Q: How important a role does IT play in your job, and what is your experience of service providers and their systems?
Sharon Harris, UltraElectronics: I ask myself, what would my life be if my IT was different? I’m interested in getting some ideas about quick wins.
Christine Notarianni, Royal Brompton and Harefield NHS Foundation Trust: You’re all probably aware that the NHS is going through massive digitisation and transformation and part of my role is to look at commercial risk and legal risk – and of course everything is managed on a shoestring.
Jonathan Cope, RSA: I work in an industry where data and IT is increasingly at the forefront of people’s thinking, in particular telematics, and I think RSA is at the cutting edge of that. I’m interested in how we can apply those technological advancements internally to the legal function and driving performance of external legal firms.
Catie Sheret, Pearson: We’ve got quite a big legal team – over 200. The team I manage is part of international markets – Asia, Africa, Australia, so quite a broad range of countries and because we’re quite big we’ve managed to get some leverage with the IT department in getting funding.
There’s a lot of stuff out there – Serengeti, Echosign, we’ve had Docusign. There’ve been a few implementations of varying degrees of success. Something that bailed recently was around self-service and the supplier pulled out because the integration didn’t work. So it’s a mixed bag of experience.
Martin Cohen, Home Retail Group: We’re just on the verge of deploying our own document management system. It’s IManage which is an HP solution sold through Acertus, formerly Huron Legal. It’s been a very interesting journey to get there from the ground floor – we had a very clear idea what we wanted. Being a small legal team in a large non-legal organisation, it’s difficult to make people understand what it is and why it’s not to be feared how it can help us, give us additional capacity and make us efficient and effective.
Knowing what we wanted but playing by the rules working with the procurement team, and the IT security team, taking their advice and understanding where they were coming from – it’s probably been about 18 months from the beginning to implementation.
Jonathan Cope, RSA: Have you had pressure from the business to justify it in terms of cost savings?
Martin Cohen, Home Retail Group: It all came about because of non-digital, analogue reasons. Like many businesses, we operated paper files and they were stored in a document archive. Then the business began looking at resources and wanted to close it and do more online –and there was also a cost focus on the support staff who operated it. So there were twin drivers of the change.
But because we support a lot of larger IT projects, although for our team it was a lot of money, the business does far, far larger IT deals worth hundreds of thousands of pounds and up. But it was a challenge for us to get there.
<pAndrew Levy, Stagecoach: Did you scope what you wanted?
Martin Cohen, Home Retail Group: Yes, we started with the simple idea – what do our panel firms use? We spoke to a few suppliers and asked Acertus which other retailers use what systems, and identified John Lewis and Asda for feedback [on IManage]. It’s an excellent system but you have to make sure you focus on training.
Andrew Levy, Stagecoach: Are you captive to them?
Martin Cohen, Home Retail Group: We had to break it down and get into more detail than we’d otherwise have thought – look at the file format, what happens if they plain go bust, how to access the data, how they back off their contractual relationships to HP or Microsoft or whoever provides the cloud hosting and the idea is we leapfrog that to get access to the data. But you’re right, we’re a critical compliance function.
If it goes down then overnight we’ve just lost legal – much in the same way as if there was a fire in the archives. It’s definitely a concern.
Maria Passermard, John Lewis: We went through the process that Martin’s going through now – we signed up, got trained, and then the business announced it was moving to Google – Googlemail, Googledocs, but Google didn’t talk to Worksite [now IManage] so the legal team had to stay on Lotus Notes.
If the business makes a decision for the good of the whole business, it doesn’t always take legal into account. But tax, treasury and the like all need document management systems not all of which are compatible with Google.
We’ve now asked our IT team to find a solution to this and we’ve tasked them with coming up with a group IT strategy. We do need to be able to access information that we’ve got on compliance risk, or if someone wants to see what advice we gave two years ago. Legal are not the only people who need to know how to do that – tax, treasury and so on have similar issues about being able to claw back data and information. So we’ve looked at taking our data off Worksite within a year of paying for it. We would have been able to do it if we needed to, but in a format we can move and migrate.
Catie Sheret, Pearson: They’ve got you over a barrel though, pricing-wise.
Q: What is your experience of using the cloud and the impact on risk management?
Natalie, Enterprise Rent A Car: A lot of cloud providers make sure there’s data portability – you learn to look at the due diligence and ask the right questions. There’s a standard checklist, especially when data was being served out of the US.
Generally with cloud providers you should be okay but there are interoperability issues. But how do you ensure something’s future-proof? Big players have the infrastructure – and there are big companies swallowing up smaller companies – it’s a gamble.
