Key insights:

• • • AI’s greatest strength in criminal justice is pattern recognition鈥� AI can process vast amounts of data quickly, helping law enforcement and legal professionals detect connections, reduce oversight gaps, and improve consistency across investigations and casework.

    • AI should strengthen justice, not substitute for human judgment鈥� Legal professionals are integral to evaluating AI-generated outputs, especially when decisions affect evidence, warrants, and individuals鈥� constitutional rights.

    • The most effective model is human/AI collaboration鈥� AI handles scale and speed, while judges, attorneys, and investigators provide context, accountability, and ethical reasoning needed to protect due process.

The law has always been about patterns 鈥� patterns of behavior, patterns of evidence, and patterns of justice. Now, courts and law enforcement can leverage a tool powerful enough to see those patterns at a scale at a speed no human mind could match: AI.

At its core, AI works by recognizing patterns. Rather than simply matching keywords, it learns from large amounts of existing text to understand meaning and context and uses that learning to make predictions about what comes next. In the context of law enforcement, that capability is nothing short of transformative.

These themes were front and center in a recent webinar, , from the听, a joint effort by the National Center for State Courts听(NCSC) and the 成人VR视频 Institute (TRI). The webinar brought together voices from across the justice system, and what emerged was a clear and consistent message: AI is a powerful ally in the pursuit of justice, but only when paired with the judgment, accountability, and constitutional grounding that human professionals can provide.

AI’s pattern recognition is a gamechanger

“AI is excellent,鈥� said Mark Cheatham, Chief of Police in Acworth, Georgia, during the webinar. 鈥淚t is better than anyone else in your office at recognizing patterns. No doubt about it. It is the smartest, most capable employee that you have.”

That kind of capability, applied to the demands of modern policing, investigation, and prosecution, is a genuine gamechanger. However, the promise of AI extends far beyond the patrol car or the precinct. Indeed, it cascades through the entire arc of justice 鈥� from the moment a crime is detected all the way through prosecution and adjudication.

Each step in that chain represents not just an operational and efficiency upgrade, but an opportunity to make the system more fair, more consistent, and more protective of the rights of everyone involved.

Webinar participants considered the practical implications. For example, AI can identify and mitigate human error in decision-making, promoting greater consistency and fairness in outcomes across cases. And by automating labor-intensive tasks such as reviewing body camera footage, AI frees prosecutors and defense attorneys to focus on other aspects of their work that demand professional judgment and legal expertise.

In legal education, the potential of AI is similarly recognized. Hon. Eric DuBois of the 9th Judicial Circuit Court in Florida emphasizes its role as a tool rather than a substitute. “I encourage the law students to use AI as a starting point,鈥� Judge DuBois explained. 鈥淏ut it’s not going to replace us. You’ve got to put the work in, you’ve got to put the effort in.”

AI can never replace the detective, the prosecutor, the judge, or the defense attorney; however, it can work alongside them, handling the volume and velocity of data that no human team could process alone.

Judge DuBois’ perspective aligns with broader judicial sentiment on the responsible integration of AI. In fact, one consistent theme across the webinar was the necessity of maintaining human oversight. The role of the legal professional remains central, participants stressed, because that ensures accuracy, accountability, and ethical judgment. The appropriate placement of human expertise within AI-assisted processes is essential to ensuring a fair and effective legal system.

That balance between leveraging AI and preserving human judgment is not just good practice, rather it鈥檚 a cornerstone of justice. While Chief Cheatham praises AI’s pattern recognition, he also cautions that it “will call in sick, frequently and unexpectedly.” In other words, AI is a powerful but imperfect tool, and those professionals who rely on it must always be prepared to intervene in those situations in which AI falls short. Moreover, the technology is improving extremely rapidly, and the models we are using today will likely be the worst models we ever use.

Naturally, that readiness is especially critical when individuals鈥� rights are on the line. 鈥淎 human cannot just rely on that machine,鈥� said Joyce King, Deputy State’s Attorney for Frederick County in Maryland. 鈥淵ou need a warrant to open that cyber tip separately, to get human eyes on that for confirmation, that we cannot rely on the machine.” Clearly, as the webinar explained, AI does not replace constitutional obligations; rather, it operates within them, and the professionals who use AI are still the guardians of due process.

