Watch it on demand by clicking here.
Having an emergency preparedness plan in place is critical to the success of an investigation. Investigations require the capacity to collect and review massive amounts of data, expertise in various subjects, and the ability to document the process followed. Knowing what to prepare for and how to react will keep you a step ahead, especially with ever-evolving technology. From leveraging analytics to handling data in a multitude of geographic regions, having a comprehensive and precautionary strategy will help to mitigate legal, regulatory, and business risks.
To learn more about how to effectively prepare for an investigation, I recently met with a panel of legal experts to discuss the importance of developing and maintaining a proactive and malleable approach, knowing what factors might come into play, and identifying the right team to manage the complex challenges of internal investigations.
Preparing for the Unexpected
A word to the wise: Expect the unexpected. Even if you’ve never faced an investigation, you need to develop an elastic framework and a set of procedures that will govern your response when an investigation arises. Since you will need to act quickly, ensure that your IT, HR, and business processes will allow you to quickly identify and collect data when the time comes. When preparing in advance, you can cover a wide range of areas including internal escalation procedures, preserving applicable evidence, conducting an early case assessment, and dawn raid protocols. Leverage analytics and work with experts to identify how laws in different geographic regions may present potential roadblocks. Create a mock trial or dawn raid with outside counsel and your ediscovery vendors to test the policy and procedures you have in place, and adjust from there.
When an issue has been flagged, it is best to assume the worst. Performing early case assessment (ECA) will help guide identify key facts early in your investigation and inform your next steps. Be in a position to understand what information you can acquire, the custodians that you’re going to talk to, and what kind of documents you need to preserve. Within your company, you will need to identify what records exist in the Cloud, what can be remotely pulled off computers or emails discretely, and what software can be installed on someone’s hard drive. Recognizing who your stakeholders are both internally and externally, who needs to be in the know, and who should not be in the know is vital. Don’t jump the gun by releasing information before your ducks are in a row. By anticipating things could get worse and having a proactive plan established with key players, you will be in a more secure position where you’ve tested your protocols and can respond swiftly and effectively.
Once the issue is identified, it may need to be reported to the government. The systems you’ve already established at this point in the process will help assess, track changes, and identify areas for improvements. Again, leverage the available data, analytics, and Technology Assisted Review (TAR) tools available to gain a better understanding of the facts and turn over the appropriate information. Be mindful of the work product you’re creating internally as you gather information and communicate about the issues. Data provided to the government is fair game in civil litigation, and other work product created may become discoverable. During this part of the process, develop a narrative regarding the context of your findings to take control of the perception and pace of the investigation.
Keep global considerations in mind when building out your proactive plan. Talk with global counsel to stay in the know about cross-border rules around confidentiality and data privacy, translation, and other cultural discrepancies. Utilize local resources to address local issues and distinctions. It is also important to note that translation is not as straightforward as you might think: Code words or colloquialisms can lose meaning once translated so it is important to have someone intimately familiar with the language, culture, or industry to be able to address misconduct. The same goes for a specific industry and utilizing people uniquely familiar with that industry’s jargon. Collaboration here is key.
Proper training and staying in front of your data will help immensely in preparing for an investigation. As one panelist stated, “Fail to prepare, prepare to fail.” By thoroughly over preparing, you’ll understand where relevant data is and how to both preserve and access it. By assuming the worst, you will be able to act with due diligence and care. Remember to leverage early case assessment, outside counsel, your vendors, and expertise in your emergency preparedness plan. Develop a narrative on the context of your findings and always keep global considerations in mind. The inner workings of an investigation are complex and far reaching, but with a proactive plan established you can be calm, armed with your tools, and ready to act quickly when the unexpected comes.