The legal profession is undergoing a fundamental shift, moving beyond traditional statutory interpretation to embrace risk intelligence as a crucial capability. Lawyers are increasingly expected to act as strategic enablers, advising on prudence, responsibility, and future readiness in a complex, interconnected regulatory landscape.
Mind Map
Click to expand
Click to explore the full interactive mind map • Zoom, pan, and navigate
Institute of Risk Management, India
affiliate presents regulation with risk
intelligence. A new imperative for
lawyers. A global manufacturing company
faced regulatory scrutiny after its
third party vendor triggered a data
breach despite contractual safeguards. a
listed entity's ESG claims led to
shareholder activism and legal
intervention due to non-alignment with reporting
reporting
standards. Meanwhile, an Indian fintech
startup drew regulatory heat after its
lending algorithm uh unintentionally
discriminated against certain user
groups raising urgent questions around
fairness and digital governance. Now,
these incidents are not anomalies. They
are emblematic of a world where
regulation is rapidly intersecting with
technology, ethics, and enterprise
strategy. And legal oversight is no
longer limited to courtrooms or policy
manuals. It now shapes business
resilience, stakeholder confidence, and
long-term value creation. In this
context, risk intelligence has become an
essential capability for legal
professionals. the ability to anticipate
regulatory ripple effects, assess laws
uh through the lens of systemic risk and
even support organizations in navigating
uncertainty is fundamentally
transforming the legal
function. As this regulatory environment
grows more complex and volatile, I think
lawyers are emerging as strategic
enablers advising not only what's lawful
but what's prudent, responsible and uh
even future ready. So here's welcoming
all of you to the panel discussion on
regulation with risk intelligence a new
imperative for lawyers by the institute
of risk management India affiliate as
the world's leading certifying body for
erm exams across 140 countries. The
what's the risk initiative underscores
our unwavering commitment to driving
thought leadership in every sector and discipline.
discipline.
Joining me in the sixth episode are Miss
Kamla Kantar Raj, Chief Regulatory
Officer at the Bombay Stock Exchange
Limited, Professor Dr. S. Raj Kumar,
founding vice chancellor OP Jindal
Global University and Kartik Mahajan,
partner at Ketan and Co. Lady and
gentlemen, thank you for participating
in this special episode. Dr. Raj, let me
start with you. With regulations
evolving rapidly in response to emerging
risks like climate, tech and even uh
governance failures, how must the legal
education evolve to prepare lawyers uh
to think beyond statutes and develop
foresight in legal interpretation when
the world of technology and its
implications for law and regulation is
profoundly felt across all sectors. Now
in today's increasingly volatile and
interconnected world, traditional legal
training, the form of legal education
that we impart, which often focuses on
somewhat static statuted interpretation,
is no longer sufficient. Lawyers must
now cultivate a deeper understanding of
systemic risks that transit legal
boundaries, including regulatory
barriers. This could include for example
risks associated with climate change,
data privacy, cyber threats and what we
see the early aspects of AI regulation.
Now this particular change that
technology has created requires an
interdisiplinary mindset and a proactive
approach to legal interpretation. But
most importantly to recognize that law
is something that will have to take cue
from other disciplines. the traditional
standalone law schools are unfortunately
wofully inadequate when it comes to
dealing with these issues. So at General
Global Law School for example, we are
reimagining legal education to include
training in enterprise risk management
technology and public policy so that
future lawyers are equipped not just to
respond to legal issues but to foresee
and even shape them. The
interconnectedness of law and policy and
regulation and governance is the key to
unraveling this mystery. But today in
the world of AI and regulation, we
simply cannot fall back. And hence it's
important for us to train the next
generation of lawyers and law students
and judges even to understand and
appreciate the need for engaging and
grappling with risk management issues
early on. Uh Kartika I want to come to
you next. You know, in your corporate
advisory work, where do you really see
legal interpretation falling short in
today's risk intense environment? And
how can legal teams embed a
forward-looking risk lens into their
council? When it comes to being a legal
professional are not limited to the
interpretation of black letter law. What
it's rather limited to is the narrow
interpretation with which the lawyers
have to deal and come up with solutions
on. The first is a lot of the people are
looking into the static reading of law
as to what the law is today. What they
are not able to foresee is how the law
may evolve and a contract which we enter
today how it would be relevant 3 years
from now. The second is just the
interconnectedness of the disciplines.
