Subscribe
Share
Share
Embed
Ropes & Gray attorneys provide timely analysis on legal developments, court decisions and changes in legislation and regulations.
Nitish Upadhyaya: Hello, and welcome back to RopesTalk. We’re venturing back inside the house with Amanda McGrady Morrison and Katie Daniels, drawing on ideas and experiences from their time in-house, but partnering with the business to achieve growth and manage risk. In the first episode, we covered everything from how you frame what the legal and compliance function does, to how you go about garnering trust, and then, what do you do when you’ve got trusted relationship with the business, and you’re actually in the room where decisions are being made. If you missed it, check it out on RopesTalk—you’ll also learn a bit more about Amanda and Katie in that episode. Now, let’s get back to the conversation. The topic that’s on everyone’s mind at the moment is AI. What should GCs and heads of compliance be asking themselves?
Katie Daniels: Great opening question for today’s conversation, Nitish. I think it’s important for governance professionals to remind themselves that the most important AI questions aren’t actually technical. It’s not, “Which is the best LLM” or “Who is going to be the next greatest thing to try to sell to your business some solution?” The questions we need to be asking ourselves are, “Who actually owns the decision to deploy an AI solution? Who owns the decision on how to map uptake and information use? And what happens, and how do you keep track where the decision is not quite right?” They’re governance questions, and understanding how you overlay a governance model on a technology and a way of doing business that’s changing possibly by the week is one of the biggest challenges governance professionals are going to face in 2026, especially in the context of wanting to maintain your trusted advisor status and be in the room when the conversations are happening.
Amanda McGrady Morrison: AI is a topic that comes up in many of our conversations with clients, as they are trying to navigate this landscape which is ever-changing. And it’s good to remember that AI is a power tool—it’s not magic—and that governance does come first. Start with the questions Katie asked, and then, I think you can take it further to say, “What business problem are we solving? What data, and what rights are we using, or do we want to use? Do we have the privacy, intellectual property and security safeguards that we need to have in place? Are we being thoughtful about the outcomes and the output to make sure we’re managing for bias and transparency? And how are humans involved in reviewing the outcome and output of it?” The good news is I don’t think legal and compliance needs to think about doing this on an island. It really is a cross-functional job and opportunity to work closely with others within the organization, and—to harken back to our earlier episode and Katie’s good recommendation—to really see what peers are doing and what is working effectively for them on the governance front so that you can really bring to bear broader experience and broader functional lenses through which to evaluate AI and how it’s going to be deployed in the business.
Katie Daniels: This is another position or spot where you can actually insert yourself with a dual-purpose conversation. Simply walk in and ask a business, “Show me how your team is using this. Walk me through your process.” That’s going to do two things. One, you’re going to learn how their business has evolved using AI. What you thought was the business process in 2024-2025, I can almost guarantee has been changed by the impact of AI. And it’s also going to give you some subtle markers on whether or not your team in the frontline really knows and understands those issues that Amanda just raised, the IP and security issues. Are they using information that’s actually under an NDA? Again, as I said in episode one, I think most people are well-meaning and aren’t trying to break an NDA by virtue of sneaking into an AI model or an LLM—they may simply not appreciate what the rules of the game are for their data point. If you sit down with them, learn and understand how they’re using it, and then step out of the room to reflect on what the next approach should be, rather than correcting them in the moment, you’re going to get a deeper understanding of the business, an appreciation of the risk, and an opportunity to identify where you may need to lean in more on some training or some principles on AI use.
Amanda McGrady Morrison: One other topic for legal and compliance folks at our clients to consider is what they can be doing from an AI perspective within the legal and compliance function at their businesses. I anticipate that that will be a call to action, if it hasn’t already been, by many of the executive committees, boards of directors, presidents of their organizations to think about how can they make their teams more efficient, how can they make sure that they’re keeping up with the latest technology as it applies to the legal and compliance function itself. This is obviously different than the broader governance questions we were talking about, but I do think it’s a very timely topic and an area where Ropes & Gray can be a fantastic resource because we have a lot of visibility into the different tools that are available for our clients.
Nitish Upadhyaya: I think it’s a great point, Amanda, that you’ve got to be using it yourself to not just get the efficiencies out of it, but also, then get a really good sense of how other people might be using it. If you’re not familiar with the tools within your business, it’s difficult. Just like understanding the business and the risks that are there, you’re not going to be able to really pin back, “Oh, I did this. What about this? How does that work? If I put this into this model, what does it spit out? That was a weird response. I wonder what people are doing with the responses they get from their models, and how that might be used in the business, or how that might be used with clients?” So, I think you’re absolutely right. There is the governance piece on AI. There’s also the try and see from a legal and compliance perspective how it does enhance what you’re doing, and then, gives you a back door almost into the risks that other people in the business might be facing as well.
Let’s think a little bit more about your broader experience then. What are you bringing from your time in-house into the way that you work with clients now? Katie, what are some of your big learnings?
Katie Daniels: I think I mentioned this in the first episode, but one of the biggest observations that may not be visible to lawyers who have not practiced in-house is the change management piece. The delivery of a memo, or an opinion, or a post-closing transaction checklist of what needs to be done is sometimes the end of the day for some lawyers. But you’re delivering that information into a universe of businesspeople who then need to execute and are likely feeling some anxiety at this list of rules that’s just been handed to them by a lawyer. So, what I’m bringing and what I’m sharing fairly consistently across the board is a question whether it’s to one of my colleagues here at Ropes, or to one of our clients, “What next?” How are we going to translate this checklist of rules, or this post-closing list of remediation points into actual action that we can then track, report to the board, report to the CEO, really appreciate and understand that it’s happened? Unless you translate the checklist into a solution, it’s going to be very hard at the end of the day to demonstrate that there has been an effective change. So, the biggest thing I’m bringing is having watched solutions be dead on arrival because people hadn’t thought through the fact that the rule list is only half the equation, and often, maybe not even the most important part of the equation.
