Risk, When Tamed, Is An Opportunity

The canvas of risk has expanded exponentially. The avalanche of data, the thicket of regulation, and the march of technology have created a business environment where it's imprudent to speak about risk as though it can be completely eliminated.

Within this landscape, the legal department has emerged as a key custodian of risk. But what exactly is its role today? One way to answer that is to look back: to trace how Business's expectations of Legal have evolved over the last three decades.

My perspective is shaped by flashbacks from my own career, which has moved across law firms, corporations, and consulting firms in India. While each company may have been at a different stage in its journey at a given time, the broader story reveals how the relationship between Business and Legal has shifted in fundamental ways.

For a long time, the two were seen as opposing forces.

Business progressed while Legal protected. Business was the proposer while Legal was the foil.

But that framing no longer holds.

We now live in a time when Legal not only protects but also enables sustainable growth. By managing risk in ways that open up possibilities, it helps unlock the opportunities hidden within uncertainty.

In other words, Business and Legal must now be spoken of in the same breath. Towards the end of this article, I share two real-world examples that show how a 'Business Legal' approach can turn risk from a constraint into a driver of opportunity.

Phase I: Risk Identification

When I began my career in the mid-1990s, the role of in-house counsel was narrowly defined. We were called "Law Officers"—government nomenclature that had carried over into the private sector—and our primary job was to coordinate with external law firms. We'd present litigation updates to management, often using transparencies on overhead projectors because PowerPoint hadn't arrived yet.

Even advisory work was outsourced. The focus was simple: identify legal risk and ensure contracts were "legally tight." Limitation of liability, indemnities, and boilerplate clauses dominated discussions. Lawyers were concerned simply with legal risk, which was viewed as something that could be enumerated, documented, and boxed in.

Phase 2: Risk Analysis

By the early 2000s, globalisation spread business opportunities more widely. Legal teams began to look beyond litigation and paperwork. They started recognising business risks like forex volatility, pricing changes, or supply chain vulnerabilities. However, the lens remained legal: every scenario was enumerated in contracts that became longer. The underlying assumption was that all risk is equal.

The boundary between Business and Legal remained set in stone. In contract mark- ups, Legal would add margin comments like "Business to decide" or "Business to take call". The imagination and articulation of business risk remained outside Legal's remit. Silos were firmly in place.

Phase 3: Risk Mitigation

The 2008 financial crisis shifted the conversation. Resilience became a priority for businesses, and they started acknowledging that not all risks were created equal. Legal departments were encouraged to focus on areas where risk could be managed or mitigated.

Even then, much of Legal's work remained defensive. Compliance checklists, issue resolution, and damage control took precedence. It would take further disruptions for Legal to genuinely internalise business risk and broaden thinking beyond the four corners of the contract.

Phase 4: Risk Leveraging

Today's environment is defined by complexity. Acronyms like VUCA (Volatile, Uncertain, Complex, Ambiguous) and BANI (Brittle, Anxious, Non-Linear, Incomprehensible) describe the landscape. More laws, more data, more minefields. Yet organisations that embrace this reality are thriving. Risk lurking around every corner is old news; what matters now is whether it can be turned into opportunity.

That's where the relationship between Business and Legal has transformed. Communication channels are more open than ever. Legal is being invited to advise beyond laws and clauses, while Business increasingly values Legal's input on strategy and risk. In-house counsel are expected to be commercially aware, analytically sharp, and willing to collaborate across departments. Growth and risk are no longer opposing forces. They are intertwined and inseparable.

The 'Business Legal' approach: Two examples

At Counselect, we call this evolution the Business Legal approach—a multifunctional mindset that aligns legal expertise with business objectives. Here are a couple of practical examples that show how this plays out.

Charting the path

Few topics today stir as much excitement—and unease—as Artificial Intelligence. On the one hand, AI can help enterprises manage, predict, and even absorb risk in ways that were unimaginable a decade ago. On the other hand, it brings its own existential risks.

The companies that win will be those that deploy AI quickly but with the right guardrails in place. Think of it like Formula 1 racing: the car can go full-throttle only because an entire crew is dedicated to safety mechanisms and continuous fine- tuning. This is where Legal can play a starring role. Far from being the "Department of No," it can nurture a culture of watchful adoption.

Often, Business may approach Legal with a narrow request, such as drafting an AI Use Policy to mitigate misuse by employees. A Business Legal approach, however, goes further. Instead of reacting to a single risk, the legal department reframes the mandate to how the company can actively benefit from AI. This means designing a suite of policies and guidelines shaped by deeper questions such as: Which AI tools best align with operations? Which partnerships, data protocols, or workflows can become sources of competitive advantage?

Tracing the source

In the mid-2000s, an IT firm I worked for was negotiating the acquisition of technology-related intellectual property from a Swiss company. The contract covered the specs of what was to be transferred but a Technical Due Diligence, handled by an internal team, revealed something more. A critical piece of proprietary source code on which the transferred code was dependent wasn't part of the deal.

The legal team spotted the issue while going through the Technical DD. The counterparty explained they needed to retain ownership of the code to protect other products. Instead of accepting this at face value, we renegotiated. The vendor licensed the code to us and agreed to place it in escrow, safeguarding our operations in case of disruption. And here's the kicker—our spot helped bring down the price of the deal.

All this to say that it took a few lawyers to go beyond the contract and take a big picture view. We thought of it as a Business Continuity or Operations professional would. And we could do this only because of open communication between the Business, Technical and Legal departments.

Now, more than ever, Business and Legal must recognise that risk is not a bad word. Think of it like an adventure sport. A skydive or scuba-dive is made possible by safeguards—parachutes, oxygen tanks, training. It's often daunting to make that leap but the reward is in the adrenaline rush and the memories made.

In the same way, business gains its edge when it takes risks with protections in place. That is where Legal creates immense value: by building the guardrails that give Business the confidence to act boldly. We're at a moment where a seat at the strategy table—where risk is discussed not as an enemy but an ally—is there for the taking. It is up to Legal to claim that seat and own it.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.