CLP Beacon - Business Issues and Solutions

Saturday, June 25, 2016

Avoid the 4 Major Legal Risks for Start-ups

As a corporate executive, I tried to bond with lawyers who were business people first and foremost and not just ones trying to tell you why you cannot do something. However, over time, I learned that having a good legal mind attached to your project/business is critical for success. Why? Because a good business attorney is critical to manage the risks (and there always are risks) of the business.

If you remember the movie The Social Network, one of the original founders, Eduardo Saverin, did not pay attention to the terms of a contract he signed with Facebook’s Mark Zuckerberg. That cost him dearly although I have a hard time feeling bad for someone worth in excess of $5 Billion. It makes you think though that perhaps startups are different animals than normal businesses and perhaps the participants – the founders, employees and even the contractors – involved in a startup need to pay attention to several aspects of the business. By so doing, these participants can avoid the things that can go bump in the night.

I therefore, welcomed the opportunity to listen to Mark Skaist, co-chair of the corporate practice of Stradling Yocca Carlson & Rauth, one of the leading law firms in California, talk about the Legal Pitfalls in Entrepreneurship. And it is particularly relevant for me as a consultant to start-ups, a member of the boards of start-ups, a potential employee of a start-up, and as an angel investor with TechCoastAngels. I provide the following information as a convenience to the readers to be aware of these elements and strongly suggest that for legal advice see an attorney as they can help you avoid major issues. I took his talk and developed a simple checklist which can be used to ensure vital points are covered.

Mark laid out four areas that can create pitfalls. These areas are:
  • Capitalization/Equity
  • Taxes and financial obligations of company and executives
  • Intellectual Property
  • Employment



  1. Have you documented all the equity transactions? Type? Class of stock? To Whom? Number of shares?
  2. Have you sold to accredited or non-accredited investors? Were the rounds distinguishable?
  3. For equity to the founders, have you adequately described voting rights, vesting terms?  
  4. Do you have a contract with the founders regarding performance, trade secrets, non-competes and similar items?
  5. Do you have any “bad actors” as executives whose prior issues might result in a problem for future investors?
  6. Do you have acceptable deal terms for original and successor investors, specifically issues relating to non-dilution rights (which could be a problem) so you don’t have an investor having leverage over the company?
  7. Do you have convertible notes with a valuation cap (if so, make sure it’s not too low)? When is the maturity date? Is this date after the potential raise for the next round?

Taxes and financial obligation of company and executives

  1. How is the stock that is granted to the different shareholders and the executives valued?  Will there be a tax liability based on the valuation of the company as reflected in the share price? Are they truly founders shares worth only a few cents or has a prior round, e.g. friends and family, been offered at a higher value per share which may create a financial obligation to the grantee of the stock?
  2. Is the stock to be granted restricted stock or stock options and what type of options are they?
  3. How is the company being valued? Have you or will you use a third party for valuation of the equity?

Intellectual Property

  1. Have all IP developed by the employees, founders and third parties been formally assigned to the company?
  2. Have all the graphic designs, logos, domains, visual representations, iconography been assigned correctly to the company?
  3. If the company is licensing IP, are the agreements to license been signed and reviewed by attorneys?
  4. Is there a clear definition of trade secrets so there is no misunderstanding as to what constitutes a trade secret?
  5. If an employee leaves the company, how are you protecting the company against loss of trade secrets? Are your internal procedures clear to safeguard trade secrets?
  6. Are all trademarks registered to the company? 
  7. Are all domains, logos, tag lines and other marketing items available for use and registered in the company’s name?  Do they conflict with a third party’s rights?
  8. Is the company name registered to minimize the potential for a legal battle with a larger better capitalized company?
  9. Are you using open source code? And if you are, are you co-mingling open source code with proprietary code such that the entire code tree is tainted and therefore treated as open source?
  10. If you intend to patent an invention, have you inadvertently “publicly disclosed” the invention (which could affect your ability to later patent it)?


