Over the past decade, monitorships have advanced considerably, being adopted by an increasing number of regulators and enforcement entities. Although still building momentum, jurisdictions further afield than the United States have moved beyond nurturing an interest in monitorships to formally legislating their application in settlement negotiations. It was once more common for monitorships to stem from investigations into alleged bribery and corruption; today, the monitorship model receives a far wider scope, imposed in response to a variety of organisational misconduct and across a breadth of industries. Monitors have been installed, for example, to oversee and assess conduct in:
- police departments (focusing on cultural change);
- vehicle manufacturers (assessing controls around research and development, and emissions testing);
- banking institutions (testing anti-money laundering and sanctions-related compliance programmes); and
- public accounting and auditing firms (overseeing quality control and cultural improvements).
Although each monitorship approach is invariably different, firms that offer forensic accounting and data analytics can play a fundamental role, particularly in such a changing landscape. Fulfilling a monitorship broadly requires a good understanding of the subject organisation, as well as acquiring and analysing its data, books and records, and its control environment – both historical and newly implemented. It is chiefly in connection with this that forensic firms have played such an important role over the past decade, but forensic firms can also provide a strategic role that should not be underestimated.
Frequently, there is a disconnect between an organisation's conduct and what regulators expect of it during monitorships, and this is often the case where an organisation has not recognised the need or learned how to transition from investigation mode to monitorship mode. Often, there is a divide concerning data analytics and compliance monitoring activities and capabilities. Forensic firms can play a crucial role in bridging this gap. That said, there is no one-size-fits-all approach: approaches vary depending on the industry of the organisation, which may be lightly regulated or heavily regulated, such as life sciences or banking. In a heavily regulated industry, the forensic firm should have the necessary experience to successfully meet the monitorship's objectives while maintaining the integrity and security of the organisation's data.
The role of forensic firms in monitorships
Forensic firms typically comprise closely integrated teams of forensic accountants, consultants and data analytics specialists. Teams will often include chartered accountants; certified fraud examiners; anti-money laundering specialists; data specialists and analysts; and industry-specific experts (e.g., banking experts). These teams ideally marry complementary expertise in the areas of, for example:
- anti-corruption, anti-money laundering, sanctions and counter-terrorism financing investigations;
- compliance programme design, review and testing;
- process review and internal controls testing;
- audit negligence assessments; and
- disgorgement and the ability to pay calculations.
Forensic firms with multi-jurisdictional experience, including in situations that require handling data-access challenges (e.g., data privacy, banking secrecy, confidentiality and state secrets), can be immensely helpful. Forensic firms should also bring experience conducting internal and regulatory investigations, performing and evaluating transactional and controls testing, and undertaking reviews of compliance programmes (e.g., corporate and social responsibility, human rights, product liability, sanctions, anti-bribery and corruption, anti-money laundering and counter-terrorism financing, and taxation).
In a more practical sense, forensic firms may also identify opportunities to improve the business by detecting both isolated and systemic issues, crafting specific and pragmatic recommendations, and later evaluating and testing the ensuing remediation efforts. All these tools are required throughout the life cycle of a monitorship.
Further, the forensic firm may take on the role of being a monitor, supporting a company that reports to a monitor, or providing independent advice and support directly to a monitor. These three roles are set out in more detail below.
The role of monitor
If subject-matter expertise is a prerequisite for a company's monitorship, it may be useful that either the forensic firm or an individual from within the forensic firm takes on the role of monitor. For example, Public Company Accounting Oversight Board monitorships require candidates for monitorships to possess substantial accounting and auditing experience and qualifications, and it is anticipated that the United Kingdom's Financial Reporting Council and other regulators may adopt similar requirements in the future, which would render forensic firms best suited for handling these types of monitorships.