The human/AI partnership is where justice is served

Bob Rhodes, Chief Technology Officer for 成人VR视频 Special Services (TRSS) echoed that sentiment with a principle that cuts across every application of AI in the justice system. “The number one thing鈥� is a human should always be in the loop to verify what the systems are giving them,” Rhodes said.

This is not a limitation of AI; instead, it鈥檚 the design of a system that works. AI identifies the patterns, and trained, experienced professionals evaluate them, act on them, and are accountable for them.

That partnership is where the real opportunity lives. AI can never replace the detective, the prosecutor, the judge, or the defense attorney. However, it can work alongside them, handling the volume and velocity of data that no human team could process alone. So that means the humans in the room can focus on what they do best: applying judgment, upholding the law, and protecting an individual鈥檚 rights.

For judicial and law enforcement professionals, this is the moment to lean in. The patterns are there, the technology to read them is here, and the opportunity to use both in service of rights 鈥� not against them 鈥� has never been greater.

Please add your voice to 成人VR视频鈥� flagship , a global study exploring how the professional landscape continues to change.听

Key highlights:

• • • Risk varies by workflow and context 鈥� Practitioners should apply risk ratings based on workflow and context, such as low for productivity, moderate for research, moderate to high for drafting and public鈥慺acing tools, and high for decision-support.

    • Courts need their own developed benchmarks 鈥� Courts should develop and regularly review their own independent benchmarks and evaluation datasets instead of relying solely on vendor claims, because vendors may optimize systems for known tests.

    • Need for benchmarking to detect drift, degradation, and bias 鈥� Continuous, rigorous benchmarking of AI models is essential for courts and legal professionals to maintain confidence in these systems, since both the law and AI models change over time.

AI is not monolithic technology, and a risk-based assessment process is needed when using it. Indeed, courts and legal professionals must scale their scrutiny to match risk levels.

This approach 鈥� which balances innovation with accountability, along with other essential best practices 鈥� is detailed in a recent publication, , created as part of .

In a recent webinar, , one of the co-authors of the document, explained the purpose of the document: “The central aim of what we were thinking about in these best practices is to give courts and legal professionals a principle-based architecture when you’re thinking about the adoption of GenAI tools.”

Risk and human judgement serve as central elements

What is unique about this framework is that it categorizes risk based on key workflow actions of lawyering, for example:

• • • Productivity tools carry minimal to moderate risk
    • Research tools are assigned moderate risk
    • Drafting tools range from moderate to high risk
    • Public-facing tools carry moderate to high risk
    • Decision-support tools pose high risk

The framework holds that risk is dynamic rather than static, and there can be shifts in risk levels based on use cases. For example, a scheduling tool typically poses minimal risk; however, the same tool becomes high risk when used for urgent national security cases. And translation tools can shift from lower risk research support to high-risk decision-support depending on their use.

Similarly, when tools range from moderate risk to high risk, users need to be especially discerning in order to understand the underlying risks 鈥� and if the task should be delegated to AI at all.

“You can’t just rely on categories,鈥� explains from the IP High Court of Korea. 鈥淵ou need to understand the underlying risks and ask yourself: Would I delegate this task to another person? Am I comfortable delegating it publicly? If the answer is no, then you probably shouldn’t be delegating it to an AI either.”

In addition, clear red lines around when AI should never be used and classified as unacceptable risk exist for judicial use. “I believe the clear red line is automated final decisions or AI systems that assess a person’s credibility or determine fundamental rights involving incarceration, housing, family,” says Judge Kwon, adding that fundamental rights require human judgment.

“You can’t just rely on categories. You need to understand the underlying risks and ask yourself: Would I delegate this task to another person? Am I comfortable delegating it publicly? If the answer is no, then you probably shouldn’t be delegating it to an AI either.”

