Live blog: Managing risk and litigation conference

17.45: The last session of the day is on litigation, business and ethics, with three human rights experts: Deok Joo Rhee QC of 39 Essex Chambers; Peter Frankental, Economic Relations and Programme Director at Amnesty International; and Mustafa Qadri, the founder of Equidem Research and Consulting.

If Nestle had to recall all their Kit Kats because its palm oil was contaminated, they would hold their suppliers responsible and heads would roll, the panel says. But human rights violations are not viewed in the same way.

17.00: Is Britain on its way to getting a US ‘class action culture’? White & Case partners Charles Balmain and Marc Israel discuss…

16.00: Peter Hirst of Clyde & Co talks about his round table on international arbitration.

15.25: Concluding thoughts: lawyers aren’t always the most beloved members of an organisation but in the event of a cyber breach they have a unique role to play as calm, non-partisan figures.

15.20: Lawyers have lost their jobs over failing to properly advise and investigate over cyber-breaches, the panel stresses. Partly that is due to a lack of understanding of the tech-speak. Lawyers need to be vigilant and ask questions, and tech people need to speak in terms they can understand.

15.02: A fair number of hands go up when the audience is asked if they have been on the ground in the aftermath of a cyber breach.

Establishing the facts as fast as possible is very important – but information received tends to be inaccurate before it comes accurate, so companies must be careful what they say in the period just after a breach. Tell the world the true facts, and if you’re not sure of the true facts, say nothing.

15.00: We are now living in a world where countries are robbing banks, says the panel, referencing a recent North Korea attack. It is incumbent on lawyers to up-skill themselves. Data privacy lawyers have typically been the go-to guys on this, while litigators get involved because they are seen as calm in a crisis.

But there is a real need to train up all lawyers in cyber security, says the panel. Have lawyers fully understood their role as first responders in the event of a breach? They don’t have the luxury of a week to answer a question.

It makes no difference whether it is a nation state or another actor making the attack: your first priority will be to stop the data going out of the door and ensure your customers are protected.

On average, an organisation won’t know it has been hacked for 160 days, and it will take an average 60 further days to fix the problem.

14:55: Next up: White & Case partner Steven Chabinsky – the former top cybersecurity guy at the FBI – talks to Nick Coleman of IBM and Octavia Knox Cartwright of Barclays about preparing for and preventing cyber security breaches.

14.50: So to sum up: comms + lawyers = dream team? If done right, yes. But you need to know the limits of your own expertise, says the panel.

14.45: Meanwhile, in the other currently-running panel discussion, on managing resource and prioritisation within legal departments…

14.40: A social media crisis can erupt at any time and companies need to constantly monitor what is being said about them. Staying under the radar is no longer an option, says the panel: anyone can spread information about you – do you want a bunch of tweets from random people to be the only information about you that exists in that world?

Journalists tweet from the back of a courtroom – do you want that to be the only comment that reaches the world or do you want to put across your own point of view?

14.35: Does pursuing a legal option make the damage worse? Will it become part of the story? These questions should always be considered, especially if the instinct of a lawyer is to take legal action.

14.30:

14.25: The panel gives its big takeaway point: “Go back to your organisations and ask: where is the crisis plan, and if things go really wrong who are we going to bring in to help us? If you don’t have that and something goes wrong, you could find yourself in big trouble.” The ‘golden hour’ of grace during a period of crisis management doesn’t exist any more.

14.15: Lunch is over and we’re talking about the pressure of the media and its effect on the way companies handle disputes. On the panel: Addleshaw Goddard partner David Engel; James Thorne, senior legal counsel at Associated British Foods; Stuart Leach of Pagefield Global Counsel; and Gareth Edmunds of Sirius Minerals.

Are communications professionals and legal teams a dream team or a nightmare combination? Things have got much better, our panel says.

Speed of response is very important when it comes to helping comms teams manage a situation. There is sometimes a reluctance to say anything on the part of lawyers to say anything at all when it comes to a crisis – but that’s not the world we live in.

Lawyers are used to dealing with conflict while comms people are used to pushing an agenda. With these two different instincts at play, it’s a good idea to have a crisis management team that has role-played possible responses beforehand.

12.50: Here is Eversheds Sutherland partner Neill Blundell talking about his round table on conducting internal investigations into corruption allegations…

And here he is on a key learning from the discussion…

12.45: Our next discussion is on the controversial issue of legal privilege. Three cases have changed the way we think about narrative around this once academic subject: RBS, Three Rivers, and, of course, ENRC.

12.05: The differences between the US and the UK are laid bare, with there being a race to be first in the US, while the UK takes a more cautious approach. In the UK, the most successful claims are when there is a large group of institutional investors who are naturally more cautious.

11.50: Litigation is often unavoidable, but there are things you can do to protect your organisation, say our panellist in the class action roundtable. When disruption events occur, look at the crisis management plans you have already and revisit them to see if anything needs to be changed. Keep information in a close circle when investigations are being carried out, and ensure that privilege is maintained. Finally, make sure that there isn’t a flurry of email traffic – it won’t prevent claims from being brought but it will limit what can be found.

11.00: The key theme that emerges from our data and compliance session is that the legal community needs to recognise that compliance can do wonders for your brand and reputation. It is a good marketing tool for a company to say they take privacy seriously and is a sure way to generate trust among your clients. “GDPR is a good opportunity for business,” one panelist insists.

This approach will become standard. To stand out in the market and against disruptors, you need to at first understand what your risk appetite is and then be innovative in how you embed it into your organisation.

10. 50: Some companies may try and do compliance the easy way, but what is the right way to do it? One panelist says you first need to understand your current level of compliance. The second step is to ensure that you are complying with GDPR regulations and to bear in mind that that is is very difficult to be 100 per cent compliant straight away, so set priorities. Then, when developing new products or services, you need to anticipate how they can be GDPR compliant.

10.30: On this next session on regulation and compliance, our panel discusses the key components of a proactive compliance programme. They are: policies and procedures, technology, internal and external communication and monitoring and testing. Policies should be updated regularly and establish specific roles in your organisation, while effective communication should mean that internal stakeholders are kept informed of developments

10.13:  While digitisation will make the system more efficient and easy to use, the key aim is not to save money. “It’s to make the system work better for those who use it.”

10.08: It can take 3-4 weeks to receive an issue of notice from the court. This becomes instantaneous with online service

10.00:

09.44: The Lawyer’s careers editor Rich Simmons introduces the next discussion for the day, online courts in the UK

09.44: Lawyers are aware that if they don’t embrace innovation they will go out of business. But one delegate questions how this will translate into law, saying: “We’re all lawyers and we like to think of the subjective and the intention.”

09.30: Some good advice in the first panel session of the day, with BNY Mellon EMEA head of litigation Tepo Din, Credit Agricole head of dispute resolution for Paris and London Claire Walter, Shell International head of litigation for Africa, Europe and Asia Jim Cowan and RPC partner Jonathan Carey.

“The people who succeed in future will be ‘Swiss Army Knives’ who can do a bit of everything – the same is true of in-house litigators.”

09.17: Poor conduct affects brand and therefore drives losses, says one delegate

09.09: Hello, and welcome to The Lawyer’s managing risk and litigation conference 2017. Today we’ll kick off with the first panel discussion of rethinking the way we approach risk