“Europe” is a nice short-hand word for discussions about politics or global business, but in reality is still 28 individual nations, each with their own laws and customs. Little surprise, then, that in several discussions about internal investigations at the Compliance Week Europe conference, the subject got complicated quickly.
“In the initial stage, you want to get a good grasp of whether the allegations are true: Do you have evidence? Are you able to get to that quickly?” Niels Christian Ersbøll, a Brussels-based partner at law firm Arnold & Porter, said during one session that explored a mock anti-competition case.
Answering those questions can be difficult in Europe; the numerous countries there (and elsewhere, if the investigation leads to the United States or elsewhere in the world) can leave compliance officers juggling concerns about whistleblower protections, attorney-client privilege, data collection, and disclosure to regulators.
First understand what information might potentially be relevant and on what systems they reside within the organization, advised Craig Earnshaw, senior managing director at FTI Consulting. In a price-fixing investigation in particular (the hypothetical used at Compliance Week Europe), e-mail archives will become especially relevant, he said.
The compliance and legal function can help the company prepare for an investigation by working with the IT function within the business to create a data map, assessing what information the company has stored, where it is stored, and how long it should be kept, Earnshaw said. “That facilitates the investigation taking place without taking that type of discovery expedition at the beginning when you’re losing potentially very valuable time,” he said.
Once you understand where those systems are physically located, the company will still need a proper process for preserving that data and tracking its chain of custody. “Where did the documents come from? How were they handled? Who had access to them? Where did they go to?” Earnshaw said. “It’s important to think about those steps at the very beginning.”
“In the initial stage, you want to get a good grasp of whether the allegations are true: Do you have evidence? Are you able to get to that quickly?”
Niels Christian Ersbøll, Partner, Arnold & Porter
That way, the company will be in a much better position if regulators catch wind of the wrongdoing and launch an investigation themselves. “Regulators tend to focus on very specific details,” Earnshaw said. “In terms of the disclosure of that information, it’s highly likely they’re going to ask questions around, ‘What information do you have? How did you identify it? What procedures did you use for securing it’?”
Preserving attorney-client privilege should also be a paramount concern, particularly since some jurisdictions outside the United States do not recognize such privilege. For companies undertaking a global investigation, compliance officers should be asking, “If we choose to conduct an internal investigation, how can I make sure that documents I create don’t get in the investigator’s hands?” Ersbøll said.
“Attorneys need to get involved upfront,” Katherine Cooper Franklin, a shareholder with employment and labor law firm Littler, said during another panel discussion on building a global investigations function. “You don’t get to have attorney-client privilege at the end. A lot of times, mistakes are made when interviews are done and data is collected, and there is no attorney-client privilege.”
If your company uses a case management system, “you have to go over them with a fine-tooth comb,” Franklin said. Why? Because files in those systems often contain communications from employees with language along the lines of, “I spoke to my lawyer and she said …” which can invalidate attorney-client privilege.
“The ‘e’ in e-mail stands for ‘evidence’,” Franklin said. “Train your people on the proper way to preserve privilege in e-mail. These things have to be decided upfront.”
Another nearly inevitable question is whether to disclose an internal investigation to regulators—especially if you suspect the regulatory agencies are already looking into potential misconduct as well, but you are unsure how much the agencies might know. Think of an anti-competition probe, where regulators might launch a dawn raid on your competitors, but not you. Should you self-disclose that your employees might be part of the misconduct too, or hope the regulators don’t ask?
CASE STUDY: INTERNAL INVESTIGATION
Below is an excerpt of a presentation Compliance Week Europe, which gives an example of a parallel investigation.
Act I: Initial Internal Investigation
EngineNaut is a European-based engineering company that manufactures marine engines and is majority owned by a U.S. private equity house.
They have been made aware, through an anonymous call on the whistleblowing hotline, of allegations of price fixing between their sales teams in France, Belgium and the UK, and those of several of their major competitors throughout Europe.
Tom Groves, the company’s head of compliance, has been made aware of the allegations, and asked his team to conduct an internal investigation.
Act II: Involvement of European Commission
Three weeks into the internal investigation, two of the company’s European competitors in Italy and France are raided by the European Commission.
The raids are as a result of the price fixing and bid-rigging issues that appear from the information that has been released by the European Commission and relate to the same issues as the internal investigation.
Act III: The Added Complexity of U.S. Authorities
Two weeks after the European Commission dawn raids, the U.S. Department of Justice puts out a press release stating that it has been made aware of the activity in Europe.
As several of the boat manufacturers that have purchased the engines, as well as the consumers who have purchased the boats, are U.S.-based they will be carrying out their own investigation.
They will be looking at all of EngineNaut subsidiaries in various jurisdictions, including across Europe, Russia and China and are actively looking to extradite executives to the US.
Postscript: Private Litigation
Following the news of the European Commission and U.S. Department of Justice investigations, the company becomes aware that civil litigation claims are being prepared by a U.S. and a German-based boat manufacturer.
Source: “The Juggling Act of Parallel Investigations” Session.
Take the hypothetical price-fixing scheme mentioned earlier. If your company is dealing with the same infringement as competitors who are now under investigation by the European Commission, you need to assess whether your investigation might add more intelligence to what the Commission already knows, Ersbøll said. “Are we dealing with the same type of infringement as our competitors or is this issue completely separate? How did the allegations emerge?”
If self-disclosure might add value to a regulator’s investigation, Ersbøll said, that could improve your change for cooperation credit considerably. “You may be in a position where one of the companies raided says on the spot, ‘I want to cooperate,’ and they give whatever they can give, and you come in a week later and say, ‘I want to cooperate. Here you go. I have the full story of what this cartel is about’,” he added.
On the other hand, if your internal investigation leads you to believe regulators are chasing some other problem in your industry, keeping quiet is still “a high-risk game,” Ersbøll said. It might work, but if multiple regulators around the world are exploring misconduct in your industry, sooner or later one of them might stumble upon what you have investigated—and not yet disclosed.
Individual & the Yates Memo
The Yates Memo—the U.S. Justice Department’s new policy requiring much more disclosure about corporate executives’ liability for misconduct if a company ever hopes to win cooperation credit—also came up numerous times at Compliance Week Europe.
The problem is that labor law in other jurisdictions, particularly European ones, may contradict the Yates Memo’s demands. Consider France as just one example: “French individuals at companies do not have to communicate evidence to a foreign administration,” said Maria Lancri, until recently the deputy general counsel at Hachette Livre. “Under French law, a person always has the right not to incriminate themselves.”
Works councils (powerful labor bodies at most European companies, roughly equivalent to labor unions) can be another formidable obstacle. “If there is a works council in existence, you have to think about when to involve the works council,” Thomas Griebe, a partner at law firm Vanguard, said during the panel discussion on building a global investigation function. “Is there a duty to inform the works council?”
Companies can also incriminate themselves further, and particularly worsen their exposure to private litigation, by turning over documents to enforcement agencies that don’t hew closely to stating facts. “You want to have a report full of facts, not conclusions,” Franklin said.
Executives must avoid adding personal opinions into any final reports produced to the agencies, because “you end up creating a record with the agency that potentially could be a lot more damaging than it really needs to be when you’re faced with private litigation,” Ersbøll said.
Furthermore, U.S. enforcement agencies are more likely to look favorably upon a company that discloses only the facts, leaving out any hyperbole. Consider how to give all the information you need to give to the agencies, Ersbøll said, “but not dig a deeper hole for yourself than you are already in, and stay as factual as you can.”