Noreen Weiss features in the IR Global & ACC collaboration Publication “A Jurisdictional Guide of how to Manage Risk in Multinationals”

QUESTION ONE – When representing a client with significant business activities in foreign jurisdictions, what are some key risk-related concerns that arise in a cross-border context and how can a parent company minimise such risk?

The use of well-placed entities in a corporate structure, sometimes coupled with licensing, can be used effectively to protect assets. The parent is completely exposed to US risk when it operates as a “branch office” — that means the business has not formed a special entity for US operations, rather it is doing business with or through the US directly, which means the foreign entity is directly exposed to claims from US plaintiffs. Forming a US entity that has limited liability (a corporation, or a limited liability company, the choice often being determined by tax considerations), or even a special-purpose limited-liability foreign entity which then does business into the US, can shield the parent from some risk.

If your company plans to make an acquisition in a high-risk jurisdiction, one without a well-established statutory net or jurisprudence regarding contract enforcement for instance, or one that has a history of government nationalisation of industries or appropriation of assets, then it may be important to structure the acquisition through a jurisdiction that has a bilateral investment treaty with the jurisdiction of the target, if the acquirer’s home jurisdiction does not.

QUESTION TWO – What degree of control should a parent company have over its overseas subsidiaries? How does the degree of control impact the risk exposure level, and how can control issues be managed to minimise liability?

When a business expands abroad, it is only natural for the parent to want to keep a very tight rein on the activities. However, the US is a litigious society and we often find ourselves coaching non-US clients on how to use corporate governance procedures, and entities within the corporate structure, to manage risks.

Corporate governance is another simple but effective risk management tool. Forming an entity as noted above is only one shield, but intermediate entity structure only works if the foreign parent also respects corporate governance formalities. If the US entity operates as the alter ego of the parent, in essence with day-to-day matters decided by the parent, or if it makes other more obvious mistakes such as co-mingling funds, then the “veil can be pierced”, and a court can determine that the parent is liable for the subsidiary’s actions. It is not easy to pierce the veil, there needs to be a strong showing of parental control and intervention, so if the parent follows basic governance procedures – board meetings or written consents (board members need not be US citizens or residents) for major actions, designation of officers with actual decision-making authority – then courts are disinclined to pierce the veil.

QUESTION THREE – What constitutes the right balance between risk and liability for a company and its overseas subsidiary? What examples can you give?

Determining “the right balance” is not just about balancing legal risk between parent and subsidiary, it also includes commercial considerations. Clients often request a risk evaluation in terms of percentages, or low/medium/high-risk levels. The evaluation of risk is a nuanced exercise that takes into account legal, commercial, and human variables, as well as risk appetite.

There is often a moment when the evaluation of legal risk, and the ultimate decision that needs to be taken, becomes a commercial decision which is also impacted by the client’s assessment of whether it believes, based on past experience with the counterparty, or market forces, or regulatory practice, that the counterparty or regulator may or may not act a certain way. The “right balance” also takes into account a practical assessment of the burden of compliance versus the risk gravity of the consequences for not doing so. For example, neglecting to police a social media influencer who fails to disclose that he/she is being compensated by the company may lead to a warning letter from the regulator. That letter may be a matter of public record, a theoretical tarnish on the company’s reputation, but the company may or may not view that as a risk that warrants tight control over social media disclaimers.

I would caution against trying to rely on a percentage valuation of risk, as it could lead to a false sense of security.

Key considerations for multinationals operating in highrisk industries and jurisdictions:

  • Two recurring areas where we see clients become inadvertently tripped-up is assuming that the method of doing business legally in one jurisdiction means that its activities re “legal” in another jurisdiction, and inadequate shifting of risk to third party providers.
  • Know the regulations in each jurisdiction where your company will operate – not just where you have an office, but where you sell your product, license your technology etc. This is particularly important for activities that are cutting edge, such as block-chain products that may function in a manner that triggers local regulations governing the transmission of money or the issuance of securities.
  • Also, give a serious review to the agreements entered into with third-party service providers, and adequately police their work to ensure that it complies with local regulations. For instance, we frequently see clients get tripped up with data privacy regulations, or the rules governing contests, giveaways and sweepstakes in the US, when they hire a marketing, PR or branding company to run campaigns, and have not adequately shifted the risk of certain activities to the service providers, or ensured that the terms governing the promotion are drafted to protect the company from potential risks, such as a coupon going viral resulting in tens of thousands of consumers claiming a free product.

To read the full publication, please click here