At In-House Forum East, GCs Ponder Today’s Legal Challenges

On October 4, Bloomberg Law convened legal industry leaders in New York City to discuss the key challenges facing corporate counsel. Big Law Business covered the In-House Forum. Below are videos, highlights, quotes, and recaps of interviews and panel discussions.

Tomorrow’s Risk Management: Leading In-House Innovations

Jonathan Anastasia, senior vice president and assistant general counsel, enterprise security solutions, Mastercard and Wendy Callaghan, chief innovation officer and associate general counsel, AIG

Four leaders in innovative corporations discussed how to effectively encourage teams to innovate.

Innovation, believes Jonathan Anastasia, senior vice president and assistant general counsel of enterprise security solutions at Mastercard, comes from constant evolution and resilience. “It’s the idea of fail fast,” he said. “Failure isn’t a concept that lawyers like to hear. You have to honor the gatekeeping function that we have, and that mitigation aspect, but there’s a whole area where you can add value and be innovative. When you’re in an innovations space, there’s going to be ambiguity and uncertainty. We’re not going to know every single outcome. That’s a risk built in.”

“It’s great to see creative lawyers who are hungry to do something different,” said Rob MacAdam, head of legal design at HighQ. But, it’s still important to ensure that quickly changing ideas get the proper legal attention. “There can be pressure to move fast, and there are many ways that you can streamline processes to ensure that, but you always need to make sure adequate protections are built in,” said Wendy Callaghan, chief innovation legal officer and associate general counsel at AIG. “These types of initiatives need a concierge approach. It’s important to provide the attention that these initiatives deserve.”

“We have a unique position in the legal department,” said Crissy Solh, product and commercial counsel at Square, between encouraging development and placing realistic parameters on the project. The goal, she said, is “to not be seen as an obstacle [to your product team], and to approach questions with a ‘yes but’ approach, not a ‘no because’ approach.”

More from AIG on Big Law Business:

AIG Q&A: Insurers Positioned to Exploit Changing Tech

C-Suite Relationships Effect Company Change

Corporate counsel and advisers explain how effective communication with other business leaders impacts decisions and strategy.

Three general counsel with diverse corporate involvement shared the opportunities that legal has to shape the culture and success of a company. In short, all of those opportunities come down to valuable relationships.

“In an organization that’s culture-driven, the relationship forms the basis of how we navigate and position ourselves across the organization, more than technical expertise,” said Nick Sprague, general counsel and vice president of legal, external affairs and communications at Braskem.

When I’m thinking about how I can meaningfully influence something I consider to be a risk area, or something I want the company to be better at, if I don’t have relationships with other leaders, I’m just not going to be invited to the table. That’s what allows you to have the actual influence.”

“Legal is looked upon as a true partner to help drive change,” said Kevin Fumai, senior managing counsel of Oracle. “By being service oriented, you’re able to hit every touch point the company needs.” Julie Cantor, corporate counsel for Compass, agreed. “It’s about relying on interpersonal skills. Being a friendly person has come a really long way. Our CEO has said openly that lawyers are scary – so you be as friendly as possible, but also get down to business and establish clear lines.”

Sprague said that with the evolution of the role of general counsel, your legal skills are only a part of doing the job well. “All of us have passions that are innate to us,” he said. “We can use the GC as a platform to add value in those places that we’re naturally good at. If I’m a great writer, that doesn’t mean the only way I add value is writing in the legal sense.

“Maybe I’m writing proposals. Maybe the CEO sends important letters through me. Maybe I’m very good at strategy. Maybe I’m interested in culture. When we bring those things to the table, that’s when the board and our peers are much more interested in us and in us exercising influence across the business.”

“We all want to be part of something bigger,” Cantor added. “Just because I went to law school doesn’t mean I’m dispensing legal advice in trainings. What I do is actually [minimally] legal in nature. We’re able to think critically about where the business wants to go and get there faster.”

In order to get a seat at the table when you’re just establishing yourself, Fumai offered some advice. “People may not have assumed you could add value because you didn’t have the credibility up front. When you get an opportunity, focus on the solution. Maybe someone didn’t like lawyers – if you neither assume nor judge, you can focus on how you can drive the desired outcome. Next time, they’ll bring you in earlier. That’s how your reputation cements itself. Every single interaction you have with every person matters.”

More on Big Law Business about corporate risk management:

Braskem Q&A: Listen to Locals for Best Corporate Comms

Mitigating Risk in Internal Investigations

Corporate counsel and industry leaders discuss key strategies for successful management of an internal investigation.

In conversation, three legal executives discussed how their companies handle internal investigations, to mitigate both internal and external risk, especially in a time when more employees are coming forward with issues and stricter HR policies in corporations. “Inside the U.S., there’s certainly an uptick in complaints and internal investigations,” said Kevin Chapman, associate general counsel for Dow Jones.

