Imagine this scenario. An ordinary work day – just another day in the office for you. Your phone rings and on the other end is a senior member of the board of your company. He sounds agitated, and rightly so; he was just anonymously made aware of the possibility of a fraud within the organisation which may involve key members of the leadership team.
He only knows basic details of the fraud, and who may be involved, but is at a loss as to how to move forward. What he does know is that this needs to be handled urgently, discreetly, and in a manner that the organisation does not make headlines for all the wrong reasons. You are tasked with handling the investigation; something you have never been involved in, and never thought would be dealing with, let alone leading.
This may appear to be an earth-shattering experience for most professionals in the industry, but is just another day in the week for fraud investigators. Every organisation is aware of its susceptibility to fraud but everyone assumes (or hopes) they will not be victims to it. So when the possibility becomes a reality, it is uncharted territory for most organisations. Which is why the most important task of seasoned investigators from the onset is providing guidance to their clients.
The world of fraud investigations is tricky, scary, and complicated, but doesn’t have to be so. Good investigations management follows the same rules of project management and governance: Guide your client on what to expect, who to trust, what steps will be taken and why they are needed, and last but not least ensure that the support continues even after the report has been submitted.
As with any life experience, if you know what is to come, and are adequately prepared for it, it becomes easier to handle. So is the case with fraud investigations.
In the above example, the individual in question calls in the help of seasoned fraud experts. The immediate tasks of the fraud investigator / forensic investigator may vary according to the nature of the fraud being investigated but essentially involves the investigator gathering facts about the fraud – the four Ws: What happened? When did it start? Where did it originate? And who was involved?
The ‘why’ is normally unclear at the outset of most investigations but is the exam question all investigators attempt to answer during the course of the investigation.
Additionally, most of these questions may not have immediate answers, but they help the investigator formulate the next investigative steps, namely:
Identifying steering committee members: These are the individuals in the organisation that can be trusted and are key to the investigative process. They are normally people with authority, are independent, and can be trusted to support the investigation. The constitution of this committee varies from organisation to organisation, as well as the nature of the fraud, but these individuals also act as stakeholders in the success of the investigative process.
investigative work plan: An investigation work plan needs to be formulated detailing the steps needed to investigate the allegation(s) in an efficient and time sensitive manner. Most times this work plan continues to evolve during the investigation but it is not only vital to create a work plan from the outset, but also to share it with the steering committee. This allows them to not only be vested in the investigation but also allows them to be involved in the success of the investigation by helping them understand what steps will be undertaken and why, their respective roles in the investigative process, as well as allowing them to understand expected timelines of completion.
Discreet approach: The investigation should usually be undertaken discreetly without anyone in the organisation, especially the key suspects, being aware of the appointment of the forensic investigators. As such, a discreet ‘approach’ (terms of engagement) should be agreed with the steering committee, and only shared with relevant people within the organisation on a ‘need to know’ basis, allowing the forensic investigators to operate without raising questions.
Data: Identifying sources of information relevant to the investigation such as financial systems, email servers and back-ups, relevant enterprise resource systems, underlying financial accounting records, laptops and smart phones, and so on. Information can be stored anywhere in an organisation and the task of investigators is to ensure that they understand (fairly quickly) what sources of information are critical to the investigation.
Access: Once the sources of information required have been identified, the next step is gaining access to the information. This is where the ‘discreet approach’ for forensic investigators comes in handy. Information can be acquired
in a covert and discreet manner but it is more prudent, and efficient, to be done with the help of individuals in the organisation who are already responsible for handling that information. The success of any investigation is fundamentally dependent on gaining access to, and securing, the relevant sources of information in a timely manner.
The above, while generic, are some of the key steps on any investigation. There may be additional nuances to consider in fraud investigations where the company or management being investigated may not be ‘supportive’ and are more detrimental to the success of the investigation. In these circumstances, alternative measures may be considered in gaining access to and securing information required for the investigation but the steps outlined above remain unchanged.
Similarly, there are additional considerations every forensic investigator should be mindful of during any investigation. Some of the most common, and relevant, considerations to be aware of during any investigation are:
Stakeholder management: This is one of the most critical elements to any investigation and a key area most investigators miss. In trying to get to the bottom of the fraud, they fail to keep the steering committee aware of the possible impact on other stakeholders, such as customers and suppliers. Clearly the latter will not be aware of the investigation or the fraud itself (unless they are party to the fraud), but they may be impacted at some point and this needs to be borne in mind.
Data preservation: Another key element to consider is a mechanism to circumvent destruction of data and information, as well as allowing the company to secure data to provide to regulators should it be requested.
Legal hurdles: Jurisdictional idiosyncrasies and local laws and regulations can add to the complexity
of the investigation. As such, it is the duty of the forensic investigator to guide the client to engage outside specialist legal counsel where necessary, especially in matters where the investigation could come under the umbrella of attorney-client privilege. Engaging outside legal counsel, even on a standby basis, is always beneficial for commenting on matters of law that forensic investigators are not qualified to provide, especially when the likelihood of regulators becoming involved is highly likely.
In summary, the job of a forensic investigator is not only to investigate the fraud, but to manage the investigation in such a manner that puts the client at ease that they are in safe and capable hands.
More and more clients are moving towards actively ensuring accountability and transparency within their organisations – it is no longer a mantra but an established way of doing business for many. With companies increasingly aware of specialist forensic accounting firms and their services, we are seeing more and more clients asking for expert help from the onset than trying to manage it internally themselves.
As the renowned author Samuel Johnson said: “Fraud and falsehood only dread examination. Truth invites it.” These days, more and more organisations seem to agree.
James Daniell is managing director and head of disputes and investigations and Ghazanfar Shah is senior director of disputes and investigations at Alvarez and Marsal