Bressler Risk Blog

I just spotted the story below, which was published in January. That makes three firms known to be affected by the Accellion breach. That got me looking into more details, which I thought I’d share. First: “Australian Law Firm Allens Falls Prey to Cyberattack” —

• “The top-tier Australian law firm Allens was struck in a cyberattack after an IT company it used to share sensitive information and client data was compromised, according to a media report.”
• “The Australian Financial Review reported that a file-sharing system provided by Californian cloud company Accellion and used by Allens was accessed illegally earlier this month.”
• “The sensitive information shared via Accellion included commercial-in-confidence documents related to Westpac, an Australian bank and financial services provider, in its defense of a case in which it was charged with breaching anti-money laundering laws, the newspaper reported.”
• “In a statement, Palo Alto-based Accellion said it was made aware of the vulnerability in mid-December and released a patch within 72 hours. Fewer than 50 customers were affected, it said.”

“Hack of Software Provider Accellion Sets Off Global Ripple Effects” —

• “The hack of software provider Accellion USA LLC has renewed security experts’ fears of attacks on suppliers and highlighted the difficulty of defending against them in real time.”
• “A growing list of affected customers have shared timelines of the attack and claims of inadequate software patches that at times contradict the vendor’s account of events. The disclosure this week that victims include Jones Day—a law firm that handles sensitive information for clients—underscores how individuals who don’t interact with Accellion directly nonetheless might be exposed, security experts say.”
• “Palo Alto, Calif.-based Accellion said in a Jan. 12 blog post that it learned in mid-December of a vulnerability in its File Transfer Appliance software, a 20-year-old tool to share large documents. ‘Accellion resolved the vulnerability and released a patch within 72 hours to the less than 50 customers affected,’ the company said. In an update posted Feb. 1, Accellion said it notified “all FTA customers” of the vulnerability on Dec. 23.”
• “Some customers affected by the hack have offered a different sequence of events. The Washington State Auditor’s Office, which reported that personal data of more than 1 million applicants for unemployment benefits might have been accessed through the FTA tool, said in a Feb. 1 news release that it ‘first learned of the incident on Jan. 12.'”
• “Accellion shared information ‘over the next few weeks’ that helped the office conclude it was affected, Kathleen Cooper, a spokeswoman for the Washington State Auditor’s Office, said in a statement.”
• “New Zealand’s central bank reported some of its files stolen in the attack… ‘Accellion failed to notify the bank for five days that an attack was occurring against its customers around the world, and that a patch was available that would have prevented this breach,’ bank Governor Adrian Orr said in a Feb. 9 statement.”
• “The conglomerate Singapore Telecommunications Ltd. , known as Singtel, reported that the incident lasted weeks and led to hackers taking data, including information from 129,000 individual customers and 23 enterprises such as suppliers and corporate clients.”

“Accellion Hack Prompts Class Action From Washington Residents” —

• “Accellion Inc. is to blame for a recent hack of the Washington State Auditor’s Office because it negligently marketed the outdated file transfer system targeted in the cyberattack, according to a new proposed class action filed in California federal court.”

“Accellion Security Incident Impacts Kroger Family of Companies Associates and Limited Number of Customers” —

• “The Kroger Co. (NYSE: KR) Family of Companies today confirmed that it was impacted by the data security incident affecting Accellion, Inc. Accellion’s services were used by Kroger, as well as many other companies, for third-party secure file transfers.”
• “At this time, based on the information provided by Accellion and its own investigation, Kroger believes that less than 1% of its customers, specifically customers of Kroger Health and Money Services, have been impacted. In addition, current and certain former associates will be notified that certain HR records have been impacted.”

