"In fact, most legacy code cannot be unit-tested, since the code has never been designed to be tested."
We are running into this issue right now where I work. We have two different systems we use to determine pricing and one of them is closing on 30 years old. The code has several access points that mean unit tests have to done in several different formats in order to properly assess the changes making automated testing a nightmare.
In our other system we don't have the same problem and have a program that allows us to pull data straight from prod to test the changes with a bombardment of real data before ever releasing our code into the testing environment. Needless to say this environment is far more stable.
If I had a recommendation for the poster it would be to establish a similar automated testing tool that would allow you to compare the results of large amounts of production data after each change is introduced to have a much higher chance of catches fringe cases and not piling up a stockpile of bugs to be discovered at a later date.