Managing crises: Improving the legal and compliance relationship to minimize corporate risks

© Can Stock Photo / murrstock

Regulatory compliance in the auto finance industry, or financial services in general, is challenging enough under “everyday” circumstances. Crisis scenarios only amplify opportunities for legal and compliance risks to slip past. However, advance attention to the carefully scripted interplay between corporate legal and compliance departments can calm the storm amid a crisis, and even encourage the kind of decision-making that serves organizations well under normal circumstances.

Drawing the lines for business as usual

Understanding the interplay between, and responsibilities of, the legal and compliance departments is important to delineating the relationship between the departments. The respective roles are typically divided as follows:



The nature of legal and compliance work imposes a substantial amount of overlap. One of the most substantial areas of shared duties involves the in-house teams’ relationships with external legal counsel from a support perspective. Knowing where the lines are drawn, and when it may be time to redraw them, can be essential for strengthening their respective roles.

Also inherent in these teams’ purview is the quantification of risk, the strategic evaluation of which risks may be beneficial to the business, and the ramifications of taking on those risks. In general, most legal teams rely heavily on their compliance colleagues for data and knowledge of operational details to understand a risk’s magnitude. A legal department can explain legal risk and the associated potential outcomes only with the compliance department’s organizational perspective on risk quantification.

Areas of overlap include:

Practically speaking, the most efficient businesses that have separate legal and compliance departments are set up in a way that these departments function cohesively and seamlessly, and work effortlessly with outside counsel. Because they are both in a position to view an organization’s “big picture,” these departments are also critical in identifying who needs to be involved in important decision-making or the development of a process.

Effortless choreography under pressure

From a crisis management perspective, the business decision-making process is compressed under the stress of short deadlines. This forces quick communications and seamless interdepartmental cooperation. A crisis may be a global pandemic (like we saw with COVID-19), a product recall, a data privacy breach, or new regulation that throws the industry for a loop. However, sharpened judgment and business clarity can positively transform the relationship between the legal and compliance groups — but only if the organization can capture the magic and build it into its processes going forward.

Effective crisis management starts with an effective crisis management plan. However, crises occur because no organization can predict every eventuality. Accordingly, crisis management plans should be broad enough to allow baseline processes to function under a wide variety of circumstances, and flexible enough to be changed as circumstances warrant.

Creating a baseline expectation of confidentiality

Take the example of preserving attorney-client privilege: The time to educate your colleagues about how to preserve the privilege is not during the middle of a crisis. During a crisis, anything not ingrained will be forgotten, or thought to be unimportant. Training and repetition of the key concepts in everyday communication is the only way to prepare for keeping crisis communications confidential. This training and dedication must start with executive leadership and filter throughout an organization.

Crises exacerbate the difficulties of preserving attorney-client privilege. Established working groups may expand to capture representation or knowledge from other departments. Employees who are not usually involved in sensitive discussions may find themselves included. And, most critically, company lawyers — seen as trusted business advisors — may be tempted to mix legal advice with business advice.

Basic practices that can create a baseline expectation of privilege include:

In a crisis, both legal departments and compliance teams operate in an atmosphere of improvisation and adaptation to overcome a challenge. Returning to the basic principles and best practices for collaboration can maximize the chances that the company will escape unscathed.

Jason Bichsel is a member in McGlinchey’s Consumer Financial Services Compliance practice group, where he focuses on auto finance, including consumer leasing and vehicle mobility services. He formerly served as corporate counsel at BMW Financial Services, the captive finance company for the BMW Group in North America.

Daniel Plunkett is a member and co-chair of McGlinchey’s Government and Internal Investigations practice group. In addition to his investigations work, Plunkett focuses on false claims act litigation for financial services and insurance companies.

Exit mobile version