You know I do a lot of white collar work
and when it comes to white collar
related advisory you see that a lot of
the times clients are just facing issues
before one investigative agency let's
say ED but at the same time other
investigative agencies when they get to
know that some wrongdoing has been
committed then the likes of CBI SFIO uh
you know ministry of corporate affairs
they all also come into action so when
you are dealing with such interconnected
areas of law you should be mindful
towards coming up with a holistic
approach. And the third is the reactive
compliance versus a proactive
compliance. Again, I think as lawyers,
we have been, you know, gotten into the
habit of answering questions of a
client. When a client has a particular
query, they will come and they will tell
us and we look into the law and we will
give a solution. But what many of us are
not being very vigilant about is what is
happening in the global regulatory
change. For example, AI there is more
and more increased scrutiny in EU and
the UK uh rather than what is happening
in India in terms of the regulatory
footprint. So if we are going to advise
clients who have AI related contracts in
India and EU, we may end up advising
them on Indian law but we may actually
fail in our duty to you know at least
apprise them of risks under EU or UK
laws which are much more dynamic and
evolving than Indian laws. So that's
another reason. Kamla G, let me bring
you in at this point. You're managing
compliance at the nerve center of
India's capital markets. Uh where you
know regulatory uh perception,
reputation, public trust, all of that
goes hand in hand. How do we really move
the compliance function from a rule
rule-based decision-m activity to a more
risk sensing activity? Compliance has
evolved over a period of time.
Regulations have evolved over a period
of time. But the underlying theme for
which compliance exists or governance
exists remains the same. That is you are
taking care of interest of various
stakeholders. How is the conduct and is
there fairness in the way the whole all
stakeholders are getting treated and
ultimately last mile customer service is
it getting focused attention or not. So
all compliance requirements are emerging
out of this basic need that you have to
be fair in your claim and rule checking
was historic uh event. Now we are no no
longer there. That is not sufficient at
all. Also you should see that rule
checking existed in an era where markets
were very localized. Your impact of risk
was very localized. It was not causing
havoc at domestic country level or
international level. But today
businesses have evolved. Technology has
come in as a new animal contributing to
every area and the way interconnected
world operates or the globe operates has
changed drastically. So with the result
when business model changes
automatically risk changes when
accessibility expands risk changes. So
with the evolving nature of businesses,
evolving nature of risk, I think we no
longer historical way of rule-cheing
once in a year audit will work. So now
the firms, businesses, entities have all
started adopting business entities have
all started adopting you know
technology- based approach to risk
assessment and most of the good
organizations have defined their risk
framework. They also have tools and
technologies to alert them on what is
happening. More important requirement is
you need to sense what is happening
around you. It is not about risk
internally alone. It is also about the
risks emerging from elsewhere. And
recently we have all gone through and
experienced how global risks also can
play an important impact on the domestic
market. Similarly, domestic institutions
can also impact the global market. So I
think the way tools and technologies are
emerging the way newer risks are
emerging with use of technology and with
all the cyber uh related issues creeping
in accessibility has to grow up you have
to adopt technology but the newer risks
you have to recognize and mitigate those
risks. If you're not proactive in you
know even identifying them and assessing
them then you are nowhere there. You
will get washed out in no time. You will
become obsolete.
Professor Raj, what are some of the
institutional changes that are needed to
really embed risk thinking as a core
legal skill not just as an add-on? You
know, generally speaking, H lawyers are
known to be risk averse and um and this
has been one of the most difficult
challenges of the role of let's say a
general counsel in a corporation or a
company. um and it is always the
business which is moving and pushing the
agenda of wanting to expand or do new
things and the lawyers tend to be more
conservative. So the the fundamental
point that we need to recognize is that
risk intelligence need to be embedded in
the DNA of the legal profession. It
simply cannot be a bystander. This
requires I strongly believe fundamental
reforms at multiple levels including uh
the way regulatory bodies look at it.
The way even bar associations u may have
to revisit their accredititation
frameworks including the way bar council
look at the role of the lawyer. Uh what
is essentially the role of the lawyer
including the core competency of
lawyers. Similarly, uh from the
standpoint of academics and law schools,
I believe legal education must also
evolve from being somewhat doctrally
narrow to more institutionally
responsive and adaptive. All right, it's
uh time for a short break. We'll be back
with this powerful panel to discuss the
blurring boundaries between legal risk
and business strategy as they said.
We'll be right back.
Institute of Risk Management India
affiliate presents regulation with risk
lawyers. Institute of Risk Management
India affiliate presents regulation with
risk intelligence. A new imperative for
lawyers. Welcome back to the sixth
episode of IRM India's what's the risk
initiative. Regulation with risk
intelligence, a new imperative for
lawyers. I've been in conversation with
professor Raj uh Miss Kamla and Kartik.
