Team size: Seven

Craig G. Lawrence is a Group General Counsel, executive legal strategist, and trusted advisor to boards and executive teams operating across South Africa, the United Kingdom, the United States, and EMEA. He has over a decade of experience advising complex, high-growth businesses in telecommunications, SaaS, PaaS, financial services, FMCG, and customer acquisition environments, with a strong focus on regulated, data-intensive, and consumer-facing sectors.

Craig is currently Group General Counsel and an ExCo member at Ignition, where he leads the group legal, risk, and compliance function across multiple jurisdictions. His remit includes enterprise risk management, global contracting infrastructure, data protection, employment and industrial relations, dispute management, and M&A execution. He is responsible for legal strategy supporting international expansion, new vertical entry, and scaled customer acquisition models, while building and mentoring a multi-disciplinary in-house legal team.

A defining feature of Craig’s work is his ability to translate legal risk into clear commercial decision-making frameworks that enable growth rather than constrain it. He has designed and implemented enterprise-wide compliance and risk programmes aligned to POPIA, GDPR, CCPA, consumer protection, and competition law, materially reducing regulatory exposure and litigation risk. His contracting approach emphasises standardisation, scalability, and visibility, shortening deal cycles while embedding robust protections around liability, indemnities, and dispute resolution. Craig has led several high-value, cross-border acquisitions, including the acquisition of an MVNO into a telecommunications cluster and the carve-out and acquisition of a US-based contact centre business to establish a US operating footprint. In each transaction, he played a central role in structuring, risk assessment, negotiation, and post-acquisition integration.

Prior to Ignition, Craig served as Head of Legal for Huawei’s Consumer Business Group in South Africa, working closely with the CEO and CFO on strategy, governance, and risk. He was embedded in the commercial engine of the business, supporting the launch of the Huawei Online Store, after-sales insurance products, global ecosystem initiatives, and strategic partnerships. During this period, he significantly reduced active litigation exposure and led the remediation of a high-risk business practice through executive-level intervention and structural reform.

Earlier in his career, Craig held senior legal roles at ZTE, where he oversaw legal and compliance matters across sub-Saharan Africa, supporting large-scale network infrastructure projects and multi-jurisdictional regulatory engagement. Before this, he served as Commercial Legal Manager at Picor Sub-Saharan Africa, where he established the South African subsidiary, managed cross-border contractual risk, led IP and asset disposals, and navigated business rescue and restructuring processes. He began his career in commercial litigation and employment law at a leading Johannesburg firm.

Craig is an admitted attorney of the High Court of South Africa and holds BCom and LLB degrees (cum laude) from the University of the Witwatersrand. He has been recognised in the Legal 500 GC Powerlist South Africa for 2024 and 2025 and has received multiple regional and global performance awards for legal leadership and commercial impact. He is widely regarded for combining technical rigour with emotional intelligence, commercial pragmatism, and a calm, solutions-driven leadership style.

What are the most significant cases, projects and/or transactions that you and/or your legal team have recently been involved in?

Over the past year, the legal team has supported the business through a period of regulatory complexity and significant commercial change. My role has been to set legal strategy, prioritise risk, and ensure the team was aligned and resourced to execute effectively.

A major area of work involved cross-border data processing and dialler compliance across the United States and Australia. Regulatory expectations in both jurisdictions continued to tighten around consent, automated dialling, and accountability for data use. Under my direction, the legal team led reviews of data flows and responsibility allocation and worked closely with operations and technology to align dialler functionality with the compliance position. The team also managed regulator queries, audits, and third-party reviews. Some of this work is confidential, but it resulted in concrete operational changes and a more defensible regulatory posture.

In parallel, the legal team supported the build-out of a consumer super app consolidating our banking, insurance, telecommunications, and other consumer offerings into a single platform. This represented a fundamental shift in the group’s commercial model and required sustained legal involvement. I led the legal strategy, while team members designed and implemented the agreement framework, platform terms, privacy architecture, verified identity model, and consumer-facing disclosures. The platform is anchored in a licensing arrangement with a fintech partner, requiring clear allocation of regulatory responsibility, customer ownership, branding, and data rights. Legal remained embedded as the platform has evolved, enabling early 2026 rollout without material regulatory disruption.

How do you approach managing legal aspects during periods of instability or crisis to ensure the organisation’s resilience? 

Periods of instability highlight the importance of a trusted and decisive legal function. My role is to lead judgment and direction, while ensuring the legal team is clear on priorities and empowered to act.