The extent of human judgment also has layers. , Shareholder at Greenberg Traurig, says he believes that AI for any legal use currently requires human oversight. 鈥淭he human supervision piece鈥� is utterly critical in the real world of practicing lawyers and law firms,鈥� Greenberg says. 鈥淵ou have to supervise the lawyers in the firm that are using the technology, including young lawyers.”

To help distinguish which type of human oversight is appropriate, the framework in the Key Considerations document defines two forms of such oversight: i) human in the loop, which means active human involvement in decisions; and ii) human on the loop, which means monitoring automated processes and intervening when needed.

What the difference between what each concept could look like in a court setting shows that a human in the loop is, for example, a law clerk using AI to do research on relevant case law and checking to make sure that the references are legally sound; and a human on the loop is a clerk monitoring an established robotic process to extract data for the case management system and spot-checking for accuracy.

Practical guidance for courts

In addition to judges considering the risk level of AI tools, Judge Kwon, Greenberg, and Carpenter, noted the importance of technical AI competence as part of lawyers鈥� and judges鈥� ethical duty, especially around verification, transparency, and independent benchmarks as part of accountability, as well as the need for understandable documentation to maintain public trust. To reinforce the latter point, , Director in Government Practice for 成人VR视频 Practical Law states: “It鈥檚 very vital, especially as we usher in the age of AI, that the public be informed as much as they can be about how that decision-making process is taking place.鈥�

In addition, Judge Kwon, Greenberg, and Carpenter highlighted additional guidance on the criticality of benchmarking, including:

• • • Court-developed benchmarks prevent overreliance on vendor data 鈥� Courts should develop their own benchmarks and independent evaluation datasets rather than relying entirely on vendor claims and review evaluation scenarios regularly. Vendors may optimize their systems for known tests, which leads to overfitting, in which a model learns patterns specific to its training data so well that it performs poorly on new, unseen data. This gives a misleading impression of reliability.
    • Ongoing rigorous benchmarking to detect model drift & degradation 鈥� To build confidence in AI models, courts and legal professionals must approach AI model evaluation with rigor and ongoing vigilance. Continuous benchmarking is essential, and it cannot be a one-time process because the law evolves constantly and precedents shift. In addition, AI models themselves update regularly, and courts need to monitor performance over time to detect AI degradation or bias drift.

Adopting a thoughtful, risk-informed approach to GenAI in legal practice and courts will help realize its benefits for efficiency and access to justice while protecting ethical obligations, due process, and public trust in the legal system.

You can find out more about how AI and other advanced technologies are impacting best practices in courts and administration here

Our distinguished panel includes experts from the 成人VR视频 Social Impact Institute, and nonprofit partners Spotlight, and New Friends New Life. Additionally, a representative from U.S. Homeland Security Investigations will provide insights into the collaborative efforts required to tackle this critical issue.

This training aims to educate participants on the complexities of human trafficking, the impact on victims, and effective strategies for prevention and intervention. Attendees will gain valuable knowledge on the roles of various stakeholders, including non-profit organizations, law enforcement, and the community, in addressing trafficking and supporting survivors.

We invite individuals and organizations committed to making a difference to join this informative session, as we work together to create a world free from exploitation.

Watch the full recording below!

This exclusive two-part webinar series, “Enhancing Metrics for the General Counsel’s Office,” is designed to equip General Counsel and legal leaders with the knowledge and practical tools to effectively demonstrate the听real听value of their legal departments. We’ll delve into how to move beyond simply tracking expenses and hours, and instead, focus on metrics that showcase the proactive, strategic, and business-enabling work of your legal team.

In this series, you will learn how to:

• Optimize existing metrics:听Move beyond cost and time to showcase both efficiency and effectiveness.
• Transform your metrics:听Incorporate “Protect and Enable” metrics, highlighting the proactive and strategic contributions of your legal team.
• Communicate your value:听Distil complex data into a concise and compelling narrative for senior leadership, including a practical exercise on creating a powerful one-slide summary.

This exclusive two-part webinar series, “Enhancing Metrics for the General Counsel’s Office,” is designed to equip General Counsel and legal leaders with the knowledge and practical tools to effectively demonstrate the听real听value of their legal departments. We’ll delve into how to move beyond simply tracking expenses and hours, and instead, focus on metrics that showcase the proactive, strategic, and business-enabling work of your legal team.