“Part of that is that we’ve done trainings that we want people to come forward. That’s raised the bar a little bit. The company’s response has been a little more severe–we’ve seen people get fired for conduct that 10 years ago they wouldn’t have been fired for.”

Ingrid Busson-Hall, associate general counsel and head of financial regulation at PayPal Holdings, says that the lines of communication for employee issues and complaints are more open than they’ve ever been. “We have an ethics person who sits in the compliance organization, and has gone across the company to talk about the various channels and tools that people have to report.”

They encourage a policy of “if you see something, say something. If they’re coming to you because they trust you, that’s exactly what we want.”

Michael Cavadel, deputy general counsel of the Brookings Institution, agreed, but said that many problems go unreported, and that it’s up to managers to be alert to what’s happening around them. “You’ve got to train your managers to be sensitive to things they’re hearing, even if no one’s come forward. The manager needs to have their antenna up.”

When problems do arise, so do many questions, such as how best to preserve investigative materials, and privacy issues like how to monitor chat software and whether personal devices are part of the investigation.  All three agreed that for sensitive matters, human resources should handle the investigation first. “We have the benefit of a fairly large HR team and we do training on how to do investigations,” Chapman said.

“They’re on the ground, they know the managers, they know the businesses. Having a meeting in the conference room doesn’t raise a lot of eyebrows. If [general counsel shows up], it does.” Cavadel agreed. “In house counsel is going to come in swinging and cause some unintended consequences,” he said. “You want to save external counsel for when you’re dealing with an executive of the company, or there could be significant public damage to your organization.”

One major issue they all agreed was top of mind in today’s climate is retaliation, and how to address that in the workplace. “Retaliation can be a lot of things–maybe you have a lot of work to do this weekend, or you’re doing assignments no one wants. Maybe you get passed over for a promotion,” Busson-Hall said.

“We set the tone that we have no tolerance for retaliation, and sometimes take drastic measures as a consequence.” Chapman echoed that sentiment, saying that it’s crucial that employees who come forward feel as though the company protected them and that there’s no retaliation. “Employees will talk and get that message,” he said.

Cavadel also discussed one issue with the end result of investigations: no matter how a problem is resolved, he said, “there’s going to be somebody who’s unhappy in some way. Someone’s going to get fired, or the person who thought they had a valid claim has no evidence to support it.” In those instances, he said, “we try to take a holistic approach. Legally there was nothing there, but that doesn’t mean there weren’t bad feelings in the unit. That’s an opportunity to get HR involved to do a team retreat or workshops. These bad feelings don’t go away just because there was no evidence. Them bringing that claim might have been the best thing for everyone.”

More on Big Law Business about managing internal investigations:

Five Key Steps to Take in an Internal Fraud Investigation

Perspectives from Bloomberg Law Editors

Evan Weinberger, assistant managing editor, Bloomberg Law, Fawn Johnson, managing editor, Bloomberg Law, and Amanda Allen, team lead, regulatory and compliance, Bloomberg Law

Fawn Johnson, managing editor at Bloomberg Law and Evan Weinberger, assistant managing editor at Bloomberg Law, had a conversation with Amanda Allen, team lead on regulation and compliance for Bloomberg Law. The three discussed trending topics in compliance in the news, including Tesla, Nike, and Microsoft.

They also discussed external pressure on companies to make public statements on hot-button issues like gun control and the #MeToo movement. In an audience poll, attorneys reported that they’re perceiving the most pressure from external influences to take a public stance on environmental issues.

Counsel’s Critical Role in Managing Internal Cybersecurity Risk

Andrew Kim, senior vice president, corporate development and general counsel, Netgear and Robert Olsen, senior managing director, global security leader, Ankura

Industry leaders in privacy and compliance explored ways that companies can be proactive in boosting their own cybersecurity and protecting themselves against breaches.

One of the most important things to me is education: educating employees on how not to have a breach, or not comply with our policies,” said Aileen Schwartz, vice president, assistant general counsel and privacy officer at Hill International. “People create breaches inadvertently. The more information we can provide, the less breaches we will have.”

She says that when a risk comes into her company, she personally emails all 3,000 employees informing them of the risk and alerting them to be vigilant. “People are becoming so aware of that,” she said. “It’s extremely important that they know to follow up.”

Robert Olsen, senior managing director and global security leader of Ankura, believes it’s important to implement specific trainings in cybersecurity to different departments. “Identify those departments or functions within your organization [that need more training] and tailor it to them,” he said. “The more tailored it is, the more effective it is.”

