Before delving into the mechanics of an FCPA investigation and E-Discovery, an overview of the elements of the FCPA statute is offered: The Lay-Person’s Guide to FCPA found on the Department of Justice’s web site: www.justice.gov, breaks down the FCPA into two main parts. First, it is unlawful for a U.S. person, to make a corrupt payment to a foreign official for the purpose of obtaining or retaining business for any person. Second, the FCPA also requires companies whose securities are listed in the United States to meet its accounting provisions. See 15 U.S.C. 78 m. The corrupt payment provision, synonymous with the terms kickback and bribery, will be the focal point of this analysis as it relates to the E-Discovery process.
Aside from the ongoing compliance component, the commencement of an FCPA investigation can result from various sources, but it commonly occurs as a result of a legal proceeding. The scope and size of the investigation is directly correlated to the information that is sought by law enforcement combined with the complexity and size of the organization. Of particular importance unique to FCPA E-Discovery investigations is that they typically entail the review of extensive data sources broad/changing scopes and jurisdictional issues that often expand into complex global- and firm-wide concerns. To successfully achieve the goal of providing valuable and useful data, it is important to form a cross functional team of experts. The major components of this cross-functional team should ideally consist of Information Technology (IT), legal, investigative and an internal executive corporate sponsor. Each part of this team has its own independent and interdependent roles that are fused together by the E-Discovery process.
E-Discovery overview
What is E-Discovery, is it a discipline or a process, does it stand on its own, or is it a branch of IT, fraud investigation or legal discovery? The answer could vary, but in many cases it is considered to be formed through the intersection of the investigative, legal and IT disciplines that could not otherwise exist on their own.
First, on the legal front, E-Discovery must pay close attention to FCPA statutes and regulations, interpretations, evidentiary proceedings, confidentiality, privilege and relevance. Second, the IT professionals must know how to perform all of the technological functions needed to migrate and organize data so that it can be properly examined. Then the investigations branch must interpret and analyze
evidence to produce and report useful findings. Lastly, in some cases, there will be an internal executive corporate sponsor that is a dedicated person or team who act as the liaison between the company under review and the E-Discovery team. The principal of searching electronically stored information (ESI) used for investigative purposes has existed for more than twenty years, and is omnipresent and ever changing in the investigative field today, and the E-Discovery process for an FCPA investigation can be broken down into four general stages: data collection, processing, analysis/ extraction and investigation.
Phase 1 – Data Collection
The actual physical and ESI is collected during this initial phase of the FCPA E-Discovery investigation. This involves determining what comprises the documents and data to be reviewed. For example, regarding ESI in an FCPA investigation, this could consist of information taken from obvious places such as emails and shared files on the server, or it could be individual hard drives or CDs. But with the fast pace of technology, the diligent E-Discovery team must also consider other emerging forms of ESI including but not limited to USB drives, cell phones, backup tapes, camcorders and even digital music players. Hard drives, servers and CDs can be imaged, copied or seized in their entirety depending upon the totality of circumstances. In the case of hardcopies, this could consist of physical files and notes that need to be imaged and scanned into electronic format. Regardless of what items are collected to be included in the
E-Discovery process, great care must be taken to establish and record the chain of custody, and to preserve the integrity of the data. Data collected for an FCPA investigation can be greatly compromised or destroyed if a regimented chain of custody protocol is not followed.
“Courts are increasingly taking a harsh view of attorneys and investigators that fail to properly identify key players in
litigation and preserve their Electronically Stored Information in an industry – recognized and reasonable fashion,” said Jeff Hartman, a Forensic Technology Director with RGL Forensics.
In the recent Pension Committee case, for example, United States District Court judge for the Southern District of New York Judge Shira A. Scheindlin delivered sanctions and an adverse inference to plaintiffs, accusing them of “gross negligence” in their failure to collect and preserve ESI. Scheindlin stated “by now, it should be abundantly clear that the duty to preserve means what it says and that a failure to preserve records — paper or electronic — and to search in the right places for those records, will inevitably result in the spoliation
of evidence.”