In this series, you will learn how to:

• Optimize existing metrics:听Move beyond cost and time to showcase both efficiency and effectiveness.
• Transform your metrics:听Incorporate “Protect and Enable” metrics, highlighting the proactive and strategic contributions of your legal team.
• Communicate your value:听Distil complex data into a concise and compelling narrative for senior leadership, including a practical exercise on creating a powerful one-slide summary.

During the recent virtual annual meeting of , I was part of a panel, that discussed how in-house counsel must ensure that their company is prepared to handle any emergency. Other panelists included Laura Stevens, Executive Vice President and General Counsel of Cengage Group; Michelle-Kim Cohen, Deputy General Counsel of Dassault Syst猫mes; and Sarah Gatti, Corporate Counsel at Drift.com.

Here are some of the questions discussed by the panel and panelists鈥� responses.

How broad should your emergency response plan be for addressing any type of emergency?

A one-size-fits-all-approach may not always be feasible for company-wide emergency response planning. When preparing or updating an emergency response plan, a company should account for reasonably foreseeable emergencies that may occur, rather than addressing every possible emergency regardless of actual likelihood. This assessment depends on various factors, including geography, the company’s industry, the company’s products and services, and the nature of the workforce and whether it includes remote employees.

Geography plays a significant role in the risk assessment process and may result in different types of risk depending on location. For example, one region may be prone to certain types of natural disasters (such as earthquakes) that are unlikely to occur in another region where the company operates. Using this example, the emergency response plan for a worksite in that region must account for the possibility of those natural disasters occurring, whereas a plan for a worksite in a different region may not.

A company should also survey its existing resources and determine whether a plan already exists for a particular emergency situation, even if the internal distribution or use of these resources was limited. Existing resources can help identify reasonably foreseeable emergencies and provide a starting point for developing more comprehensive emergency planning.

Even if a company tailors its emergency response planning, certain components may be universal regardless of the type of emergency. For example, a company may use the same communication systems for alerting its workforce of an emergency, even if the extent of notification varies by the type of emergency.

How accessible should your company’s emergency response plan be?

A company must account for whether an emergency could impede access to the emergency response plan itself. A company should have copies of the emergency response plan printed out in hard copy format and kept at the company’s offices or work sites. In addition to hard copies, a company should have the emergency response plan electronically accessible, such as a version securely stored on a shared drive. Obviously, the inability to access an emergency response plan should not create an emergency in itself. For example, if there is a foreseeable risk of an emergency rendering an office physically inaccessible (such as from civil unrest), the company should not have the emergency response plan only kept in hard copy format at that office.

A company must take the proper steps to ensure that the plan鈥檚 needs are accessible to stakeholders and the persons responsible for implementing the plan. The company should also consider whether and to what extent to share the emergency response plan with its outside counsel.

Should the emergency response plan be shared externally?

A company should carefully determine to whom it discloses its emergency response plan and, if required, how much of the plan to disclose. This issue periodically comes up when customers or vendors want to determine if a company has a plan before doing business with the company. Sometimes limited disclosure of a company’s emergency response plan may be unavoidable.

A company should hesitate to fully disclose its emergency response plan to third parties unless absolutely required. Instead, a company should consider other ways of satisfying the needs of third parties that want to confirm the existence and content of the company鈥檚 emergency response plan. For example, a company could inquire whether providing a copy of the plan’s table of contents satisfies a third party’s needs. Alternatively, a company could require a nondisclosure or confidentiality agreement before disclosing any part of its emergency response plan or limiting disclosure to answering a questionnaire about its emergency response plan.

What is in-house counsel’s role in emergency response planning?

In-house counsel plays a central role in a company’s emergency response planning. Aside from serving on the crisis management team, in-house counsel often acts as a project manager in emergency response planning. As a result, in-house counsel communicates with a company’s departments and external and internal stakeholders, such as the company鈥檚 IT and communications personnel. In-house counsel also ensures that training and assessments of the plan regularly occur. In-house counsel may need to determine if the plan is current and accurately reflects up-to-date operational practices, the company’s business, and legal requirements.