Something we haven’t touched on, is do you come up with an organic system of your own? A lot of companies can do this in-house. So when do you leverage your own infrastructure and get them to build something rather than go to an external provider? My old company was an ERP [enterprise resource planning] platform provider and we ended up tasking them with coming up with a solution for some of our procurement contracts. As it was based on data mining, we asked is they could create their own self-service tool?
Martin Cohen, Home Retail Group: We advise our organisations all the time on levels of risk – other people have made similar decisions in the business.
Natalie Salunke, Enterprise Rent A Car: We’re not used to making the decision, we’re used to advising on the decision.
Martin Cohen, Home Retail Group: Yes, we’re used to handing over the decision, but as lawyers we need to get our business hats on and think about how we manage our little business. The risk I take is no different from what IT and other teams are taking.
Q: Do legal teams need a separate IT system from the rest of the business, and is it best to go bespoke or off-the-shelf?
Christine Notarianni, Royal Brompton and Harefield NHS Foundation Trust: My business has a hundred, which is worse than none. We have the procurement department, we have the finance department, we have general managers able to sign off contracts, private patients, we’ve got a charity arm, all of them have their own system. So if my board ask me what’s the contractual risk for my organisation I wouldn’t be able to provide them with certainty.
Sharon Harris, UltraElectronics: The question is: what problems are you trying to solve? For me, it’s one version of the truth accessed by the right people at the right time. There’s a difference between data and information. I’ve got all this data but not in a form that creates a picture.
Jonathan Cope, RSA: We’re talking about document management systems, but your average law firm was doing this 30, 40 years ago.
Sharon Harris, UltraElectronics: My preference is off-the-shelf. I hate the word bespoke. I’ve just come from a meeting about risk and risk registers and lots of providers will give you a solution with bells and whistles. But I was talking to someone from PwC, and they are going to give something free to us for a year.
He showed me a page and explained that this would be our dashboard. We will agree measures we want to see and see that in a graph format – and then I can make that phone call if I need to.
Natalie Salunke, Enterprise Rent A Car: Is that for legal or is it a business tool?
Sharon Harris, UltraElectronics: Legal is just me along with lots of commercial directors and people – it’s about giving the business access and information for them to do things with. Not for me.
Natalie Salunke, Enterprise Rent A Car: Do people embrace that? The problem that I’ve come across generally is that the sales people don’t want to take on additional responsibility beyond getting the sale closed. They don’t want to log into a tool that isn’t Salesforce or whatever system you use. How do you get them to buy into it? I can say: ‘Yes, I’m going to empower you’, but how do I get them to be empowered?
Sharon Harris, UltraElectronics: The system I’m looking at is a repository of information. I explained to the salesman at PwC that he needs to speak to our head of cybersecurity – it’s not about documents and policies, it’s a conversation between their IT person and our head of cybersecurity and getting them comfortable.
Maria Passermard, John Lewis: We looked at lots of document management and repository systems – but I found there was a difference with Worksite [IManage], as you can work collaboratively in terms of emails. So much advice is done by emails. I couldn’t find many other systems on the market where documents and emails were accessible.
Sharon Harris, UltraElectronics: You’d have to upload material specifically. But I like that –
I don’t want everybody’s emails.
What other IT concerns do you have?
Natalie Salunke, Enterprise Rent A Car: What about things like data tagging? I haven’t embraced the conversation yet because I know from the US we’ll be getting a workshare model – and we’re used to that from a law firm background. A lot of these tools are looking at document retention but what about that extra layer of getting data analytics? How do you tag data – so in the contracts do you track rate increases, or if you’re selling a business, tracking change of control clauses in there?
Christina Notarianni, Royal Brompton and Harefield NHS Foundation Trust: I talked to my colleagues and asked how am I even going to get hold of the information to do data analytics. My board just want red, amber or green. So I spoke to some e-disclosure companies and asked how I can do this.
Natalie Salunke, Enterprise Rent A Car: That’s really clever.
Sam Roberts, One Savings Bank: I was at a conference and a provider was talking about doing a contract repository system, but they would point it at servers, and it crawls all over them and it will recognise what you need – different clauses and how they’re drafted. It’s pricey, but for organisations of scale it would seem to be a good deal.
Jonathan Cope, RSA: That would transform the M&A process. We went through a huge disposal programme, and yes it’s less relevant on the sell-side but looking from an external law firm’s perspective, you wouldn’t have to use teams of junior associates, you could press a button. If you can present yourself to a client that you can do a deal for £50k rather than £200k you can win every mandate in the market and say you’ve got a robot going slightly hot in the basement – and it doesn’t have to sleep or eat.
