Aon | Professional Services Practice
Building a Proactive Risk Management Culture: Lessons from Law Firm General Counsels at the Aon Law Firm Symposium
Release Date: December 2025Most law firms strive to promote an environment where lawyers adhere to high professional and ethical standards, follow the firm’s risk management policies and procedures, and seek guidance before potential issues escalate. Yet, building and maintaining a risk-aware culture presents a constant challenge.
At the 2025 Aon Law Firm Symposium, four experienced law firm general counsels – Martin S. Checov, O’Melveny & Myers LLP; Diana K. Ashton, Finnegan, Henderson, Farabow, Garrett & Dunner, LLP; Kathryn J. Fritz, Fenwick & West LLP; and Amanda Kushnir, Blake, Cassels & Graydon LLP – shared their ideas, strategies, and best practices for developing and sustaining a proactive risk management culture. We recap below some of the key insights from this excellent faculty.
Identify Culture Carriers
In an increasingly profit-driven business setting, law firms need human conduits to propagate their risk management culture. Not everyone in a firm is suited for the role, even if they buy into the firm’s culture. It is essential to identify individuals who are trusted, approachable, and capable of balancing caution with business acumen. These “culture carriers” are essential for actively modeling and reinforcing risk-conscious behaviors throughout the firm.
Foster Buy-In Through Open Dialogue and Storytelling
Lawyers may occasionally challenge firm policies and procedures by asking, “This activity or pursuit is permitted at other firms, so why is it restricted here?” It is beneficial to encourage open conversations about firm policies and different risk appetites. Sharing real-life examples or war stories where the firm encountered problems in a past situation can be an effective way to help lawyers understand the rationale behind policies and lead to greater buy-in and compliance.
Cultivate Relationships Firmwide
Developing strong relationships between the general counsel’s office and lawyers and staff across the firm fosters trust, encourages early engagement with risk issues, and helps ensure that risk management is viewed as a resource rather than a barrier. A law firm general counsel must be visible, approachable, and responsive, and known as a good listener and problem solver. If these connections within the firm do not exist or if people are not comfortable contacting the general counsel, the general counsel is more likely to encounter difficult issues after they arise rather than being in a position to provide guidance on the front side of tough matters.
Engage Management at All Levels
Law firm general counsels must work closely with senior leadership and practice group heads to secure their support and make sure that risk management is integrated into decision-making throughout the firm. Keeping firm management informed about emerging risks and bringing attention to behavior issues observed within the firm’s ranks is a critical part of this role. A risk management update should be a standing item on the executive committee’s agenda. Moreover, when the law firm's general counsel has an important message to communicate to the firm, it is often advisable for leadership to convey it in tandem with the general counsel.
Deliver Targeted Training and Education
Careful consideration of the intended audience is paramount when developing risk management training and education. These programs should be tailored to the needs of different groups, such as associates, lateral partners, administrative assistants, and business professionals. For instance, train senior lawyers expected to develop business on conflicts clearance, educate members of the human resources department on privacy issues, instruct administrative assistants on file opening procedures, and onboard lateral hires to ensure understanding with firm policies and practices.
Communicate Through Multiple Channels
Compliance failures often stem from lack of awareness rather than a lack of care. Using multiple methods and formats of communication—emails, training seminars, partnership meetings, town hall meetings, and online learning modules—helps ensure that risk management training and education reaches everyone. Given that lawyers have varied schedules and learning preferences, repeating information with diverse messaging supports the effective delivery and reinforcement of firm policies and expectations.
Conduct Informal Audits to Assess Compliance
Law firms can have the best risk management policies in place, but policies are only effective if they are followed. To confirm that policies broadcast to the firm are working in practice, the general counsel should conduct periodic informal checks to monitor compliance, identify areas for improvement, and then adjust implementation strategies as needed. This process is most successful when the general counsel establishes strong relationships with the right people across firm departments.
Provide a Judgement-Free Zone
Creating an environment that encourages early intervention, full transparency, and learning from errors not only promotes trust but can help prevent unnecessary snowballing of issues. Lawyers must feel safe reporting mistakes or concerns to the general counsel without fear of judgment.
While there is no single approach to engage a lawyer in a vulnerable state of mind, it helps to actively listen and obtain the lawyer’s story in a way that doesn’t sound like conducting a deposition. The goal is to avoid situations where lawyers feel defensive or pressure to go into “fix-it mode” before speaking with the general counsel. The general counsel should also wait to discuss any lessons that a lawyer needs to learn until both the matter at hand and the lawyer have calmed down.
