Seshani Bala, Group General Counsel & Corporate Assurance, Chartered Accountants ANZ

During a pandemic, businesses are looking towards digital solutions to manage their teams. Seshani Bala, group general counsel and corporate assurance at Chartered Accountants Australia and New Zealand discusses how to manage new cyber security challenges.

My past in-house roles were in fast moving consumer goods (FMCG) companies where I had international remit and exposure to the benefits of legal operations and using digital solutions in European and US markets. Having a cross-border perspective has really shaped my legal career and how I view in-house lawyering, particularly with respect to ensuring in-house legal teams join the data world so they can make data-driven decisions in this digital economy.

In terms of how I got to my current role, I have always loved problem solving and driving outcomes. When I was in high school I really focused on science and maths subjects, but decided I wanted a complete change when I entered law school at university. I ended up doing a combined Law and Arts degree at The University of Auckland and then did the usual ‘kiwi’ thing of working in large corporate law firms before heading off overseas for the traditional ‘OE’ (overseas experience).

I really enjoyed the fast-paced M&A and private equity deal work in private practice, but I never got the opportunity to view business transactions across their life cycle, because I always had to move onto the next deal so quickly. I did a brief in-house secondment and loved it – everyone told me that once you go in-house, you will never go back! My first in-house role was as international general counsel for an FMCG company where I had remit for all legal matters across 43 markets globally. I gained wonderful experience about customer needs and how to provide business-ready advice. In my current role at Chartered Accountants ANZ, a professional membership body with over 125,000 members globally, I lead the legal, governance, risk, compliance and operational excellence teams which provide integrated assurance and enable the organisation to grow, react and adapt to a changing environment across Australia, New Zealand, Asia and the United Kingdom.

The privacy and cyber landscape is constantly evolving across the globe – we are seeing an increase in disruptive technologies, a move to digital delivery, the rise of the ‘no touch’ economy, the commercialisation of consumer data and consumer demand for delivery at pace. But in parallel, we are also faced with an increase in privacy regulation and the risk of cyber threats. In fact, in 2020, we’re experiencing a year like no other, as we all navigate through a global pandemic! Privacy and cyber security are front of mind as our business balances rapid digital transformation with ensuring our post-COVID operating model is relevant in this new world.

For example, the rapid change from an on-premise technology operating model to a ‘cloud model’ has resulted in a proliferating of data across platforms and increased external cyber exposure to corporate systems. This will surely increase to the point where data will no longer reside in a traditional on-premise location, changing how we manage and protect both cyber and data privacy forever.

‘Looking towards the future, I think in-house legal teams need to be much more tech savvy.’

Digital solutions are also key in managing areas like whistleblowing. Recent legislative changes support the trend towards whistleblowers being seen as a corporate asset and key to maintaining a culture of good corporate governance.

Businesses can have a good whistleblowing policy which contains anti-victimisation provisions and provide for anonymous disclosure but this needs to be operationalised – using a secure digital platform is the best way of mitigating risks in this space.

External counsel certainly do play a role when it comes to the investigations process, but that depends on the type of investigation. Some investigations need to be conducted under legal professional privilege and using an external firm assists with maintaining privilege. It also provides a level of independence, and external law firms are also able to offer practical guidance on how to manage an issue based on their experience with other clients and regulators. There are definitely benefits with using external counsel, but not with every investigation. A lot of things can be done in-house, so it really depends on the risk profile of an organisation and the cost/benefit analysis.

Looking towards the future, I think in-house legal teams need to be much more tech savvy. Innovation intelligence and being a quick adopter of technology is one of our legal team’s KPIs. Technology was previously a job for IT teams, now it is a whole of business function focused on protecting data. I think in-house counsel are well placed to show leadership in this space due to the privacy, governance and risk management responsibilities they have. In-house legal teams need to get a deeper understanding of technology and need to partner very closely with IT teams. There are huge opportunities for in-house legal teams to step up in this space – it’s an exciting time to be an in-house lawyer!