8 Key Takeaways from our Litigation Risk for Audit & Risk Committees Webinar

On 18 June 2025, Matthew Garbutt and Avary Patutama of our Litigation & Dispute Resolution team delivered a webinar designed to equip Audit & Risk Committee (“ARC”) members with practical insights to help identify, assess and respond to legal and litigation risk. Given the wide range of risk types that expose most businesses to substantial litigation risk, there was a lot to discuss. 

Risk is on the rise, with legislative changes increasing the prospect of both personal and corporate liability, as well as increasing risks relating to cyber security, data protection and the development and exploitation of AI by legitimate businesses and fraudsters alike. 

Some key takeaways from the session:

1. Litigation risk is a core governance issue for ARCs and the Board as a whole.
2. Whether you are a claimant or defendant, litigation costs and irrecoverable losses start well before a claim is lodged at Court.
3. Reputational risk goes hand in hand with financial risk in litigation - and has the potential to be more damaging.
4. The risk of personal exposure for directors and officers / trustees is growing - never has it been more important than to revisit risk assessments, policies and procedures.
5. ARCs must be acutely aware of the red flags that are appropriate to their particular business, and ensure that these are picked up, reviewed and acted upon - all whilst keeping a strong, contemporaneous record of actions taken.
6. Whilst certain insurance options exist to help alleviate some litigation risks, prevention is key. Ensure that you have comprehensive and fit for purpose policies (including an AI use policy, anti-fraud and corruption policy, cyber incident response plan, data retention and deletion policy and whistle-blower policy) to minimise the possibility of tough litigation.
7. Identify the top regulatory enforcement risks that your organisation is currently facing, and ensure that you have a robust response plan ready.
8. Develop and maintain strong working relationships with your regulators so they know and understand your business in the event and enforcement issues arises.

Look out for follow up sessions for ARCs focussing on discreet risk areas such as cyber-attacks and regulator investigations in the near future.

If you have any questions or would like to discuss, please contact Matthew Garbutt or Avary Patutama.