Andrew Kim, senior vice president of corporate development and general counsel at Netgear, does stress tests with his employees, sending out fake phishing emails to see how many people click on them. “All you need is one person,” he said, “so it’s important to let everybody know you can’t do that.”

Cassandra Porter, senior privacy counsel at Cognizant Technology Solutions, believes that it’s important to encourage people to come forward when security issues arise. “One of the things I’ve tried to institute is the culture of forgiveness,” she said. “People shouldn’t be afraid to come forward if they’ve made a mistake. Data incidents are part of life. The only wrong thing you can do is hide it.”

One issue that all four panelists agreed is a major problem in implementing cybersecurity policies is the lack of specificity, both in company regulations and in laws being implemented, such as the forthcoming California Privacy Act and New York’s FS 500. “I just took a company through [the EU General Data Protection Regulation] compliance,” said Schwartz, noting the difficulty in interpreting different laws across a global corporation. “Having something globally that we can all comply with would make life so much easier. It’s very difficult to have a global privacy policy apply when you’re looking at laws in all these different countries.”

Porter’s biggest takeaway for the crowd was to ban the word “breach” from your communications, noting that sometimes issues are small, and by calling them breaches, companies expose themselves to significantly more liability. “That’s something we can all be proactive about,” she said. “Tell your security team and anyone else writing emails to stop using the word ‘breach.’ So often people throw that word around casually. A lot of the time it’s not a big deal.”

More stories about Cybersecurity on Big Law Business:

Corporations Want Law Firms to Step Up Their Cybersecurity Game

Cultivating Company Culture and Compliance

In-house and outside counsel share insights on creating a culture that fosters risk mitigation.

Five leaders in company compliance shared what it takes to create a business culture where employees feel as though they’re active participants in compliance. “You need to start at the top, but be very attuned to the attitude of the middle and the buzz at the bottom,” said Carey Oven, partner at Deloitte Risk and Financial Advisory, saying that the culture of compliance begins with the board but needs to permeate every level of a business.

“There has to be some serious dialogue around what does reputational risk mean to our organization,” added Fernanda Beraldi, senior director of ethics & compliance and counsel at Cummins, Inc.

Todd Braunstein, head of legal investigations at Willis Towers Watson, started his career advising on the Enron matter. “To say that not enough attention was paid to compliance, that’s not disputed in the public record,” he said.

“Huge numbers of people went to prison. Massive lawsuits. To me that’s always been a classic horror story of what can happen. Things can change very quickly.” Braunstein noted that the current regulatory climate, including “record-breaking fines and increasing international coordination,” means that “problems aren’t contained any longer to one jurisdiction.”

“When we talk about a living, breathing compliance program, it’s how [employees] are making decisions in an ethical, compliant way,” said Maria González Calvet, partner at Ropes & Gray. “How does your client respond in the market to emerging risks? That’s what regulators are going to ask. We want to stay in a space where we don’t have a subpoena. But if you don’t, what are your protocols internally for how you respond?”

What’s especially important in creating a pervasive culture of compliance is engaging every employee on every level, Oven said, and making sure that employees feel their voices are heard. She believes it’s important to ask, “Do the employees have the courage to raise their hand if they see something? Are you fostering that culture of courage if they see something that doesn’t feel right to them? People need to feel that if they’re raising their hand, there is a governance process and they’re being taken seriously.”

Part of that engagement, Beraldi added, is making sure that cultural policies are easily understood by every employee. “People don’t want to read policies written by lawyers,” she said. “Nobody wants to read a 10-page policy. Make it easy to understand.”

Sarah Goldfrank, senior vice president and deputy general counsel at Fannie Mae, suggested to “celebrate what went wrong” and talk about why a person was fired. “I think showing that as an institution you take it seriously really can make a difference in terms of driving it home for people.”

Calvet added, “The point is to learn and to have the realization that ‘that could have easily been me.’ The extreme examples are far less useful than the ones that are really gray, where anyone could have fallen on one side or the other.”

Goldfrank also believes that external help can only do so much. She said, “When it comes to a culture of compliance, at the end of the day, no one external can tell you if you have one or not.”

Q&A with Joshua Weinberg, managing counsel at State Street Global Advisors: 

How State Street’s Counsel Navigates ETF Regulatory, Market Developments

Understanding the Evolving Role of General Counsel

Yen Chu, senior vice president & general counsel, Equinox and Rose Marie Glazer, vice president, corporate secretary and deputy general counsel, AIG

General counsel leaders at four major companies discussed the evolving responsibilities of the role, including how general counsel helps to shape the future of a company’s success. “It’s gone from being an adviser on the sidelines to being an executive with a legal perspective, contributing as lawyers and people who are used to analyzing and advocating,” said Rose Marie Glazer, vice president, corporate secretary, and deputy general counsel at AIG.