Uh Kartik building on our previous
conversation should law firms really
begin to build in-house risk management
capabilities to serve the clients
better. I know we spoke about this but
you know just like corporates have a
chief risk officer. Are you beginning to
see law firms develop a similar function
or mindset? So the short answer is that
currently no. the law firms have not
developed such a function. But the real
question is whether they should and I
think the answer to that is yes and
steadfastly yes. The reason is not to
only bulletproof your own growth as a
law firm but also in the fundamental
shift into what a client is expecting
out of a law firm. And when I say this I
have three reasons as to why a law firm
should be looking into integrating a
riskmanagement approach. Uh the first
reason is that the clients expect you to
be the risk manager. Increasingly my
role is that they want you to know what
the risks are for their business. If you
keep on working with a client, you get
to know their business increasingly and
they ask you for each and everything.
While I may be a disputes lawyer, they
sometimes ask me things which have
nothing to do with disputes. I may be a
transaction lawyer, they may ask me
things about disputes. The second is
that if you have as a law firm an
enterprisebased approach in which you
have different kind of heat maps,
different kind of risks being assessed,
it's a great revenue multiplier, isn't
it? For example, you know, you can have
on a deal a regulatory and litigation
risk in which you are talking about
potential enforcement risk in an
arbitration scenario, potential white
collar risk and you end up involving
those schemes. Similarly, a transaction
risk which can be a geopolitical risk
coverage, an enforcement risk heat map
as to if you are going into a particular
jurisdiction, what kind of risk that
jurisdiction may have, a data and cyber
risk heat map. You can have realtime
breach impact modeling. You can have
data sovereignity risk. These are all
just ideas. But if you just think about
it, if a law firm starts adopting these
and start hiring individuals to deal
with certain specific things like this,
you can actually have a revenue
multiplier for law firms. It benefits
everyone because the client only has to
go to one organization. And the third
reason is that I can't say that law
firms are not at all thinking about it
because in certain spheres they have
made some steps. For example, it's
increasingly common in India to have
former regulatory chairpersons or high
level individuals after they retire join
these law firms as consultants whether
be it from RBI or from SEBI uh and other
institutions as well. So if they are
able to get some of these individuals
who are not lawyers by training but have
been bureaucrats at high level positions
and doing extremely challenging work for
those institutions then why can't you
replicate by having say a valuer join a
law firm by having say a forensic
accountant join a law firm some law
firms in India are also thinking on
those lines and according to me if they
do so I think it's just going to benefit
the law firms themselves in terms of
revenue and also meet with the client
expectations which are increasingly
becoming challenging. Kamla Gi, he's
spoken about the external side. Now
let's uh turn back into the internal
compliance function. How do you think
the legal teams can work more
collaboratively with the external
councils and move from a typical
firefighting approach to a strategic
risk approach? Complexities of business
have undergone tremendous change. Today
you cannot work in a crisis mode all the
time at all because at any given point
in time you are grappling with policy
changes. you are grappling with system
changes, process changes and ultimate
execution. So coming to BFSI spec sector
in particular, they use law firms on
strategy side but for tactical and
operational issues, you should have a
strong internal team because you don't
have that luxury of time that you know
you need to turn around things very
quickly. So I think strategic uh uh
advice is required on long-term project
kind of a thing on a proactive basis and
of course on the other end extreme end
to fight your cases you need to depend
on the law firm but for the in between
zone where it relates to your own dem
domain and things like that you will
build a in-house capability and also the
way policy making is happening and
regulatory changes are coming it has
also undergone se change because now we
see or a consultative process before any
new regulatory framework comes into
picture and at that stage all the law
firms also have an important role to
play and if they're part of the
discussions that is fine otherwise also
they should necessarily apply their mind
and contribute to the policy making so
that you know we reduce ambiguity and
give clarity to the industry at large
got it but what's your view specifically
for the BFSI and pharma sectors which
are even more uh regulated so how how
Should the collaboration work over there
between the internal compliance teams
and the external lawyers? See law firm
is internal legal teams are defending
the various functions within an
organization. So they have to closely
work with the in-house compliance team
for sure. There is no way you can get
success if you are working in isolation
and already that is in securities market
at least I can say with authority that
it's already happening otherwise you
will never be able to you know face any
litigation. It is closely happening but
on the other sectors also I'm sure this
culture will spread because all sectors
are facing dynamic changes and you can't
use the old tricks for dealing with the
newer set of problems. You have to be
