Harnessing the Potential of Legal Mapping to Support Risk Management

What is Legal Mapping

Legal mapping is an innovative tool that combines legal research and visual mapping techniques to make sense of complex legal landscapes. At its core, the basic concept of legal mapping lies in its ability to help lawyers visualize legal relationships – be it the association between case authorities, intra-company contracts, or even judges across a given jurisdiction’s cases hierarchically. By applying the principles of general concept mapping, legal mapping asks attorneys to isolate a legal concept, break it down into sub-concepts and visualize whether the sub-concepts are independent, subordinate or in many cases, both with respect to each other.
For example, in the corporate context, legal mapping asks attorneys to identify the various subordinate contracts that implement a greater agreement, and map them hierarchically relative to each other in order to visualize which subordinate relationships are dependent on which others . In graphic form this could produce a complex map of contracts and related agreements:
As used by Boutrous and Associates, legal mapping first breaks down a document into its component parts, both topical and hierarchical, using platforms such as the Kindle or Adobe Reader that allow for note taking. The document is then categorized into a hierarchy based on its practical effect, such as subordinate agreements that execute a larger instrument, a trend between a spike in carbon emissions in the last decade and a corresponding increase in global temperature, or a judge’s decisions on particular issues in a series of cases. These topical categories and their hierarchical relationships are then visualized to create an interactive map that indicates the existence of a relationship between the relevant sub-concepts.
What emerges are not only pristine, simple visual representations of the relationships between legal ideas, but also the mental models that govern the businesses and people that a given attorney will go on to advise.

Core Elements of Legal Mapping

Central to all legal mapping is the collection and organization of data in a manner that allows for analysis of risk and compliance issues. To do so, a legal map must contain key components such as legal data, an explanation of the legal obligation, analysis or assessment of that legal obligation, information on the business process that is the subject of the map, an explanation of why the particular business process is important, the business risk and the known business process failures, and a comprehensive process description. Maps must also contain responsible parties. This parties may include business units, employees, third parties, vendors, customers, regulators, and/or officers of a company. Mapping must also include a detailed description of tasks involved with the business process as well as possible manual workarounds.
Typically, data collection and analysis are organized in an intuitively searchable format, allowing seamless navigation, search and copy functions. Audit logs, including identification of users and date of use, provide the traceability necessary for a legal or compliance audit. The structure must support and guide users when conducting detailed legal analysis of particular issue Areas, such as Foreign Corrupt Practices Act, Environmental Laws, and Labor and Employment Laws. Legal mapping must be integrated with other available legal resources. Such resources might include updates on recent changes to law, rules of procedures and regulations, documents, notifications, news alerts, research links, etc.

Uses of Legal Mapping

Applications of legal mapping are in different sectors. Corporate sector legal mapping helps businesses identify long and short term risks. Mapping is also used to keep track of changing regulatory frameworks. Government regulations change faster than most legal teams can stay on top of. Legal mapping allows companies to track those changes easily.
The corporate sector also uses legal mapping to keep track of their business partners. For example, in the insurance sector companies know that only a certain group of agents will be the most profitable. Legal mapping allows them to track those agents and keep them on retainer. Legal mapping also allows them to keep track of the bottom of the barrel agents. These agents can then be let go.
When it comes to compliance, legal mapping helps companies keep track of which issues need to be reported to more than one government department or agency. A simple search of the word ‘shark fin’ in a database will easily allow companies to not only block out that term in policy. It will also allow them to know what government departments the word ‘shark fin’ needs to go to.
Compliance also means knowing what statutes apply to your business. Legal mapping helps companies keep track of not only compliance, but also which statutes apply and why.
Litigation is another area in which legal mapping is applied. Mapping allows attorneys to take a comprehensive view of the different statutes and case law that relate to an issue or case. This holistic map allows attorneys to develop strategies and arguments. It also allows them to maximize profits by eliminating those arguments that are weak and consensual.

Advantages of Legal Mapping

The ability to take business processes (such as policy formulation, litigation analysis, and contract management) and deconstruct them into their minute atomic legal details will revolutionize how organizations think about managing legal risks and legal strategies. Legal mapping, similar to process mapping, will allow both in-house counsels and law firms to telescope down into the legal details that matter, and will make identifying key legal risk areas and strategies much more effective and efficient. Inside organizations, legal mapping can already be used to identify top risk areas for the organization, analyze them, and offer effective solutions. In this way, by identifying where there are insufficient controls and resources, what can be optimized, and where investments need to be made to ensure that legal risks are optimally managed, this strategy will allow chief legal officers to manage legal risks proactively and collaboratively with other business counterparts, rather than reactively. At the same time, legal mapping can help groups like compliance (and any attorney focused on compliance) to determine where there may be weaknesses or gaps before they become issues. Outside law firms, legal mapping will focus on the particular practice areas and geographies that might need more investment, where chargeable time can be reduced further, and where new services or products may be warranted. Just as importantly, however, most law firms have been struggling to figure out how to respond to changes in client demands (e.g., the demand for alternative fee arrangements) without damaging firm profitability. They have also been struggling to figure out how to handle the new competition, both from other law firms and from alternative legal service providers. Better understanding how individual attorneys at the firm are used, how work differs among lawyers and practice groups, and where there are opportunities to advance the business of the firm and create value for clients, while strengthening and enhancing firm profitability will lead to better solutions and business models. Clients, inside and outside the legal department, will benefit from the new perspective that this data-driven approach brings to optimizing legal risks and legal strategies.