Glazer views her role as anticipating future risks to help the company grow. “Risks are everywhere and the consequences of not anticipating those risks are higher than they were 20 years ago,” she said. “My job is to sit at the table with the heads of the business and think through what’s coming and how we prepare for it, and anticipating where the company’s going and how that’s going to happen.”

Yen Chu, senior vice president and general counsel at Equinox, agrees. General counsel “has become a much more strategic adviser role. It’s not just risk assessment, but it’s growth as well,” she said. “We’re not just tactical. We’re helping to structure, to look ahead, to avoid future risk.”

Laura Roberts, vice president, general counsel, secretary, and compliance officer at Bojangles, added, “You’re not just an attorney, but a trusted business adviser. You have to understand the different business units, you have to understand the strategy, and having a seat at the table, you need to have a voice. How do you help the company get to where they want to be from a strategy standpoint?”

“It’s understanding our clients’ needs too, because that’s how we help them grow business,” said Marni Hefland, general counsel and corporate secretary at Integreon. “We need to understand what marketing needs, what IT needs. We’re talking the talk to be proactive, but we’re doing it. Innovation and general counsel didn’t used to go hand in hand, but increasingly they do now.”

In particular, these four counselors spoke about their role, and what they view as their responsibility, to promote diversity on legal teams. “We’re asking not just from a gender perspective, but from an ethnicity perspective, and from a diversity of life experience perspective,” Glazer said.

“We’re going to tell the law firms who we expect to see. I don’t want somebody to be picked because of what they are, but because of who they are, but I have a responsibility to help lift people up.”

They also discussed cybersecurity and data breaches as the most pressing contemporary concern for corporations. “A breach will happen when you least expect it,” Chu said. “Plug the hole. That’s the part that’s so hard to do. Compliance and preparation is an ongoing activity. When you see a weakness, you have to improve it. It’s constantly taking that playbook and refreshing it.”

Roberts emphasized the importance of vetting all third-party vendors and how they handle data. “With payroll and accounting vendors, we get our IT team involved,” she said. “It’s important to know who has access to your data and what they’re doing to protect it. The reputational damage that can come from a data breach can be very significant.”

More stories on Big Law Business about AIG’s law department:

AIG Q&A: Insurers Positioned to Exploit Changing Tech

Sally Yates, Former Acting Attorney General, Keynotes Today’s In-House Forum

Sally Yates, partner at King & Spalding and former acting attorney general

Former Acting Attorney General Sally Yates Discusses Companies’ Role in DOJ Investigations

Sally Yates, partner at King & Spalding and former acting attorney general, delivered a keynote interview regarding the relationship between the Department of Justice and individual corporations. “It can be a scary and mysterious thing when you hear from the government,” Yates said. “For folks on the outside … it seems like there’s a cloak of secrecy on how the DOJ operates.”

Yates discussed the ways the department chooses the cases it pursues, whether it’s suspicious activity reports, the SEC, “from someone inside who views themselves as a whistle blower … or from clients who are participating in financial transactions,” Yates explained. “The department has to sift through that info and make a determination of what’s worthy of the department’s attention.”

Her advice to in-house counsel dealing with a Department of Justice investigation is to first gather all of the facts to determine what happened before you take action. “You decide when it’s in the company’s best interest to be as cooperative as possible, because there could be a good explanation, or a not-as-bad explanation,” Yates said.

“You’ve got to have every fact nailed down before you do a voluntary disclosure … There should be a substantial benefit in voluntarily disclosing rather than just cooperating.”

It’s an opportunity to frame the situation for the government, she said, rather than trying after the fact to persuade the department, “that what they’ve been believing for the last six or eight months isn’t true.”

One thing Yates believes that defense lawyers don’t do enough of is “appealing up the chain,” if they feel as though there’s a problem with the investigation. “If you believe you’re being treated in a fundamentally unfair way … or you have an attorney who sees things the wrong way, you need to work your way up the chain,” Yates said.

“When I was AG, if there were prosecutors who really were being unfair, I happen to believe it was the exception rather than the rule, but if it was happening, I wanted to know about it. You don’t just have to sit back and take it if you think the matter is being handled in an inappropriate way.”

More stories on Big Law Business about the Sally Yates:

5 Facts About Sally Yates, the Lawyer Who Refused Trump’s Immigration Ban

Sally Yates To Lead Investigations Team at King & Spalding

For the full agenda, visit

On June 27, Bloomberg Law convened legal industry leaders in San Francisco to discuss the key challenges facing corporate counsel.

Big Law Business covered the In-House Forum West. Link below for highlights, quotes, and recaps of interviews and panel discussions.

Uber, PayPal, LinkedIn & Cisco Lawyers Talk Legal Industry Ideas at In-House Forum