Every corner of every business has felt the impact of COVID-19. Yes, even in the normally staid realm of internal investigation. Not only are pre-pandemic investigations still simmering, companies also must prepare for a new category of COVID-related claims. As we get ready to enter a new year, now is a great time to check in on your protocols and establish some new internal investigations best practices.
COVID-19 has shifted the risk landscape in ways both obvious and subtle. Traditional workplace injuries might decline, replaced by a surge in virus-exposure claims. Remote working, and all the new devices and software it brings, is raising new cybersecurity and behavioral concerns. While these will still take some time to play out, it’s best to be prepared for what might be coming down the pipeline.
How should you use this time to reassess the corporate internal investigations playbook? It’s all about the nuances. Overall fundamental building blocks should largely remain the same. A defensible process should withstand even the most disruptive climate. It’s more about digging into the intricacies of that foundation.
The most fundamental piece of the investigation process is identifying the trigger event. Here you have employee events like formal complaints, whistleblowers, regulatory actions, and traditional litigants. Then there are tech-based triggers, which are more prevalent than ever given our increased reliance on technology. These include things like data-loss prevention (DLP) alerts, website triggers, and anti-virus notifications. Triggers may change as you switch on new technologies or open new channels for employees to file complaints.
Document, document, document!
As resources get constrained by the pandemic, start with documenting the process so you can justify the rationale for an investigation. If an investigation is paused due to resource constraints, documenting that original allegation is incredibly important–and will serve as a reference guide to get you back up to speed quickly when it resumes. Any new findings or developments should also be documented so that the investigation can eventually resume without hiccups.
Conducting investigations remotely will also raise challenges, like how to collect hard-copy documents and defensibly conduct witness interviews. Importantly, no decision should be made in a vacuum. Internal investigations require inputs from many stakeholders, including legal, IT, compliance, HR, finance, and more. If you decide to delay an investigation, that should be documented for future reference.
A last point is to ensure your final report is easily understandable. An effective internal investigation report is concise and uses plain language that is clear to all internal stakeholders. If possible, templatize your reports so they are easier to create and to ensure consistent look and feel.
Use the right technology to help tell the right story
Now more than ever, technology is crucial to investigations. It’s the way data is created, stored, collected, and analyzed. Technology allows you to interpret artifacts, build a timeline, and tell a story. That’s right, investigators are actually storytellers. Their job is not to find wrongdoing. It’s to tell a story based on facts and analysis of data. Never forget that investigations can harm a business, ruin morale, and disrupt people’s lives. Here are three key things to consider when kitting out your technology toolbelt.
- Ease of use. Not every organization employs formal internal investigators or people with forensic backgrounds. Teams have to move quickly within new constraints, and technology should help, not hinder. Make sure you have the right tool for each purpose. For example, some tools specialize in collecting from mobile devices. Or, a tool that might be great for data processing and collecting might not be the best choice for the review process.
- Don’t skimp on security. Investigations deal with highly sensitive data, and working from home raises a host of security concerns. Any software you use should be secure and backed by third-party certification.
- The flexibility of the cloud. Cloud platforms let you conduct an effective investigation from anywhere. The cloud minimizes disruptions to workflow and timelines while allowing you to maintain a defensible process backed by robust documentation.
The biggest changes will likely involve the start of an investigation and the new constraints you might be dealing with. Identifying allegations to be addressed now versus holding for later as they evolve. Documenting every step and decision, and keeping stakeholders informed, Deploying the best technology to help tell a clear story about what happened. While the world has changed, laying solid building blocks for your organization enables you to move forward even in the wake of uncertainty.