadly, in that they can affect client satisfaction, reputation and shareholder value, all while increasing business volatility.

In finance, systemic risk is the risk of collapse of an entire financial system or entire market, as opposed to the risk associated with any one individual entity, group or component of a system, that can be contained therein without harming the entire system. It can be defined as "financial system instability, potentially catastrophic, caused or exacerbated by idiosyncratic events or conditions in financial intermediaries". It refers to the risks imposed by interlinkages and interdependencies in a system or market, where the failure of a single entity or cluster of entities can cause a cascading failure, which could potentially bankrupt or bring down the entire system or market. It is also sometimes erroneously referred to as "systematic risk".

An agency cost is an economic concept that refers to the costs associated with the relationship between a "principal", and an "agent". The agent is given powers to make decisions on behalf of the principal. However, the two parties may have different incentives and the agent generally has more information. The principal cannot directly ensure that its agent is always acting in its best interests. This potential divergence in interests is what gives rise to agency costs.

The chief risk officer (CRO) or chief risk management officer (CRMO) or chief risk and compliance officer (CRCO) of a firm or corporation is the executive accountable for enabling the efficient and effective governance of significant risks, and related opportunities, to a business and its various segments. Risks are commonly categorized as strategic, reputational, operational, financial, or compliance-related. CROs are accountable to the Executive Committee and The Board for enabling the business to balance risk and reward. In more complex organizations, they are generally responsible for coordinating the organization's Enterprise Risk Management (ERM) approach. The CRO is responsible for assessing and mitigating significant competitive, regulatory, and technological threats to a firm's capital and earnings. The CRO roles and responsibilities vary depending on the size of the organization and industry. The CRO works to ensure that the firm is compliant with government regulations, such as Sarbanes–Oxley, and reviews factors that could negatively affect investments. Typically, the CRO is responsible for the firm's risk management operations, including managing, identifying, evaluating, reporting and overseeing the firm's risks externally and internally to the organization and works diligently with senior management such as chief executive officer and chief financial officer.

Enterprise risk management (ERM) in business includes the methods and processes used by organizations to manage risks and seize opportunities related to the achievement of their objectives. ERM provides a framework for risk management, which typically involves identifying particular events or circumstances relevant to the organization's objectives, assessing them in terms of likelihood and magnitude of impact, determining a response strategy, and monitoring process. By identifying and proactively addressing risks and opportunities, business enterprises protect and create value for their stakeholders, including owners, employees, customers, regulators, and society overall.

<span class="mw-page-title-main">Financial risk</span> Any of various types of risk associated with financing

Financial risk is any of various types of risk associated with financing, including financial transactions that include company loans in risk of default. Often it is understood to include only downside risk, meaning the potential for financial loss and uncertainty about its extent.

Foreign exchange risk is a financial risk that exists when a financial transaction is denominated in a currency other than the domestic currency of the company. The exchange risk arises when there is a risk of an unfavourable change in exchange rate between the domestic currency and the denominated currency before the date when the transaction is completed.

Compliance training refers to the process of educating employees on laws, regulations and company policies that apply to their day-to-day job responsibilities. An organization that engages in compliance training typically hopes to accomplish several goals: (1) avoiding and detecting violations by employees that could lead to legal liability for the organization; (2) creating a more hospitable and respectful workplace; (3) laying the groundwork for a partial or complete defense in the event that employee wrongdoing occurs despite the organization's training efforts; and (4) adding business value and a competitive advantage.

Governance, risk management and compliance (GRC) is the term covering an organization's approach across these three practices: governance, risk management, and compliance. The first scholarly research on GRC was published in 2007 by Scott L. Mitchell, Founder and Chair of OCEG where GRC was formally defined as "the integrated collection of capabilities that enable an organization to reliably achieve objectives, address uncertainty and act with integrity." The research referred to common "keep the company on track" activities conducted in departments such as internal audit, compliance, risk, legal, finance, IT, HR as well as the lines of business, executive suite and the board itself.

Information technology risk, IT risk, IT-related risk, or cyber risk is any risk related to information technology. While information has long been appreciated as a valuable and important asset, the rise of the knowledge economy and the Digital Revolution has led to organizations becoming increasingly dependent on information, information processing and especially IT. Various events or incidents that compromise IT in some way can therefore cause adverse impacts on the organization's business processes or mission, ranging from inconsequential to catastrophic in scale.

<span class="mw-page-title-main">Bank</span> Financial institution that accepts deposits

A bank is a financial institution that accepts deposits from the public and creates a demand deposit while simultaneously making loans. Lending activities can be directly performed by the bank or indirectly through capital markets.