In addition, in-house counsel serves as a subject matter expert with issues related to a company’s emergency response. This includes asking “what if” questions when reviewing the plan, conducting a post-mortem response to any testing of the plan or actual emergency, determining who to notify about the company’s emergency response, and ensuring that any emergency response is legally compliant.

How should your company prepare for implementing its emergency response plan?

A key component of emergency planning involves testing and training employees on the components of the plan that are relevant to their respective roles. To test the plan, the company should perform tabletop exercises to simulate reasonably likely emergency scenarios to better ensure that key personnel know their role and can implement the plan. These exercises can also identify any necessary changes for updating the plan. For example, if key personnel are unreachable during a tabletop exercise, the company should consider updating its plan by replacing them with more accessible individuals.

The company should test its emergency response plan in real-time. This may involve testing the plan after-hours because a real-life emergency occurs at any time.

As part of the event, one particular panel, Out of Shadow: Combating the Evolving Illicit Finance Threat, will focus on how the danger of illicit finance, which covers everything from laundering money from illegal activity to funding terrorism, is becoming greatly a bigger danger due mainly to the rapid growth in the use of cryptocurrencies.

With the inclusion of a provision in the 2020 National Defense Authorization Act to examine the use of new financial technologies in terrorism financing, regulatory scrutiny of cryptocurrencies is poised to take another step forward under newly appointed US Treasury Secretary Janet Yellen. Of course, even before Secretary Yellen鈥檚 arrival, anti-money laundering and combating the financing of terrorism programs were a top priority for both the Internal Revenue Service and law enforcement officials alike.

Indeed, if recent developments 鈥� such as the seizure of millions of dollars鈥� worth of cryptocurrency from Al-Qaeda and ISIS in August 2020 鈥� are any indication, the dark world of crypto-terror appears ever more pronounced and insidious.

You can听 about the upcoming American Security conference here.

This podcast offers an important update on the elevated illicit finance threat environment. What regulatory actions are expected under a Biden administration? How comprehensive will a renewed multinational fight against terrorism financing be in today鈥檚 tenuous climate?

The US has shown differing approaches to the crypto-regulatory environment, including several individual states taking it upon themselves to become trailblazers in crypto-regulation and enforcement. Statutes in several states are being enacted to require licensing for money-services or transmitter businesses, for example.

, available on the听, Gina Jurva, attorney and manager of market insights and thought leadership content for corporate and government at the 成人VR视频 Institute, speaks with one of the upcoming conference panelists, Jose Caldera, Chief Product Officer at , an AI-powered identity platform that provides identity verification, regulatory compliance, and digital identity solutions

The pair discuss how virtual currencies are being used by bad actors to move illegal money and fund terrorism, the recent rise of ransomware attacks, and how enhanced identity verification tools are a key component of fighting financial crime.

This scam has been around so long that it has spawned its own memes, and most of us would not be even slightly tempted to fall for the promised riches. However, that does not mean there are not countless other international fraudsters and schemes that can trick people into taking the bait.

As part of its Government Influencer Series, the 成人VR视频 Institute recently hosted a webinar, , to discuss the evolution of global fraud. The panelists discussed with moderator Gina Jurva, manager of market insights and thought leadership for corporate and government with the 成人VR视频 Institute, how we can all increase our awareness of these schemes and help to prevent these crimes from victimizing us and other.

Recent developments in global fraud

The panelists began by providing an overview of the developments in global fraud in the last several months. Although technology continues to evolve, 鈥渃riminals are driven by greed and a lack empathy for victims,鈥� said panelist James Robnett, Deputy Chief IRS Criminal Investigation, identifying data breaches as a “fertile source” of personal information that criminals use for schemes, including filing false tax returns. During the pandemic, there was also a “real uptick” in thieves creating false businesses in order to receive pandemic-related benefits. Robnett noted his agency has initiated more than 500 cases involving nearly $1 billion dollars arising from pandemic fraud schemes.

