There are 15 main risk management hot spots for legal and compliance leaders spanning five categories over the next two years. This is according to Gartner, Inc. after interviewing many clients and experts and surveying tens of thousands of respondents across multiple surveys.
“Hot spots reflect current trends in the business and regulatory environment that create or exacerbate the legal, compliance, and privacy risks that legal leaders have to manage,” said Stephanie Quaranta, research director in the Gartner Legal and Compliance practice.
Organizations today are operating in an environment of unprecedented uncertainty.
“Regulatory uncertainty, geopolitical volatility, and macroeconomic uncertainty combine to make it more difficult for legal leaders to assess and manage organizational risks at the same time, meaning that fast, proactive responses to emerging risks are becoming more crucial to success,” Quaranta said.
Across all industry segments, at least 60% of respondents reported an increase in the scope of relevant regulatory change in the past three years. The three hot spots include:
Hot Spot 1: Trade barriers as a policy tool
Hot Spot 2: Patchwork regulation in key areas
Hot Spot 3: Heighten recession chatter
Organizations are increasingly able to create new capabilities and value through technological advancements using big data and analytics. However, growth in these technologies continues to outpace clear regulatory and ethical consensus, leaving organizations struggling to balance current value against the potential for crossing an as-yet undefined line. The hot spots include:
Hot Spot 4: AI implementation without clear guidelines
Hot Spot 5: Employee monitoring reducing trust
Hot Spot 6: Growing consumer demands for data privacy
As organizations have increasingly adapted their business models to rely on the capabilities of third-party partners and contingent workers, the business ecosystem has become more complex.
“Given that more than four-fifths (83%) of the organizations we surveyed are employing an external workforce, it is important for most legal leaders to manage the associated risks,” Quaranta said.
The hot spots include:
Hot Spot 7: Shifting classifications for gig workers
Hot Spot 8: Increased complexity of nth-party ecosystem
Hot Spot 9: Unpredictable Foreign Corrupt Practices Act (FCPA) enforcement patterns
Almost nine in 10 (87%) of the employees surveyed said they expect companies to take a public position on social issues relevant to the business. But this is difficult, and the consequences of getting it wrong are steep as stakeholders, from employees to investors, feel more empowered to demand change. The hot spots include:
Hot Spot 10: Rising employee activism at work
Hot Spot 11: ESG at a corporate expectation
As both regulators and customers increase their attention on how organizations combine, analyze, and otherwise use information, data processing is on pace to surpass data collection as the primary source of privacy risk for organizations.
Interest in data lakes among senior executives is growing rapidly, having risen almost fourfold in the past six months, judging from Gartner analysts’ call volumes. This is pressuring legal leaders to manage associated privacy risks. The hot spots include:
Hot Spot 12: Increasing use of biometrics as identifiers
Hot Spot 13: Rising threat of de-anonymization
Hot Spot 14: Emergence of data lakes
Hot Spot 15: Expanding definition of personal data
“At a time when businesses are already facing so much uncertainty, and when resources for legal, compliance, and privacy functions are already stretched thinly, these risk hot spots add an additional layer of complexity for legal leaders to manage,” said Quaranta.
Read more in 2020 Legal and Compliance Hot Spots.