Friday, March 5, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Compliance

7 Crucial Steps to Improved Internal Investigations

by Jeffrey Klink
February 15, 2018
in Compliance, HR Compliance
concept of team working step by step

How to Mitigate Risk and Liability

When allegations of misconduct are raised, leadership should quickly turn its attention to an internal investigation. Depending on the nature of the supposed wrongdoing, the matter may need to be investigated quickly. But a haphazard investigation won’t do. Jeffrey Klink offers seven steps to a successful investigation.

Businesses regularly confront allegations of internal misconduct. These allegations can involve breaches of the law or the business’s policies or procedures. Successfully navigating the potential pitfalls of internal investigations is essential to protect your brand and important assets, as well as to avoid the risk of having to deal with additional problems resulting from adverse media coverage. This article outlines seven steps that will assist corporate counsel, owners and others in managing and mitigating internal misconduct allegations.

Many professionals like to make internal investigations confusing. But the reality is that there are basic steps that can be taken to determine if a misconduct allegation has merit and if a comprehensive investigation is required. The first step is determining whether an allegation has merit; if it does, then some or all the next steps may be required. Step two is assigning a case supervisor and other professionals to conduct the investigation.  Steps three to seven are: (3) obtain and review all pertinent data and documents; (4) conduct discreet background research on significant parties and subject(s); (5) interview knowledgeable persons; (6) interview subject(s); and (7) assess which internal controls and procedures can be improved to avoid future problems.

The investigative plan should be thoughtful and sequential. Thoughtful fact-finding during the early steps of the investigation may show that those suspected of misconduct are not culpable of any wrongdoing. This can save you time and valuable resources and at the same time protect an employee’s reputation.

Being discreet is critical; the general rule is this: people you tell not to talk about things will absolutely talk about things. Rumors fly fast, and they can disrupt an organization’s employee morale and productivity.

Limit the sharing of information, especially at the beginning of any investigation, and know that many internal investigations go wrong almost from the start when interviews take place before the facts are understood. Internal investigations sometimes require almost Job-like patience to succeed.

Confronting someone suspected of wrongdoing too early in the investigation can provide the suspect or suspects with critical knowledge and time sufficient for the suspect to destroy, alter or change evidence. It can also provide the suspect with enough knowledge to notify others involved who can then cover their tracks.

If an employee has been engaged in a fraudulent scheme lasting two years or longer, try to allow enough time to unravel what has taken so much time to perpetrate. Do not confront a suspect employee without doing your homework first.

There are common themes in misconduct, too: Monetary losses in fraud are typically larger than suspected, the fraud almost always has been going on for a much longer period than suspected and, often, more employees or other third parties are involved.

In fraud matters where material funds are at issue, determine whether your organization has fidelity insurance available to cover losses attributable to crime and misconduct. If so, make a timely notice of a possible claim.

Here are the seven steps to follow:

Step 1: Does the allegation have merit?

Carefully analyze the facts and the person or persons reporting the misconduct. If the allegations are specific and the reporter has no stake in the outcome, then there is a likelihood that the allegations have merit.

In many instances, determining the merit of a misconduct allegation can be very difficult, especially if the allegation is anonymous. Anonymous claims of misconduct seldom include (but may contain some) truth.  In some instances, information may be fabricated or concealed if the reporter of the misconduct has a vendetta.

Step 2: Assign a supervising investigator and deploy appropriate resources.

First determine whether the allegation is a potential violation of the law or of a company policy. A violation of the law can pose significantly more risk and liability to the company and its employees and will often dictate the resources required for the investigation.

When an allegation involves a policy violation, the company’s internal resources may be sufficient to investigate and resolve the matter. Potential violations of laws require the resources of experienced investigators, and often necessitate accountants, computer forensics experts and legal input.

An allegation that involves the safety of any person requires that law enforcement be consulted and notified.

For allegations of sexual harassment or claims of bias, the government has put forth specific guidelines regarding how and when the investigation should be performed. Follow these guidelines to the letter.  (EEOC.gov is a great place to start to understand these issues).

Step 3: Obtain and review available documents.

This is an important step. If seeking personnel files or other information, consider providing alternative reasons as to why documents are being requested so not to raise any flags.

In today’s digital world, evidentiary documents may reside in the company server, laptops, emails, text messages, social media, telephone records, the cloud, video recordings, photographs and in other media.

