Tag: internal investigations

Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Reporting and Investigations – The Witness Interview

What are the characteristics of a good interview in the context of an internal investigation? Is there one technique you can use which will provide you the results you want to achieve? How should you think through your questions and document review prior to the investigation? At this point in time, how do such issues play out in the time of Coronavirus?
There is no one right way to prepare for and conduct an interview. What is important is that you have a plan and execute on that plan. Begin by obtaining an understanding of what the various stakeholders want answers to. This could include the Board of Directors, C-Suite executives, the GC and legal department, the CCO and compliance function or up to government regulators such as the SEC or DOJ.

Three key takeaways:

  1. There is no one right way to prepare and do an interview.
  2. The interview should not be confrontational.
  3. The interview, like the entire investigation process, is a chess match.
Categories
31 Days to More Effective Compliance Programs

One Month to More Effective Reporting and Investigations -The Investigative Team

Since 2015, DOJ has put even more pressure on every CCO, compliance practitioner, and indeed company, to get an investigation done quickly, efficiently, and, most importantly, right. This is even more true after the U.S. Supreme Court’s decisions in Digital Realty Trust v. Somers, which limited whistleblower protection and benefits to only those whistleblowers who go to the SEC, rather than initially report internally. What do all these documents tell who should be on your investigation team?

As data collection, retention and preservation are critical elements of any significant internal investigation you will need to have the involvement of your IT function. IT can help put a litigation hold on documents that can help with the preservation of data in other areas of the organization. Further, they can assist with certain other aspects as more facts and circumstances are known.

HR is often an underutilized function for an internal investigator. HR can provide context about employees’ work history. There may be notes in HR areas as diverse as training and exit interviews. HR can also give the investigator some insight regarding the credibility of the individual who might be making the allegation. For example, are they good and trusted employees? How long have they been there? What’s their general demeanor? What’s been the feedback on that particular individual?

Forensic accountants should be a part of your investigation team. Such a skilled set team member can bring an investigative mind that drives them to answer questions about what occurred, when and how it happened, and who was involved. However, most lawyers do not understand how forensic accounting is performed and how they can assist your compliance investigation going forward.

Obviously, the GC would be involved to help protect the attorney-client privilege if for no other reason. Further, an investigation needs to have compliance involved, to understand what compliance program was in place at the time of the incident in question, what procedures submission had, and understand if this truly was a gap in the compliance function or maybe there was an area within the compliance function that was not operating as prescribed, or maybe it was a little bit weak.

 Three key takeaways:

1. HR plays a key but often underused role in internal investigations.

2. The Board of Directors and senior management have different roles.

3. Use your legal department to protect the privilege.

Categories
31 Days to More Effective Compliance Programs

One Month to Better Reporting and Investigations – The Investigation Protocol

After the internal report comes in and you have properly triaged the matter, you need to scope out and investigate it, promptly, thoroughly, and with competent personnel. In the 2020 Update, provided these series of questions about your internal investigations:
 Properly Scoped Investigations by Qualified Personnel – How does the company determine which complaints or red flags merit further investigation? How does the company ensure that investigations are properly scoped? What steps does the company take to ensure investigations are independent, objective, appropriately conducted, and properly documented? How does the company determine who should conduct an investigation, and who makes that determination?
 Investigation Response – Does the company apply timing metrics to ensure responsiveness? Does the company have a process for monitoring the outcome of investigations and ensuring accountability for the response to any findings or recommendations?
 Resources and Tracking of Results – Are the reporting and investigating mechanisms sufficiently funded? How has the company collected, tracked, analyzed, and used information from its reporting mechanisms? Does the company periodically analyze the reports or investigation findings for patterns of misconduct or other red flags for compliance weaknesses? Does the company periodically test the effectiveness of the hotline, for example by tracking a report from start to finish?

