7/4/17

Sophisticated law departments should conduct onsite service delivery reviews of their law firms (yes, really)

"This is all very feudal, isn't it?"

I loved that quote. Unsurprisingly, it is about a law firm.

The nugget was relayed by a former lawyer now working at the global design firm IDEO whose presentation served as the exclamation point on a great ACC Legal Ops conference. The presenter, Sean Hewens, was recounting the IDEO team bringing design thinking to a law firm. Hewens himself, like his co-presenter, IDEO's GC Rochael Adranly, had lived the law firm life. But other team members were making first contact with our peculiar tribe. The keen insight came from a psychologist emerging from his maiden voyage into a partner's office.

There is much to unpack from law firm as feudal state. Fiefdoms. Vassalage. Rituals at court. Noblesse oblige. Responses to threats to the established order. I can't do the quote justice. I won't try. Instead I want to explore the event that engendered the observation. The IDEO team went onsite at a law firm to understand how lawyers work. It is a novel concept. More novel than it should be.

Site visits are de rigueur for IDEO. It is what they do, to the extreme. One designer spent the day as a patient in a hospital that had retained IDEO to help recalibrate their customer experience. He recorded the entire journey and played the footage for hospital executives. With a few brief interludes, the video showed hours upon hours of a blank white ceiling.

Actual experience is key to exercises in empathy, user stories, and mapping. Simply asking people what they do can be misleading. And not just because people lie to make themselves look better. And not just because people misremember to avoid cognitive dissonance. People are genuinely ignorant—in the neutral, non-pejorative sense indicating lack of information rather than lack of intellectual capacity or epistemic humility. They aren't doing things wrong on purpose. They do things wrong because they don't know any better.

IDEO provided a great example of this myopia. They were investigating medication routines. They asked an elderly woman whether she had any problems opening her pill bottles because, well, everyone has problems opening pill bottles. To their surprise, she responded that opening pill bottles was easy. In watching her routine, they learned just how easy and why. She was using an electric meat slicer to chop the tops right off.

In one sense, good for grandma. She macgyvered a solution to a genuine problem. But the result was less than ideal—permanently open pill bottles with knife-like plastic edges and off-label use of a machine centered around razor-sharp blades. Yet she'd acclimated to her suboptimal routine to the point where she did not recognize the opportunity for improvement. We all get locked into patterns. Interested outsiders can bring fresh eyes to issues that are so embedded that we've stopped regarding them as obstacles to be overcome.

Interested outsiders are often clients. Site visits are standard practice in managing complex supply chains. In different parts of their business, Walmart, Apple, Amazon, McDonalds, JP Morgan, et al. conduct site visits to understand how their suppliers operate. Toyota and the other Japanese automakers are particularly renowned for helping their suppliers improve their operations (more here and here).

Active engagement by large clients can have a material impact on supplier behavior. Indeed, one of the hottest areas in law is supply-chain liability where companies are held liable for harms caused by their suppliers. Legal merits aside, the concept reflects the broad recognition of the economic reality that large corporate clients are central nodes in complex systems rather than individual consumers purchasing at retail.

This logic has been applied narrowly in the legal market. As I've written before, data-security audits were necessary for law firms to start bridging the knowing-doing gap.


For years, law firms made money advocating for audits of third parties who held sensitive client data. But law firms balked whenever it was observed that law firms were themselves third parties who held large quantities of sensitive client data. The law firms explained that they clearly knew the importance of data security—after all, clients were paying them for counsel on the topic. Further, the law firms cited all sorts of fiduciary duties around confidence and competence that compelled them to take data security seriously. These affirmative defenses actually worked, for a while.

Eventually, sophisticated clients determined they should trust but verify. The results were not pretty. Without mechanisms for transparency and accountability, law firms had a poorly calibrated incentive structure for making large capital investments in data security. Without institutional controls, individuals lawyers encountered the tradeoff between convenience and security that frequently bedevils us all. Many firms/lawyers were gliding along the path of least resistance.

Or, maybe more fairly, many firms/lawyers directed their finite attention to that which clients seemed to genuinely care about. For years, data security guidelines were buried in the more-honored-in-the-breach outside counsel guidelines. Meanwhile, in-house lawyers focused exclusively on ongoing matters. The external lawyers, unsurprisingly, responded by going above and beyond to get that work
done quickly, competently, and comprehensively. Data security was an issue left for another day by both sides.

