Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/AllianceBioversityCIAT/alliance-risk-analysis-tool/llms.txt

Use this file to discover all available pages before exploring further.

Governance & Legal Risk evaluates the business’s legal foundation, contractual frameworks, regulatory compliance, and transparency. This category examines whether the business operates within legal boundaries, manages contracts effectively, protects intellectual property, and maintains proper reporting standards.

​
Category Overview

Risk Category: GOVERNANCE_LEGAL
Subcategories: 5
Weight: Equal (1/7 of overall risk score)

​
Scoring Summary

Governance & Legal Risk Score = avg(
  Legal Structure Risk,
  Contract Management Risk,
  Intellectual Property Risk,
  Regulatory Compliance Risk,
  Reporting & Transparency Risk
)

​
5 Subcategories

​
1. Legal Structure Risk

Indicator: Appropriateness and soundness of legal entity structure What drives this score:
  • Legal Registration: Formal registration status (company, partnership, sole proprietor)
  • Ownership Clarity: Clear documentation of ownership and shareholding
  • Shareholder Agreements: Existence of formal agreements governing ownership and decision-making
  • Limited Liability: Protection of owners from business liabilities
  • Structural Appropriateness: Whether legal structure matches business scale and needs
Scoring Criteria:
Risk LevelScoreCriteria
LOW0-30• Registered company (Ltd, PLC) with clear ownership
• Comprehensive shareholder agreement
• Limited liability protection
• Structure appropriate for scale (e.g., company for >KES 10M revenue)
• All registration documents current
MODERATE31-60• Registered business (company, cooperative, or partnership)
• Basic ownership documentation
• Some liability protection
• Structure mostly appropriate
• Minor registration updates needed
HIGH61-80• Informal registration (sole proprietor) or partnership without agreement
• Unclear ownership or disputes
• No limited liability
• Structure inappropriate for scale
• Registration lapsed or incomplete
CRITICAL81-100• Unregistered or illegal operation
• Ownership disputes or litigation
• Owners exposed to unlimited liability
• Structure creates major legal/tax risks
• No legal documentation
Evidence Required:
  • Business registration certificates
  • Shareholder agreements or partnership deeds
  • Articles of association or bylaws
  • Ownership structure diagram

​
2. Contract Management Risk

Indicator: Quality and enforceability of contracts with customers, suppliers, and partners What drives this score:
  • Contract Formalization: Percentage of key relationships governed by written contracts
  • Contract Quality: Legal review, enforceability, and clarity of terms
  • Contract Compliance: Adherence to contract terms by all parties
  • Dispute Resolution: Mechanisms for resolving contract disputes
  • Contract Monitoring: Systems to track obligations and renewals
Scoring Criteria:
Risk LevelScoreCriteria
LOW0-30• All key relationships have written contracts (customers, suppliers, partners)
• Contracts legally reviewed and enforceable
• High compliance with terms (both parties)
• Clear dispute resolution mechanisms
• Contract management system in place
MODERATE31-60• Most key relationships have written contracts
• Contracts drafted but not legally reviewed
• Generally compliant with some delays
• Informal dispute resolution
• Manual contract tracking
HIGH61-80• Few written contracts (mostly verbal agreements)
• Contracts poorly drafted or unenforceable
• Frequent contract breaches
• No dispute resolution process
• No contract tracking
CRITICAL81-100• No written contracts
• Verbal agreements with no documentation
• Chronic breaches and disputes
• Litigation over contract failures
• Complete lack of contract management
Evidence Required:
  • Sample contracts (customer, supplier, partner)
  • Contract compliance records
  • Dispute history or resolution records
  • Contract management system documentation

​
3. Intellectual Property Risk

Indicator: Protection and management of intellectual property assets What drives this score:
  • IP Identification: Awareness of IP assets (brands, formulas, varieties, processes)
  • IP Protection: Trademarks, patents, copyrights, or trade secrets
  • IP Enforcement: Ability to defend IP against infringement
  • IP Risk: Exposure to infringing others’ IP
  • IP Licensing: Proper licensing of third-party IP if used
Scoring Criteria:
Risk LevelScoreCriteria
LOW0-30• Key IP identified (brand, varieties, processes)
• IP formally protected (registered trademarks, patents)
• Active enforcement against infringement
• No IP infringement risk
• Proper licensing of third-party IP
MODERATE31-60• Some IP identified
• Partial protection (brand registered, but not all assets)
• Occasional enforcement
• Low IP infringement risk
• Mostly compliant with third-party IP
HIGH61-80• IP not systematically identified
• Minimal or no protection
• No enforcement capability
• Some risk of infringing others’ IP
• Unlicensed use of third-party IP
CRITICAL81-100• No awareness of IP assets
• No IP protection
• IP regularly stolen or copied
• Active infringement of others’ IP
• IP litigation or cease-and-desist orders
Evidence Required:
  • Trademark registrations
  • Patent or variety protection certificates
  • Brand and IP management policies
  • Licensing agreements for third-party IP

