Today’s complex investigation and litigation environments are posing significant logistical challenges for companies. Increased reputational risks arising from bad publicity following a regulatory investigation, prosecution or civil suit is influencing the global and local markets, leaving those companies without practical solutions in place at a significant disadvantage.
“It is no longer simply about ‘ticking the boxes’, but rather ensuring reputations are not severely tarnished by falling foul of regulators for failing to meet the deadlines imposed and requests for information. The recent increase in dawn raids, or unannounced inspections, by the competition authorities in South Africa when they suspect a company of anti-competitive behaviour, for example, is a case in point. In September 2015 alone, there were two raids in just one week, and most companies are simply not adequately prepared for this type of sudden access of their premises. The frequency of these raids across different industries can be expected to increase further in the year ahead,” says Clayton Thomopoulos, a director with Deloitte Risk Advisory.
Meanwhile the Association of Certified Fraud Examiners 2014 Global Fraud Study analysed 1,483 cases of occupational fraud that occurred in more than 100 countries and shows that while fraud is a global phenomenon and is on the rise, Sub-Saharan Africa had the second highest number of cases behind the US – at 173, or 12,8% of the total for a median loss of $120 000.
Notably, the survey shows that in nearly one-third of the cases, the victim organization lacked the appropriate internal controls to prevent the fraud, which reinforces the importance of targeted anti-fraud controls.
The most effective manner in which companies can address these intense compliance investigations and regulations, and also help mitigate fraud, is to harness the power of technology based solutions that can cut through swathes of data in a fraction of the time a team of people would have taken to do it. Computers also reduce the risk of human error and fatigue.
The solution – called eDiscovery – is becoming more important because an entire business dispute, commercial investigation, or multi-million-rand litigation may hinge on identifying when a single piece of data was communicated, generated, altered or deleted, by and to whom, and under what circumstances.
“Litigation is dependent upon the nature of the case and its urgency, with SA companies now in the glare of regulations such as the UK Bribery Act, the Corrupt Practices Act in the US, and Foreign Account Tax Compliance Act. Add to these local regulation from competition authorities, upcoming data privacy rules and to the recent investigation of products such as credit life policies by the National Credit Regulator which have received significant media attention,” says director of RA Legal, Dean Chivers.
The US enacted the Foreign Account Tax Compliance Act (FATCA) in 2010 to combat offshore tax evasion, while in June 2014 SA and the US signed an intergovernmental agreement to improve international tax compliance and to implement the FATCA.
Whilst the Protection of Personal Information Act has been signed into law, it is still awaiting an effective date. However, Mr Chivers says the risk for companies not applying strict data privacy rules is that they could miss an opportunity to conduct business with major trading partners abroad as most countries already have such regulator gathering all data flaws.
“The EU is already expecting those businesses it trades with to meet far stricter data privacy requirements. It is clear a pre-emptive strategy is the best one to adopt – but this means determining how best to treat data and having measures in place to ensure any investigation or litigation is handled efficiently and effectively,” he says.
Meanwhile, the National Credit Regulator and consumer watchdogs in South Africa are taking aim at companies over the way they have sold credit life policies in the past.
Thomopoulos expects SA companies and even government departments and the courts to begin embracing technology such as eDiscovery solutions.
“I expect a lot more usage locally over the next year. This technology is substantially faster than requesting a team of individuals to trawl through documentation. We have conducted research based on a sample of 1,5-million documents and it showed that whilst a human can handle approximately 400 documents a day, the system handles approximately 150 000 – and there is reduced risk of error as a result of fatigue,” he says.
By utilising a system to manage data and review processes, companies can improve their readiness for an investigation or requests emanating from a dawn raid.
“The pre-emptive part remains important as simply hoping you won’t be the next one to be shut down at dawn is too risky. Companies should be training their staff and encouraging them to be in a risk resistant environment – internal risks should be continually tested. They should also be encouraged to come forward when they suspect an issue,” says Thomopoulos.
The legal profession is changing globally to adopt technology in discovery processes, where millions of documents in dispute can see cases dragging on unnecessarily. Clients were previously prepared to pay a lawyer for these processes on an hourly basis – but clients are understandably becoming far more discerning now when it comes cost and efficiency management from experts. It is important that a client receives the most effective and efficient advice and services from experts.
“Globally law firms and forensic practitioners are realising there are quicker more efficient and improved ways to address issues as are the regulators,” says Chivers.