Responding to the growth of compliance operations throughout the world, Geoffrey Miller, Stuyvesant P. Comfort Professor of Law, has written the first case-book that examines three related areas of corporate legal practice together: The Law of Governance, Risk Management, and Compliance.
Miller’s book has two goals: to serve as a resource for courses such as his own Compliance and Risk Management for Attorneys, and to encourage legal scholars to look at the three areas as a field of legal study of their own.
“Compliance is inseparable from the two other functions,” Miller explains. “Governance, because how a complex institution is governed is a key part of how it complies with the law; risk management, because nearly all programs pertinent to compliance are fundamentally grounded in risk assessment and operated according to an organization’s enterprise risk management system.”
While this is a well-recognized trinity in the business world, referred to as GRC, it is only now making waves in legal academia. “The carryover is very obvious,” Miller says.
He compares the birth of this new field with the development of administrative law. In the early 20th century, scholars realized that the administrative process, formerly part of the law of remedies, was in fact a separate discipline with its own content and structure. Similarly, aspects of compliance have been dispersed among the various fields of legal thought, such as corporate law and even constitutional law. “People are realizing GRC is not a hodgepodge of ideas,” Miller says. “There’s an intellectual core to the topic.”