Few situations can cause as much stress to IT departments as a regulatory request for information. With little warning, teams are required to trawl through copious amounts of data, in an attempt to extract relevant material.
Regulatory requests can stem from one of the many agencies charged with ensuring organisations, including businesses and charities, comply with domestic and international regulations. No longer content with requesting information in relation to anti-trust and unfair competition; state, federal, and global enforcement bodies are demanding data from companies relating to:
- Bribery and corruption;
- Finance and accounting;
- Consumer protection;
- Environment protection;
- Data protection;
- Food and drug safety;
- Trade practices.
And things are unlikely to improve. Over 50,000 regulations were published across the G20 between 2009 and 2012. Reuters reported in September 2018 that “A drive to crack down on corruption is taking the business world by storm, as more jurisdictions adopt new anti-bribery regimes or step up enforcement of existing ones”.
The challenges facing IT departments regarding regulatory requests
There are 2.5 quintillion bytes of data created every day, with almost 90% of this formed in the last two years. Even a medium-size company or charity creates mind-boggling amounts of data, and in the event of a regulatory request, not only does relevant information have to be located and analysed, but it must also be scanned for legal privilege and data protection rights.
Overwhelmed legal teams often look imploringly in IT’s direction, hoping they can magic up a solution to a seemingly insurmountable problem. But without the proper resources and training, even the most skilled IT professional can find it difficult to deal with the challenge of regulatory request discovery.
In most cases, one of two solutions are employed:
- Outsource the work to an external provider or law firm
- Muddle through with existing resources
Both these methods are far from ideal, presenting the risks of high-cost, critical errors, and an inability to meet the regulator’s deadline for handing over the information. This can lead to a further investigation, a fine and/or reputational damage.
The solution - eDiscovery
eDiscovery tools provide the ideal system for identifying, collecting, analysing, and presenting material related to regulatory requests. Responding to such requests for information is now the number one reason organisations use eDiscovery.
Extracting data required for regulatory requests is disruptive for IT teams. eDiscovery automates the process, reducing the instances of error handling and the need for manual work. Also, the collection of data can be done outside of office hours, minimizing disturbance to day-to-day tasks and the risk of bandwidth implications (and the subsequent increase in calls to helpdesk from staff complaining of the slow network). Today’s Do It Yourself (DIY) SaaS-based eDiscovery solutions provide numerous advantages for IT teams in situations where regulatory requests are issued, including:
- no installation of on-site hardware or software is required
- monthly payments instead of large capital investments which will hit your IT department budget and make it difficult to create a solid business case to invest in the solution
- scalability as and when you require
- constant updates, providing the most advanced technology available
- simple to use
- quality customer support, allowing the solution to be customized
eDiscovery also reduces costs by condensing datasets by up to 90% through quickly removing duplicated and irrelevant system files. With both IT and legal team budgets tightly constrained in most organisations, being able to keep a handle on discovery costs is imperative. Then there is the matter of security – ISO 27000 security is the defacto standard used in the eDiscovery industry and allows for better security of sensitive data as it is being transferred and, because it lies in-house, the IT team always have full control and monitoring of the process.
What this means for your IT team
Having access to an eDiscovery system on a ‘pay as you use’ basis (subscriptions can be charged per Gigabyte), provides an IT department with the resources needed to support the legal team with their regulatory request challenges. In addition, being able to keep your data in-house, rather than send it to third-parties mitigates cyber-security risks.
eDiscovery methods are unmatched when it comes to responding to regulatory requests for information with speed, accuracy, and in a compliant way. Not only that, having eDiscovery solutions in-house improves cooperation between the legal and IT departments, eliminating the dangerous silos which can leave an organisation wide-open to cyber-attacks.
To find out more about the advantages of in-house eDiscovery software and technology, you can download our white paper entitled “Efficiently Answering Regulatory Requests".