“Akerman Faces DQ Bid In USAA Medicare Repayment Row” —

• “MSP Recovery Claims asked a Florida federal judge Tuesday to disqualify Akerman LLP from representing the United Services Automobile Association in their dispute over Medicare secondary payer claim reimbursements, alleging that Akerman has violated the Florida Bar’s conflict of interest rules by representing other insurers with connections to the same claims.”
• “‘Any time that Akerman advances an argument on behalf of defendants, it takes a position contrary to the other Akerman clients’ interests,’ MSP Recovery told the court.”
• “MSP Recovery argues that disqualification is required because Akerman’s conduct violates several of the Florida Bar’s Rules of Professional Conduct, and it asserts that the rules provide that opposing counsel may request such a disqualification. ‘The standard is not whether the movant ‘stands in the shoes’ of a current or former client, but rather whether the conflict of interest involves representation of someone other than the movant and where it is such ‘as clearly to call in question the fair or efficient administration of justice,” MSP Recovery said.”
• “MSP Recovery contends that it is in line to be harmed by the current situation because Akerman’s alleged conflicts would stand in the way of negotiating a potential settlement. ‘Plaintiffs do not suggest disqualification lightly. Plaintiffs are the real victims here,’ MSP Recovery said. ‘Counsel’s continuous representation of the defendants and the other Akerman clients will wreak havoc with the settlement and mediation process.'”
• “The motion also alleges that a Florida Bar rule prohibits a lawyer from participating in making a global settlement while representing two clients who are jointly and severally liable. Additionally, the motion said it is likely that Akerman has had access to confidential information belonging to its various clients that would provide an unfair informational advantage to USAA.”
• “MSP Recovery said an analysis of its claims data found that in 381 of 970 instances where the USAA and its related entities reported to the federal Centers for Medicare & Medicaid Services that they had a contractual obligation to make primary payments for enrollees’ injuries, and Akerman attorneys represented both the defendants and another client whose policies were implicated in the same incident involving the same enrollee. Included in the 381 were 356 instances where Akerman was still currently representing the other implicated client, MSP Recovery says.”

Bill Freivogel always rewards careful readers with bits of color commentary. From his latest:

• Current Client/Former Client. In re Bowen, No. 20-13 (Vt. Feb. 12, 2021)
• “Disciplinary case opinion upholding a three-month suspension. Pure conflict-of-interest disciplinary cases are rare. This is one worth mentioning. It involves two married couples, H1 & W1, and H2 & W2. H1 and W1 divorced. In a post-decree dispute, Lawyer represented H1 against W1. The result favored W1.”
• “H1, unhappy with the result, refused to pay Lawyer’s final invoice of $11,000. At the end of the day, H1 did wind up owning an undeveloped residential lot (“the Lot”). H2 & W2, owning a house next to the Lot, wished to buy it to enhance the value of their house. H2 & W2 hired Lawyer to represent them in purchasing the Lot from H1 (Recall, H1 is Lawyer’s former client who owes Lawyer $11,000.). H1 had another lawyer (“New Lawyer”) for the sale of the Lot. Lawyer told New Lawyer that Lawyer planned to withhold purchase funds to satisfy H1’s $11,000 debt to Lawyer. New lawyer said Lawyer should not do that because there were no liens on the Lot.”
• “Lawyer immediately, without telling H2 & W2, or New Lawyer, obtained an ex parte writ of attachment on the future sale proceeds and recorded a lien on the Lot. Once everyone became aware of what Lawyer had done, all hell broke loose.”
• “H1 was furious that his former lawyer was ‘working him over’ (our words) in the Lot sale transaction to secure the $11,000 fee. Lawyer’s new clients, H2 & W2, were upset that the Lot purchase deal was jeopardized over Lawyer’s ex parte proceeding, etc. At ‘the eleventh hour,’ just before closing, Lawyer agreed to accept one-half of the $11,000. As a result the deal closed and H2 & W2 got the Lot.”
• “During this disciplinary proceeding against Lawyer the hearing panel found that Lawyer had violated Rules 1.9(c)(2) and 1.8(b). Lawyer conceded that he violated Rule 1.9(c)(2) (revealing information about his issues with his former client, H1). In this appeal Lawyer contests the finding as to Rule 1.8(b) and the three-month suspension. In this opinion the court affirmed both.”
• “We are not sure about the court’s analysis of the applicability of Rule 1.8(b). You should read the opinion if you are curious about that. We believe that Lawyer violated two rules not raised: Rule 1.7(a)(2) (protecting his own interests, jeopardizing sale of the Lot); and Rule 1.4 (failing to tell H2 & W2 about his dispute with H1, and his ex parte proceeding, which would inevitably complicate their ability to close on the Lot).”

