What are the most significant cases, projects or transactions that you and/or your legal team have recently been involved in?

In a landmark achievement this fiscal year, Ninja Van Group successfully secured a US$50 million revolving credit facility with HSBC, covering operations across seven countries. Serving as the lead for Thailand’s transaction, I spearheaded the comprehensive due diligence process in close collaboration with our external counsel. This pivotal role extended to facilitating the successful closure of all transactional documents, ensuring a seamless and legally sound agreement.

How do you approach managing legal aspects during periods of instability or crisis to ensure the organisation’s resilience?

During periods of instability or crisis, the legal team must play a critical role in working closely with the crisis management team to promptly identify the onset of a crisis and evaluate its potential impact. They should guide the organisation through uncertainty and help mitigate risks. By proactively conducting extensive risk assessment exercises, the legal team becomes better equipped to understand potential or current crises and prepare for their anticipated adverse effects.

When the business encounters complex regulatory and legal challenges, the legal team must swiftly interpret laws, regulations, and revisit contractual obligations to prevent noncompliance or potential breach. Especially in crisis communication and reputation management, we take the initiative in crafting crisis communication strategies. Any mismanaged crisis can result in reputational damage, affecting our business partners’ trust and confidence, as well as and most importantly, our employee morale.

What strategies do you employ to ensure the successful digital transformation of a legal department while maintaining compliance with your country’s data protection laws?

In today’s fast-paced corporate environment, I have observed many organisations transitioning to more agile and digitally driven business models to remain competitive. Ninja Van is no exception—we have embraced digital transformation to enhance operational efficiency while remaining steadfast in our commitment to data privacy compliance. We understand that this trend entails managing immense amounts of data, whether on-premises or in the cloud, and we are continuously committed to respecting individuals’ data privacy rights. We have implemented necessary technological safeguards to ensure regulatory compliance and protect against cybersecurity threats.

Apart from staying current with evolving data protection laws, a significant initiative undertaken is the implementation of a Data Protection Impact Assessment (DPIA) framework. This process has been successfully adopted by key departments that handle personal data as part of their daily functions. When new initiatives or projects are introduced by stakeholders, the DPIA form serves as a crucial tool for identifying privacy risks and ensuring compliance with applicable data protection laws.

Furthermore, I believe the annual training program has brought sustainable and extensive privacy awareness and knowledge to our people at Ninja Van. I have curated learning tools from basic to advanced levels according to the tenure and functions within our organisation, and the necessity of in-depth knowledge on a need-to-know basis. All training sessions were deployed cost-efficiently, utilising our existing training platform solution.

Based on your experiences in the past year, are there any trends in the legal or business world that you are keeping an eye on that you think other in-house lawyers should be mindful of?

Based on recent digital developments, we have observed a growing organisational trend of using generative artificial intelligence (AI) software tools and incorporating them into day-to-day work. Regulators, particularly in Southeast Asia countries, are attempting to keep pace with and conceptualise the rapidly evolving developments in generative AI. Although guidelines have been introduced in many jurisdictions, they are not yet mandatory. In-house counsel and lawyers must develop an in-depth understanding of what generative AI can offer and take proactive steps to identify benefits and inherent risks associated with its use. Equally important is the responsibility to educate internal stakeholders on the legal implications, particularly in relation to confidentiality of obligations, intellectual property rights, and data protection laws.