The role of 'company-support forensic firm'
Forensic advisers may support a company during its monitorship. A monitorship can be a significant burden on a company's time and resources, placing employees in an entirely unprecedented situation to the point of overwhelming the company. One way to alleviate these pressures is for the company to employ a monitor-response team, and forensic advisers may make excellent members of such a team. Undertaking the role of company-support, a forensic firm can help the company proactively understand and respond to key issues, including:
- helping the company navigate the nuances of monitorships and certification decisions;
- providing project management support to the company, such as facilitating its responses to monitor requests for data and documentation, preparing status reports, and coordinating meetings and interviews with the monitor;
- providing additional resources to fill new or vacant roles within the company, or to departments that require additional support;
- supporting the company in developing and executing plans to implement the remedial measures the monitor recommends, including in remote locations;
- identifying potential areas of concern through compliance testing and monitoring, allowing the company the opportunity to pre-empt these issues during the monitorship; and
- supporting the company's implementation of measures to mitigate identified risks, whether concerning policies and procedures, controls, technology, data management, or data analytics.
The role of 'monitor-support forensic firm'
Finally, the forensic firm may collaborate with the monitor and provide support. This role varies based on the nature of the engagement, the mandate of the regulator, and the level of sophistication or maturity of the company's compliance programme. Such support generally involves:
- understanding the historical misconduct and subsequent investigation, focused principally on the scope and methodology employed by the company;
- understanding the company's current situation, including what, if any, remediation efforts are already in place;
- determining what a company must do to meet the regulator's mandate;
- devising clear and pragmatic recommendations;
- testing the company's remediation efforts following implementation of the monitor's recommendations; and
- reporting to the monitor, the company and relevant regulators.
This chapter primarily focuses on the two supporting roles highlighted above, as other chapters of this guide provide information relevant to the role of monitor and are applicable to forensic firms undertaking this role.
Leveraging forensic accountants and data analytics
Company-support forensic firms
Guiding a company through a monitorship can be challenging, complicated and stressful, leading to damaging finger-pointing exercises and reorganisation, which may escalate tension and uncertainty. Investigations also place a strain on the company's resources that would otherwise be spent running the business. Further, it is not often the case that a company's employees will have previously held key leadership roles during a monitorship. A company-support forensic firm can provide the requisite experience and resources to alleviate these pressures.
Below, we highlight several areas where companies under monitorship may benefit from engaging a company-support forensic firm.
Navigating the nuances of monitorships and certification decisions
Under each monitorship there will come at least one critical moment where the monitor will need to determine whether the company has successfully mitigated the risks that originally led to his or her appointment. As part of this certification decision, the monitor may consider the company's plans for the future, whether it has a strong compliance 'tone at the top', whether its remediation measures are well designed, sustainable and effective, and how fully the company has addressed the monitor's concerns. A company-support forensic team helps the company's management better anticipate necessary changes and provide insight into the monitor's role.
Further, an experienced company-support forensic team can help the company understand which factors the monitor may consider in his or her decisions and ensure the company has adequate resources to focus on the key areas of business the monitor will focus on. For example, the monitor of a company under Foreign Corrupt Practices Act (FCPA) monitorship for past conduct relating to bribes facilitated via payments to vendors will likely place a high emphasis on ensuring the company has a robust, sustainable and well-controlled vendor due diligence programme in place, as well as a strong compliance department that exercises sufficient monitoring and oversight over this due diligence process.
Responding to requests
In many situations, the monitor will use a forensic firm to analyse the company's internal controls. A company-support forensic firm offers supplementary assistance, helping the company understand the monitor's requests for documents and data to fulfil his or her role. This can be effective as it eases the burden on employees.
A company-support forensic firm also helps prepare the company's approach to the monitorship. For example, if the monitor requests 'all documents' relating to a disbursement transaction, the forensic team can help the company prepare a checklist for the type of documentation the company would likely retain for such a transaction, including the contract with the vendor, vendor due diligence files, invoices, purchase orders, accounting system screenshots and relevant correspondence. Providing these documents upfront will minimise the burden on the company and facilitate a smoother working relationship with the monitor.
Preventing monitor 'scope creep'
A company should be mindful of the monitor's potential 'scope creep', where the monitor's requests for information and data relate to areas outside the purview of the monitorship. Scope creep can cost a company time and money, as well as increase its exposure, and a company-support forensic firm may be able to support the company in identifying and formulating responses to requests that are out of the monitor's purview.