When the day of reckoning arrived, clients did not flee en masse (though the burden of data security audits are a part of the story behind insourcing and convergence initiatives). Instead, clients directed more of their own resources to shaping the way law firms secured sensitive data. The law firms responded in kind. We're nowhere near perfect. But we've gotten orders of magnitude better in a short period.

I hold out similar hope for diversity where years (decades?) of virtuous statements, policies, pledges, committees, task forces, etc. have not moved the needle. Finally, transparency and accountability are gaining traction.

Yet, as far as I know—and I would be grateful to be informed of my own ignorance on this point—I might be the only person who conducts site visits at law firms on behalf of law departments with an emphasis on legal service delivery. This despite the fact that law departments have been complaining about law firm service delivery for years. The presumption of competence that staved off data security audits does not apply.

This strikes me as odd. Law departments have paid me (and many others) to bring a fresh perspective to bear on their own legal service delivery. But, despite clear interdependencies and constant complaining, law departments seem to take minimal interest in how their law firms are creating systems for legal service delivery and leveraging expertise through process and technology. This runs counter to the economic logic that drives site visits in so many other areas of business. As Peter Drucker long ago explained:
The legal entity, the company, is a reality for shareholders, for creditors, for employees, and for tax collectors. But economically, it is fiction....
Knowing the cost of your operations, however, is not enough. To compete successfully in an increasingly competitive global market, a company has to know the costs of its entire economic chain and has to work with other members of the chain to manage costs and maximize yield. Companies are therefore beginning to shift from costing only what goes on inside their own organizations to costing the entire economic process, in which even the biggest company is just one link.*
This incongruity in the legal market ties back to last post where I lamented the missed opportunity of law departments failing to adopt a relational view with their law firms. Where I would not expect onsite service delivery reviews to be ubiquitous—as always, there is a cost—my worldview suggests they should be common for large, stable relationships between sophisticated law departments and their primary providers. They aren't. Per usual, my worldview leads to erroneous predictions of actual behavior. In another post, I will try to lay out why I think that I am right despite the market telling me I am wrong (for now).

________________________________________________________________________________
D. Casey Flaherty is a legal operations consultant and the founder of Procertas. He is Of Counsel and Director of Client Value at Haight Brown & Bonesteel. He serves on the advisory board of Nextlaw Labs. He is the primary author of Unless You Ask: A Guide for Law Departments to Get More from External Relationships, written and published in partnership with the ACC Legal Operations Section. Find more of his writing here. Connect with Casey on Twitter and LinkedIn. Or email casey@procertas.com.

* Drucker, Peter F. (2009-10-13). The Essential Drucker (Collins Business Essentials) (p. 99-100). HarperCollins. Kindle Edition

Bookmark and Share

2 comments:

Brent Miller said...

Speaking of feudal behavior in law firms, consider the primogeniture strategy that has been successfully pursued by BigLaw since, well...white was the favorite color of partners' shoes.

http://biglawkm.com/2016/04/25/biglaws-primogeniture-strategy/

I am all for the onsite reviews, audits, etc. Really, I am! But I fear that too many of them are being done "by the book" and to check off an annual objective for some assistant counsel or legal operations manager rather than to gain real insight into the inner life of their outside law firms and then respond appropriately. It's been three years since the ATL cybersecurity article you linked to was written. Since then, how many previously favored outside law firms have been fired specifically because an audit revealed lax cybersecurity measures? In turn, how many partners have been booted because they circumvented cybersecurity policies prohibiting personal device and home computer usage or failed to follow correct matter opening/closing procedures? The problems are still very real. Unfortunately, many of the "solutions" are still very unrealistic.

D. Casey Flaherty said...

Brent,

I'm regularly involved in convergence initiatives. I've seen many firms, included firms well regarded by in-house counsel, fall out of consideration (and therefore use) due to failure to meet data security standards.

Beyond data security audits, I am not familiar with any other common form of onsite review. So I have no idea what "by the book" and "check off an annual objective" refer to in this context. If you are making the general point that clients' bark is often worse than their bite, that is true enough. But it seems inapposite here.

 

© 2014, All Rights Reserved.