  1. Do you include non-competes  in contracts with the executives, employees and contractors (if so, in some states this could be a problem)?
  2. Are all contractors clearly third parties and contracts in place between the company and them?
  3. Is there anything in the way you operate that could be construed as contractors are in essence employees of the company e.g. titles, office space, working hours, benefits, stock grants? Are contracts with individuals for less than one year?
  4. Do your contracts with suppliers state that the contract may be terminated for any cause with 30 days or less notice?           

Clearly the checklist is not complete and most likely other questions will arise for your particular case. Hopefully, though, this checklist is a good start to use in working with your co-founders and attorneys in structuring the best deal for the company. Many attorneys have special rates for promising start-ups and my suggestion is to talk with them to understand what they can do to protect your business and its Intellectual Property. Without this protection, things can go bump in the night. I know as I have been on both sides of the fence.

C-Level Partners helps small to mid-cap companies in the tech, service and manufacturing markets grow their top line and their margins. If you have any questions on growth and managing risk in a growth or start-up environment please feel free to contact me at or call me on 949 439-4503.

Tuesday, June 21, 2016

4 Critical Aspects of Risk Management in Smaller Firms

All firms, regardless of size, face risks in their activities. There are a few steps one must take to ensure these risks do not result is bad outcomes. And following through on these should not be deemed a cost, but rather an investment in more effective and profitable growth for your firm.

Identifying the risks is the first step in the risk management process. One needs to take care to ensure that all of the risks are identified. Whether you plan to manage the risks, offload some risks by using an insurance arrangement or outsourcing the activity, or simply decide the probability of a bad outcome is sufficiently low that you can safely ignore the risk. But, you need to identify all of the risks facing your business.

Superficially this may appear to be a simple task, but if you’ve only spent a small amount of time compiling the list it is quite likely you’ve missed a few. So do some serious thinking and ideally ask for assistance from an outsider to question as much about your business as

possible. If you have been successful and not missed anything, the pat on your back will be well-deserved. But that is very unlikely. And don’t beat yourself up over having missed a few things.

So you have your list of risks and you’re confident the list spans the space of potential downsides your business faces. Now is the time to determine how much control you have over any possible risk events. For your internal operations you do have substantial control. Clearly your processes have to be documented and your staff trained to perform their respective tasks.

To ensure training conforms to current activities, the documentation has to be current. Only then can you “pass the bus test” and the back-up person filling in for an absentee can perform the task correctly and in a timely manner.

A useful way to think about risk management is applying the old adage that the chain is only as strong as its weakest link. In this context that means every staff member has to “get it.” Getting it means they have been trained and understand their job and are able properly to carry out their tasks. This includes highly skilled and experienced individuals as well as new staff.

I’m reminded of my former London-based firm’s policy of hiring disadvantaged school leavers to give them an opportunity they wouldn’t otherwise have. One was a 17-year-old woman that had never worked before and I was tasked with providing an induction to risk management. This was part of the process the firm employed with all new employees so that early on they would be introduced to all activities of the firm and be better able to perform their role. I have to admit that initially I was at a loss in this case. Then I asked her what tasks she had been told that she would perform. Her reply gave me what I needed to bring her to the point where she “got it.”

She said that one task she would be responsible for was sending out monthly reports to clients. This meant she would be printing and binding the reports, placing them in FedEx envelopes and passing them to the FedEx driver the first few days of each month. I pointed out that this was a very important task as each client needed to receive their report in a timely way each month. And I also noted that this meant that the reports had to be placed in the correct envelope with the client’s address on it. If there was a mix-up, that would mean we had disclosed confidential information of a client to an unauthorized third-party which is a breach of contract and this might result in being fired by the client resulting in the loss of many thousands in revenue each month.

When I explained this she was very worried that she would not be able to perform this task as there was such a large associated risk. I continued our conversation by saying there is a straightforward way to nearly eliminate the risk of a mistake. She could prepare all of the reports for shipping, place them in their respective envelopes and before sealing the envelopes, go back and check that the account codename corresponded with the client’s address on the envelope. Then she could seal the envelope knowing the correct report was going to the addressee.

She agreed that following this procedure would substantially mitigate the risk of sending a client the wrong report. So I asked her to draft the procedure, I reviewed it confirming it was appropriate, and incorporated it into the firm’s overall procedures manual for future reference by any person responsible for sending out monthly reports. I should also say that for the next three years that reports were sent this way, all reports were sent to the correct client.