Lisa Mayhew, Berwin Leighton Paisner: It might not be quite there yet, but there are different ways of automating. I’m interested in what you’re saying about approaching e-disclosure companies. We already have intelligent systems that will predict likely relevance and therefore discoverability of a document. So as a first, flypast on an automated basis can get the first funnelling done. I know a lot of US firms are alive to this development – think of class action claims with armies of paralegals spending months doing massive discovery exercises. The ideal is that that will get shrunk by technology in a big way. In the UK they’ve gone down that mental journey and accepted that’s the way the world is going.
Martin Cohen, Home Retail Group: It breaks down for me into two things. What do you need for extraordinary transactions or disputes and what do you need for day-to-day work? I’m in a business where we’ve done a couple of big deals in the past six months… if you’re selling a business like Homebase, you would expect to get in large firms that can throw bodies at doing the disclosure work. Or if I’ve got a big piece of litigation I can get an IT company in to scan the documents.
It would be great to have that on a day-to-day basis, but I’ll have to wait until it’s a desk-top application easily managed, installed and adopted. It may be that turning to your external firm is the way to get there.
Natalie Salunke, Enterprise Rent A Car: That’s a really good point. Why not leverage the external provider, and their buying capacity – say to them, you’ve got these tools and the expertise and continuous use of fixing bugs.
Christina Notarianni, Royal Brompton and Harefield NHS Foundation Trust: Understanding the risk landscape allows my organisation to future-proof risk. So for me legal is only another part of risk management – along with procurement and finance we’re part of the risk structure and together that can mitigate a lot. But we often work in isolation.
Sharon Harris, UltraElectronics: In terms of files I see everyone’s professional files as part of my filing system. I should be able to access what I paid for at any point rather than want the law firm to give it to me. There’s lots of things we all do in our personal life very easily and when we turn it into professional life it becomes hard.
Sam Roberts, One Savings Bank: It’ll be a new paradigm with the GDPR – the General Data Protection Regulation – because as a consumer you’ll be able to access your data anytime you want. So why as a consumer of legal services can we not access our data already? Why do we not have the same system?
Jonathan Cope, RSA: It would be useful to log on to something and see all documents in relation to transactions and billing.
Lisa Mayhew, Berwin Leighton Paisner: Law firms will host extranets – everything you’re describing is normal.
Catie Sheret, Pearson: But you have to ask for it.
Sharon Harris, UltraElectronics: Yes, it’s not day to day, it’s for a specific topic or litigation – it’s not business as usual.
Natalie Salunke, Enterprise Rent A Car: Do law firms have infrastructure to support that dashboard or that pick and choose mentality? Practical Law – probably on the back of Serengeti – are looking to provide a platform for in-house practitioners and dashboards to manage teams, look at utilisation rates and so on, but they all depend on law firms buying in and putting data in there.
It’s a two-pronged approach. First, how are we going to get to that endpoint and second, who’s innovating? That’s where we’re all moving to, a 360-degree view of all clients, or one-platform exercises.
We’re good at giving advice but taking advice is our biggest hurdle. We’re all lawyers and we’ve all got a mental block on innovation and creativity – that’s what the sales team does, but we have to preserve our function to make it valuable and efficient. So the deeper question is whether there is anything out there – what we have isn’t good enough.
Christine Notarianni, Royal Brompton and Harefield NHS Foundation Trust: We have pure legal systems that manage pure legal matters but we also need to manage in a different way that covers legal function but also the business.
Martin Cohen, Home Retail Group: Where innovation is coming from is from big law firms, big transactions, e-disclosure. All these technologies exist, hopefully they’ll slowly migrate. But when it comes to analytics you might say to the CEO or CFO I’ve reviewed all matters and my risk level is here, and my capacity utilisation here – but if you don’t speak business or report in the way that your organisation likes to view risk, then you won’t be heard.
Of the ten or eleven companies sitting round in this table there are ten or eleven reporting systems and it’s either the job of the system – that hot robot in the basement – or, it’s a new role of the in-house lawyer to take this insight from the system and deliver it in a way they understand.
Sharon Harris, UltraElectronics: We have lots of reports and I can assess, through lots of answers to those questions, the health of businesses around compliance, health and safety and risk. I’ve created in a cumbersome way a spreadsheet that can track it.
What I want to do is give that to other people so that they can see it and they can mange their own risks. We have shared areas and I put it on there and I say to people – let’s have a conversation about it. So even if we could get a solution it’s about behaviours, getting people to want to engage with it.
Jonathan Cope, RSA: As an in-house lawyer you go to external lawyers because you need specific legal advice – well, there are going to be software programmes that will sift vast amounts of information. It’s not difficult to imagine a complete change of relationship in 30 years’ time between client and law firm.