Robnett also noted that his office has made changes to adapt to criminal threats and to even get in front of the threats. These changes include putting “data governance” and related tools in one division in order to better serve field agents in their work.

You can access the 成人VR视频 on-demand webinar, , here.

Panelist Channing Mavrellis, Illicit Trade Director at Global Financial Integrity, highlighted “customs or trade fraud” as an evolving area and identified “Chinese professional money laundering networks” in the United States but also operating in Mexico and Colombia. Trade and custom fraud schemes allow criminals to evade “capital controls” in order to launder money. Mavrellis described how criminals use a “three-country scenario” that allow these criminals 鈥� 听often Mexican drug traffickers 鈥� to repatriate criminal proceeds to their home country from the United States by using a partner from a third country, typically China. These schemes allow criminals to evade currency controls by hiding illegal proceeds through apparently legitimate import and export deals.

., a panelist and Assistant Special Agent in Charge for the Jacksonville field office of the U.S. Secret Service, pointed to a specific date 鈥� March 27, 2020 鈥� as standing out for him because that was the date the (CARES) Act was signed into law, making “billions of dollars” available in pandemic relief. Almost immediately, fraudsters began submitting “millions, literally millions of fraudulent applications to both the state workforce agencies and to the Small Business Administration.” Dotson noted the adage “fast money, fast crime” to describe the results. The need to get money out to people quickly and the overwhelming number of fraudulent applications, overwhelmed systems that were not able to keep up with identify verification it screen out the fraudsters.

In addition to Mavrellis’ identification of China and other Asian countries as contributing to global fraud, Dotson included western African and Eastern European criminal enterprises that are active in cybercrime fraud.

Examples of technology-based fraud schemes

The panelists next discussed specific fraud schemes that relied on both traditional technology as well as more sophisticated cryptocurrency schemes.

Mavrellis began by discussing fraud schemes bases in countries. Jamaica, for example, is one country where lottery or blessing circle (also known as Sou-Sou or Susu) scams have become a 鈥渃ottage industry in the country.鈥� These scams are low tech and often target the elderly. Although not sophisticated schemes, they still bring in as much as $300 million to $1 billion each year. Because these scheme involve criminal organizations and high profits, they can also lead to violence.

As many as 200 Jamaicans are killed each year in connection with . Violence arises when call lists are stolen or a list is sold and then payment for the list is refused. Mavrellis noted that the Jamaican Ministry of National Security 鈥渃ategorized fraud and scams as one of the highest level threats鈥� for the country and consider these schemes to be a 鈥渃lear and present danger.鈥�

Although the government takes these frauds seriously, Mavrellis noted that victims often become angry at the government when they shut down lottery schemes because the victims feel 鈥渃heated鈥� out their chance for a big payout from the lottery.

Bitcoin ATMS

Dotson brought up the phenomenon of how Bitcoin ATMs (often called BTMs) are being used by criminals who troll dating apps or sites that target the elderly in order to socially engineer unsuspecting individuals into becoming 鈥渕oney mules鈥� for transnational organized crime groups.

These apps and sites are used to convince individuals they are in a romantic relationship with a 鈥渃yber boyfriend, girlfriend or significant other鈥� who needs their help exchanging money through BTMs, Dotson explained. In one instance, an elderly woman was showing up to a store with $40,000 to $50,000 in cash to feed into the store鈥檚 BTM. Some store owners have had to ask individuals to stop using the BTMs because they are worried that the frequency and amount of the transactions would bring negative attention to their shops.

成人VR视频鈥� Jurva noted that there are currently more than 42,000 BTMs in the United States and the . Because there are fewer regulations around BTMs, it can be difficult, if not impossible to monitor all of the transactions.

El Salvador鈥檚 recent recognition of Bitcoin as an official currency is another challenge. Although it may create criminal opportunities, it also solves real world problems in a country where 70% of the population is unbanked and where transaction fees for banks and other money transfer services are very high. In order to facilitate Bitcoin transactions, El Salvador also adopted an official crypto wallet, , and placed 30 Chivo-enabled BTMs in the United States.