In a presentation, Jay Martin, and Jacki Trevino discussed the specifics of an investigation protocol. It consisted of 1) opening and categorizing the case; 2) planning the investigation; 3) executing the investigation plan; 4) determining appropriate follow-up, and 5) closing the case. If you follow this basic protocol, you should be able to work through most investigations, in a clear, concise, and cost-effective manner. Furthermore, you should have a report at the end of the day which should stand up to later scrutiny if a regulator comes looking. Finally, you will be able to “Document, Document, and Document”, not only the steps you took but why and the outcome obtained.
Three key takeaways:

  1. A written protocol, created before an investigation, is a key starting point.
  2. Create specific steps to follow so there will be full transparency and documentation going forward.
  3. Consistency in approach is critical.
Categories
31 Days to More Effective Compliance Programs

Day 22 – Internal Reporting and Triaging Claims

The call, email, or tip comes into your office; an employee reports suspicious activity across the globe. That activity might well turn into an FCPA issue for your company. As the CCO, it will be up to you to begin the process, which will determine, in many instances, how the company will respond going forward. This is more than simply maintaining hotlines. Companies have to make real efforts to listen to employees. You need to have managers trained on handling employee concerns; they must be incentivized to take on this compliance responsibility, and you must devote communications resources to reinforcing the company’s culture and values to create an environment and expectation that managers will raise employee concerns. The Monaco Memo’s emphasis on internally detecting such actions and self-reporting makes this more important.

The reason is that a business’s employees are the company’s best source of information about what is going on in the company. It is certainly a best practice for a company to listen to its employees, particularly to help improve its processes and procedures. But more than listening to its employees, a company should provide a safe and secure route for employees to escalate their concerns. This is the underlying rationale behind an anonymous reporting system within any organization. Both the U.S. Sentencing Guidelines and the Organization of Economic Cooperation and Development (OECD) Good Practices list as one of their components an anonymous reporting mechanism by which employees can report compliance and ethics violations. Of course, the Dodd-Frank Whistleblower provisions also heed the implementation of a hotline.

Given the number of ways that information about violations or potential violations can be communicated to government regulators, a robust triage system is an important way for a company to determine what resources to bring to bear on a compliance problem.

Jonathan Marks has articulated a five-stage triage process that allows for an early assessment of any allegations and a manner to think through your investigative approach. Marks cautions you must have an experienced investigator or other seasoned professional making these determinations, if not a more well-rounded group or committee. Next, consider the types of evidence to review going forward. Finally, before selecting a triage solution, understand what tools are available, including forensic and human, to complete the investigation.

 Three key takeaways:

1. The DOJ and SEC put special emphasis on internal reporting lines.

2. Test your hotline regularly to make sure it is working.

3. Every claim should be triaged before starting an investigation.

Categories
FCPA Compliance Report

Investigative Protocols After the Monaco Memo

In this episode, I take things in a different direction today as I post the recording of a webinar I recently put on for i-Sight Software Solutions. In this presentation, I detail what the Monaco Memo means your corporate investigative protocol.

Some of the highlights include:

·      What changes did the Monaco Memo portend for corporate investigative protocols?

·      What unintended consequence did the Russian invasion of Ukraine bring to the public view of whistleblowers?

·      Why is triage a key aspect of your investigative protocol?

·      Why should you create an investigative protocol long before an investigation becomes needed?

·      How do you create an investigative protocol to keep key decision makers in the loop?

 Resources

For a White Paper on these issues, click here.

Categories
Innovation in Compliance

Corporate Case Management in the Era of the DoJ’s Monaco Memo: Episode 3 -Ethical Investigations

Welcome to a special podcast series, Corporate Case Management in the Era of the DoJ’s Monaco Memo, sponsored by i-Sight Software Solutions. Over this five-part podcast series, I speak with Jakub Ficner, Director of Partnership Development at i-Sight Software. This series considers how the Monaco Doctrine and Monaco Memo have impacted compliance in several key areas. In this Part 3, we look at ethical investigations and how to allow your organization to meet the strictures of the Monaco Memo. Highlights include:

  • How did the Monaco Memo impact investigations?
  • The importance of keeping the reporter informed.
  • Why consistency and transparency are key aspects of the investigative process.
  • Creating an audit trail is in your investigation protocol.

For more information, check out i-Sight here.

