What are the most significant cases, projects and/or transactions that you and/or your legal team have recently been involved in?

Over the past year, in my role as Assistant General Counsel for Wells Fargo’s India legal entities, I have led and coordinated a wide portfolio of work across corporate governance, regulatory compliance, strategic transactions, and risk management. These matters reflect our team’s continued commitment to precision, governance excellence, and proactive risk mitigation.

In the area of corporate governance and Board advisory, we streamlined the scope of Board agendas for Tier One entities under the Legal Entity Governing Body Guidelines. This ensured that significant matters such as financial performance, control testing, risk assessments, and litigation updates received focused and timely attention. The rationalisation enhanced decision making and strengthened overall compliance hygiene. We also managed statutory compliance for the Annual General Meeting, including audited financial statements and explanatory statements under the Companies Act 2013, ensuring that all filings were accurate and submitted within prescribed timelines.

From a regulatory and compliance perspective, our team addressed complex issues relating to CSR disclosures and statutory filings, providing legal opinions and supporting corrective actions as part of operational risk reviews. We contributed to quarterly compliance assessments, including PAS 6 filings and auditor governance, and implemented a structured approach to managing regulatory changes notified through MCA alerts. These efforts improved audit readiness, reduced cycle times, and fortified governance controls.

On strategic transactions, we developed an authorised signatory framework for the India and Philippines entities, thereby standardising execution controls and reducing operational risk. We advised on fairness opinion procedures for high value transactions to ensure governance rigour in committee processes. Our involvement in legal entity tiering and reclassification aligned enterprise structures with regulatory requirements in the United States, supporting strategic investments in private equity and clean energy.

In relation to risk and control management, the legal function played a central role in the Risk and Control Self Assessments, including presenting updates to the Enterprise Functions Control Council and embedding triggers based on legal significance within entity level risk assessments. We also remediated findings under Internal Control Over Financial Reporting by introducing detailed drafting controls and submission checklists that are now integrated into our regular governance cadence.

Our work in enterprise change and technology governance involved integrating legal risk assessments into key change initiatives, with a particular focus on cross jurisdictional considerations, privilege risks, and risks associated with service level agreements. Early legal engagement ensured alignment with compliance expectations and reduced execution risk later in the process.

Overall, these initiatives strengthened governance discipline through consistent adherence to service level agreements for Board agenda circulation and statutory events. They enhanced regulatory precision through proactive management of MCA alerts and CSR observations, supported by reasoned legal opinions. They also promoted risk aware execution by embedding legal oversight in the RCSA and ICOFR frameworks, and advanced global alignment by harmonising governance structures across India and the Philippines with standards followed in the United States.

               
How do you approach managing legal aspects during periods of instability or crisis to ensure the organisation’s resilience? 

Managing legal matters during periods of instability requires a structured and proactive approach that balances compliance, continuity, and strategic risk mitigation. My framework is built on three central pillars: preparedness, rapid response, and sustainable recovery.

In terms of preparedness, the legal function is embedded in the organisation’s resilience planning from the outset. We participate in governance bodies such as the Legal Entity Governance Committee and the Enterprise Resiliency Council to ensure that continuity plans address regulatory obligations and contractual commitments. Business Continuity Plans and Recovery and Resolution Planning incorporate legal reviews relating to jurisdictional compliance, data localisation, and third party dependencies. This early involvement significantly reduces unexpected issues when stress scenarios arise.

When a rapid response is required, whether due to regulatory enforcement, a cyber incident, or an operational disruption, the legal team activates predefined escalation protocols. Sensitive matters are channelled through the Issue Management processes within strict timelines in order to meet regulatory response expectations. We rely on the protections offered by legal privilege and Confidential Supervisory Information frameworks to maintain confidentiality while supporting transparent reporting to boards and regulators. Legal participation in steering committees ensures that decisions take proper account of litigation exposure, contractual implications, and cross border risks.

The third pillar, sustainable recovery, focuses on post-crisis stabilisation. We lead after action reviews to identify gaps and incorporate lessons learnt into the organisation’s governance structures. For example, pandemic related tabletop exercises informed the development of telecommuting protocols and workload reprioritisation. Risk and Control Self Assessments now include legal risk triggers, and remediation plans are documented to support audit readiness. This cycle of continuous improvement strengthens organisational resilience for future disruptions.

Across all three pillars, the core principles remain constant: the legal function is integrated proactively into resilience planning; escalation pathways and privilege considerations are managed clearly and deliberately; collaboration with risk, compliance, and operations ensures a holistic approach to continuity; and insights gained from each event are used to refine governance and control frameworks for the future.
  
What strategies do you employ to ensure the successful digital transformation of a legal department while maintaining compliance with your country’s data protection laws? 

Digital transformation within a legal department is not merely a matter of adopting new technology; it is about embedding compliance and governance into every stage of the process. My approach combines secure technology enablement, privacy by design principles, and strong governance frameworks to ensure that transformation efforts align with India’s Digital Personal Data Protection Act and global standards such as the GDPR.

The first element of this approach is privacy and compliance by design. Legal and regulatory requirements are integrated into the technology lifecycle from the outset. This includes conducting Records of Processing Activities reviews for all legal workflows to identify personal data touchpoints, applying retention class codes and automated purge schedules to digital repositories in accordance with statutory retention rules, and embedding data minimisation and encryption protocols within platforms such as NetDocs and matter management systems.