Phase 2 – Processing
Once all of the ESI is collected, the metadata must then be marked, labeled, and tagged into an organized fashion. Important things to consider are the window period of time to be captured, what individuals and entities are to be reviewed, what tools and methods of storage will be used to migrate, filter and categorize the data. Heavily IT based at this juncture, it might be decided that all of the files containing pictures or videos might not get imported, or that duplicate files
will be merged or deduped. Care must be taken when choosing to eliminate duplicates, as it might be necessary to keep all duplicates for review to show that they were related to an individual or a party.
Phase 3 – Analysis and Extraction
During this critical stage, the organized data gets put into a format that enables the forensic investigator to perform the actual review. The ESI that was processed and indexed in the previous step is further broken down through various query techniques accomplished through sophisticated E-Discovery tools.
In setting the core search terms to be filtered and reviewed, care must be taken not to make the terms overly generic as this will produce voluminous unwanted and useless false positives, alternatively, the terms cannot be too rigid, as this increases the chance that crucial data will not be captured. For example, an investigation that is looking for the word “government” within a certain context will no doubt produce many false positives unless certain other word proximities are included in the same query. One solution here would be to construct a query to produce only hits that contain the word “government” when the words “official” and “payment” are included within a relative proximity of the word “government.” Additionally, commonly misspelled words, industry jargon, word roots and abbreviations must all be taken into account.
Phase 4 – Investigation
Closely tied to the analysis and extraction stage, the investigation process utilizes the professional detection skills of seasoned professionals in extracting the key data needed to piece all parts into the whole. The investigative team performs what computer science cannot — it examines human context, behavior and player interaction — and marries this to the evidence in order to form the skin of the
investigation that will support scienter, culpability and innocence.
In an FCPA E-Discovery undertaking, matters typically involve bribery and kickback issues, thereby requiring the investigative
component to be a cross section of fraud examiners coming from Anti-Money Laundering (AML), law enforcement and legal backgrounds.
“There is virtually no area in our lives today that doesn’t leave a digital footprint,” said Ken Neumann, Partner and Director of Litigation, Valuation and Technology Services with RGL Forensics said, “For example phone calls, emails, bill payments and every business transaction is recorded. How could one possibly analyze the flow of funds without first becoming proficient with ESI data?”
Helpful investigative methodologies can be borrowed from AML in looking for patterns of activity, transaction monitoring and following the money trail. By utilizing the E-Discovery software, critical data can be color coded, redacted and tagged for important measures such as privilege and confidentiality. Strong channels of communication must be established between the investigation team and the teams involved in the prior stages to constantly monitor and account for parameter changes in false positives and missed data that the seasoned investigator will encounter in their review.
Proactive Measures for E-Discovery
In uncovering an FCPA or other E-Discovery event, companies will often be faced with the reality that their archived ESI is not being efficiently managed. This will often make the search, collection, preservation and analysis of information a tedious process. The discovery of ESI and the Federal Rules of Civil Procedure addressing E-Discovery has had significant impact on the way companies handle information management. The implementation of a comprehensive physical and digital records management program has
become the standard in risk management for litigation.
The development of ESI archiving and E-Discovery policies and procedures that address where all of the ESI is located, whether it can be quickly accessed and how new physical and digital records are imaged, stored and managed is essential in establishing an enterprise data management strategy. From a best practices standpoint, it is imperative for companies that face government investigation, regulatory scrutiny, risk of lawsuits and discovery requests to adapt E-Discovery policies and procedures into firm-wide day-to-day operations. The
cost and risk associated with a reactive outsourced approach to E-Discovery stemming from the scenarios mentioned above should
be applied when considering the benefits of procuring and implementing E-Discovery tools that advance data management and ensures reliable processes and efficient recall of sought-after data.
Conclusion
The FCPA investigation often involves complex issues that must be aided by the E-Discovery process in order to produce effective results. The FCPA E-Discovery process can never be set in stone, but it must follow a general strategic framework of collection, processing, extracting and investigating to be done by a cross section of professionals. In addition, great value can be added to avoid enterprise reputational and financial risk by employing proactive measures aimed at FCPA compliance and data management.
Aaron Kahler, CAMS, CFE, managing
director, Kahler Forensic Solutions,
New York, NY, USA, Akahler@
KahlerForensicSolutions.com
Christopher Ernst, CAMS, CFE, JD,
managing director, Kahler Forensic
Solutions New York, NY, USA, Cernst@
KahlerForensicSolutions.com