Categories
FCPA Compliance Report

Matt Galvin and Dan Kahn-Part 1, Disclosing to and Working with the DOJ

This episode of the FCPA Compliance Report begins a special two-part series with two well-known compliance professionals. Matt Galvin, most recently the CCO at AB-InBev and Dan Kahn, former acting Deputy Assistant Attorney General of the Criminal Division, Chief of the Fraud Section, and Chief of the FCPA Unit. Dan is now in private practice at DavisPolk. In this Part 1 we take up the key issues around dealing with the DOJ including the factors which go into the decision to self-disclose, incentives and disincentives in compliance programs, internal investigations including who is involved and scoping an investigation, presenting information to the DOJ during the pendency of an investigation and negotiating the final settlement and post-resolution; including both ongoing reporting and continuing innovation in your compliance program.

Resources

Matt Galvin on LinkedIn

Dan Kahn at Davis Polk

Categories
The Walden Pond

Improving Internal Investigations with Steve Spiegelhalter


 
Steve Spiegelhalter is the North American Investigations Practice Leader and Managing Director at Alvarez & Marsal. As a former federal prosecutor with the US Department of Justice’s Criminal Division, Fraud Section, and the Foreign Corrupt Practices Act (FCPA) Unit, Steve has intimate experience in investigating complex criminal and civil affairs and implementing compliance programs. He joins Vince Walden to discuss the future of conducting internal investigations.
 

 
Steve talks about the improvements GCs and CCOs have made in internal investigations over the last five years. They have evolved their in-house skills and resources. Additionally, they have gotten better at interacting with external counsel to solve matters more efficiently. 
COVID-19 has highlighted that foreign corrupt practices and corruption are long-term risks that are becoming more prominent. There has been a rise in fraud issues since the workplace has shifted to remote. Behaviors of malpractice that would have gone unnoticed are now being laid bare. 
Resources
Steve Spiegelhalter on LinkedIn
AlvarezandMarsal.com

Categories
31 Days to More Effective Compliance Programs

How the Yates Memo changed internal investigations


In September 2015, Sally Yates, then Assistant Attorney General, announced the Memo that bears her name (Yates Memo), saying, “we have revised our policy guidance to require that if a company wants any credit for cooperation, any credit at all, it must identify all individuals involved in the wrongdoing, regardless of their position, status or seniority in the company and provide all relevant facts about their misconduct. It’s all or nothing. No more picking and choosing what gets disclosed. No more partial credit for cooperation that doesn’t include information about individuals.” This statement tied directly into the first point of the Yates Memo, which stated, “To be eligible for any cooperation credit, corporations must provide to the Department all relevant facts about the individuals involved in corporate misconduct.”
More than three years after the announcement of the Yates Memo, the DOJ modified this course slightly. In 2018, then-Deputy Attorney General Rod Rosenstein relaxed the rigid approach required by the Yates Memo and inserting more flexibility and discretion to government investigators. Rosenstein said that the DOJ would continue to focus on individuals in its white-collar investigations, but he ended the Yates Memo’s approach requiring ALL relevant facts to be turned over to the DOJ. This permitted corporations to receive credit for their cooperation if they identify individuals who were significantly involved in or caused the criminal conduct and permitted greater flexibility and discretion in awarding cooperation credit in civil cases.
Then Attorney General Jeff Sessions echoed these concepts in his Keynote remarks at the Ethics and Compliance Initiative in April 2017. He reiterated that the DOJ would focus on individual criminal misconduct in the context of enforcing the FCPA. This continued emphasis will mean that there is even more pressure on corporate compliance programs to get it right and get it right sooner rather than later.
Three key takeaways:

  1. What is a Yates binder?
  2. While the Yates Memo required you to hand over ALL evidence, the Rosenstein Corollary added flexibility.
  3. Senior management is now in the firing line.
Categories
FCPA Compliance Report

FCPA Compliance Report-Episode 433, Sean Freidlin on the Current State of Internal Investigations

In this episode I visit with Sean Freidlin, the Senior Product Marketing Manager, Compliance at Hanzo. We take a deep dive into the state of compliance investigation in 2019, focusing on the impact of the Evaluation of Corporate Compliance Programs on investigations. For more information, Hanzo has published the following work, “THE 2019 GUIDE TO INTERNAL INVESTIGATIONS FOR COMPLIANCE-An eBook on Planning, Protocols, Data Collection, Triage, and Remediation” on which I collaborated. (The eBook was sponsored by Hanzo.) The eBook provides the compliance professional with multiple tools, strategies and tactics for the entire lifecycle of investigations; from initial intake through remediation. I know that you will find it incredibly useful. You can download it here.