“U.S. Bankruptcy Watchdog Says NRA Law Firm Has ‘Disqualifying Conflicts’” —

• “The Justice Department’s bankruptcy monitor wants the National Rifle Association’s go-to lawyers barred from representing the gun-rights group in its chapter 11 case, citing ‘disqualifying conflicts’ and previous allegations of billing improprieties.”
• “Brewer Attorneys & Counselors, a law firm that has represented the NRA in court and administrative proceedings across the country, isn’t suitable to be part of the crew of court-supervised lawyers handling the gun group’s bankruptcy, according to a Tuesday court filing by the U.S. Trustee, which oversees bankruptcy courts for the U.S. government.”
• “In addition to the NRA itself, the Brewer firm has also represented Wayne LaPierre, the group’s chief executive officer and a prime target of litigation brought by New York’s attorney general alleging rampant financial misdeeds.”
• “Mr. LaPierre is now separately represented, according to an NRA spokesman. But the prior relationship between Mr. LaPierre and the Brewer firm makes it ‘highly unlikely’ that as the NRA’s counsel the Brewer firm would look into or advocate for any claims the group may have against him, the U.S. Trustee said.”
• “To continue working for the NRA, the Brewer firm would need approval from the judge overseeing the NRA in the U.S. Bankruptcy Court in Dallas, where the group sought protection last month as part of a planned move to Texas. Since last year, New York authorities have been seeking the NRA’s dissolution in a separate, continuing legal proceeding in New York.”
• “The U.S. Trustee said the Brewer firm should have disclosed everything it made from the NRA, not just its fees for restructuring advice. The law firm’s application to be hired as the NRA’s special counsel doesn’t lay out how much it cost to defend Mr. LaPierre against the state litigation before he got his own lawyer.”
• “The Brewer firm also failed to disclose that it faces allegations of wrongdoing including billing improprieties in the New York litigation and a separate case involving former NRA President Oliver North, according to the U.S. Trustee. The NRA is seeking permission to hire the Brewer firm for both those cases and other litigation while other firms serve as general bankruptcy counsel.”

Thought I’d share various pieces that have caught my eye recently. Making me smile, this piece recommending law departments review and revise Outside Counsel Guidelines: “Maximize the Impact of Your Legal Invoice Review Process” —

• “#1: Ensure your outside counsel billing policies and guidelines are current, concise, and acknowledged by your law firms… How long has it been since you updated your outside counsel billing guidelines? … Is your billing policy a 50+ page screed that is sure to be electronically archived into Outlook oblivion?”
• “#2: Implement a quantifiable and enforceable diversity and inclusion policy… Understanding the ways your providers procure, retain, and promote talent is critical to the impact on the integrity of your own organization’s D&I policy.”
• “#3: Limit outside counsel’s ability to perform firm-based eDiscovery work… Nothing racks up those expenses faster than law firms performing these quasi-legal tasks themselves.”