Nitish Upadhyaya: Something we talk about a lot, Katie, rules versus people, and that human factor when you are going through checklists or log memos, whatever lawyers are used to preparing and providing in an age where things are maybe read very briefly, things need to be succinct, and time is ever at a premium. So, I think that human factor also comes out in the conversation. Of course, as a behavioral scientist, I am biased in wanting to bring out that human side of it, but I do think we see it time and time again, people asking for work product that is digestible, that is relevant, and we’re having to ask, “What are you going to use this for? How are you going to use it? Who’s going to use this in your business? Does it have four different audiences (audit, risk, the business, compliance)? Who else is involved in this? And what do they really want to get out of it?” And it’s also a part, I think, of building those relationships and helping legal and compliance officers build those relationships with other parts of the business. What about you, Amanda–what wise words do you have from your experience?
Amanda McGrady Morrison: Well, reflecting on what you both have just said, it reminds me of the phrase I mentioned in our last podcast episode, which was, “Relationship before task.” I think that it can be easy, particularly for perhaps younger lawyers, to check things off their to-do list and to feel like, “The job is done.” But that’s really not where the job ends. If you understand and have developed that relationship we were talking about, then you understand what the objectives and broader context is, and how you can help the business continue to identify and provide the solutions, as opposed to saying, “Well, you were copied on the email or the memo.” That is not where the job ends. And so, the practical advice I would give is to say: Start with the desired outcome, and work backwards. Make sure you understand what the objective or goal is so that you can come as close to it as possible, or help the client come as close to it as possible. I think having sat on both sides—having been in-house, having been in private practice—I can really focus on translating strategy into decisions that achieve the clients’ goals and are consistent with their risk appetite. And the good news is I think clients are well-served by advisors who have that practical aspect to the way they approach problem solving, but also, have a consistent and commonality of values–a true fiduciary mindset, an ability to put yourself in the shoes of the client and know that you’re helping them achieve their goals in a way that is risk-adjusted. You’re not chasing a personal win; it’s not about us as advisors—it’s about the best outcome for our clients.
Nitish Upadhyaya: So, we’ve heard a little bit about your working practices, what makes that client relationship. Where did you see some of the biggest opportunities during your time in-house?
Katie Daniels: I would remind the folks that I’m working with that I can be a coach. Sometimes, when you are skilled in the business, have been around the block for a while, actually can anticipate where the CEO wants to go or where a particular business lead wants to go, you can fall into the trap of actually doing the work yourself. Amanda talked about her daughter’s school and the relationship being first. I think we need to remember that folks won’t do the work unless you support them doing the work. So, a skilled advisor who has become really good at problem solving and has possibly more reps on an issue than the business leader they’re dealing with can default to doing it themselves. But that’s not where the opportunity is—the opportunity is training the first line in risk identification, risk mitigation, understanding their people, creating that environment where, while it’s certainly important and I want somebody to come to me if they’ve got something on their mind, business leaders need their own teams to be able to come to them when they’ve got something on their minds. So, your role in addition to being a fiduciary and a governance professional is really to be a coach on effective leadership and risk mitigation.
Amanda McGrady Morrison: To build on Katie’s thoughts, I think you have an opportunity to allow your team to shine and to allow them to grow into more experienced and seasoned professionals. And I think that that coaching and mentoring aspect is a really key part of the job and the role of being the most senior legal or compliance person in the room or in the organization. I also think that part of that is by impacting the culture of the organization by modeling behavior, and I think that there are so many ways you can do that. It often is in the quiet ways that you model behavior by listening, by appreciating the contributions of others, by helping build bridges across the organization, breaking down silos, by thanking people, being appreciative of their contributions, and treating really everyone within the organization, regardless of role, in that manner, and also, outside advisors and other third parties so that it is a consistent, respectful interaction that people are observing. And I think that by helping contribute to and build that type of healthy workplace culture, you’re really able to get ahead of and in front of potential compliance challenges that ultimately makes your life much easier on the back end.
Katie Daniels: That’s so important, Amanda, because when things go wrong or people start to feel that things might be going wrong, understanding and appreciating what your reaction is going to be, or senior leadership’s reaction is going to be, can make the difference between actually raising an issue when it’s small and solvable, versus hiding the issue because they’re afraid of the outcome. So, while we started with what “inside the house” means to us and what can we bring, I think we’re closing as maybe we always knew we would, with the fact that you need to consistently and persistently be a person who people are not afraid of. You can never show up as a voice of authority even when that’s your role. You need to be a voice that’s going to hear people’s concerns and have a reputation for being a problem-solver.
Nitish Upadhyaya: I couldn’t ask for a better set of points to wrap up the show with. You have given us, Katie and Amanda, some more gems from your time in-house, and it’s been a real delight speaking to you and getting a sense of how you take that experience and bring it into the work that you do at Ropes—the commercial realities, the practical ideas, the building up teams, and tackling those hard challenges face-on. So, thank you for your time, for your candor, and for bringing listeners with you on the journey. Thank you all for tuning into the latest episode of RopesTalk. You could subscribe to the series wherever you regularly listen to podcasts, including on Apple and Spotify. If you’ve got topics you’d like us to cover or novel perspectives you want everyone else to hear about, get in touch. Thanks for listening, have a wonderful day, and stay curious.