Balance Responsiveness with Thoughtfulness
General counsels are expected to be available and responsive, but not every issue is urgent and requires immediate action. Taking time to gather information and allowing the situation to settle a bit often results in better decisions and outcomes. In some instances, it is beneficial to ask a lawyer to send a privileged and confidential email to the general counsel. This strategy helps the lawyer clearly frame the issue and enables the general counsel to understand both the matter and its context before scheduling a conversation.
Provide More than a Simple “No”
Lawyers are less inclined to approach the general counsel if the individual in that role is perceived as consistently rejecting their proposals. A practical strategy is to consult with lawyers about the requirements for a potential “yes” response, such as identifying the relevant stakeholders to speak with and outlining any additional steps necessary for the firm to proceed. The path to “yes” may not look very good in the end and, upon further review, many lawyers will independently arrive at a decision of “no.”
While it is important to provide lawyers candid and clear advice, law firm general counsels must remain flexible and adapt their answers and approaches to the specific needs and personalities of those seeking guidance. Every answer does not have to be the same. If it is, lawyers will not feel comfortable approaching the general counsel.
Maintain Independence and Anticipate Risks
A law firm general counsel must act as a “partner” to all members of the firm, maintaining a degree of separation from firm politics, balancing independence with collaboration, and always keeping the firm’s best interests in mind. This perspective is crucial for guiding the firm through complex decisions and maintaining a resilient risk management culture.
General counsels should also look for ways to be proactive and reach out to affected individuals before problems arise. For example, contact individuals who may be affected by emerging risks such as employees on visas during travel disruptions. This demonstrates care for both the firm and its people, helping build essential trust.
Final Thoughts
Lawyers dedicate significant time and effort to safeguarding their clients' interests, but they must also remain attentive to protecting themselves and their firms. For law firm general counsels, cultivating a proactive risk management culture is closely tied to encouraging lawyers to embrace and implement this principle.
The Professional Services Practice at Aon values your feedback. To discuss any of the topics raised in this insight, please contact Matthew K. Corbin, Jennifer Finnegan, Rebecca Ambrose, Sarah O’Neill and Mark A. Webster.
This Insight is based on an Aon Loss Prevention Bulletin. Our Law Firm Loss Prevention team also publishes a Law Firm Advisory.
Kansas City
+1.816.225.5815
[email protected]
New York
+1.609.203.4903
[email protected]
New York
+1.518.709.8649
[email protected]
London
+44.(0)20.7086.0421
[email protected]
Kansas City
+1.913.201.3446
[email protected]
About Aon
Aon (NYSE: AON) exists to shape decisions for the better — to protect and enrich the lives of people around the world. Through actionable analytic insight, globally integrated Risk Capital and Human Capital expertise, and locally relevant solutions, our colleagues provide clients in over 120 countries with the clarity and confidence to make better risk and people decisions that help protect and grow their businesses.
Follow Aon on LinkedIn, X, Facebook and Instagram. Stay up-to-date by visiting Aon’s newsroom and sign up for news alerts here.
©2025 Aon plc. All rights reserved.
Aon is not a law firm or accounting firm and does not provide legal, financial or tax advice. Any commentary provided is based solely on Aon’s experience as insurance practitioners. We recommend that you consult with your own legal, financial and/or insurance advisors on any commentary provided herein. All descriptions, summaries or highlights of coverage described herein are for general informational purposes only and do not amend, alter or modify the actual terms and conditions of any relevant policy. Coverage is governed only by the terms and conditions of such policy. Insurance coverage in any particular case will depend upon the type of policy in effect, the terms, conditions and exclusions in any such policy, and the facts of each unique situation. No representation is made that any specific insurance coverage would apply in the circumstances outlined herein. Please refer to the individual policy forms for specific coverage details.
The information contained in this document and the statements expressed are of a general nature and are not intended to address the circumstances of any particular individual or entity.
This document is not intended to address any specific situation or to provide legal, regulatory, financial, or other advice. While care has been taken in the production of this document, Aon does not warrant, represent or guarantee the accuracy, adequacy, completeness or fitness for any purpose of the document or any part of it and can accept no liability for any loss incurred in any way by any person who may rely on it. Any recipient shall be responsible for the use to which it puts this document. This document has been compiled using information available to us up to its date of publication and is subject to any qualifications made in the document.
Insurance products and services offered by Aon Risk Insurance Services West, Inc., Aon Risk Services Central, Inc., Aon Risk Services Northeast, Inc., Aon Risk Services Southwest, Inc., and Aon Risk Services, Inc. of Florida and their licensed affiliates.