I dug in, as it’s always interesting to read what your law department clients are reading and being advised to do… and since this particular article was written by a company in the business of providing outsourced eDiscovery work, the picture around #3 suddenly came into focus…

An interesting example of lawyer collaboration risk: “A lawyer who filed Sidney Powell’s Michigan election lawsuit says he shouldn’t be disbarred and was just ‘holding the fort’ for her” —

• “A local attorney who was instrumental in filing Sidney Powell’s Michigan lawsuit to throw out the state’s votes in the 2020 presidential election, said in a court filing he was just ‘holding the fort’ for her and shouldn’t be sanctioned or disbarred.”
• “Gregory Rohl, a trial attorney based in Novi, Michigan, wrote in a federal court affidavit that he was quarantined at home after having contracted COVID-19 when he was asked to assist Powell and the attorney Lin Wood in filing the case. Rohl said in his affidavit he was approached at 6:30 p.m. and told the filing deadline was at midnight.”
• “Rohl’s filing comes just days after Michigan Gov. Gretchen Whitmer, state Attorney General Dana Nessel, and Michigan Secretary of State Jocelyn Benson filed complaints seeking to disbar Powell, Rohl, and several attorneys who were involved in the lawsuit.”
• “Powell, a Texas attorney, was unable to file the suit herself at the time, as she did not have a license to practice law in Michigan. Rohl was told Powell was waiting to hear back about her pro hac vice application, a request for permission to work on the case when a lawyer does not have the legal authority to practice law in the area.”

With recent news highlighting matters of privilege when it comes to external security analysts, this piece by Alston & Bird Partner Daniella P. Main and Associate Mia L. Falzarano, caught my eye. It explores matters of PR consultation and privilege: “Tips for Protecting Privilege When Working with Outside PR” —

• “To be entitled to privilege protection, an attorney’s communications with a PR firm must fall within one of two recognized exceptions to the general rule that disclosing privileged information to a third party waives the privilege: (1) the necessity test, i.e., the PR firm is necessary to facilitating legal services; or (2) the functional equivalent test, i.e., the PR firm is so integrated into the company’s business that they are the functional equivalent of an employee in communicating with counsel.”
• “However, whether and to what extent communications with a PR firm will satisfy these tests is notoriously unpredictable, depending not just on the nature of the specific communication but also on the nature of the PR firm’s role and its relationship with both the company and counsel, whether there is an actual or real threat of litigation, and the jurisdiction evaluating the communications, to name just a handful of considerations.”
• “As a result, there are few areas of privilege law as unsettled and marked with as much outcome disparity as the question of whether attorney-client privilege applies to communications with PR firms and what communications will then enjoy the protection.”
• “In the context of pending or threatened litigation, companies will be best positioned to assert protection over their communications when the PR firm is hired by outside counsel to engage in functions necessary to achieving a specific litigation goal and when they are communicating with counsel for the express purpose of seeking and rendering legal advice related to that goal.”
• “If the same PR firm is being utilized for legal-related PR work, counsel should enter into separate engagements with the firm for legal work and for nonlegal work.”
• “Under all circumstances, detailed record-keeping is king. Ensure that the engagement letter clearly describes the PR firm’s role in improving the company’s ability to receive or implement legal advice. Have bills go through counsel and ensure that the billing descriptions include how the PR firm’s work helped counsel provide legal advice. Likewise, ensure that any communications involving the PR firm clearly relay the legal advice being sought of counsel and that counsel is providing substantive legal advice in response.”

“Texas Lawyers Need to Prove They are True Professionals” —

• “Texas lawyers have the opportunity to prove they are true professionals and deserve the right to practice law and engage in “self-regulation” by voting responsibly in the “Rules Vote” (from Feb. 2 to March 4), says Vincent R. Johnson, the South Texas Distinguished Professor of Law at St. Mary’s University in San Antonio.”
• “The amendments were crafted during the past three years, in a highly transparent process, by the Committee on Disciplinary Rules and Referenda (CDRR). Hundreds of public comments that were made at hearings or received in writing were carefully reviewed by the Committee, and many resulted in improvements to the draft amendments.”
• “Many of the proposed changes are long overdue. Texas lawyers last voted to approve changes to the Texas Disciplinary Rules of Professional Conduct in 2004. For the related Rules of Disciplinary Procedure, Texas lawyers last voted to approve changes in 1994.”
• “Today, lawyers are often called upon to render short-term pro bono services in response to weather-related and other disasters. Ballot Item D will exempt such a pro bono lawyer from compliance with the conflict of interest rules, unless the lawyer actually knows that the representation presents a conflict for the lawyer or another member of the lawyer’s firm. In addition, a pro bono lawyer’s personal conflict will not be imputed to other firm members if certain simple steps are taken to protect the pro bono client’s confidential information.”

