What does the CEO of one of Europe's fastest-growing tech companies expect from an in-house legal team? Onfido's CEO, Husayn Kassai, shares his insights.
Husayn Kassai is the CEO and co-founder of Onfido. Onfido helps businesses digitally onboard users by verifying any government ID and comparing it with the person’s facial biometrics using machine learning.
This is an excerpt from our eBook - Revealed: What the business actually wants from legal.
I thought of them as magicians who make everything work. When you try to understand and appreciate the bedrock of civilization, in terms of how we transact and trust each other, and you follow the ‘seven whys’ approach to get to the bottom of it all, it’s hard not to conclude that it is underpinned by a healthy, properly diligent legal system. In order for that system to function effectively for everyone, lawyers need to be its brokers in the business environment – aligning the needs of the business with the relevant laws.
When we started out, we got by with standard templates for our routine contracts, and then relied on outside counsel. That was fine for a while, but then three years in from founding the company we saw that we were relying on outside counsel more and more. That felt like the right time to bring in a full-time in-house lawyer.
So in 2015 we hired a general counsel. She helped to broker internally what we can do ourselves, taking a risk-based approach, and what we need specialists for – meaning outside counsel. At the same time, she streamlined everything around our day-to-day legal issues with employment, commercial partners, investors and so on.
Not in our case – but with most roles I seek advice from trusted advisors when weighing up the hire, and this was an important hire so I did the same. I asked around about what the right time is to hire a lawyer and what qualities they’d need.
Yes, she did. In terms of metrics, there would certainly be metrics in place from the start if we had hired a junior person, but because we hired a more senior individual as GC, she was assembling the team and helped deliver and define what success should look like, including from a metrics standpoint. So it made sense for her to drive that, not me.
There were some non-legal elements to the function, where we monitored numbers or targets to be aware of – things like our outside counsel budget or certain points around tick-box compliance requirements, IP issues (registering our trademarks around the world, for example), standardization and so on – but only at a high level.
Legal’s objective is to help the company grow while minimizing risk. That doesn’t mean bringing risk to zero, but rather, minimizing it in a measured way
It’s not too different from a role like a CTO. If you’re looking for someone who understands programming or engineering at great depth, and you don’t, then you hire the best that you can and you ask experts to help you with the interviewing process. So, in the case of legal, we did the same: we asked our outside counsel to support us in that process. Then when they join, you test them and make sure that relationship of trust is there.
To help the company grow while minimizing risk. That doesn’t mean bringing risk to zero, but rather, minimizing it in a measured way.
The startup background and the corporate background are different. With the latter, the DNA of the company is already established. By that point, legal’s role is about a risk mitigation approach, as the thing you’re building (that is, the company) has already been built. A startup mentality is different. The mentality – and in fact the DNA and outlook – is not quite “We’ve got nothing to lose,” but “We’re here to grow, which means we’re happy to innovate and take risks”. It’s a completely different mindset, particularly when it comes to risk
For a lawyer joining a company like Onfido, it’s helpful if someone’s been in both worlds, or at least not in the corporate world for too long, and that they’re able and ready to get in the startup mindset.
If you’re able to put in the simplest terms possible all the information that’s relevant, for a given decision or course of action, looking at the upside and the downside, then measured risk-taking is fine. When you’re releasing a new product, you can take all the advice in the world but there’s always a risk.
You want a legal team that enables your growth – so, if it’s a small contract out of Australia, you might not think it needs full legal review. For a contract value of $20,000, you might think the investment isn’t worth it. Corporates, and even some scaleups, might go down that route.
A startup thinker would say, let’s invest the time now, perhaps even making a loss, and make that decision or process scalable so that when we have 10 times the volume of that type of decision or process, we’ve done the work already and can build on it. That’s the mindset we’re looking for.
As CEO I work with my legal team relatively often – on investor relations or on the implications of different investment options; on business contracts. For example, this partner in this geography wants this liability, or insurance provision, or IP, licensing – a whole range of issues. Being a startup we have to work out which decisions and compromises make sense for us. Then there’s employee matters, like HR issues where legal advice would be helpful. I work if not every day then certainly several times a week with the legal team.
If you step outside of defined processes and end up having to manage non-standard language or clauses later, then you’re just kicking the can down the road
It’s the opposite at Onfido – it’s very much a two-way street. Having a growth-minded legal team is essential. To give you an example: chief information officers and chief security officers, when you look at the role historically, have always been about risk mitigation. But nowadays, that’s not the right way to think about it.
Their goal is to drive company growth while mitigating risk, rather than just risk mitigation for the sake of it. I think the same applies to legal. It’s about delivering on the company’s mission, while mitigating risk on the journey.
When it comes to sales, our sales culture is competitive. That means that people are working really hard to get deals over the line, and that might make people think they could even be relaxed sometimes about the processes through which we close them.
But discipline is important. And having experienced, senior sales leaders is vital too – they need to make it clear that you can’t mess around with legal process. If you step outside of defined processes and end up having to manage non-standard language or clauses later, then you’re just kicking the can down the road, which is inefficient and unscalable.
10x thinking means trying to achieve tens of millions in revenue across hundreds of businesses - you can’t piece that together later from your contracts if the processes aren’t standardized
10x thinking is about trying to achieve tens of millions in recognized revenue across hundreds of businesses. You have no chance of piecing that together later from your contracts if the processes aren’t standardized and efficient. We make sure that sales reps know the legal team needs to review anything that’s not standard. So, we have our standard contracts, and then there’s one page where we can list deviations, with legal sign-off. Our legal team is about six people, and early on in the deal, the sales rep will start engaging with legal. They’ll flag the deviation and let them know that they’ve pushed hard to minimize it or avoid it, but that this is where we’re at, so what’s the middle ground we can reach?
By taking that approach, we make sure there are no surprises when the contract is ready to sign. The sales rep knows they have to push hard not to deviate, but we’re in a world where occasionally we will have to compromise. That’s not my job to manage – the only way to scale is if it’s done locally with counsel and sales, then escalated if necessary. That way, we make sure the discussions happen at the right stage, with the right people. That’s what will scale.
I’d highlight privacy. Privacy should be at the forefront of your product discovery and development. A decade ago it was design – your product team came up with a functional idea, engineers built it and then design was something you finessed at the end. Now, thanks to Apple and Facebook and other pioneers, design is crucial at the point of inception. Similarly with legal, privacy should be at the point of inception of everything. Legal provides huge value there.
Then there’s the strategic element too. In our executive team we’ve got our GC – at all strategic levels, legal is central, so the top lawyer needs to be involved in all key decision-making, and have sign-off, whether that’s on structural decisions, geographies and so on.
Join the relevant forums, read the right articles and books, and get plugged into the community to understand what’s relevant and material to the role. For example, raising investment from venture funds is an example of something that will be a huge part of your role and wouldn’t if you joined a different type of organization. Make sure you’re ready for it.
Second, look carefully at what that company’s philosophy and approach is to legal – is it a tick-box exercise to make the board happy? Or is it becoming a strategic partner to help build the next big company with legal at the heart of everything it does? You need to know before you take the plunge and invest your career in the company.
This is an excerpt from our eBook - Revealed: What the business actually wants from legal. Download for free now.