Thursday, March 4, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Risk

Five Factors Often Overlooked When Conducting an Internal Investigation

by Gina Simms
February 11, 2014
in Risk
blue puzzle missing a piece

Whether based on a whistleblower complaint or because you are subject to an inquiry from a governmental agency, a company faced with potential employee misconduct must perform an internal investigation. The goals of an internal investigation are to understand the nature and scope of the issue(s) and to take necessary remedial action promptly. To be truly effective,  an organization should aim to achieve these goals while minimizing the impact on the company’s routine business operations.

Unfortunately, companies often inadvertently overlook certain issues in this process, which can result in an ineffective investigation and may pose additional litigation risks for the company.

Here is a list of five factors often overlooked when conducting an internal investigation:

1. Understanding the scope of the investigation and the resources available to carry out the investigation

Let’s say that your company receives a complaint from a whistleblower that identifies only one seemingly-rogue employee. Before limiting the scope of the investigation to just one focus, the investigative team should consider whether management or senior executives might have known about and sanctioned this alleged misconduct. If senior executives and/or managers appear to have been involved, the investigative team should request a special committee comprising of independent directors of the Board to authorize a more expansive investigation. To be most effective, the investigative team should include outside counsel, forensic accountants and additional professionals as necessary. Their work plan should contain a protocol for controlling the flow of information to potentially-implicated senior management before the investigative team has had a chance to interview them.

An investigation can also be rendered ineffective if the investigative team is not given adequate resources. To be sure that it has the resources necessary to conduct a diligent and thorough investigation, the investigative team should include a reasonable estimate of anticipated costs in its work plan, which should then be presented to the independent committee of the Board of Directors for approval.

2. Making efficient and effective use of resources

The costs of an investigation can spiral out of control if not diligently managed. To control costs, the investigative work plan should consider the use of technology and tools available to sift through the necessary information, which typically involves a massive amount of data. To properly review this information in an efficient and cost-effective manner, the investigative team will need to evaluate the quality of data collected, verify the accuracy of the figures, identify anomalies and deviations in data patterns and organize and summarize the data sets into meaningful information for the business. Moreover, the team should frequently discuss the results of its data analysis and allow for the reality that its initial investigative strategy might have to be adjusted.

3. Adequately planning for the possibility of a disclosure to the government 

The investigative team should assume that the government may be skeptical about the objectivity and thoroughness of their investigation. For instance, if the company decides to conduct an internal investigation without hiring outside counsel or forensic accountants, the results may be viewed as inadequate, self-serving or designed not to truly reveal improper conduct. Disclosure to the government should clearly articulate how the investigation was independent, thorough and impartial. It should also highlight how the investigative team engaged in a root-cause analysis and should set forth the steps taken by the company to reduce the risk of recurrence. Be prepared to provide a list of remedial actions taken by your company, such as the improvements made to your compliance plan.

4. Adequate protection of the attorney-client privilege and attorney work product

When an internal investigation is conducted by outside counsel in tandem with in-house counsel, email and oral communications should be clearly marked as “privileged,” “confidential” and “made for purpose of providing legal advice to the company” to properly protect attorney-client privilege. Forensic accountants and other outside professionals who participate in the investigation should also be engaged by outside counsel under the attorney-client privilege. As such, they should label all of their spreadsheets, reports, notes and work papers as attorney-client privileged/work product. When the company decides to make a voluntary disclosure to the government, general counsel and the investigative team need to confirm that only the facts are being presented and any mental impressions or legal conclusions are omitted. Similarly, the company’s public messaging to investors, employees, customers or outside vendors should not include attorney-client privileged material or work product.

5. Fully appreciating the risks that the allegations pose for the ongoing, lawful operation of the business

From an organizational perspective, keeping the business running smoothly while an investigative team conducts its investigation is a major challenge. For example, let’s say a pharmaceutical company conducts an investigation involving allegations that their Northwest sales force paid kickbacks to physicians in order to induce them to prescribe a certain drug to Medicare beneficiaries without regard to medical necessity. The investigation unearths credible evidence that a senior-level sales manager orchestrated the scheme and it was carried out by many members of his team. In this case, the company must now determine how to continue doing business in that region while the investigation is ongoing without potentially exposing itself to greater liability. To do so, the company should consider bringing in key managers from other regions and other unaffected parts of the business and leverage their experience to maintain ongoing operations in the area under investigation. A unified and consistent message should also be developed with outside counsel for employees, customers and suppliers to reassure them about the sustainability of the organization and its operations.

Keeping these practicalities in mind during the investigation will help your company reduce costs, minimize litigation risks and produce a more effective result.

____________

Nidhi Rao, a Director in the Greater Washington, D.C. office of BDO Consulting, conducts corporate internal investigations and provides forensic accounting services in response to government inquiries and regulatory enforcement actions, whistleblower complaints, and matters involving violations of the Foreign Corrupt Practices Act.


Previous Post

Do You Know What Your Third Parties Are Up To?

Next Post

Survey: Workplace Misconduct at Historic Low

Gina Simms

About the Author   Gina Simms, a former Asst. U.S. Attorney in the District of Columbia and Maryland, is a Principal at Ober Kaler.  She specializes in white collar criminal defense, internal investigations, and corporate compliance issues. She represents individual and corporate clients in connection with investigations and prosecutions related to violations of federal and state civil and criminal statutes.

Related Posts

blue road sign with arrow on black asphalt background

Dynamic Risk Governance: Linking Strategy and Risk Management

February 15, 2021
three red dice on green felt tabletop

The COVID Trio: 3 Top Risks from a Year of Upset

February 4, 2021
Deloitte: Global Risk Management Survey, 12th Edition

Deloitte: Global Risk Management Survey, 12th Edition

February 2, 2021
illustration of businessman holding giant shield to protect him from falling arrows

Is Your Risk Culture Aligned With the Realities of the Digital Age?

February 2, 2021
Next Post

Survey: Workplace Misconduct at Historic Low

OneTrust offers download to demonstrate privacy management leadership
Access realtime data
Addressing systemic racism in the workplace SAI Global
Top 10 Risk and Compliance Trends

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence ESG fcpa enforcement actions financial crime GDPR GRC HIPAA information security KYC/know your customer machine learning monitoring ransomware regtech reputation risk risk assessment SEC social media risk supply chain technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights