Legal spending was once a minor item of professional services for CFOs. Now it’s a running problem. compliance rules, Cyber security dutiesArtificial intelligence (AI) governance and the growing mix of state enforcement actions are pushing middle-market CFOs to rethink how legal work enters the company, how outside counsel is managed, and how risk is measured.
the Legal challenge The Paramount and Warner Bros. Discovery set-up that emerged this week illustrates a broader issue: Federal approval no longer guarantees regulatory certainty. State prosecutors are tracking and their antitrust and consumer protection agendas, requiring companies to plan for potentially overlapping enforcement regimes.
The central question, then, is no longer simply whether a company is spending too much on lawyers. Rather, it is whether legal work enters the organization predictably, is directed to the appropriate resources and produces information that management can use before costs or risks escalate.
Legal work now comes from all departments, not just Legal
Companies with revenues of around $100 million occupy an uncomfortable middle ground in terms of legal and compliance requirements. They are large enough to attract regulatory attention, sophisticated customers, and the lawsuits that may ensue. However, they may not have the legal staffing, technology, or specialized coverage associated with a large organization.
Here it becomes difficult to control legal spending. The request does not come exclusively from the general counsel. This comes from sales teams that negotiate non-standard contracts, HR management of staffing requirements, security teams that respond to incidents, procurement review of vendor terms, and product teams that deploy new technologies.
Generative AI adds another layer. Companies must determine what information employees can enter into public forms, how automated output will be reviewed, which vendors can train them on company data and who is responsible when an AI-assisted decision results in harm. These are legal questions, but they are also process design questions. The result is a growing body of legal work without a single point of absorption or common system of measurement. An invoice from an outside consultant may reveal what the company spent. It rarely explains why the action arises, whether it can be prevented or where the next exposure will occur.
The goal is not to turn a legal ruling into a spreadsheet exercise. It is the separation of work that requires judgment from the administrative and repetitive activity surrounding it. When the same contract, labor, or compliance categories repeatedly require outside counsel, the issue may not be the hourly rate. This may be due to the absence of standard language, clear escalation thresholds, or internal ownership. Legal procurement thus becomes a form of process analysis.
Read more: The $100 million CFO doesn’t keep score. They call it plays.
CFOs predict what causes legal costs, not just bills
For CFOs, the relevant distinction is increasingly between legal costs that are truly exceptional and those that reflect recurring operational friction. As a result, the most useful legal spending forecasts are starting to look less like annual budgets and more like operational models. At the same time, cost control depends on operational visibility. The CFO cannot effectively forecast expense category when the organization cannot explain what generates it.
The expanding role played by government regulators makes this vision even more important. A company can therefore comply with one national framework and still face materially different obligations across jurisdictions. Rules governing consumer data, hiring practices, automated decision-making, and breach notification may overlap without being harmonized. For the middle market CFO, this creates a portfolio headache. A company cannot eliminate all legal risk, but it must understand where obligations overlap, where controls can be shared and where country-specific requirements require separate investment.
The biggest shift is conceptual. Legal expense is no longer just the price of getting professional advice. It is also an indication of how effectively the organization is managing contracts, information, organizational change and operational risks.
CFOs who treat every increase as a pricing issue may understate individual invoices while leaving the underlying cost driver intact. Those who approach legal affairs as a problem of forecasting and controls can ask the more useful question: What business activity most frequently gives rise to the need for legal intervention?





