Skip to main content

Clifford Chance

Clifford Chance

Corporate Risk Management

Building a resilient business

The boardroom must confront new and evolving challenges of risk management without foregoing innovative business opportunities. The best prepared will stay two steps ahead of the competition, burnishing their reputations and separating themselves from organisations that have not adapted as quickly or as effectively.

Where there is a serious risk of management failure, the boardroom may face scrutiny – on the basis of what the board said or did or, perhaps, what it failed to say or do – highlighting the serious reputational and financial impacts of a major risk management failure.

Clifford Chance will help you assess your organisation’s current risk profile against the prevailing legal framework and develop a robust structure and proactive risk management strategy across your global business. We work with the world’s leading businesses to understand their legal, reputational and financial exposure to risk, and put in place effective risk management frameworks.

Be clear on corporate risk management

5 questions to ask yourself

Do we know where a crisis could emerge from?

The political and media landscape is evolving quickly, as is society's tolerance of "big business" practices. Your company should constantly review its systems/culture against the latest demands of investors, politicians, lenders and customers. Areas of risk that used to be "compliance" risks are now reputational risks that need to be assessed at board level. Is your board taking a dynamic approach to reputational risk management?

Does our board fully understand the material risks facing the organisation?

A full understanding of the organisation's current and future risk profile is essential. It is only when key risks are understood by decision-makers, and an informed tolerance is set at board level, that commercial decisions can properly be made by management. Does your board understand the emerging risks and the full breadth and depth of key risks facing the organisation? Are you confident that this translates into resources being directed to the right risk areas?

Do our internal controls, processes and policies mitigate current risks to within our risk tolerance?

Do the company's risk controls and processes tie into the day-to-day decision-making of the organisation and the material risks identified? Are they robust and effective? Have current processes and policies been renewed and updated to reflect your evolving risk landscape – for example, the developing international frameworks around specific risks – and to deal with developments in your own business?

Do we adapt our risk management approach as our business evolves?

As the business grows or diversifies, including into new markets/product areas, its risk profile changes. Periodic reviews are advisable, as well as a reassessment when the company undertakes a major step change or acquisition, or enters a new market. When did you last reassess your organisation’s risk profile? When undertaking M&A, do you always measure the target’s practices against your own policies and introduce risk mitigation measures?

What is our crisis management plan?

When a risk incident or scandal breaks, the reputational risk management needs to be immediate – an initial misstep in the communication strategy or missed opportunity for initial damage control can have a lasting, negative impact. Have you notified all your stakeholders including regulators, investors, creditors and employees? Have you issued an initial company response across the organisation to ensure that business leaders, legal, IT, HR, IR and PR teams work together as one? You will want your legal adviser to have intimate knowledge of your risk mitigation strategy, so that they can put forward your best case.

Why Clifford Chance

Both your risk management framework and initial crisis management plan need to take into consideration the applicable laws and local regulatory and cultural expectations of each jurisdiction in which you do business. Clifford Chance is well-placed to deliver this advice in the integrated rather than individualised manner that the job requires.

Meet our Corporate Risk Management team

move left move right
David DiBari

David DiBari

Washington D.C.



View Linkedin Profile

David D. DiBari is Clifford Chance’s Global Co-Head of the Firm's Risk Team.

David has over 30 years of experience in crisis management and defending financial institutions and other multi-national companies in complex criminal and administrative matters arising under the Foreign Corrupt Practices Act, US banking and securities laws and regulations, US anti-money laundering, economic sanctions and export controls, and other laws and regulations affecting the conduct of international business. David has extensive experience in conducting multi-jurisdictional internal investigations and managing whistleblowers, and advising companies on developing and implementing cross-border risk assessments and compliance programs, systems and controls.

David has represented both domestic and multi-national companies before the US Securities and Exchange Commission, Federal Reserve, New York Department of Financial Services, Department of State, Department of Treasury, Department of Commerce, Department of Defense, Department of Justice, US Congress and other Federal and state authorities and SROs.

Luke Tolaini

Luke Tolaini




Luke Tolaini advises companies and their Boards on matters of reputational significance.

Working across sectors Luke advises on crisis incidents, investigations and material disputes, often involving government authorities. He is a co-lead of Clifford Chance's global Risk team advising clients on compliance, risk prevention, crisis management, and cultural remediation.

Heiner Hugger

Heiner Hugger


+49 69 7199 1283


Heiner Hugger advises on investigations, legal proceedings, compliance and fraud-prevention measures and all other issues in connection with criminal, regulatory or other penalties.

Heiner has particular experience in defending against investigations against companies and their staff members, advising on internal investigations and on the prosecution of offences committed to the detriment of companies, as well as in advising companies on compliance and fraud-prevention measures.

Heiner is a member of our global risk leadership team.

Lei Shi

Lei Shi




Lei Shi's practice focuses on China-related dispute resolution matters, including international arbitration, regulatory compliance and investigation, and commercial litigation.

In the arbitration area, Lei has over 12 years of experiences as counsel in arbitration under HKIAC, ICC, SIAC, CIETAC, LCIA, SCC, AAA and UNCITRAL Rules in relation to M&A, private equity, banking, technology, real property and other commercial disputes.