Legal strategies for organisational resilience

For today’s general counsel (GCs) and senior in-house legal leaders, legal strategy can’t sit alongside the business as a separate discipline. It must be shaped by the same commercial realities, strategic priorities and operational pressures driving the organisation forward.

For most GCs and senior in-house lawyers, the familiar tension hasn’t gone away; it’s just become more acute. You’re expected to advise on more risk, faster, with teams that haven’t grown proportionally, in an environment that hasn’t stabilised.

The last few years have made that visible in ways that are hard to ignore. The Covid-19 pandemic rewrote force majeure clauses overnight; geopolitical shifts have disrupted supply chains and reshaped sanctions exposure; and AI arrived, not as a future concern, but as something businesses were already deploying before any regulatory framework existed to govern it.

The GCs who navigated these pressures most effectively did something structurally different. They embedded legal thinking into how their organisations planned for uncertainty, drawing on in-house capability alongside trusted external advisers to bring commercial perspective, capacity and specialist insight when needed.

The pressure is structural, not cyclical

It’s worth being clear about this, because it changes how you plan.

The forces driving demand on legal teams – regulatory acceleration, geopolitical instability, technological disruption and heightened board and regulatory scrutiny – aren’t going to ease. They’re now permanent features of the operating environment.

This has two practical implications for in-house counsel:

1. Reactive legal delivery at scale doesn’t work anymore. The volume and velocity of legal risk arriving into most organisations exceed what any team can manage case by case. Something has to give, and if you haven’t made deliberate choices about what that is, the choices will be made for you
2. What boards and executive teams expect from legal functions has shifted. It’s not enough to identify risk; you’re expected to help the organisation manage it proactively, move with confidence despite uncertainty and maintain defensible positions under regulatory and reputational stress. That’s a resilience function, not just an advisory one.

What legal alignment actually means

‘Aligning legal strategy with business objectives’ is one of those phrases that can mean everything and nothing. It’s worth unpacking.

Alignment isn’t subordination. A legal function that simply reflects business priorities without challenge isn’t aligned, but captured. Independent, objective advice is itself a resilience contribution and boards that understand this protect it.

Alignment means designing a legal strategy with explicit reference to what the organisation is trying to achieve, the environment it’s operating in and its real risk appetite – not just the theoretical one in board papers.

In practice, this usually requires a blended model: in-house teams working closely with external advisers who genuinely understand the business, not as instructed counsel but as an extension of the internal function. That model extends capacity without sacrificing institutional knowledge or commercial context.

Aligned legal functions typically share several characteristics:

• A clear understanding of strategic priorities and how legal risk maps to them
• Defined escalation protocols that bring legal teams into discussions early
• Use of data and metrics to track legal risk exposure
• Internal credibility, so legal input is actively sought rather than merely received.

Resilience as a legal discipline

Resilience has traditionally sat with operations, risk and finance; legal would get involved when something failed. That positioning is changing and GCs who have driven the change describe a meaningful shift in how legal functions are perceived internally.

The reason is straightforward. Resilience depends on legal decisions made daily: how risk is allocated in contracts, how the business is structured, how governance frameworks hold up under stress and how data arrangements remain defensible when a regulator scrutinises them. These decisions don’t benefit from being made in isolation or reviewed only after something goes wrong.

The shift GCs describe is from constraint to enablement. Legal functions move from identifying what can’t be done to helping the organisation understand what can be done, at what pace and with what governance in place. That’s a more productive relationship with leadership, and it has to be earned through commercially grounded input, not asserted.

A practical framework

There’s no single model, but the questions below are those legal leaders consistently need to address:

• Start with the business plan, not the legal plan: legal priorities are often shaped by incoming workload rather than strategic intent. Early engagement with senior leaders creates focus, helps prioritise high-value work and identifies where legal teams can most effectively support delivery
• Map legal risk to strategic priorities: identify the two or three objectives that disproportionately drive enterprise value. For each, assess where legal risk is most consequential, for example regulatory exposure, contractual dependencies, litigation risk, IP vulnerability or data compliance
• Define risk appetite in legal terms: translate board-level risk appetite into operational guidance. Which risks are acceptable without escalation? Which require it? Which sit outside appetite entirely? Clear answers reduce unnecessary escalation and enable faster, more confident decision-making at the business level
• Build proactive regulatory intelligence: horizon scanning, monitoring legislative pipelines and early engagement with regulatory developments convert regulatory risk from a surprise into planned input. This is increasingly a core capability, not an optional extra
• Embed legal in strategic planning: legal strategy can’t align with business strategy if legal personnel are absent when it’s formed. Credibility here is earned through commercially grounded input, not commentary after decisions have already been made
• Build metrics that tell the right story: most legal teams are measured on cost and throughput. To change internal perception and secure investment, metrics need to demonstrate governance impact, risk exposure managed and value delivered through enablement or risk avoidance
• Review contractual and structural architecture: contracts, corporate structures and data arrangements accumulate risk over time, often in ways that are invisible until something goes wrong. A structured review identifies weaknesses or risk allocations that no longer reflect commercial reality. The objective isn’t wholesale renegotiation, but visibility.

Internal change: technology, capacity and capability

AI is both the most significant opportunity and the most significant governance challenge currently sitting on most GCs’ desks.

Used well, legal technology extends capacity and improves consistency – two things most in-house teams need. But as organisations deploy AI across their operations, the legal questions are substantial: liability, data protection, IP ownership, employment implications and regulatory compliance in jurisdictions where frameworks are still forming. Legal teams that build credible AI governance frameworks and advise confidently on deployment risks are delivering genuine commercial value.

Capacity remains a constant constraint. For most in-house teams, the answer is a combination of technology and strategic use of external advisers, preserving internal focus for work that requires institutional knowledge and judgement.

Capability is harder. Building a team that combines technical excellence with commercial judgement takes time and deliberate development. But it’s this combination that makes legal genuinely useful to the organisation, rather than merely technically correct.

The practical case

The repositioning of in-house legal from reactive service provider to strategic contributor is an organisational necessity.

Legal functions that align with business objectives, contribute to resilience planning, engage proactively with regulatory change and embed legal risk thinking into strategic decisions do more than deliver better advice. They change their relationship with the organisation and enhance its ability to operate with greater confidence.

Legal strategy designed in isolation will be outpaced by events, but legal strategy built around real business objectives and genuine resilience delivers something increasingly rare: clarity and the confidence to act while others are managing uncertainty. In a complex operating environment, that’s a competitive advantage.