6 minutes reading

Internal Company Fraud Investigations | The Essential Guide For In-house Counsel

Corporate fraud is rampant—and nearly half of companies aren’t even investigating it. 

That’s the message from PwC’s Global Economic Crime and Fraud Survey 2020, which surveyed more than 5,000 companies globally about their experience with fraud over the last two years. Nearly half—47 percent—stated that their companies had experienced fraud in that time frame, at a total cost of $42 billion. Remarkably, 44 percent of those organizations that suffered a fraud incident conducted absolutely no investigation into the incident.

How can your organization do better? That’s what this blog post addresses. We’ll start with the basics about what an internal fraud investigation is and when you need to start an investigation. Then we’ll consider three ways that eDiscovery technology can help companies manage information during internal fraud investigations. 


What is an internal fraud investigation?
When should a company launch an internal fraud investigation?
The costs of a fraud investigation
How technology can help with internal fraud investigations
1. Preserving information for investigation and later use
2. Reviewing volumes of information to identify what’s important
3. Conducting early case assessment
eDiscovery technology makes internal fraud investigations manageable 


eDiscovery 101 - Lead Mag Whitepaper DL


Download the whitepaper to learn how eDiscovery helps you easily sift through huge volumes of data and find all relevant documents for a case in a fast and cost-effective manner.

What is an internal fraud investigation? 

An internal fraud investigation is a fact-finding mission that a company conducts in response to evidence or an allegation of fraud. The company’s goals are to determine whether any fraud occurred and, if so, who was involved in perpetrating it and what assets were lost or misappropriated as a result. To do that, an investigative team will review records and documents and interview witnesses. Should an investigation reveal that fraud occurred, the company is likely to discipline or terminate any involved employees and a civil suit or criminal prosecution—or both—may ensue.

Internal investigations begin with some kind of claim about misconduct. Well-known examples of corporate fraud include:

  • The Waste Management fraud, where a new CEO realized that the former executives “engaged in a systematic scheme to falsify and misrepresent [the company’s] financial results with profits being overstated by $1.7 billion”;
  • The Enron scandal, in which company executives and the company’s accounting firm “cheated investors and enriched themselves through complex accounting gimmicks like overvaluing assets to boost cash flow and earnings statements”; and
  • The Wells Fargo fraudulent account deception, in which bank employees, “under pressure to meet sales quotas … opened millions of [unauthorized] savings and checking accounts in the names of actual customers.” 

Most fraud incidents don’t rise to the level of being national news—but that doesn’t mean they’re not important. 

When should a company launch an internal fraud investigation? 

Allegations of fraud vary widely in their scope, seriousness, and potential repercussions, so a company’s response to a suspected fraud should also be flexible and adaptable. There is no single right way to handle every complaint or conduct every investigation.

While some financial violations and recordkeeping disparities must be reported and investigated upon discovery, the response to an allegation is often discretionary. Therefore, a company that learns of a potential fraud must decide whether or not to investigate further. To do so, the corporate legal department should consider the following: 

  • How serious is the allegation?
  • Who is involved in the potential fraud? Is the alleged perpetrator a rank-and-file employee, a supervisor, or a high-level executive or board member?
  • If the allegation is founded and it becomes public, what is the extent of the company’s exposure?
  • Is the allegation likely to result in a government investigation? Is the allegation something that must be reported to a regulatory official?
  • Could the allegation, if true, lead to civil or criminal liability for the company or its officers? Can the company avoid or lessen any penalties by promptly investigating and reporting the conduct? 

In the face of these risks, why do nearly half of companies not investigate potential fraud incidents? 

The costs of a fraud investigation 

There’s no avoiding the fact that an internal fraud investigation costs money and consumes valuable time. In some cases, the cost of reviewing documents for an internal investigation can rival the costs of eDiscovery and litigation. If the investigation team fails to properly define and limit the scope of an investigation, it can drag on for an extended, sometimes seemingly endless, period of time. This increases the risk that the investigation will damage employee morale and lead to suspicion, disengagement, and reduced employee willingness to report problems or cooperate with questioning.