Limits of Legal Mapping

The practice of legal mapping, a highly complex and technical enterprise, poses its share of challenges for companies and their legal teams. As with any mapping process, data disparate sources must be tracked, assessed and integrated. Unlike other areas where business intelligence is focused on, legal mapping has lagged behind, in part because the data sets themselves are much harder to assign a value to. For instance, while an organization might have a firm grasp on the financial pieces of litigation (such as amount spent defending and value of claims) or regulatory costs (penalties incurred and internal compliance spending), the intangible consequences of a breach are much harder to measure. Litigators point out the difficulty inherent in establishing damages in a lawsuit. This same difficulty transfers to the environment of risk management, and it can stall the analysis of the data. Another pervasive challenge of legal mapping is that many organizations simply do not have the data necessary to conduct the assessment or use the latest technologies. The dearth of available information is especially difficult to overcome, as most recent data is still being generated, or yet to be developed . For example, the 2014 Ponemon Institute Data Breach: Annual Study surveyed U.S. and sampled global organizations to measure the threat of security breaches. The study poses the question to participants whether it would be feasible within 30 days to both determine how a breach occurred and what actions the organization took in response. That study highlighted an important need for many legal teams: an even greater need to share data and integrate systems within legal departments, as well as start aggregating the information. Emerging technologies may provide answers for organizations. Predictive analytics and better data collection through Artificial Intelligence and other innovations will help organizations make even greater strides in legal mapping because they will allow for a clearer picture of what the current state of affairs is. Management is only able to make effective decisions with accurate data. While technologies can help to close the gap, companies should not underestimate the importance of skilled legal professionals in the reaping the benefits of a legal map.

The Future of Legal Mapping

As we look to the future, legal mapping is poised to integrate more with artificial intelligence and machine learning. These technologies have the potential to bolster legal mapping efforts by focusing on relevant data to be analyzed, using advanced analytics to identify risk within a certain set of relationships, and ranking risk level according to specific criteria. Sophisticated algorithms can be built to define the relationship between entities, and extenuating factors can serve to mitigate an identified risk. For example, consideration can be taken into account for individuals or entities who have little alternative to their expected course of conduct (i.e., the Investment Fund had to hire this vendor, they had no choice or money to find another; the employee works in a country with no other industry choice).
Some of the most innovative companies are consistently merging technologies to serve the compliance profession. In the next ten years, we are likely to see a dramatic decrease in compatibility issues between disparate technologies. This will facilitate greater efficiency in map creation, as the final product of one technology will easily become the input for another technology. Further, it is likely that we will see an increase in larger databases and greater reliance on visualization software for complex mapping. This will enable better assessments of risk by an entire organization.
Legal mapping will also remain relevant in the realm of public policy changes. Legal mapping is a useful tool to drive regulatory compliance, and many legislatures are starting to recognize the value of using legal mapping to create new policy. Our world is becoming increasingly more interconnected and complex, and legal mapping helps us visualize some of these complexities. No longer can we just think of relationship between countries, instead need to also think of the interdependencies between individuals, entities, and the larger picture. Legal mapping sets a stage for us to take advantage of the data that is available to help us understand these entities, and how they impact the larger universe of entities.

Legal Mapping and Your Organization

Successful risk management is a key concern for any business, and so is compliance with applicable laws and regulations – this is true for both your internal guidelines and external regulatory requirements. In order to keep up with any changes in either area, it is essential to know what is required of you, even before a change or development occurs. The best way to stay on top of all new or altered rules is, as the name implies, mapping out all the legal obligations that pertain to your company.
There are a number of steps that you can take to implement a legal mapping process at your organization. The first is to control the initial parameters of the project by choosing a lawyer with the requisite knowledge and background of the subject matter at hand. It can be advantageous to select one from your existing counsel or a separate law firm, if you have established a strong working relationship with them in the past. You must be able to rely on their expertise in the applicable field to ensure that the mapping will be accurate and comprehensive.
In-house staff members can sometimes be added to the team if they have enough familiarity with the topic being mapped out . The rest of the project will involve collecting, isolating, summarizing, analyzing, and categorizing information on all the relevant laws and regulations and their various requirements, determining the risks of non-compliance, and creating the mapping itself to clearly lay out where each obligation fits and how it impacts the overall organizational risk level.
Once the mapping is complete, there remains the task of updating it whenever any member of the team becomes aware of a new development in law or regulation which could affect your company. This can continue to be the responsibility of the team members who conducted the original legal mapping; however, you may also need to contract with new additional personnel as needed or train your existing attorneys or other staff members to contribute as well.
Finally, all of this information must be shared with company personnel at all levels, in order to assist them in navigating the legal landscape and identifying the pertinent laws for their individual duties. Legal mapping can be necessary for all levels of staff to ensure that it filters down throughout the organization.