The next element is the establishment of secure cloud and access controls. Our strategy prioritises the use of enterprise-approved platforms that offer role-based access controls and multi-factor authentication, as well as the implementation of legal hold processes and audit trails for sensitive data in order to meet litigation and regulatory obligations. Vendor contracts are reviewed to ensure the inclusion of clauses that comply with the Digital Personal Data Protection Act, particularly in relation to cross border data transfers and breach notification timelines.

Robust governance and training underpin the transformation. We work closely with the Cybersecurity Legal Team and the Privacy Office to review each digital initiative for compliance risks, while mandatory training on artificial intelligence and data privacy is provided to legal professionals to reinforce ethical and regulatory expectations. A Legal Tech Steering Committee has been established to oversee the adoption of technology tools, including e-discovery platforms and AI assisted contract review systems.

Continuous monitoring and regulatory alignment complete the framework. Compliance is maintained through regular audits and assessments of readiness for the Digital Personal Data Protection Act, ongoing monitoring of regulatory developments such as India’s Digital Personal Data Protection Rules 2025, and timely updates to standard operating procedures. Dashboards are used to track system changes and user impact, thereby enhancing transparency and supporting risk management.

This structured approach has enabled the digitalisation of workflows, including board material reviews and contract management, without compromising privacy or security. By embedding compliance within every stage of transformation, we have achieved meaningful efficiency gains while safeguarding sensitive data and meeting all relevant regulatory obligations.

 
AI has been taken seriously as a potentially revolutionary technological change in the legal world for a number of years now. Has it had a meaningful impact in how your legal team works in this time?

Yes, artificial intelligence has evolved from a theoretical concept into a practical enabler of transformation within our legal department. Over the past two years, we have embedded AI into our core workflows, allowing us to move from manual and time-intensive processes to technology-driven efficiency, while still maintaining full compliance and the central role of professional legal judgement.

AI has had a tangible impact across several areas. In document review and analysis, tools such as the NetDocuments Legal AI Assistant and the Onit integrations now automate contract review, risk analysis, and clause extraction. This has significantly reduced turnaround times for due diligence and litigation preparation and has enabled attorneys to devote more of their time to strategic work. In knowledge management, AI powered search and summarisation capabilities allow lawyers to query extensive repositories and obtain contextual answers almost instantly. This has improved both the speed and accuracy of legal research, particularly when using platforms that include advanced generative features.

Workflow automation has also become an established part of our operations. Generative AI tools integrated into Microsoft Copilot and other legal systems assist with drafting, summarising, and preparing reports. Attorneys now rely on Copilot to prepare board materials, develop litigation chronologies, and generate compliance checklists, all of which previously demanded considerable time and administrative effort. The management of outside counsel has similarly benefited from AI driven analytics available in tools such as PERSUIT and OCMT, which enable us to assess proposals more effectively and optimise external legal spend in line with operational efficiency goals.

Our adoption of AI has been accompanied by a strong emphasis on governance and responsible use. The Legal AI Catalyst Group and the AI Legal Working Group review proposed use cases, monitor outcomes, and ensure that each deployment complies with privacy and ethical requirements.

Mandatory AI governance training reinforces responsible practices, with a particular focus on maintaining human oversight and ensuring that AI supports, rather than replaces, legal judgement.
The overall impact has been material. Routine tasks, including contract review and deposition preparation, can now be completed in minutes rather than hours. Built-in privacy and compliance checks help reduce exposure to regulatory and data risks, while the time saved enables lawyers to focus on advisory work and other high value activities that align legal services more closely with business priorities.
   
How does your team contribute to the overall business strategy of the company? Can you share an example of a recent legal-led initiative that had a significant impact?

Our legal team functions as a strategic partner rather than solely a compliance unit. We integrate legal insight into the company’s core objectives—risk management, operational resilience, and responsible growth—by aligning governance frameworks and regulatory obligations with business priorities. This ensures that strategic decisions are legally sound, risk-aware, and sustainable.

In contributing to business strategy, we advise on board-level oversight and governance structures, ensuring that decision-making reflects both regulatory requirements and the enterprise’s risk appetite. Legal plays a critical role in enterprise risk programmes such as Risk and Control Self-Assessments and Issue Management, embedding legal risk triggers into operational processes. By partnering closely with technology and business teams, we also provide guidance on emerging areas such as artificial intelligence, data privacy, and digital transformation, enabling innovation while mitigating regulatory exposure.

A recent initiative demonstrating significant impact was our involvement in enterprise change management during a major technology transformation. Legal was embedded throughout the change lifecycle, from planning through execution. We challenged assumptions and identified cross-jurisdictional risks early, provided strategic guidance in steering committees to ensure delivery timelines accounted for regulatory obligations and contractual commitments, implemented privilege and litigation hold protocols to safeguard sensitive information during system migrations, and conducted after-action reviews to capture lessons learnt and strengthen future governance processes.

This proactive legal involvement prevented potential regulatory breaches, reduced operational risk, and accelerated approval cycles for critical technology upgrades. By integrating legal into change governance, we not only protected the company’s compliance posture but also enabled timely delivery of strategic initiatives that support growth and enhance the customer experience. The outcome was a demonstrable reduction in risk, faster transformation timelines through the incorporation of legal checkpoints, and a cultural shift that reinforced the perception of legal as a strategic enabler rather than a gatekeeper.