Developing and executing remediation plans
Following the monitor's recommendations, the company may develop, execute, test and communicate its remediation plans, as well as provide training to its employees. A forensic firm may help interpret the monitor's recommendations and support the company's remediation plans. Further, monitor recommendations often require enhancements to – or even replacing – the company's systems. It is often the case with compliance issues that communication issues are to blame. A forensic firm with systems-related expertise can help evaluate the company's information technology, including determining whether systems are fit for purpose, and assist the company with any necessary implementations.
Remediating issues at local branches
Often, large organisations struggle to roll out new processes and controls to remote branch locations or subsidiaries. Challenges may arise owing to language barriers, time-zone constraints, a lack of resources, localised policies and procedures, and poor communication between employees. Again, a forensic firm may be able to provide the necessary support to a company by assisting communication and remediation, and providing resources.
Internal audit and investigations guidance
In certain types of monitorships, the monitor may consider the sufficiency of a company's internal audit and investigations teams, in which case forensic firms can employ professional with in-house or external experience in these areas. This may include providing internal audit teams with guidance on improving the level and type of documentation in their work papers, ensuring audit work programmes capture relevant regulatory risks, and delivering reporting that clearly articulates key observations. Similarly, an inexperienced internal investigations team could benefit from observing how the company-support forensic firm conducts an investigation into a hotline complaint regarding alleged misconduct (i.e., a shadow investigation).
Proactive testing and assessment of implementations
Engaging a forensic firm with sufficient monitorship experience can help a company understand how the monitor may carry out his or her assessment during the initial phases of the monitorship, for example, by testing controls related to the company's disbursements process. The same holds true for assessing the company's technical and systems landscape to ensure it is suitable. Remediation often takes companies significantly longer than they anticipate, and a forensic firm can address this early on by providing feedback addressing areas of focus or pre-empting the most complex remediation. A head start increases the company's chances of successfully ending the monitorship within the initially defined term by allowing more time for remediation and spreading out the burden placed on employees over a longer period of time.
The forensic firm can also partner with the company's internal audit team to leverage testing that the audit team already performs to avoid duplication of efforts. Depending on the monitorship's established reporting cadence, a company may not receive feedback from the monitor outside of predefined intervals – sometimes even as infrequently as once per year. The forensic firm's proactive testing can be an important measure to mitigate any risk that the company does not receive critical feedback when it is too late to address potential shortcomings.
Frequently, companies undergoing a monitorship lack the necessary resources to adequately triage the company's controls landscape, perform baseline risk assessments, assess systems and monitoring capabilities, ensure processes are carried out in a timely and effective manner, and develop action plans to address critical issues. While hiring additional employees is often necessary, commencing a recruiting campaign and identifying the right candidates may not be feasible in the short term.
As well as providing supplementary resources to a company, guidance from a forensic firm may take the form of an advisory role, such as reviewing a draft policy, as well as support for implementation efforts. In a different capacity, the forensic firm may supply resources for analyst roles as a temporary measure for organisations with resource or knowledge constraints. For example, a financial institution with a backlog of 'know your customer' forms to complete as part of its new customer onboarding process owing to a shortage of resources may consider retaining the forensic firm for temporary support completing said reviews. Such resources can also alleviate the burden on the company's full-time employees, additional to the daily duties, to respond to monitor requests (e.g., for data, documents or interviews).
Project management support
Successfully navigating a monitorship requires a strong project management programme, and companies often lack the capacity for this, which can hinder their ability to sufficiently enhance their controls within the monitorship. There may also be situations where companies lack an organised process for gathering and delivering requested documents to the monitor, thereby delaying the monitor's ability to assess remediations. If a company cannot implement enhancements and the monitor cannot obtain evidence of the enhancements in a timely manner, a company could find itself in the costly position of a monitorship extension. Forensic consultants from reputable firms possess project management experience in sensitive, time-critical situations, and can take on many of the imminent project management requirements while the company is under monitorship.
Monitor-support forensic firms
Once selected, monitors have a difficult task ahead: sifting through large volumes of data and documents, understanding complex global organisations from top to bottom, and making critical evaluations of many components of an organisation's operational and technical infrastructure, often while navigating the additional nuances resulting from a cross-border assignment. It is critical, therefore, that monitors carefully consider how to structure a team that has sufficient subject-matter expertise, industry knowledge, technical and analytical skills, and resources to meet the objectives the regulators established for the monitorship. A monitor-support forensic firm can help a monitor achieve this.