“Use Of ‘Hackable’ Devices By NY Courts Raises Alarms” —

• “Too many New York state judges and other court personnel are using ‘hackable’ personal electronic devices to conduct court business, raising the risk of cyberattacks, a judiciary-appointed commission said in a new report.”
• “The Commission to Reimagine the Future of New York’s Courts’ technology working group on Tuesday released results from a survey on remote judging in light of the challenges and shutdowns due to the COVID-19 pandemic, which found that 42% of respondents — which include judges, court attorneys and other court staff — used their own devices to conduct court business remotely.”
• “The use of personal devices should be ‘curtailed to the greatest degree possible,’ the working group warned, since their security cannot be assured by the court system.”
• “‘[New York State Unified Court System] personnel should not be relying upon their personal devices to conduct court business as they are not sufficiently secure, are ‘hackable,’ and could compromise UCS information and other personnel’s devices,’ the report says.”
• “The working group also noted that survey respondents don’t appear to be properly protecting their personal devices through security features like multifactor authentication, putting court-related work “at considerable risk.” Additionally, the installation of apps on devices used for remote work, both personal and court-issued, could compromise both court-related communications and work stored on the equipment.”

Excellent analysis by Clifford Chance Partner Marie Berard and Senior Associate Sam Brown: “Court of Appeal addresses expert’s duties and conflicts of interest” (for those not immersed in all things international: “The Court of Appeal is the highest court within the Senior Courts of England and Wales, and deals only with appeals from other courts or tribunals”) —

• “In Secretariat Consulting PTE Ltd v A Company, the Court of Appeal considered for the first time the question of an expert’s duty to avoid a conflict of interest.(1) The Court of Appeal’s decision, while not deciding the point finally, means that it is unlikely that a court will now recognise such a duty as a matter of law.”
• “The issue is a matter of contract. On the terms of the expert firm’s engagement in this case, the Court of Appeal upheld the High Court’s decision to grant an injunction restraining the firm from acting for a third party in a connected arbitration. The judgment contains a useful analysis of when conflicts can arise in related cases and the circumstances in which a large organisation offering expert or litigation support services may find itself conflicted.”
• “At first instance, Mrs Justice O’Farrell (the judge) granted the injunction on the basis that the whole Secretariat group (including SCL and SIUL) owed Company A a fiduciary duty of loyalty.(3) This was the first time that an English court had recognised that an expert witness was subject to such a duty.”
• “The judge noted the unhelpful dearth of authorities on the matter, and that those which were referred to in submissions did not deal with duties during the course of a retainer but the distinct obligation to protect confidential information after the engagement had ended.”
• “The leading case in that area remains Prince Jefri Bolkiah v KPMG,(4) which concerned accountants providing litigation support services. That case clearly informed the position which Secretariat took in its communications with Company A, as it insisted that it had established appropriate information barriers to prevent Company A’s confidential information from being disclosed to the PM.”
• “The judge saw no impediment to identifying a fiduciary duty of loyalty so long as there was a relationship of trust and confidence. The judge identified a fiduciary duty of loyalty on the basis that SCL had been engaged not only to provide a delay expert report, but also to ‘provide extensive advice and support for the claimant throughout the arbitration proceedings.'”
• “The Court of Appeal agreed with the judge at first instance when it unanimously rejected the suggestion that there was no fiduciary duty because the expert owed an overriding duty towards the court or, as in this case, an arbitral tribunal.”
• “Coulson LJ and Males LJ concluded that the clause dealing with conflicts in SCL’s engagement letter created an ongoing obligation for SCL to avoid conflicts of interest. The clause confirmed not only that SCL had no conflicts at the time of signing but also that it would ‘maintain this position for the duration of [SCL’s] engagement’.”
• “Coulson LJ and Males LJ also agreed that SCL’s undertaking to avoid conflicts extended to all other entities within the Secretariat group (including SIUL). Coulson LJ held that this was a matter of contractual construction (dismissing arguments that it improperly pierced any corporate veils) and that it was the proper construction for a number of reasons.”
• “The Court of Appeal’s decision is pragmatic and consciously seeks to avert further litigation on the question of whether a particular expert-client relationship gives rise to fiduciary duties. It leaves parties to protect themselves with suitable contractual terms but also empowers parties and experts to define the relationship most suited to their circumstances.”