The approach begins with early risk identification. The legal team monitors complaint trends, regulator correspondence, audit feedback, and operational practices to identify emerging issues. I work with the team to assess materiality and escalate risks early, with a clear articulation of potential impact.

When a crisis arises, legal leads a structured fact-finding process. Team members gather and validate information across the business, while I focus on framing advice for executive decision-making. Advice is grounded in verified facts, with assumptions and uncertainty clearly identified.

Legal advice in these situations is framed around options. In one instance, I advised against a full operational pause, recommending targeted interim controls and accelerated remediation instead. This allowed the business to maintain continuity while addressing regulatory concerns. That balance between compliance and continuity has been a consistent feature of our approach.

Engagement with regulators and stakeholders is coordinated through legal, with an emphasis on transparency, consistency, and evidence of executive oversight. Once issues are resolved, the team embeds lessons learned into operating models, training, and accountability structures to strengthen resilience.

What strategies do you employ to ensure the successful digital transformation of a legal department while maintaining compliance with your country’s data protection laws? 

My approach to digitally transforming the legal function has been shaped by the rapidly evolving data and privacy landscape facing contact centre businesses. Increased legislative scrutiny around consent, data use, and cross-border processing has required legal to move faster, be more structured, and remain closely embedded in operations, while still enabling commercial momentum. To support this, we have built clearer and more disciplined legal processes around how data-related risk is identified, escalated, and addressed. This has included developing risk and control documentation that translates regulatory obligations into practical operating rules for the business, allowing teams to adapt quickly as requirements change without repeated legal rework.

From a digital enablement perspective, the legal team has standardised how work is managed and executed using tools such as SharePoint for controlled document management and versioning, and DocuSign for secure and auditable execution. We have also begun incorporating Microsoft Gemini to support internal review processes, including the identification of red-line risk flags against our established risk and control frameworks. These tools are used to enhance consistency and speed, not to replace legal judgment.

The result has been a legal function that can respond to increased regulatory scrutiny, support digital scale, and allow the business to move forward with confidence in a complex compliance environment.

AI has been taken seriously as a potentially revolutionary technological change in the legal world for a number of years now. Has it had a meaningful impact in how your legal team works in this time?

AI has had a meaningful and practical impact on how the legal team operates, primarily by changing how time and attention are allocated.

We have focused on using AI to automate or streamline routine, repeatable, and rule-based tasks, particularly in higher-volume areas such as initial contract review, issue spotting, and document comparison. These tools operate against established templates, playbooks, and risk frameworks, allowing the team to surface deviations and risk flags early, rather than spending time on manual first-pass review.

This has materially shifted how our legal professionals spend their time. By reducing the burden of low-value, mechanical work, the team is able to focus on matters that genuinely require judgment, including strategic advisory work, complex regulatory analysis, and commercial risk trade-offs at business and ExCo level. The result has been more timely, higher-quality legal input where it matters most.

AI is used within clear governance, confidentiality, and data control parameters, and supports rather than replaces legal judgment. Its value has not been theoretical. It has improved consistency, freed capacity, and enabled the legal function to contribute more effectively to strategic decision-making, while maintaining appropriate regulatory and reputational safeguards.

How does your team contribute to the overall business strategy of the company? Can you share an example of a recent legal-led initiative that had a significant impact?

The legal team contributes to business strategy by identifying and addressing areas of risk that, if left unmanaged, could materially constrain growth. Legal is embedded in ExCo and operational leadership discussions, which allows us to intervene early and help reshape practices rather than reacting after issues escalate.

A recent example involved a high-risk operational practice within the business that attracted regulatory attention and posed potential enforcement and reputational risk. Legal led the intervention. Rather than recommending a blunt suspension, the team worked closely with the executives responsible to understand the commercial drivers, assess the regulatory exposure, and agree on a path forward that balanced continuity with compliance.

Under my direction, the legal team designed and implemented the required legal and compliance infrastructure. This included clearer allocation of accountability, defined controls and escalation thresholds, revised operating procedures, and supporting documentation capable of withstanding regulatory scrutiny. Legal also facilitated executive discussions to ensure ownership of the changes and alignment on risk tolerance.

As a result, the practice was stabilised and brought into a defensible position, allowing the business to continue operating while materially reducing regulatory risk. The intervention avoided disruption, strengthened governance, and established a framework that now supports scale rather than limiting it.