collaborative in approach and we do
approach law firms for long-term and
strategic related issues as well. That
is true of the entire BFSA industry. All
right. uh professor Raj as a visionary
in legal education in India do you see a
future where risk intelligence becomes
really integral to the legal practice as
a case law or even a statutory
interpretation and also if you could
share some insights on the recently
launched BSE and risk management program
uh recognizing the IRM exams. I I think
um if you remember the uh early days of
the office of general counsel uh in
companies and corporations, we never had
one uh for a very long time. But now
with an expanded role of the office of
general counsel uh they are seen to be
problem solvers. Uh they can't just be
um you know coming when conflicts and
disputes arise. They are advisers and
mostly they're advising on risk. So we
are witnessing a paradigm shift where
risk intelligence is no longer
peripheral to the world of legal
practice but it is somewhat not only
central but
foundational. Just as lawyers must
understand uh the juristprudence and
statuto frameworks they must also be
fluent in identifying analyzing and
responding and advising in systemic
risk. Um at our university uh we have
recognized this imperative not only from
the standpoint of policy but also from
the standpoint of education and we have
launched India's first bachelor of
science and risk management integrating
IRM's globally recognized enterprise
risk management curriculum. uh we have
done that in many ways involving the
Jinder School of Banking and Finance one
of our leading uh schools that focus on
issues relating to banking and finance
but also having uh collaboration with
the law school too. This collaboration
uh with IRM's globally recognized
enterprises management program I believe
reflects our strong commitment to the
fundamental reforms that legal
profession must take uh to lead in
institutional resilience. We are not
only preparing law students to be future
ready lawyers but also grooming them as
policy leaders, governance experts, risk
advisers uh even uh engaged in uh
compliance preparedness as well. Great.
Well, compliments to you and the team
and I'm sure stakeholders like Kamla G
and even Kartik will will see the impact
of our work. Uh Kartik, I want to
actually ask you a very frank question
of how the law firms are responding to
this evolution. Are they really going to
be willing to change? What is that one
point of cultural change that you need
to bring about to ensure that lawyers
become partners in risk governance and
resilience building? First, you look at
the in-house councils. The in-house
councils today are increasingly playing
the role of a risk manager because they
are not specializing in one domain. You
don't have only an in-house council
looking into disputes or only into
transaction actually they end up looking
into the entire spectrum from the
general council's office. So if they can
do so the question that they will be
asking why can't law firms do so for me.
The second is that we as a profession in
India might end up facing challenges
from other similarly placed professions.
Let's say look at the other consulting
firms the big four like py KPMG deoid
they all have started
multid-disciplinary practices you know
they were already consultants they have
tax expertise now they are also giving
legal advice in a lot of jurisdictions
as a result of which the law firms
itself because of the competition levels
may end up adopting this. All right.
Finally, Kamli, turning to you. Uh the
role of the chief risk officer, chief
compliance officer and now even the
general counsel bringing the lawyers
angle. I call it a a web or a triangle,
right? How do you navigate the
complexity of relationship between the
three of them with the risk lens uh that
we can bring about? See, in an any
organization at a higher level on all
strategic issue, all functions are
interlin. You just named three. I can
add more. There is a new CISO that has
come in. Chief information officer that
has come in. Chief data officer has come
in. All of them have interlinkage. We
calling out everything on a silo basis.
End of it. It's resulting into a lot of
duplication in work. So how do we do
more meaningful and effective work by
weaving this fabric into a wonderful
masterpiece and create a framework where
people are not competing but trying to
identify risk from multi-dimensional
angle is what I would think well that
brings us to the close of a deeply
thought-provoking conversation today's
dialogue has uh underscored a critical
shift where regulation is no longer just
about compliance uh but strategic
foresight institutional resilience
and even intelligent governance as the
panelist spoke about. In this evolving
landscape, lawyers are no longer
confined to interpreting the law, but
they are being called upon to shape the
risk agendas of the organizations and
even economies that they serve. A
sincere thank you to Kamlaji, Dr. Raj,
Kartik for sharing their insights at the
intersection of law, risk and
leadership. Stay tuned for the next
episode of what's the risk.
Institute of Risk Management India
affiliate presents regulation with risk intelligence.
Click on any text or timestamp to jump to that moment in the video
Share:
Most transcripts ready in under 5 seconds
One-Click Copy125+ LanguagesSearch ContentJump to Timestamps
Paste YouTube URL
Enter any YouTube video link to get the full transcript
Transcript Extraction Form
Most transcripts ready in under 5 seconds
Get Our Chrome Extension
Get transcripts instantly without leaving YouTube. Install our Chrome extension for one-click access to any video's transcript directly on the watch page.