Meeting regulators' expectations
Regulators expect the monitor to have a well-rounded team that includes professionals with skills outside the monitor's primary expertise. In these situations, selecting a monitor-support forensic firm to complement the monitor's team is more than simply a best practice. In situations where the regulator does not explicitly require a monitor-support forensic firm, including a multifaceted team during the monitor-selection phase can bode well. The monitor-support forensic firm's reputation and experience can enhance the monitor's profile – especially if the monitor-support forensic firm has worked with the regulator previously.
In recent years, the Department of Justice (DOJ) has placed increasing emphasis on the use of data analytics through the establishment of its own Data Analytics Team. Hui Chen, former compliance consultant to the DOJ, stated that, '[t]he Fraud Section's data analytics capacity building is a recognition of the importance of data science in compliance and investigations, and the move places it well ahead of most corporate compliance programs in the ability to detect crimes.'2 Often, companies not only perform ongoing monitoring and testing, but the monitor engages a forensic firm to. An emphasis on data analytics to underpin this work was apparent by Fraud Section requests to include data requests as part of pitches and the practice for monitors to identify and bring to pitches their forensic consultant of choice.
Structuring the monitor's assessment
During the initial planning phases, it is important to conduct a thorough risk assessment of the company, identifying the risks relevant to the monitorship (e.g., geographically, by customer type or by business unit). A forensic firm experienced in assessments related to the nature of the monitorship will be adept in identifying these risks through a combination of analytics, targeted review of documents and interviews.
The monitor-support forensic firm uses information gathered during the risk assessment to build a work plan for the assignment. A well-designed work plan is critical to ensuring the monitor understands the level and depth of analysis required in key areas of the business based on identified risks, and helps lay out the timing for completing assessments to ensure the monitor's objectives can be achieved within the time frame set forth in the applicable settlement agreement. For example, the monitor-support forensic firm may compile a detailed schedule that includes the timing of specific steps that the monitor-support team and the monitor's team need to perform to facilitate the monitor's assessment, including when sample selections would be communicated to the company, the company's deadlines for producing documents in response to the sample selection, and the anticipated dates for site visits to the company's global locations. This schedule may be shared with the company in advance.
A monitor will separately be concerned in some detail by the organisation's own risk assessment, which represents one dimension of its compliance risk management framework and control environment. Monitor-support forensic firms are adept in taking the evaluation one step further to assess whether the company's risk responses have been designed effectively so as to adequately mitigate certain key risks presented in the risk assessment.
Analysis, testing, reporting and certification
The monitor-support forensic firm can serve a critical role in supporting the monitor in understanding what went wrong historically, performing the baseline assessment of the company, determining what remedial actions the company needs to take, and assessing the company's progress in implementing these remedial actions through transaction review, data analytics and controls testing. Through this testing, the monitor-support forensic firm will be able to deliver examples of what is actually happening in practice within the company and to help pinpoint existing or remaining risk areas or weaknesses.
Data analysis, transaction testing and controls testing often follows a risk-based approach. Planning begins with the risk assessment (see above), understanding compliance risks inherent to the business (e.g., geographical, the nature of the product, routes to market or types of customers). This is supplemented by an understanding of relevant IT systems and data sources, along with the control environment and an evaluation of whether the company has an adequate understanding of relevant risks and adequate controls in place to mitigate relevant risks.
Transactions can be drawn from any number of data sources and for a variety of purposes depending on the risk focus. This is to determine, for example, whether a higher-risk transaction has been executed in line with the company's policies and procedures, or contracts, whether there is proper business rationale for the transaction, whether it has been recorded and documented appropriately, and whether controls have operated effectively. Transaction testing may identify individual or isolated issues, or may provide information about systemic issues. In either case, the monitor-support forensic firm, with knowledge of the specific issues, will be able to design practical recommendations. On the other hand, transaction testing may provide evidence that risks have been adequately addressed, which will also be important in presenting a balanced report.
