Strategic management of legal risks in business

Godknows Hofisi
Business Law

I hope you had happy holidays and I would like to wish you a happy 2026. In this article, I focus on the strategic management of legal risk in business.

Legal risk

Simplified, legal risk represents the risk that something with unfavourable legal implications may happen to a business. Legal risk not managed properly may manifest in different ways including the following:

Lawsuits or litigation of a civil or criminal nature,

Penalties,

Cancellation or non-renewal of licences or permits,

Loss or termination of important contracts

Risk identification

For me, the first stage will be to identify risks, those that have been experienced before and those that are likely to be experienced.

Review of past risk events/experiences

It is important to review the legal risks that the business has faced in the last 5-10 years. Compile a list and analyse them into categories such as the following:

Breach of contracts.

Termination of contracts.

Litigation by suppliers.

Litigation by clients.

Labour matters.

Measures or legal action by regulatory authorities.

Non–compliances, eg, taxes, national laws, industry-specific laws, etc.

Fines paid.

Miscellaneous offences, etc.

Possible risks

Some risk situations may not have been experienced but may occur in the future. It is important to anticipate such risks, and an understanding thereof may come from:

National / Government strategies, policies, annual budgets, etc.

Policies by local authorities.

Policies by regulators.

Labour laws, as these usually change.

– Industry-specific issues.

Company-specific issues such as expiring contracts or situations where there are issues, grievances or disputes with key stakeholders such as suppliers, clients, competitors, employees, etc.

Risk analysis

Potential legal risks should be analysed by assessing their likelihood (probability) and impact (consequence). Likelihood is usually measured in terms of probability and can be expressed as high, medium or low.

On the other hand, impact or consequence can be measured in terms of severity, for example, financial impact.

Risk evaluation

Risk evaluation entails using the results of risk identification and making decisions on the risk likelihood, severity and ways to manage the risk. A business will have to come up with risk management or treatment options. Some of the well- known options include:

Accept or retain the risk if it is within tolerance or an acceptable range.

Avoid the risk by not doing what causes the risk.

A risk-taking business can, in fact, upscale the risky activities if the financial and other benefits are justified. Remember, the higher the return, the higher the risk.

Remove the source of the risk, for example, by simply complying.

Change the likelihood of the risk, for example, through having adequate controls or safeguards in agreements, processes, etc.

Share the risk through, for example, insuring, subcontracting, joining hands with bigger or more experienced suppliers, etc.

Review current risk management systems

Businesses that are well run usually have strategic legal risk management plans and systems, which are reviewed and enhanced from time to time. Some of the areas for review include the following:

Strategic legal management plan. That document plan has to be in place, prepared and reviewed and at the correct level.

Risk identification systems. This is critical. Business is dynamic. New risks, including legal risks, emerge. Systems ought to be reviewed for effectiveness in identifying risks before risk situations occur to avoid being reactionary.

The Risk and Compliance function usually coordinates that, but user departments are also responsible, for example, Procurement, Finance, Human Resources, Operations, depending on the type of business.

Adopt a risk management framework or system with the assistance of risk management experts. The ISO certification standards can be very useful.

Document standard operating procedures (SOPs) for key functions exposed to legal risks. The board needs to set clear legal risk management policies and direction for management to follow. I have seen some companies reviewing their policies annually for improvement.

When entering into commercial contracts, I reiterate that it is important to carry out due diligence on a party or parties before entering into contracts. A party should not be excited at the prospect of making money, as there can easily be the prospect of losing money.

It is advisable to minimise or avoid verbal contracts as they are a source of many disputes. In some situations, contracts will be there but unsigned. So the document agreed positions preferably through signed contracts or agreements as close as possible to the date of agreement or decision.

If delayed parties may be tempted to shift their positions with time, especially when they smell or taste money.

Come up with a checklist of things to comply with in a contract. The checklist may cover issues such as whether the correct agreement is used or entered into, internal reviews, review by the business’s external legal practitioners, whether there are adequate safeguards, breach and consequence of breach, dispute resolution mechanisms, termination and conditions thereof, confidentiality, signing of contracts by authorised personnel, company resolutions where required, etc.

Reviewing the business’s legal department’s performance.

Reviewing the business’s external legal practitioners for enhancement. For example, some companies have a panel of legal practitioners for different situations.

Conclusion

Strategic legal risk management is important and should never be overlooked.

Disclaimer: This simplified article is for general information purposes only and does not constitute the writer’s professional advice.

Godknows (GK) Hofisi, LLB(UNISA), B.Acc(UZ), Hons B.Compt (UNISA), CA(Z), ACCA (Business Valuations), MBA (EBS, Heriot- Watt, UK) is the Managing Partner of Hofisi & Partners Commercial Attorneys, a chartered accountant, insolvency practitioner, commercial arbitrator, registered tax accountant and advises on deals and transactions. He has extensive experience from industry and commerce and is a former World Bank staffer in the Resource Management Unit. He was recently appointed to sit on the Council of Estate Administrators in Zimbabwe. He writes in his personal capacity. He can be contacted on +263 772 246 900 or [email protected] or [email protected]. Visit www//:hofisilaw.com for more articles.

 

Related Posts

ZIM BASKS IN GLORY . . . We’re ready to share our success stories: President

Zvamaida Murwira-Senior Reporter ZIMBABWE is ready to share its experiences, successful initiatives and development models with the rest of Africa as part of efforts to advance prosperity across the continent,…

Governance framework charms Museveni

Zvamaida Murwira-Senior Reporter AFRICAN Peer Review Mechanism Forum Chairperson and Ugandan President Yoweri Kaguta Museveni has urged African countries to emulate Zimbabwe’s commitment to strengthening economic governance, building accountable institutions…

Leave a Reply

Your email address will not be published. Required fields are marked *

×