“Hacker Claims to Have Stolen Files Belonging to Prominent Law Firm Jones Day” —

• “A hacker claims to have stolen files belonging to the global law firm Jones Day and posted many of them on the dark web. Jones Day has many prominent clients, including former President Donald Trump and major corporations.”
• “Jones Day, in a statement, disputed that its network has been breached. The statement said that a file-sharing company that it has used was recently compromised and had information taken. Jones Day said it continues to investigate the breach and will continue to be in discussion with affected clients and appropriate authorities.”
• “The posting by a person who self-identified as the hacker, which goes by the name Clop, includes a few individual documents that are easily reviewed by the public, including by The Wall Street Journal. One memo is to a judge and is marked ‘confidential mediation brief,’ another is a cover letter for enclosed ‘confidential documents.’ The Journal couldn’t immediately confirm their authenticity.”
• “‘We have over 100 gigabytes of data,’ the hacker wrote in response to an email from the Journal.”
• “Jones Day, in its statement, said it hasn’t been the subject of a ransomware attack. Rather, Jones Day said, it has been informed that a company the law firm used to transfer large files electronically, Accellion, ‘was recently compromised and information taken.’ Jones Day said that Accellion is used by many law firms, companies and organizations.”
• “Law firms’ computer files often contain confidential information, including the size and nature of settlements, negotiations about pending deals, and legal strategy that would normally be shielded from the public by attorney-client privilege.”
• “Law firms have long been considered an attractive target for hackers because firm files contain information on sensitive deals and legal matters that firms have a strong incentive to keep confidential. Information on yet-to-be-announced deals can also be used for insider trading. In 2016, federal investigators explored whether a hack of large law firms including Cravath, Swaine & Moore LLP had been used by insider traders.”

“Jones Day 2nd Big Law Victim of Accellion Breach” —

• “Two weeks after Goodwin Procter came forward with news that a vendor it used had been compromised, information surfaced that Jones Day was also affected.”
• “After confirming earlier this month that Accellion was the vendor linked to Goodwin’s breach, Law.com reached out to all the law firm clients listed on Accellion’s website. None that responded said it has been affected.”

“How can lawyers balance materially adverse interests? New ABA ethics opinion explores” —

• “Suing or negotiating against a former client: A lawyer suing a former client or defending a new client against a claim by a former client on the same or substantially related matter is a classic example of creating an impermissible conflict with “materially adverse” interests.”
• “This applies not just to lawsuits but also to negotiations. The opinion explains that ‘being across the table, so to speak, from a former client and negotiating against that former client in transactional matters typically constitutes ‘material adverseness.’”
• “A lawyer attacking their own work: A lawyer attacking their own prior work also constitutes material adverseness. The opinion cited as an example a federal circuit opinion in which a lawyer attempted to challenge a patent that the lawyer had previously obtained for a former client. ‘When a lawyer represents a current client challenging the lawyer’s own prior work done for a former client on the same or a substantially related matter, the situation creates a materially adverse conflict,’ the opinion explains.”
• “The opinion also notes that material adverseness may exist when a lawyer seeks to undermine work or a result achieved for a former client.”
• “Examining a former client: A lawyer cannot use information from a former client to the disadvantage of the former client under Rule 1.9(c)(1). Thus, if a lawyer has to use such information in examining a former client, the lawyer has a conflict of interest unless the negative information is ‘generally known.’ For example, the opinion cites an ethics opinion from Ohio holding that a lawyer can only impeach a former client with a criminal conviction if that conviction is ‘generally known’ under Rule 1.9(c).”
• “The opinion adds that a lawyer could avoid this conflict by having the current client retain another attorney to examine the former client and screen the lawyer with the conflict from participating in such an examination of the former client.”