Monitor-support forensic firms perform elements of control testing through the transaction testing outlined above. However, a monitorship will often require a more holistic evaluation of company's control environment. This would consider assessing whether controls are correctly designed, implemented fully, and working effectively, including whether the controls have the necessary impact once in place and whether the company has adequate resources to perform the control.
Testing is also used to assess the effectiveness of remediation efforts. For example, the monitor may have recommended that the company implements a system control to prevent payment to third parties that have not been successfully diligent. The monitor-support forensic firm may test a sample of payments to third-parties, post implementation of this system control, to determine whether the control has indeed been implemented and whether it has been operating effectively to prevent such payments. Monitor-support forensic firms will often also consider the sustainability of controls over the long term by weighing whether the proposed or newly added control comes as too high a cost (e.g., in time, resource, or budgetary requirements) such that a risks exists that the organisation may abandon the control at a later point.
Further, as the monitorship progresses, the monitor will need to make important decisions regarding the company's readiness for certification. Monitor-support forensic firms understand the nuances required in contemplating certification, and can draw on experience in other matters to provide the monitor guidance in assessing which concerns within the company are the most critical for the company to remediate, given the historical concerns underlying the settlement agreement.
Navigating data access, privacy and secrecy considerations
Locale-specific statutes and regulations – such as the French Blocking Statute, Chinese Cybersecurity Law, Russian data localisation laws and other legal constraints – present monitors with significant challenges in collecting and analysing data, and monitors must frequently establish protocols to address regulations across jurisdictions. The May 2018 enactment of the EU General Data Protection Regulation (GDPR) has further compounded the challenges monitors face. Monitors often rely heavily on forensic firms to support the collection, management and analysis of data throughout the monitorship.
Sophisticated monitor-support forensic firms can be instrumental in devising nimble solutions and processes to overcome data challenges. It is not uncommon to face situations where data cannot move outside a certain jurisdiction, location or be accessed at all owing to data privacy and confidentiality requirements, including in situations with a complex systems landscape and in jurisdictions with stringent data privacy requirements. In these situations, a monitor-support forensic firm, understanding the underlying purpose and nuances of these regulations and restrictions, works with companies to develop a process to access the information needed to perform the analysis while ensuring confidentiality and data-privacy provisions are not breached. For example, to handle particularly sensitive data, a firm may establish mechanisms for transferring only sanitised versions of documents for review, with the confidential information visible only when accessing the information in a jurisdiction where such access is allowed. This solution requires a strong understanding of the local regulations, the ability to effectively communicate with the company and their counsel to reassure them that the solution will satisfy their concerns, and finally, the technological know-how to develop on-site solutions and ensure protocols cannot be broken.
Selecting a forensic firm
Since every monitorship is different, it is important to consider the nature, complexity and subject matter of the assignment at hand when evaluating contenders for the role of forensic firm.
Industry and subject-matter expertise
As with engaging any professional services firm, it is important to assess the level of expertise the forensic firm has that is relevant to the monitorship at hand. As outlined at the beginning of this chapter, forensic firms often employ individuals with a variety of backgrounds. A forensic firm's prior experience in the subject matter and industry of the monitorship is an important consideration during the interview process, since the analysis required during a monitorship into bribery and corruption concerns will involve different skill sets than a monitorship regarding environmental matters. For example, a monitorship of a global bank regarding money laundering concerns would require the ability to understand where specific compliance risks lie within a complex, global organisation. Therefore, a prudent selection for this matter would be a forensic firm that would staff the engagement with a team of experts with experience performing risk mappings of international financial institutions and evaluating the internal control framework and governance structure of a global bank within this risk mapping.
It is also important to consider what type of assessment the monitorship will entail. For example, enforcement monitorships – where the selected monitor has a highly prescribed roadmap of what the assessment should include – require a different type of analysis and prior experience than a monitorship with a broader mandate, such as one focused on FCPA issues where the monitor is tasked with performing a root-cause analysis. In the latter, it is critical to ensure that a monitor selects a forensic firm with sufficient experience and requisite subject-matter knowledge to be able to perform the required root-cause analysis.
