By Gary Arrick, Contributor Tamika Tremaglio[1]

The current regulatory environment, along with heightened public scrutiny, requires immediate consideration of allegations brought to the attention of a company’s management or Board of Directors. Generally, if the allegations of financial misconduct received involve individuals below senior management, the individual receiving the report, such as a compliance officer, may determine an appropriate course of action and level of investigation necessary. For matters involving allegations that may have a financial impact on the company, the audit committee will have previously set guidance on how to handle such allegations. Appropriate members of the audit committee and the company’s general counsel may also be notified, depending on the nature and seriousness of the allegations. In the event a report of alleged financial misconduct is received involving members of senior management, the audit committee should be notified. It will then assess the extent of investigation necessary and determine whether to engage internal or external resources to investigate.

Since the enactment of Sarbanes-Oxley and new rules of stock exchanges, the role of a public company’s audit committee has expanded for oversight of management and the company’s auditors in the preparation of the company’s financial statements, and in the conduct of audits of the company’s financial statements. Section 301, Public Company Audit Committees, of the Act includes provisions relevant to allegations of financial misconduct received by an audit committee:

“(4) COMPLAINTS- Each audit committee shall establish procedures for: (A) the receipt, retention, and treatment of complaints received by the issuer regarding accounting, internal accounting controls, or auditing matters; and (B) the confidential, anonymous submission by employees of the issuer of concerns regarding questionable accounting or auditing matters. (5) AUTHORITY TO ENGAGE ADVISERS- Each audit committee shall have the authority to engage independent counsel and other advisers, as it determines necessary to carry out its duties. (6) FUNDING- Each issuer shall provide for appropriate funding, as determined by the audit committee, in its capacity as a committee of the board of directors, for payment of compensation: (A) to the registered public accounting firm employed by the issuer for the purpose of rendering or issuing an audit report; and (B) to any advisers employed by the audit committee under paragraph (5).”

These provisions are directly relevant to an audit committee’s responsibilities to conduct an investigation of allegations of financial misconduct.

Although it is not unusual for a preliminary investigation of the allegations to be performed by internal counsel, internal auditors, external auditors or even management to determine whether or not the allegations are valid, to protect the integrity of an investigation and its findings, it is important that it be conducted, authorized and directed by independent counsel. An investigation conducted and overseen by management is generally not perceived as independent because management has custody of the company’s financial and accounting records, which could be impacted by the allegations and any findings resulting from the investigation. Additionally, members of management may be direct or indirect subjects of the allegations and should be, in any event, subject to the scrutiny of the investigation. A heavily weighed factor in deciding whether to pursue an independent investigation is the source and nature of the allegations. Other factors to be considered include whether the SEC or other regulators will have an interest in the allegations and how the audit committee and management responded to those allegations.

In October 2001, the SEC issued a report (SECURITIES EXCHANGE ACT OF 1934, Release No. 44969 / October 23, 2001, ACCOUNTING AND AUDITING ENFORCEMENT Release No. 1470 / October 23, 2001) summarizing the reasons why no action was taken against a public company where the controller of one of its subsidiaries intentionally misstated public reports and then covered up the facts. This report has since become known as the Seaboard report. In this report, the SEC stated that action was not taken against the subject company “given the nature of the conduct and the company’s responses.”

Although the SEC clearly stated in this report that it had not committed to any position or limited its ability to evaluate each case separately, the SEC did note that “[f]irst, the paramount issue in every enforcement judgment is, and must be, what best protects investors. There is no single, or constant, answer to that question. Self-policing, self-reporting, remediation and cooperation with law enforcement authorities, among other things, are unquestionably important in promoting investors’ best interests.” Further, the report set forth 13 criteria that would be considered in “determining whether, and how much, to credit self-policing, self-reporting, remediation and cooperation — from the extraordinary step of taking no enforcement action to bringing reduced charges, seeking lighter sanctions, or including mitigating language in documents we use to announce and resolve enforcement actions.” Among these 13 criteria were the following questions:

These considerations clearly show the SEC’s interest in whether the investigation was conducted in an independent manner. Although the company, its management, or internal counsel may conduct the investigation, it may not have the same credibility as an independent investigation. In addition, the investigation should be limited in scope to address the specific allegations. It is not unusual for an investigation, even one limited in scope, to discover additional matters, unrelated to the allegations, that may require disclosure to the government or public markets, and which would have to be considered in the assessment of whether a restatement or other corrective action is necessary.

