|Image [cc] PistachioLaura|
Toby recently posted an important piece on preventive law/compliance and why clients aren’t more forward-thinking in driving it: it’s important because it raises some really meaty and strategic issues that rarely get addressed in this or other thought-leadership columns, especially as we all focus our energies on “new normal” kinds of topics that involve innovations and technology and transformational change in the way that law departments and law firms work together. But I think Toby’s piece didn’t set the right questions up for a conversation on what’s needed to drive an aggressive preventive law focus … so I thought I’d chime in to offer my own perspective.
My differences with Toby on the topic probably stem from the differences in our experiences and work environments … he’s pulling his perspective from his law firm experience; I’m pulling my perspective from my experience working with corporate client / law departments.
I’m not surprised that leaders in firms who are thinking about what’s “next” in preventive legal service models don’t see law departments focusing sufficient attention or innovative strategy to compliance or preventive legal work. But I’d suggest that’s a problem of the limited vision of what they can see from their kitchen windows, and not a reflection of whether law departments actually are delivering compliance-based services. While some general counsel really don’t get compliance and behave just like they did when they were outside counsel - focusing all their attention on remedial legal triage and Band-Aides - I think most outside counsel perception that in-house counsel aren’t focusing on preventive practice is a result of insufficient exposure to what most law department leaders are doing when they’re not talking to their law firms.
As the former GC at the Association of Corporate Counsel (ACC), I spent more than two decades working with thousands of law department leaders on developing and perfecting on what is the bulk of their work – compliance-oriented practices. While they spent the majority of their budgets on outside counsel who are retained to work on that which requires remedial attention, in-house lawyers spend the majority of their time on preventive law: counseling, advocacy, internal compliance and training, strategic business advice, internal meetings, and so on. It’s no wonder that law firms don’t see much of this – that’s not what they’re hired to do.
My point is that many law departments choose to in-source compliance rather than out-source it. In-house counsel are hired and paid to intimately learn and live with the client in order to help “keep the milk in the glass”; outside lawyers are often retained to help clean up what’s spilt. If you only see spilt milk, you don’t know much milk is kept in the glass, or how many glasses there are that never tipped over at all. When Toby suggests that GCs would be better served if they were asking for more money for compliance-related activities and that they don’t because they are risk averse, I’d respond quite simply that Toby may not be aware of the extreme focus and resource corporate clients do expend on compliance. What they spend on compliance is spent on in-house staff, and not usually spent on firms or e-discovery vendors. E-discovery systems are not preventive legal systems – they’re remedial, except for the small benefit that some regulate what can be posted or stored (it doesn’t stop the inappropriate activity behind the document or email).
(Now more interesting question is whether outside counsel could “better” deliver truly preventive services than in-house lawyers – that’s the eternal question behind the “make or buy” decision of each general counsel. Firms that provide “full-service” counseling are often engaged in just that line of work, but that’s not the majority of what’s provided by firms to clients these days; it’s a small minority of the outside spend.)
To another of Toby’s points: Toby suggests that having separate legal and compliance functions in a company isn’t logical – and I think he’s right. But it’s important to know that most in-house lawyers who work in companies with separate compliance departments don’t like the separation either – this is a recent (within the last 10 years or so) advent, and the result of corporate failures that led to legislative remedies, such as SOX and Dodd Frank. These laws and the “best practice” presumptions they spurred amongst shareholders, regulators, the US Sentencing Guidelines’ Chapter 8 “effective compliance program” definitions, and governance ratings groups such as ISS, placed huge pressure on companies to dedicate a separate business office and officer for compliance – presumably to demonstrate that compliance is as important as every other major corporate business function with an office in the C-suite. Some departments were able to win the argument that the appointment of one of the legal team leaders as CCO was sufficient and that a separate department outside of legal was not necessary as long as someone was fiduciarily responsible for compliance and titled CCO. Others were unable to convince management that the fiduciary accountability for compliance could be housed in the same department and in the same leaders responsible for first developing the compliance programs which might fail, and then objectively running compliance failure investigations and defenses.
In many companies, the CCO runs that separate compliance function has a full staff of business style internal audit specialists; in others, the CCO has the title, but there’s no staff or budget – that person is on point for coordinating and assuring that every other department does their compliance job to spec and plan. But business compliance offices, however they’re staffed, tend to focus on numerical audit-like procedures – percent of defective products per thousand or million, staffing and handling of hotlines or other reporting processes, basic training and safety codes and procedures in place. Whereas the legal side of the function looks at ways to remove the impediments or address the conditions that lead to failures in the first place.
Of course, the most interesting and progressive work, as Toby notes that Jeff Carr has mastered, is when in-house and outside counsel do collaborate on keeping the milk in the glass – when outside lawyers are engaged in helping develop and drive not only preventive legal strategies, but litigation avoidance. And that’s the really neat value-space that I think got Toby’s brain to churning in his post.
A great example of this is the system deployed by Mike Roster, who was then General Counsel of Stanford University and its many related businesses: he pared down the former in-house staff by more than half and offered the preventive work formerly manned by those in-house lawyers to a small (winnowed down) cadre of his top firms, to whom he said: I’ll pay you a healthy yearly retainer based on what we know the remedial work you’ve done for us in the past costs us (say, employment law services or IP related services), but I’ll pay you a premium to shrink the work that is remedial by focusing (and incenting) the retention to favor the firm thinking about how to avoid or at lower the number of remedial situations the firms handle. In other words, Mike offered to pay those firms more to prevent the problems they were currently being paid to address.
Lo and behold, the client got the benefit of more problems prevented than remedied, the firms were paid more than they were making before to handle problems and were focusing on how to keep the milk in the glass (which many of their lawyers found strangely satisfying!), and total legal spend went down drastically. Mike paid litigators to turn their brilliant minds to helping the company avoid litigation; he eliminated the need to pay a larger staff of in-house counsel to perform this function by setting up the firm’s retention to offer preventive compliance services on an incentive fee. This is the really interesting “space” where progressive compliance-oriented practice (which focuses on advocacy and counseling) meets up with value-based practice efficiencies that better manage work and drive more consistent predictable results.
So here’s to discussion of that which keeps milk in the glass! My problem with Toby’s post is not that I disagree about its importance or his brilliance in picking up on a top topic that has not received as much attention from the “value-based service” community; rather, I want to make sure we don’t confuse true preventive compliance services from that which is really about managing the mess or cleaning up spilt milk. Because it’s the former, and not the later, that we should all wish to drive.
Rather than assuming that law departments aren’t performing work that law firm lawyers don’t see, my advice to outside lawyers is to spend more time looking at, learning from, and thinking about how to improve on the compliance-focused services their in-house counsel deliver every day when the firm lawyers aren’t looking – maybe if they did, they might spend more time thinking about what the company needs before the need arises (seeing around corners), and they develop ways to profit from that vision by offering new kinds of retentions that department leaders might find refreshingly “in-house” in focus.