Future of global fraud

With no limit to the creativity and greed of criminals and fraudsters, the panelist emphasized the need for global cooperation in stopping transnational criminal enterprises from exploiting individuals and laundering their illicit proceeds. Whether it is a fraud that targets vulnerable individuals such as children or the elderly or exploits system vulnerabilities such with the pandemic-related benefit schemes, only through cooperation among enforcement agencies and heightened awareness among the public can these criminals be stopped.

Given the legal and business continuity risks to their company, in-house counsel must have a central role in ensuring that their company (and, if necessary, the corporate law department) has an emergency or disaster recovery plan in place before an emergency arises. This plan must be flexible to cover any probable emergency that may arise.

Developing a company’s emergency response plan

In-house counsel typically serves on their company’s emergency response team and often have a significant role as a leader in creating their company’s emergency response plan, even though the law department may not be directly responsible for managing or owning the plan. In particular, in-house counsel is exceptionally situated to help prepare and provide feedback on the emergency response plan because of their knowledge, experience, and ability to identify red flags and analyze “what if” situations. For example, in-house counsel must apply their knowledge of applicable data privacy laws and determine the best course of action if there is a risk of a cyberattack that could compromise sensitive information stored by the company.

You can learn more on this topic at the upcoming panel, ““, at the Association of Corporate Counsel’s 2021 Virtual Annual Meeting (10 a.m. to 11 a.m., EST on October 20, 2021).

A starting point in emergency response planning involves identifying the possible risks to the company. Planning must account for general risks and those risks specific to the company based on its geographical footprint, industry, and workforce. In addition to ensuring business continuity and minimizing risks, a company needs to consider critical questions, such as:

• • • Whether it should use a one-size-fits-all approach for all emergencies and company sites, or customize the plan to specific emergencies and sites?
    • Who has access to the plan?
    • When does the plan activate?
    • Who will execute the plan in the event of an emergency?
    • Who will the plan affect, both internally and externally?
    • What critical functions, systems, and activities are central to the company?
    • What external and internal resources exist for responding to an emergency?
    • What actions should the company take as part of its post-emergency response?
    • How should the company handle an emergency that may affect only part of the company?

As part of its planning, a company must also account for emergencies when all or part of its workforce already works remotely from different locations 鈥� a common occurrence resulting from the corporate response to the pandemic. Therefore, the emergency response plan must address information technology systems, security, and employee safety for a fully or partially remote workforce.

Once the company develops a plan, it should then inform the emergency response team. The company should also train key personnel and hold drills to test the plan.

Ensuring the law department’s preparedness

A company鈥檚 law department must have the ability to function during and in the aftermath of an emergency. Depending on the company, the law department may require its own emergency response plan. As a result, the law department should know the company’s emergency response plan and ensure consistency with the department’s own emergency response plan, if any.

The department should follow a similar approach to emergency response planning, consistent with the company’s overall planning. This includes assessing possible threats, determining overall preparedness, creating an emergency response team, drafting a written plan, conducting drills and training, and identifying post-emergency legal priorities (such as evaluating contractual obligations and notifying insurance carriers).

Among other impacts, an emergency may require the law department to take additional actions to preserve legal privileges, protect trade secrets, and maintain confidentiality of information. For example, the law department must continue to maintain the confidentiality of attorney-client privileged communications throughout any emergency.

Further, the risk of inadvertent disclosure and waiver rises when the law department or other company personnel work remotely. To help protect against the inadvertent waiver of the attorney-client privilege, the law department should adopt procedures and take appropriate proactive security measures if the emergency requires the law department or company personnel to function remotely.

Updating the emergency response plan

Finally, emergency response plans must be dynamic, rather than frozen in time. In-house counsel must work with their company to regularly review and update their existing emergency response plans. If an emergency occurs, a company should also consider conducting a post-emergency audit of the company’s actual response and address any deficiencies in the existing plans.

For example, a company should update its plan to reflect relevant organizational and other changes. This includes changes to key personnel, technology, the company’s office locations (or remote workforce), relevant laws (such as environmental standards), possible threats, and the organization’s culture.

