By Joachim Fleury, Head of international law firm Clifford Chance’s TMT sector group
Legal risk is a concern for any good business, particularly those in the telecoms sector. Our recent survey, published in conjunction with the Economist Intelligence Unit, found that 91% of TMT board members expect legal and regulatory risk to stay the same or increase over the next two years. This percentage is the highest we have found of any sector, including mining, healthcare, finance, retail and oil & gas.
There are several reasons for this, but the highly regulated nature of the industry provides a good starting point. Many telecoms companies are facing heavy pressure from regulators over pricing, as national authorities force mobile operators to cut termination rates and broadband access fees and the European Commission aims to lower roaming charges. Contrast these price pressures with demands for more investment in high speed technologies and infrastructure to support initiatives like the EU's Digital Agenda and the result is a complex picture where companies are presented with ample opportunity, but ample risk, as well.
Understandably, managing this uncertainty has become a primary concern for telecoms board members. Our survey shows that risk management has moved its way up boardroom agendas, with 75% of respondents’ boards increasing the amount of time they spend on risk management over the past two years and 72% investing more money.
Uniquely, the vast amount of important data processed and transmitted by telecoms businesses makes telecoms companies particularly sensitive to any risk to their reputation, which must be carefully protected to preserve consumers' trust in them and their products. For this reason, data protection issues and cybercrime pose some of the most salient legal threats to the industry today where a single incident can tarnish a company’s reputation and undermine its ability to compete.
This is a big issue. Almost a third of respondents told us that their organisation had faced a major risk issue of this nature over the past two years. Companies need to act smartly and know that preparation is vital. For example, the development of robust and thorough data protection policies and up-to-date terms and conditions of use for online platforms and marketing activities are crucial. Changes in local and EU legislation, as well as technological developments and cyber attacks, consistently increase companies' risk exposure even if they try to decrease it.
Fortunately, many telecoms businesses are confident they are on top of these risks. While our survey respondents say they are concerned about cyber security incidents, more than half say that they have already made major changes to their systems and data privacy policies to mitigate the risk to their brand, as well as to accommodate the more stringent requirements mandated by governments. But as technology continues to evolve, so do the capabilities of those seeking to exploit it and companies cannot afford to fall behind on this issue.
In an industry undergoing a wave of consolidation, M&A has become another key source of legal risk. Telefónica’s sale of its Irish business to Three took almost a year of negotiations to receive antitrust approval. Its purchase of German mobile operator E-Plus took even longer. Both deals involved significant concessions to appease the regulators. The cross-border nature of most European deals means that any sound legal advice must, at minimum, concurrently synthesise feedback from the client, regulators, and local counsel all while engaging with a shifting commercial reality.
A fluid political and economic landscape means that problems such as bribery, corruption and sanctions are as important as they have ever been. Both the 24-hour news cycle and social media can make a scandal of this nature particularly damaging. Clearly, managing this risk with the appropriate processes and safeguards in place is essential. Laws such as the Foreign Corrupt Practices Act (USA) or the Bribery Act (UK) give a hard edge to the legal risk. However, several 'soft' guidelines on human rights are also gaining importance as compliance standards, such as the OECD Guidelines for Multinational Enterprises or the UN's Business and Human Rights Guidelines.
Regulation and legal risk are integral parts of life in the telecoms industry, especially in the European Union. Our survey shows that businesses are increasingly aware of this, but many still seek guidance on how best to anticipate these problems or how to react intelligently when unforeseen problems arise. Today, taking such care and preparation is simply good business.