O'Reilly logo

Enterprise Risk Management by Betty Simkins, John Fraser

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 20Legal Risk Post-SOX and the Subprime Fiasco: Back to the Drawing Board

STEVEN A. RAMIREZ

Director, Business & Corporate Governance Law Center, Loyola University Chicago

INTRODUCTION

Enterprise-wide risk management (ERM) views all risks to the firm as subject to management and control. Legal risk management is certainly no exception. Indeed, this chapter is premised on the principle that legal risk is simply one of many types of risk facing a firm. This necessarily means that like other risks legal risk should be managed in accordance with basic notions of risk management generally—that it should not exist within a risk “silo” but should be managed with a view toward the firm’s overall risk tolerance and through coordinated efforts of senior management, including the board (Simkins and Ramirez 2008). Therefore, ERM includes consideration of the optimal means of managing legal risk.

After the revelation of widespread fraud and illegality within American public companies in late 2001 and 2002, leading to the failure of such major firms as Enron and WorldCom, Congress enacted the Sarbanes-Oxley Act of 2002 (SOX). SOX preempted state rules of professional responsibility governing attorneys and imposed federal standards for those representing public companies. SOX also prompted the SEC to create a new mechanism for the management of legal compliance (the Qualified Legal Compliance Committee or QLCC) within public corporations in the United States. SOX completely reworked ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required