Once the decision is made to conduct an independent investigation, the audit committee will likely engage independent counsel that has experience in conducting similar corporate investigations. Generally, the audit committee will engage counsel and require counsel to report directly to the audit committee. The audit committee will authorize counsel to inquire into certain matters. Counsel also will give advice concerning, among other things, cooperation with regulatory authorities and the protection of privileged communications. Counsel will also report to the audit committee and regulatory authorities, including the SEC, as appropriate, on the progress of the investigation and at its conclusion. Decisions concerning whether to cooperate with the SEC and other regulatory authorities, who to name as a spokesperson, what the scope of disclosure should be, and whether to assert a privilege against the disclosure of certain communications are critical questions that should be considered with a focus on the risks and potential consequences.

Each of the team members will generally be engaged directly by or at the direction of counsel. Many of the larger and better known forensic accounting firms will have most, if not all, of the professional resources, other than legal, on staff or will have established relationships to provide access to these resources as needed. Often, it is the forensic accountants that will oversee and coordinate these resources while working closely with, and reporting to, counsel. This process ensures that the entire team follows the work plan and does not stray from the agreed upon and authorized scope of the investigation. This also allows counsel to maintain control over the conduct of the investigation and the costs of professional services and gives counsel the information it needs to advise the audit committee and other parties about the progress of the investigation. In considering the composition of the response team, the following qualifications should be reviewed for each professional, as appropriate:

Expertise in performing similar investigations; Experience in reporting to executive members of management and the Board of Directors; Experience in the relevant industry; Experience in identifying key personnel for interviews and the conduct of interviews of operational, finance, accounting and information systems personnel; Expertise in the application of statistical sampling methods and other relevant tools for substantive tests of transactions; Experience in determining an appropriate manner to select and test transactions; and Experience in responding to inquiries from government organizations on behalf of the company.

Forensic accountants are an integral part of any team reviewing allegations of financial misconduct or other allegations having a financial impact to the company, as well as those allegations that include a significant data and document production component. The significance of the forensic accountant’s role may vary depending on the nature of the allegations. Inevitably, the role of the forensic accountant naturally expands during the course of the investigation due to the direct or indirect impact of the issues on the company’s accounting records, financial reporting and other public financial disclosures. The forensic accountant generally works closely with independent counsel throughout the course of the investigation from the planning phase through delivery of the investigation’s results and identification of remediation opportunities. Forensic accountants specializing in corporate investigations are experienced in areas likely affected by any investigation of financial misconduct, including:

Other areas not typically associated with the forensic accountant but that have become part of many internal investigations include the review of electronic documents and hard copy paper files. The acquisition and search of electronic documents has become a key component of all internal investigations and is one of the first areas considered during the planning phase of the investigation. A search of these documents generally is based on the application of limiting criteria, such as time constraints, custodial relationships, and key words, and yields a significant amount of output that requires manual review.

The review is typically conducted by counsel, the forensic accountants, or members of both groups. After these documents have been identified, collected, filtered and duplicates removed, documents relevant to the allegations are typically reviewed by the forensic accountant for accounting and financial disclosure implications. Often, it is also necessary to perform a search of the paper files of certain employees.

However, the decision to search an employee’s office files should not be made hastily as there are potential legal ramifications that need to be considered. The forensic accountant should be actively involved in the planning phase of the investigation, the extent of which will be dependent on the nature of the allegations. Input will be required in the following key areas:

Understanding the allegations; Gathering and assessment of relevant information; Developing an investigative protocol; Performing a detailed review of the allegations; Coordinating with other members of the investigative team; Defining the scope of the investigation; Performing substantive testing of accounts and transactions; Defining statistical sampling techniques; Evaluating recommendations for enhancements to internal controls or other remediation steps; and Advising on potential implications of the investigative process.

The use of electronic discovery and traditional investigative specialists has become fairly standard in most investigations. These professionals often provide valuable information that may enhance the team’s understanding of certain areas, identify additional areas for review, or change the scope of the investigation.

