Whether it’s your first time as general counsel or your fifth time, it can be hard to figure out where to focus your attention. No doubt you will be called into countless meetings about impending decisions, most of which are tactical in nature. Don’t get so overwhelmed by the day-to-day agenda created by others that you miss setting bigger picture priorities.
When you lose your car keys, you typically know a few likely locations where you should look first. The same approach applies when starting a new general counsel role: There are typically several areas of the organization where you should prioritize looking for risks and opportunities for improvement.
A chain is as strong as its weakest link In today’s interdependent world, most organizations depend on third parties for a wide range of mission-critical inputs, ranging from accounts receivable contractors to SaaS providers to distribution partners. A 2017 study by venture capital firm Kleiner Perkins revealed that the average retail sector (including hospitality and restaurants) company uses 1,206 cloud applications, while the average financial services firm uses 1,170 cloud applications. Similar trends appear in other sectors, such as manufacturing, where the average company uses 1,092 cloud applications.
Each one of these external relationships represents a hard-fought advantage for your company, but also a possible Achilles heel if untended. On the first day of your new job, you should be asking: With whom do we have a contract? When does it expire or renew? What are our rights and obligations? Who owns it within my organization?
If you cannot get a rapid and complete answer, then you know what should be high on your priority list: understanding your organization’s external relationships. The key inputs and outputs should include:
- Customers
- Vendors
- Partners
- Contractors
- Distributors and retailers
- Licensors and licensees
- Investors
- Landlords
A failure in even one of those relationship links can break your business. The financial consequences of failing to manage contractual relationships are empirically established. A study by the International Association for Contract & Commercial Management (IACCM) determined that an amount equivalent to nine percent of revenue is lost, on average, due to poor governance of contractual relationships.
The oft-forgotten compliance risk
Attorneys in highly regulated industries are already attuned to think about “compliance.” However, compliance with employment laws is often overlooked. Every organization with employees has compliance requirements and risks, even if they are in an otherwise lightly regulated field. Employee matters represent the most underrated compliance risk you may face.
When you join an organization as general counsel, you should immediately determine where all the employees and full-time contractors are located and what are the relevant rules in each jurisdiction. Improper classification of certain employees as exempt under the Fair Labor Standards Act can result in unexpected payments as well as penalties.
In certain states, you also need to examine the job description of your independent contractors because some may need to be recharacterized as employees. In California, for example, the 2018 Dynamex Operations West, Inc. v. Superior Court decision created a new standard for determining whether a contractor should be an employee based, in part, on whether the person performs work outside the usual course of the hiring entity’s business. Varying state and municipal governments have sick leave, paid leave, and benefits laws where your organization may need to be brought up-to-date, or else face significant fines.
As part of your examination of employee relationships, don’t forget about an examination of each employee agreement. Your contracts with third parties or the drive to protect your own organization’s intellectual property may necessitate having each employee and contractor sign a non-disclosure agreement. And, if your organization wishes to avail itself of the relatively recent federal Defend Trade Secrets Act, older employment agreements and materials will need to be updated to notify employees about whistleblower immunity under the law.
Privacy
Today almost every organization is impacted by privacy risks and regulations. Even if there is not a privacy law directed at your industry sector, your organization still likely has obligations under trade practice laws and contracts to secure information, such as that about individuals, from accidental disclosure and prying eyes.
As your first step in understanding privacy risks and requirements, ask what information your organization collects, where and how it is stored, and who can access it. Gathering an overview of the information architecture and inventory is essential before you can determine which laws may apply.
The corporate formalities
As your organization spreads across multiple states and perhaps countries, there is a never-ending schedule of filings to be managed, with penalties for each one missed. Who owns this at your new organization? Is there a master schedule of due dates and required filings? And has your organization proactively surrendered its certificate of authority in locations where you no longer do business?
Checking with the finance team about which states and cities have received payments in past years may help you determine where historic registrations have occurred. Examining these past expenditures and the status of the relationships they represent may reveal time-sensitive action items, such as providing a specimen of use on a new trademark that otherwise risks abandonment.
Set expectations!
Your new company and team are all excited about your arrival and have elaborate plans for monopolizing your time. It’s important to let them know that you have other internal clients and duties as well. Consider sharing an online Matters List on your Intranet that provides your colleagues an understanding of your other pressing tasks.
And be sure to put your own, self-appointed tasks on the list, such as reviewing whether your trade secrets are adequately protected by tracking and enforcing non-disclosure agreements. Colleagues will feel their needs are acknowledged once they see that they are on the list. And if they see other tasks on the list ahead of them, they can negotiate internally with other colleagues for higher priority.