I should also point out that the overall procedures manual was a key element of developing and implementing an effective risk management framework.

Now let’s consider external factors to which a business likely is exposed.

We’ll take a simple example of a firm that produces items that other firms use to create things to be sold to end users. That is, your firm is a member of the supply chains of your customers’ businesses. Your customers have selected you because you provide a quality product that they rely on to create the products they sell to their customers. So what do you need to worry about?

This list could be quite long. Your business almost surely also relies on a supply chain. Most if not all of the following are concerns for any business.

  • Are all members of your supply chain reliable providers of the input you need?
  • Have you assessed this attribute across your entire supply chain?
  • What contractual arrangements are in place with these firms?
  • Do you have recourse should one or more of them experience a business disruption?
  • Do you hold input inventories to guard against such a disruption impacting your ability to deliver to your customers?
  • How long will your inventory allow you to meet your obligations to your customers?
  • Is this time sufficient to source an alternative supplier to meet your needs going forward?
  • Do you maintain current lists of alternative suppliers to make supplier replacement a straightforward activity?
So far, we are only dealing with your supply chain and there are a number of items to be aware of and managed.

Now let’s look downstream toward your customers. How is your output delivered to each of them? Do you have a fleet of delivery vehicles that you manage? If so you probably see the many levels of complexity associated with this aspect of your business. Alternatively, you may outsource this by contracting with a logistics firm such as UPS, FedEx or the Postal Service. Each of these businesses has a reputation for reliability and it may be well worth outsourcing deliveries. This may even result in improved margins as your cost of shipping falls. Also there are obvious alternatives should a local office of one of these suppliers be hit by a fire, say. But you still need to be aware of the options and be ready to shift gears to keep your production reliably arriving at your customers’ locations.

These last two sets of risks are all associated with activities upstream and downstream from your firm. Regardless of the specifics of your firm and its clientele, these external risks likely are very important to the success of your firm, and therefore need to be managed.

Of course your own firm’s internal activities are exposed to risks and these will be highly specific to your production processes. All risks to which your processes are exposed need to be identified and assessed. Once the impacts of risk events have been assessed you will be in a position to determine whether the risks are manageable, whether in some instances the downside is too great and sufficiently likely that an insurance arrangement may be appropriate to offload the risk, and for some activities whether outsourcing may be a more cost-effective option.

Of course in all cases your processes should be documented for the usual reasons:
  • training of new staff,
  • increasing the reliability of production activities, and
  • ensuring that absenteeism does not impact production.
And this internal documentation should be viewed as an investment in the firm’s business reliability. It also eases the burden of any regulatory inspection or due diligence by a potential acquirer of the firm, as well as make standard audits less time consuming. These returns are rarely accounted for but are benefits from devising and maintaining comprehensive and up-to-date documentation.

The final step, monitoring your firm’s activities, is extremely important as only by doing this will you know things are going well or it something unexpected or untoward has taken place. Also, you will have the best chance to correct the issue – whether it’s a supply chain issue, a staff training lapse, a customer service issue, whatever it may be – before it gets out of control.

This discussion has been at a high level, in part because many of the risks associated with any firm’s business will be very specific. The initial example discussed above was for an investment firm and non-financial firms are unlikely to have a directly analogous activity in their business as few firms report confidential information to clients in the same way. The types of questions that one should ask when identifying a firm’s risks naturally begin at a high level and would include those discussed above about the supply chain. Of course, the internal activities of the firm need to be considered and the risk associated with each of these must be assessed as to their likelihood and potential impact. With this set of information senior management can determine which risks are best managed internally, which activities may best be outsourced, and if appropriate, where insurance arrangements should be made. And there will be some risks that the firm self-insures as the occurrence of such risk events is almost never.

If you’d like to share your experience in managing the risks to which your firm is exposed, please contact me at or call me on (949) 680-8359. If you’d like to discuss any challenges you are facing with respect to managing risks, we offer a free one-hour consultation where we can explore ways of improving your firm’s performance.