Electronic Discovery and Computer Forensics Specialists

Electronic discovery has become an essential part of any investigation, whether or not the allegations may have a financial impact. Corporate communications have evolved to become instantaneous and easily stored via email and other electronic media. Email may have schedules or other documents attached that otherwise could not be correlated to specific individuals. A byproduct of the electronic revolution is the potential relevance of computer files on shared drives, networks and PC hard drives. Almost all electronic data created, modified or viewed on a computer remains in some form on that computer’s hard drive or other shared media and can be recoverable through forensic examination.

Once allegations of misconduct have been raised, it is imperative that the company take the necessary steps to identify and preserve relevant electronic data, including backup media, that may contain electronic files from the period defined in the scope of the investigation. Sources of these files may include corporate servers, individual computers, personal digital assistants, portable flash drives, personal email accounts, home computers, backup disks and voicemail files. Electronic discovery and computer forensics professionals are specialists in the retrieval and examination of this information. Depending on the nature of the investigation, it may be necessary to attempt to restore deleted files and password protected or encrypted files.

Many organizations have policies that call for the auto deletion of email after a certain number of days, but in practice the purge may not actually occur. A decentralized organization may have policies from its corporate office or business units governing practices regarding the backup of data on a periodic basis, the rotation of backup media and off-site storage and related retention requirements. However, for any number of reasons, practices at locations throughout an organization may not be executed in accordance with stated policy. One reason may be that the organization evolved from a number of acquisitions, with many of its locations running on legacy systems that may not conform with the corporate information systems and related governing policies. Similarly, a company may be so decentralized that policy compliance has not been audited at any point and no one is aware of the lack of compliance. Electronic discovery and computer forensics professionals should be included during the initial planning stages of an investigation to address technology factors that should be assessed to effectively and completely identify, preserve, collect and analyze potentially relevant data.

Traditional Investigative Professionals

Depending on the nature of the allegations under review and the individuals involved, there may be a need for traditional investigative research to augment the paper trail. A search of the public record may provide ownership information as well as information about individual and corporate affiliations that often prove useful to counsel and the forensic accountants in completing a puzzle, identifying individuals for interviews, and identifying relevant transactions that may not have otherwise been reviewed. Other services, such as physical security, cross-border resources, and governmental agency network relationships may also prove useful.

Information from the public record can provide valuable insight into the backgrounds of individuals and businesses. The user of this information should, however, be cautious when considering information obtained from the public record since it may contain errors and omissions. Where appropriate, the information should be confirmed with official sources. Knowledgeable and experienced professionals working in this area are generally sensitive to these issues.

Other Team Members

The investigative team may also include other non-core individuals, who may not be considered independent of the company, but can play a crucial role in the investigation:

• Internal counsel may act as a company liaison and has often proven to be an effective catalyst in obtaining responses from other individuals in the company.
• Accounting and finance liaison generally will work closely with the investigative team as the central collection and distribution point for information and document requests.
• Compliance officer may be involved depending on the nature of the allegations to assess issues that may impact reporting to regulatory agencies.
• Information systems personnel are often consulted during the planning phase of the investigation to assist in identifying and acquiring electronic transaction data from company ledgers as well as from email, network servers and other electronic media.
• Public relations personnel may be involved to assist the company in public disclosures regarding the allegations and the investigation and to help respond to inquiries from the public.
• Human resources personnel may be involved if there is a need to obtain organizational information or to deal with other HR issues, such as access to employee offices and files.
• Corporate security may be involved if they were involved in receiving the allegations, or if there are access issues, threats of physical harm to employees, or issues regarding the safeguarding of other company assets.

Ultimately, the composition of the investigative team can take many forms and will greatly depend on the nature of the allegations and the experience of counsel. The key is to make sure the necessary professionals are included in the planning phase and proper consideration is given to implications of various decisions throughout the course of the investigation.

References

[1] Gary M. Arrick, Director of Huron Consulting Group’s New York office, specializes in corporate investigations. Tamika Tremaglio, J.D., M.B.A. is Managing Director of Huron Consulting Group’s Washington, D.C. office.