Legal Governance, Risk Management, and Compliance or "LGRC", refers to the complex set of processes, rules, tools and systems used by corporate legal departments to adopt, implement and monitor an integrated approach to business problems. While Governance, Risk Management, and Compliance refers to a generalized set of tools for managing a corporation or company, Legal GRC, or LGRC, refers to a specialized – but similar – set of tools utilized by attorneys, corporate legal departments, general counsel and law firms to govern themselves and their corporations, especially but not exclusively in relation to the law. Other specializations within the realm of governance, risk management and compliance include IT GRC and financial GRC. Within these three realms, there is a great deal of overlap, particularly in large corporations that have legal and IT departments, as well as financial departments.

<span class="mw-page-title-main">Financial law</span> Legal rules relating to financial instruments and financial assets

Financial law is the law and regulation of the commercial banking, capital markets, insurance, derivatives and investment management sectors. Understanding financial law is crucial to appreciating the creation and formation of banking and financial regulation, as well as the legal framework for finance generally. Financial law forms a substantial portion of commercial law, and notably a substantial proportion of the global economy, and legal billables are dependent on sound and clear legal policy pertaining to financial transactions. Therefore financial law as the law for financial industries involves public and private law matters. Understanding the legal implications of transactions and structures such as an indemnity, or overdraft is crucial to appreciating their effect in financial transactions. This is the core of financial law. Thus, financial law draws a narrower distinction than commercial or corporate law by focusing primarily on financial transactions, the financial market, and its participants; for example, the sale of goods may be part of commercial law but is not financial law. Financial law may be understood as being formed of three overarching methods, or pillars of law formation and categorised into five transaction silos which form the various financial positions prevalent in finance.

The term business risks refers to the possibility of a commercial business making inadequate profits due to uncertainties - for example: changes in tastes, changing preferences of consumers, strikes, increased competition, changes in government policy, obsolescence etc. Every business organization faces various risk elements while doing business. Business risk implies uncertainty in profits or danger of loss and the events that could pose a risk due to some unforeseen events in future, which causes business to fail.

Proactive law seeks a new approach to legal issues in businesses and societies. Instead of perceiving law as a constraint that companies and people in general need to comply with, proactive law considers law as an instrument that can create success and foster sustainable relationships, which in the end carries the potential to increase value for companies, individuals, and societies in general.

<span class="mw-page-title-main">Non-financial risk</span>

Non-financial risks (NFR) are all of the risks which are not covered by traditional financial risk management. This negative definition resembles the initial definition of operational risk, and it depends on the bank or cooperation whether or not they use the term operational risk synchronously with NFR. Since 2019, the new term NFR became popular in the risk management sector

References

  1. Chapman, Robert (2011). Simple Tools and Techniques for Enterprise Risk Management. Chichester, West Sussex: John Wiley & Sons. p. 435. ISBN   9781119989974.
  2. Moosa, Imad (2007). Operational Risk Management. New York: Palgrave Macmillan. p. 95. ISBN   9781349352951.
  3. Mišćenić, Emilia; Raccah, Aurélien (2016). Legal Risks in EU Law: Interdisciplinary Studies on Legal Risk Management and Better Regulation in Europe. Berlin: Springer. p. 6. ISBN   9783319285955.
  4. Little, Mark. "6 Steps to Legal Risk Management | Risk Management | Articles". Berkman Solutions. Retrieved 2021-08-01.
  5. J. B. Maverick. "What Are the Major Categories of Financial Risk for a Company?". Investopedia. Retrieved 2021-08-01.
  6. Roger McCormick. "Legal Risk in the Financial Markets", Oxford University Press
  7. Roger McCormick. "The Management of Legal RIsk by Financial Institutions", RSM
  8. IMA. "Issues". imanet.org.
  9. "Legal risk 2.0: Show you're in control" (PDF).
  10. "Experience from the Anti-Monopoly Law Decision in China (Cost and Benefit of Rule of Law)". ssrn.com. SSRN   2260965.{{cite web}}: Missing or empty |url= (help)
  11. Masip, Gemma; Sabalza, Maite; Pérez-Massot, Eduard; Banakar, Raviraj; Cebrian, David; Twyman, Richard M.; Capell, Teresa; Albajes, Ramon; Christou, Paul (2013). "Paradoxical EU agricultural policies on genetically engineered crops". Trends in Plant Science . Cell Press. 18 (6): 312–324. doi:10.1016/j.tplants.2013.03.004. ISSN   1360-1385. PMID   23623240.