While an emergency creates the potential for disrupting business operations and creating legal liability, a prepared company and its law department can minimize these risks. To ensure preparedness, in-house counsel must actively participate in the company’s emergency response planning and play a strong leadership role in its development, execution, and update.

Further, it appears that little has been done to address the financial element of domestic extremism as demonstrated by the January 6 U.S. Capitol insurrection.

The FBI’s Terrorist Financing Operations Section (TFOS), created after the 9/11 attacks to bolster the gathering and effective use of financial intelligence and which previously had assisted public-private sector cooperation, was dismantled in 2019 amid a bureaucratic reorganization.

As a result, “the expertise and the guidance that is uniformly needed is not there anymore,” said panelist Dennis Lormel, first head of TFOS, during a webinar hosted by consultancy .听“From a [counter-]terrorist financing perspective, I think we’ve taken kind of a step backwards,” Lormel said. “Where’s the capacity to share that information going forward?”

Another panelists, John Roth, former chief of the U.S. Department of Justice’s Asset Forfeiture & Money Laundering Section and one of the authors of 听on terror finance, agreed. “Losing a centralized control over terrorist financing is a huge blow,鈥� Roth explained. 鈥淲hen terrorist financing is everybody’s responsibility, that means it is no one’s responsibility. We’re going to a pre-9/11 where there was no centralized repository of intelligence or coordination of anything else, so as we look forward, this should be troubling.”

Roth added that cyberattacks such as the ransomware attack against Colonial Pipeline in May 鈥� the most disruptive U.S. cyberattack on record 鈥� is “a classic example of asymmetrical warfare like al Qaeda was using against us in the 9/11 attacks.

“Are we fully prepared to combat that in a way that makes sense? What is the financial services community’s role in that? I have no idea,” Roth said.

Worries over law enforcement cooperation

Cooperation between law enforcement agencies is “better” than before the 9/11 attacks thanks to the FBI’s Joint Terrorism Task Forces (JTTFs) and fusion centers, but there is reason to be concerned about complacency, Lormel said. “There’s an age-old problem between different agencies and interagency jealousies, and I think over time that complacency comes back and it’s human nature that those animosities lead to a lack of cooperation and information-sharing at the level you need 鈥� so you need to be kick-started by another event, unfortunately, perhaps.”

When asked what the “biggest change” has been for banks since the 9/11 attacks, panelist Rick Small, a former Federal Reserve enforcement and investigations official and head of financial crimes compliance at Truist Bank, cited “increased scrutiny on our AML programs.” However, Small added, that when it comes to spotting terrorist financing, “we haven’t advanced that much.

“Banks aren’t going to be able to find terrorists by looking at financial transactions,鈥� he said. 鈥淭he only way we’re going to find terrorists is if law enforcement or intelligence agencies give us information [that] we can look at, and maybe we can then find money movement that will help in identifying and maybe stopping some attacks.鈥�

Because of this, in the wake of terrorist activity, “banks are still, at the end, looking backwards and saying ‘What [data] did we have based on what we know now?'” Small noted.

Domestic extremism & terrorism

John Byrne, executive vice president of AML RighSource and moderator of the panel, noted the Jan. 6听attack on the U.S. Capitol听and the domestic terror finance risks it highlighted. Yet, the U.S. government has not yet provided guidance to financial institutions, Bryne said. “The question for us in the AML community鈥� is ‘What happens here?'”

Small said the challenge that domestic and international terrorists pose for banks is听essentially the same. “We don’t know who they are,” he said, noting that hundreds of people have been indicted for their roles in the Jan. 6 attack. But “who would have said prior to the indictments and their names becoming known that those were people of interest that the banking sector should be looking at, and what would we be looking for?” Small asked.

“A lot of banks, once the information was available, went back and looked at transactional activity and I’m sure filed suspicious activity reports, but that’s reactive,” Small said.

“It will help with prosecutions, but I’m at a bit of a loss as to what we as banks can do proactively without a lot more information from the law enforcement and intelligence communities.”