Experience and credibility with regulators
Many forensic firms have significant experience working with certain regulators, and some even hire professionals who have worked for a regulator in the past. Engaging a forensic firm that has experience with a specific regulator (e.g., DOJ, Securities and Exchange Commission (SEC), Environmental Protection Agency) is crucial for understanding that regulator's expectations and anticipating potential areas where the regulator may have concerns as the monitorship progress.
Systems, data management and analytics expertise
Employing a forensic firm with deep information technology expertise is crucial for a number of reasons. First, at its most basic level, when assessments are conducted and recommendations are made, these insights should be as data and empirically driven as possible. Therefore, with data having such a foundational role in the work conducted during a monitorship, having a forensic firm with the expertise to identify, collect, analyse and report on data from a variety of sources, and in disparate formats, is crucial to their efficiency and effectiveness.
Global companies often have myriad data sources and systems, and navigating the systems to extract the necessary information can prove challenging. The IT systems landscape becomes increasingly complicated for companies that have expanded through acquisitions or maintain different systems in different locations. When handed a request for information (e.g., a list of global clients), companies often have a hard time figuring out how to pull the needed data from the various systems. A skilled forensic firm works with companies to navigate these challenges and is aware of potential pain points in the data collection process. As part of the monitor's team, a monitor-support forensic firm can ensure requests are specific, targeted and formulated in a way that will make sense to a company's IT team.
Depending on the type of monitorship, the forensic firm's technical skill sets will often also be valuable in assessing the technical and systems environment to ensure that it is appropriate and capable of supporting the operational and compliance functions within the company. This means that expertise around systems implementation and integration, data transfer, and data governance is necessary to not only make the right assessments, but also provide the needed insight in remediation of issues or gaps that are identified. Such assessments can help a monitor's team evaluate controls embedded within systems and the governance around systems implementation efforts. It is also often important for a company-support forensic firm to have strong information technology skills to support the company.
Additionally, in cross-border and multi-jurisdictional engagements, it is inevitable that there will be data privacy and management hurdles to address while still ensuring that data can be collected, reviewed, and analysed in a way in that is fruitful and beneficial to the end goals of the monitorship. Forensic firms should not only have the experience in dealing with these constraints, but also be able to provide bespoke solutions to adhere to regulations while still proceeding with work plans and target deliverables.
Finally, the incorporation of data analytics in surveillance and monitoring activities within companies is no longer new or cutting edge, but a requirement as part of a robust and effective operational and compliance programme. This general expertise will likely exist within many companies in this day and age, but a good forensic firm will have data analytics specialists with experience in developing data analytics and data visualisations to help identify suspicious behaviour and mitigate risks. This expertise is necessary in assessing monitoring programmes, but even more useful in helping companies develop proactive monitoring programmes specifically tailored to the company's risk areas and profile.
A company-support forensic firm can develop sophisticated monitoring tools (i.e., risk-related analytics that can be visualised via, for example, dashboards) that allow the companies' management to quickly delve into large volumes of data to extract key observations and identify areas of potential risk. The monitor can also leverage dashboards to perform deeper analysis of trends (e.g., unusual spikes in sales), volume of activity (e.g., number and dollar value of payments), and activity by location (e.g., high-risk transaction types occurring in higher-risk jurisdictions). Insights gleaned from this data analysis can provide the monitor with better informed samples during a risk-based sample selection and testing.
Forensic firm's staffing and project approach
It is important to establish the forensic firm's approach to the assignment, including plans for staffing. A skilled forensic firm should ensure that its contributions are always in support of the monitor (or a monitor-response team), that teams are appropriately and sufficiently staffed, and that it plans to efficiently complete all tasks leading toward the conclusion of the monitorship. Above all, the forensic firm should have sufficient measures in place to ensure that it follows methodical and defensible analysis and reporting to meet the needs of the defined scope of the engagement as defined in the applicable settlement agreement.