“ABA issues new guidance on definition of ‘material adverseness’ in client representation” —

• “The American Bar Association Standing Committee on Ethics and Professional Responsibility released today a formal opinion explaining when ABA model rules prohibit a lawyer from representing a new client against the interests of a former one.”
• “Formal Opinion 497 interprets both Rule 1.9(a) and Rule 1.18(c) of ABA Model Rules of Professional Conduct to find “material adverseness” exists when a lawyer is negotiating or litigating against a former or prospective client or attacking the work done for the former client on behalf of a current client in the same or a substantially related matter.”
• “The formal opinion also lists other specific instances when the model rules related to ‘material adverseness’ would apply, such as if the former client can point to some specific material legal, financial or other identifiable concrete detriment that would be caused by the current representation. ‘However, neither generalized financial harm nor a claimed detriment that is not accompanied by demonstrable and material harm or risk of such harm to the former or prospective client’s interests suffices,’ the opinion said.”

“Coca-Cola demands action on law firm diversity” —

• “The Coca-Cola Company is updating its outside counsel guidelines to require that the US law firms it uses take concrete steps toward promoting diversity within their ranks.”
• “In an open letter released last week, Coca-Cola senior vice president and global general counsel Bradley Gayton complains that decades of discussions in the legal profession about the importance of diversity have led to score cards, summits, committees and plans – but that these are not working.”
• “He also outlines initiatives Coca-Cola’s legal department is engaging with and encourages peers at other companies to do the same. Those initiatives include joining an American Bar Association project intended to expand and create opportunities at all levels of responsibility for diverse attorneys and direct a greater percentage of the legal work the company buys to diverse attorneys.”
• “Coca-Cola is not alone in pushing for diversity at the outside law firms it works with. General counsel at 12 major financial institutions including JPMorgan Chase, Bank of America and Goldman Sachs last September published an open letter in which they committed to gaining a deeper understanding of the progress the law firms they hire are making in having racially and ethnically diverse employees – and including that data in the factors they consider when selecting external counsel.”

Some of the interesting details in the letter, which worth reviewing in full to understand how the client is prioritizing and addressing specific elements of compliance:

• “Quarterly Evaluation: The responsible KO attorney for each New Matter will review performance against your commitment for New Matters each quarter. For New Matters failing to meet the commitment, you will be required to provide a plan to meet your commitment. Failure to meet the commitment over two quarterly reviews will result in a non-refundable 30% reduction in the fees payable for such New Matter going forward until the commitment is met and, continued failure may result in your firm no longer being considered for KO work.”
• “Collaboration with Other Firms: If your firm cannot internally meet the above commitments, we encourage you to work collaboratively with other firms, including member firms of the National Association of Minority and Women Owned Law Firms, to assemble matter teams that meet the commitments. We can assist you in this regard and provide introductions and suggestions.”
• “Publish Diversity Plans: Your Managing Partner will publish a personal commitment to diversity, inclusion and belonging and related action plans setting forth measurable goals.”
• “Relationship / Matter Credit: You will provide transparency as to how origination, relationship, and matter credit is apportioned on KO matters, or if the firm does not use origination, relationship, and matter credit as a compensation or evaluation metric, how work on KO matters is factored into a firm attorney’s performance evaluation and compensation.”
• “Preferred Firm Panel: KO expects to select a panel of preferred firms within 18 months following implementation of the revised guidelines. Meeting the commitments above will be a significant factor in determining your firm’s inclusion and ongoing status on the panel.”