​
4. Regulatory Compliance Risk

Indicator: Adherence to industry-specific regulations and government requirements What drives this score:
  • Business Licenses: Valid business and operating licenses
  • Sector Regulations: Compliance with agriculture, food safety, or environmental regulations
  • Tax Compliance: Up-to-date tax filings and payments (VAT, corporate, PAYE)
  • Labor Compliance: Adherence to employment laws (contracts, NSSF, NHIF)
  • Regulatory Inspections: History of inspections and violations
Scoring Criteria:
Risk LevelScoreCriteria
LOW0-30• All licenses and permits current
• Full compliance with sector regulations (e.g., KEBS, PCPB)
• Tax filings and payments up to date
• Labor laws fully complied with
• Clean inspection record
MODERATE31-60• Most licenses current, some renewals pending
• Generally compliant with minor gaps
• Tax mostly current with occasional delays
• Mostly compliant labor practices
• Minor violations corrected
HIGH61-80• Some licenses expired or missing
• Significant regulatory gaps
• Tax arrears or unfiled returns
• Labor violations (informal workers, unpaid benefits)
• Regulatory warnings or fines
CRITICAL81-100• Operating without licenses
• Major regulatory violations (e.g., banned pesticides, food safety)
• Tax evasion or fraud
• Serious labor abuses
• Regulatory sanctions, shutdowns, or prosecutions
Evidence Required:
  • Business licenses and permits
  • Tax compliance certificates (KRA)
  • Labor compliance records (NSSF, NHIF, contracts)
  • Inspection reports or regulatory correspondence

​
5. Reporting & Transparency Risk

Indicator: Quality and timeliness of financial and operational reporting What drives this score:
  • Financial Reporting: Frequency and quality of financial statements
  • External Audits: Independent audits of financial statements
  • Reporting Standards: Compliance with accounting standards (e.g., IFRS for SMEs)
  • Disclosure Transparency: Willingness to share information with stakeholders
  • Record Keeping: Quality of financial and operational records
Scoring Criteria:
Risk LevelScoreCriteria
LOW0-30• Audited financial statements (annual)
• Compliance with accounting standards
• Timely reporting (monthly or quarterly)
• Full transparency with stakeholders
• Comprehensive record keeping
MODERATE31-60• Management accounts (not audited)
• Partial compliance with standards
• Periodic reporting (quarterly or annual)
• Moderate transparency
• Adequate record keeping
HIGH61-80• Informal financial records
• No accounting standards
• Infrequent or no reporting
• Low transparency (opaque to stakeholders)
• Poor record keeping
CRITICAL81-100• No financial reporting
• No accounting system
• Refuses to disclose financial information
• Complete lack of transparency
• No records or lost records
Evidence Required:
  • Financial statements (audited or management accounts)
  • External audit reports
  • Accounting system documentation
  • Reporting schedules and samples

​
Risk Mitigation Strategies

  • Formalize all key relationships with written contracts
  • Have contracts legally reviewed before signing
  • Implement contract management system (tracking, alerts)
  • Establish dispute resolution mechanisms (arbitration clauses)
  • Train staff on contract compliance
  • Identify and inventory all IP assets
  • Register trademarks and brands with KIPI (Kenya IP Institute)
  • Protect plant varieties or product formulations
  • Monitor for IP infringement and enforce rights
  • Ensure proper licensing of third-party IP
  • Renew all licenses and permits
  • Conduct compliance audit across all regulatory areas
  • Clear tax arrears and regularize filings
  • Formalize employment contracts and benefits
  • Respond promptly to regulatory inspections
  • Implement proper accounting system (e.g., QuickBooks, Zoho)
  • Conduct annual external audits
  • Adopt accounting standards (IFRS for SMEs)
  • Establish regular reporting schedules
  • Improve record keeping and documentation

​
Data Sources

Governance & Legal Risk analysis draws from:
  • Legal Documents: Registration certificates, shareholder agreements, licenses
  • Contracts: Sample customer, supplier, and partner agreements
  • Compliance Records: Tax certificates, labor compliance, inspection reports
  • Financial Reports: Audited statements or management accounts
  • Guided Interview: Management’s legal awareness and compliance practices

​
Related Documentation

Build docs developers (and LLMs) love

Get started for freeTalk to us