What risks are most worrisome for company executives and how canlegal departments, chief risk officers and others in a company best mitigate anypotential harm?

These questions were asked and answered in Ropes & Gray's“RiskyBusiness: Mitigating Exposure Through Comprehensive RiskManagement” study, released Monday. The study, which Ropes & Gray conducted with research service FT Remark,asked 300 senior executives across a number of industries toidentify their top risks and reveal their readiness to handle legaland regulatorychallenges.

Regulation and compliance landed on top of the list forrespondents when it comes to risk factors they are most worriedabout. This was followed closely by sanctions and export controls,tax and intellectualproperty.

Interestingly, despite identifying regulation and compliance asrisk factors that are of the greatest concern, for more than halfof respondents (57%), these two areas of risk were identified asthose they feel least prepared to address. This likely explains whynearly 80% of respondents said they currently allocate the mostrisk management resources to dealing with these risks and 55% saidthey intend to devote more in the next 12 months.

As for the risks respondents feel best prepared to deal with,43% named corporate social responsibility and supply chainmanagement, followed by enforcement/investigations andcompetition/antitrust risks.

Beyond just particular types of risks, respondents were alsoprompted to consider how location plays a part in corporate risk.Some 28% of executives named China as the market that's riskiest tooverall business. This is more than double the number of execs whonamed the markets rated second riskiest on the list, Brazil and theUnited Kingdom, which were tied at 13%. The United States came in aclose fourth, with 11% citing it as the market that poses the mostsignificant risk to their businesses.

Any of a number of players can take the lead when it comes torisk mitigation. It depends on a particular company's needs and thetypes of risks at issue, the report pointed out. Legal departments,for instance, are often responsible for risk mitigation when itcomes to enforcement/investigations, sanctions/export controls andintellectual property risks. The chief risk officer may take chargeof managing anti-corruption bribery/and anti-money launderingrisks.

And while the approach to risk management seems to vary bycompany and the nature of the risk, setting the right tone from thetop appears to be a common theme in addressing these dangers. “Ourfounders recognize the value of strong governance,” HeatherMitchell, managing director and global general counsel forinvestments at The Carlyle Group, said in the report. “Once thattone is set, you have to identify the risks, and estimate theirlikelihood and then their potential impact on the business.”

Mitchell added that risk awareness and responsiveness are“fundamental” to the company's culture. “We're doing everything tomake sure that our best practices are communicated throughout theorganization. And we use that information not only to anticipateand mitigate risk, but to take advantage of risks if they offer anopportunity,” she said.

InsideCounsel