The information we hold on our clients, their businesses, transactions, trials, and strategies can no longer be held on unprotected hard drives or sent willy-nilly through the exposed airwaves. “Regulators are pushing firms to get better at knowing their customers, and managing their data more comprehensively than they have in the past,” says Deloitte in November 2015’s CIO Journal. This push began some years ago with the know-your-client professional obligations placed on banks, law firms, and others to collect identification information and understand client’s activities and risk profiles for their investment decisions.
Today, there are even more pressures on our electronically stored information with ever-increasing anti-money laundering, anti-corruption, cybersecurity, and privacy obligations. How and where we store, process, manage, and use/re-use client data is becoming more strictly regulated.
“How much data?” and “For how long?” are now core to the checklist of questions regulators ask companies following a data breach. Regulators want you to be ready with knowing who your clients are, the data held about them, and how to notify them in the event of a breach. Firms should adopt more of these proactive best practices being developed, not only to help create better data security and management internally, but also to lessen the impact felt by clients following any such failure.
A Capgemini Report from 2014 summed it up by saying: “Regulatory compliance is becoming a data management game.” Firms as well as financial institutions need to start developing capabilities in data integration, data quality, and data governance to ensure regulatory compliance. Good data management (however unsexy such projects ultimately are) may turn out to be very good for the future of our businesses.
If we don’t mend our ways, and as the flood of information deepens and becomes more complex, we will struggle to meet even basic data needs of our lawyers — some of which didn’t seem to be so hard in our paper past.
Managing paper: It was messy at times, but at least one knew where everything on a matter might be. Need an address? Pull the matter file, there’ll be a tatty label on the front with contact details. Need the notes you made from the last client contact? Pull the same matter file, your scribbles will be there on the familiar yellow paper in its pleasing chronological file order. Updated that final agreement? Pull the matter file and replace the previously filed version. Oh, how much simpler it all seemed back then.
Computers have certainly helped clear up some of the visible mess of paper files (though perhaps not at my desk), but they have created another kind of mayhem in the organization of a firm’s information. “Infobesity” and “drowning in the information flood” are familiar, almost-funny metaphors we live with today. It might be that we have found our “good-enough” info-management coping mechanisms to get us through each day, and we have made our peace with this new world order.
But it strikes me that none of this is particularly sustainable. Think of those three (relatively simple) information retrieval requests: a client address, your meeting notes, and the most up-to-date version of the main agreement being negotiated for that client. How many of us have this connected information in one place and can say that it would take seconds to retrieve these resources?
The issue is that our retrieval requests are getting more complex as firms develop more deeply client-centric worlds. By viewing our client’s businesses, their industries, previous deals, and their strategic goals through a big (or big-ish) data prism, correlations and actionable patterns can emerge. From predictions as to how cases may fare in any given jurisdiction to determining the right price for a mandate, the opportunities for big data and business intelligence are just getting started (see DataFloq.com, TyMetrix LegalView Analytics, and Sky Analytics for companies driving such exploration).
The ability to store client and matter data in meaningful and governable ways will be key to extracting future knowledge for higher-value purposes.
Our personal and haphazard information organization skills will be completely unscalable in such a client-centric world, with diverse teams needing to know where the latest information is or who might have it. In a physical, paper world, it was tracking the single document down one office and one desk at a time. Shared organizational values within the team increased your chances of finding that resource quickly and painlessly (such as making it someone’s responsibility to keep the matter file up to date and all in one place).
Today, most of us know the inordinate amount of time we spend chasing down virtual versions of the information we need. Multiply these lost hours by the number of people on the project team and suddenly the need to find a solution to all this findability pain becomes paramount.
For a time, that solution was to centralize everything: a centralized contacts database, a document management system (organized e-mails and documents by client and matter folders), and a time management and billing system. But other information bits do not obey such centralization edicts. So uniquely personal are they that any attempt to centralize comes unstuck when applied to our unique productivity tools, our note-taking apps, and our e-mail inboxes.
Then enterprise search came along and told us it had the solution — no need to know where all those bits of information are stored, the golden search box was all you needed . . . unless, of course, the information bits you need aren’t indexed by the search engine or get obliterated by the other rubbish that is being indexed.
Even now, some of the best practices coming from regulators and technology consultants are pointing to more centralization — a “single, accurate, and aggregated view of the customer” that can be tracked throughout the lifetime of that customer as details, investment goals, and needs change — a way to link a client address to the deals and cases they have on the go, to the communications, and often sensitive data, that is shared during those interactions.
Developing our capabilities in sharing this core information with our teams in ways that perhaps mimic the old paper client and matter files could reduce the hours of fruitless searching we experience each week.
Perhaps we need to look at the increasing regulatory and security burdens as an opportunity to improve our data capabilities. Perhaps as we work to meet our obligations on that front, we can also look to solve the different retrieval needs for client and matter information, and at each of the different levels: personal, team, and firm.
It seems to me that all this is connected — bringing together client and matter data to respond to know-your-client and cybersecurity requests and the lawyer’s need for fewer places to look for essential client/matter information. What’s needed though is a robust data and information architecture that can operate as a unified platform to deal with the growing data management regulations — but one that can also deliver solutions to both the personal and firm-wide information chaos we continue to find ourselves in.
Kate Simpson is national director of knowledge management at Bennett Jones LLP, and is responsible for developing the firm’s KM strategy and initiatives. The opinions expressed in this article are her own.