There’s another risk of investigating apparent wrongdoing: the company may inadvertently waive its attorney-client privilege in the process. For example, sharing information—by discussing the facts with witnesses, auditors, or regulatory authorities—can waive the company’s privilege. Just as often, however, companies find that they haven’t waived their attorney-client privilege because it never existed to begin with. This can occur when a company undertakes an investigation for what is determined to be a “business purpose,” such as minimizing liability or financial losses, rather than for the purpose of obtaining legal advice.

However, while there are risks associated with investigating, the risks of not doing so are usually more substantial. Without an investigation, the company won’t find out what really happened, which leaves open the possibility of it happening again. The company and its officers may also find themselves criminally or civilly liable for misconduct. In that event, public scandal and financial ruin may be close behind.

Fortunately, most companies—even those that have shied away from completing investigations—are likely to have experience with a similar process: eDiscovery. The same tactics and tools that help companies prepare for and manage litigation can be used to investigate allegations of fraud. 


How technology can help with internal fraud investigations 

The technology that companies use for eDiscovery can easily be repurposed for use in internal fraud investigations. Here are three of the most useful applications. 


1. Preserving information for investigation and later use 

A company cannot conduct a meaningful investigation without evidence. That’s why an investigative team must take immediate action to promptly identify and preserve potentially helpful information. Fortunately, companies typically already have experience with this step, as well as the tools to facilitate it, through their eDiscovery process

As soon as a company learns of a potential fraud incident, it should suspend its normal retention and information-disposal procedures and place a legal hold on any evidence that is or may be relevant to the investigation, just as the company would do if it were notified of a pending or anticipated litigation matter.

Evidence relevant to a fraud investigation may include: 

  • invoices, receipts, and other accounting records;
  • emails, text messages, and other forms of communication, both internal and external; and
  • corporate records and other types of files and documents, both electronic and hard copy, related to any involved or suspected employees. 

Collecting and preserving evidence for a fraud investigation serves two purposes. Not only will the company need this information for its internal fraud investigation, but regulatory agencies and government authorities may also demand this information should the matter proceed to a regulatory inquiry or a civil or criminal lawsuit. 


2. Reviewing volumes of information to identify what’s important 

As an investigation begins, the investigative team needs to assemble and interpret the facts about what happened. Early on, each piece of relevant evidence is likely to point toward additional information that may be useful. While this natural expansion of evidence helps to surface additional clues, it can quickly result in an overwhelming volume of information.

To more easily manage the reams of documentary evidence that the investigative team may unearth, the company should leverage its existing eDiscovery tools. Document review can be the most time-consuming and expensive part of an investigation, but eDiscovery technology can dramatically lighten the load by weeding out irrelevant documents and floating more substantive information to the top of the pile.

Once the investigating team has a clearer picture of the facts from its review of documents, it can move on to witness interviews. Note that the team should review any related documents before interviewing witnesses so that it can be prepared to confront them, if necessary, with evidence that contradicts their version of events. This ensures better results from the start and avoids the confusion—and added cost—of a second round of interviews. 


3. Conducting early case assessment 

Smart companies conduct early case assessment (ECA) to gain rapid insight into the viability of a potential litigation claim—and the same approach works with investigations. Companies can use document review technology and ECA tools to determine which evidence is most impactful and, from there, discern what the likely outcome of the investigation may be. That can help organizations make faster decisions about how to proceed with a fraud investigation, whether that means halting the investigation because there’s insufficient evidence of misconduct, continuing to dig deeper, or turning the entire situation over to a regulatory or government agency for evaluation. 


eDiscovery technology makes internal fraud investigations manageable 

Until companies find a way to prevent employee and officer fraud entirely, they need to be prepared to promptly and fully investigate allegations of fraud among their ranks. Doing so can minimize the damage to the company’s reputation, its bottom line, and ultimately its very existence.

The approaches and tools developed for eDiscovery can help companies manage the high stakes of an internal fraud investigation. ZyLAB is here to help with best-in-class automated eDiscovery tools. From legal hold to technology-assisted review, ZyLAB provides a secure, accessible platform, enhanced with the power of artificial intelligence and natural language processing, for companies to collect, review, and evaluate information for litigation and internal investigations.