For cases with potential violations of the law, be sure to document a chain of custody and secure original data and documents. This is important if you should decide to refer the case to a prosecutor.

Step 4: Conduct appropriate background research.

Investigate both the reporter, if known, and those suspected of misconduct. This may include the review of personnel records, criminal and civil litigation histories, media research and analysis of social media. It is very common in financial fraud matters to find that a suspect subject and/or family members have multiple business affiliations, own high-end homes, drive expensive vehicles and travel to expensive resorts and exotic places.

Step 5: Interview knowledgeable persons (“KPs”).

Limit information provided to the KPs and do not allow the KPs to turn the tables and become the interviewer. A good investigator asks several questions where the answers are already in hand. This approach helps an investigator understand the motives and truthfulness of the person being interviewed. Important interviews should be conducted by two investigators and performed in a comfortable and nonconfrontational setting.

Step 6: Interview the subject(s).

Confront alleged wrongdoers only when all the evidence is in. Double- and triple-check your findings. Discuss the merits of the case and plan of action with the investigative team and executives overseeing the project. In some cases, sufficient evidence may have been obtained from your data review and/or KP interviews that warrant a referral to a prosecutor and possibly no interview of the suspect is needed.

Prepare an outline of key questions based on the evidence gathered. Know the answers to many questions before they are asked. The interview should be conducted with at least two and no more than three investigators. If a subject is a female, it may help if one of the interviewers is a female.

In some cases, it might be appropriate to interview the key suspects at the same time so they can’t coordinate their responses.

If prior to the interview you have enough evidence to terminate, then set your termination plan in motion several days before the interview. Be prepared to stop the suspect’s access to your IT network and building access, list all equipment that should be returned and coordinate with company security staff as needed.

Step 7: Case evaluation.

Fix the holes that allowed the misconduct to occur. Determine whether there are internal controls, policies, procedures and other guidelines that can be improved upon to prevent misconduct from reoccurring. Last, draw fair conclusions without hyperbole and issue a report showing the steps that were taken, the facts found and the conclusions reached.

Conclusion

A step-by-step internal investigation methodology will reduce risk and liability for your organization and improve controls.


Tags: internal investigation
Previous Post

TRACE: From Russia with Cash

Next Post

Business Innovation Could Accelerate Under a Friendlier CFPB

Jeffrey Klink

Jeffrey M. Klink is President and CEO of KLINK, an international business intelligence firm proactively and confidentially uncovering fraud, fictions and phantoms before they become financial, legal or public crises. The firm advises global clients in more than 100 countries annually. KLINK’s expertise in higher-risk regions is unparalleled. As a former U.S. Department of Justice criminal prosecutor and former office head and managing director of a global consultancy, Mr. Klink focuses his practice on the Foreign Corrupt Practices Act (FCPA) and the U.K. Bribery Act compliance, mergers and acquisitions, third-party due diligence, litigation support and complex investigations. He has performed hundreds of complex investigations for manufacturers, banks, hedge funds, technology firms, pharmaceutical companies, professional services companies and law firms. He has personally trained hundreds of employees and third-party vendors on bribery and trade compliance in Asia, Europe, the Middle East and the Americas. Mr. Klink received his law degree and bachelor’s degree from the University of Pittsburgh. He is a member of the Pennsylvania Bar and is a licensed investigator.

Related Posts

illustration of man under giant gavel

BitPay’s $507K OFAC Sanctions Violations Settlement

March 4, 2021
Thinking Outside the Tick Box

Thinking Outside the Tick Box: Compliance Training as a Competitive Advantage

March 3, 2021
The facade of the SEC in Washington, D.C.

Prepare Now to Comply with SEC’s Updated MD&A and Related Financial Disclosure Requirements

March 3, 2021
illustration of hand holding flashlight illuminating hidden stairs

The Corporate Transparency Act: Pulling Back the Veil

February 23, 2021
Next Post
Business Innovation Could Accelerate Under a Friendlier CFPB

Business Innovation Could Accelerate Under a Friendlier CFPB

OneTrust offers download to demonstrate privacy management leadership
Access realtime data
Top 10 Risk and Compliance Trends

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence ESG fcpa enforcement actions financial crime GDPR GRC HIPAA information security KYC/know your customer machine learning monitoring ransomware regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights