I was reminded recently of a time when we had finger pointing at our legal team. The perception was that too many product initiatives were getting shut down at the last mile, flagged as “too risky” by legal. This led to the impression that our lawyers were being unduly cautious or obstructionist.

Except that wasn’t really what was happening at all.

The truth was more subtle: product managers didn’t know what level of risk they were empowered to navigate. So when legal flagged an issue — any issue — it landed as a red stoplight instead of a cautioning yellow. What was meant as input became interpreted as veto.

This dynamic shows up across organizations whenever risk and velocity intersect. It isn’t just about lawyers and PMs. It could be finance, security, comms; anywhere one team is charged with managing exposure and another is charged with moving quickly. The result is often frustration on both sides: one group feels like the stick in the mud while the other feels like their judgment isn’t trusted.

But the reality is that both sides have to improve.

If you’re in a risk management role: It isn’t enough to provide the technically correct opinion. You own not just the content of your advice, but its reception. If your guidance is routinely misread as a hard stop, that’s on you as much as anyone else and you probably need to better calibrate your advice to the decision makers you’re working with. You have to be zealous about how your perspective is framed. That means communicating context, clarifying trade-offs, and making sure your input empowers rather than paralyzes.

If you’re in a product role: It isn’t enough to throw up your hands at the first sign of resistance. “Legal said no” is rarely the full story. Your job is to look for paths to yes. That means digging into the concerns, understanding the actual risks and how to mitigate them, and then making balanced calls in the interest of both the business and the user.

The point isn’t to lower the bar or to disregard real dangers. It’s to prevent every flagged risk from being treated as catastrophic by default. Great organizations develop the judgment to navigate the gray — not just the courage to take risk, but the clarity to take it responsibly.

Look for yes. It’s almost always there.