Since monitorships often extend over multiple years, it is important to consider whether the potential forensic firm has sufficient depth to staff the engagement at present, as well as to add additional resources if necessitated by the scope or turnover among staffed resources. When retained for a sizable engagement, smaller forensic firms sometimes staff their teams with external contractors. Other forensic firms draw on external contractors for specific language or technical expertise. When interviewing a forensic firm that uses external contractors, it is important to inquire how the forensic firm exercises sufficient oversight over external resources to ensure consistent, defensible analysis and reporting.
If a monitorship is cross-border, involving subsidiaries or entities located in multiple countries, it is important to consider the potential forensic firm's global experience. A forensic firm with global experience will likely have diverse language skills, experience working in multiple regions, and a more sophisticated understanding of potentially applicable regulations (e.g., related to data privacy and the transfer of data), as well as likely be more sensitive to cultural differences that can arise while working in foreign jurisdictions. It is important to understand whether the forensic firm has sufficient expertise in-house, will staff the engagement with personnel from other locations, or will hire external contractors (either to add to head count or to bolster specific language or technical expertise), with the objective of ensuring the forensic firm utilises sufficiently trained resources who are working under adequate oversight.
Like law firms, forensic firms need to ensure they do not accept work on matters that would present a conflict of interest to the potential client or any existing conflicts. It is important to understand whether a potential forensic firm would have any conflicts of interest during the hiring process. The types of conflicts that may arise – and how a forensic firm perceives them – varies based on the size and specific policies of the firm. A forensic practice that is part of a large audit firm, for example, will be conflicted from providing certain forensic services (monitorship- and non-monitorship-related) to current and future audit clients.
Engaging a forensic firm
The process for engaging a forensic firm is similar to that of retaining a law firm. Once the forensic firm assesses and clears any potential conflicts of interest with other parties involved in the matter, the forensic firm enters into an engagement agreement with the company retaining the forensic firm's services or the company's external counsel. These engagement agreements include key contractual terms such as the scope of the engagement (often closely linked to the regulator's mandate as set forth in the applicable settlement agreement) and how the forensic firm will bill for its services. Companies seeking a forensic firm for its monitor-response team should work with external counsel (if applicable) to determine whether the forensic firm should be retained such that the forensic firm's work product and communications would be covered under any attorney–client privilege the company maintains through its retention of external counsel.
Best practices for leveraging the forensic firm's expertise
Engagements are most successful when the forensic firm is involved throughout the life cycle of the monitorship, beginning with the initial stages of the process, so that all knowledge can be leveraged and the most efficient work plan can be created. For monitors, this would mean engaging a monitor-support forensic firm during the selection phase, as the monitor-support forensic firm can provide additional insight in the scoping and engagement planning stages. Decisions made early in the engagement, such as establishing a process for handling data privacy concerns on a cross-border assignment, can have a long-lasting impact if a monitorship spans multiple years, so it is important to seek the monitor-support forensic firm's guidance on these areas as early as possible.
The monitor should collaborate with the monitor-support forensic firm to define the cadence and team structure that makes most sense for the matter. Sometimes the monitor and monitor-support forensic firm work simultaneously (e.g., joint document review, site visits). In other instances, the monitor requests the monitor-support forensic firm perform site visits and testing ahead of the monitor's own assessment. While both strategies have pros and cons, it is essential to consider the specific nature of the monitorship (e.g., company size, breadth and depth of operations, regulator and data complexities) and strengths of the various parties comprising the monitor's team to establish the best approach. Proactive establishment of communication channels, timeline, and expected reporting is also essential to building strong working relationships across the monitor's team.
The price tag for engaging a forensic firm may seem expensive; however, companies should weigh this against the cost of not satisfying the requirements to conclude the monitorship. The potential exists for significant additional fines, professional and legal fees, monitor fees, and added reputational risk if a company fails to meet the monitor's requests and the monitor is unable to certify and requires an extension of the monitorship period.
We suggest that companies retain a company-support forensic firm as soon as a mandated monitorship becomes imminent – if not earlier. Many regulators, including the SEC and DOJ, consider whether a company has proactively started addressing concerns related to the alleged misconduct when assessing fines and penalties. However, if a company enters into a monitorship but has yet to retain a company-support forensic firm, it is not too late. For the reasons described above, forensic firms can support companies and monitors throughout all phases of a monitorship.