Investigating the Insider

By Michael J. Missal and Andrew H. Feller


Anyone involved in an investigation must be aware of the legal issue of privilege when writing reports or communicating about the case.

Broadly speaking, the attorney-client privilege protects from discovery any confidential communications between a lawyer and his or her client if they were for the purpose of rendering or obtaining legal advice. In the corporate context, the privilege applies to communications between in-house or outside counsel to a company and employees of the company if the communications are intended to assist counsel in rendering legal advice to the company.

The attorney work-product doctrine provides protection for any documents prepared by counsel in anticipation of litigation. Private litigants and government investigators frequently seek to obtain documents that were part of an internal investigation. Because of the sensitivity of such documents, companies often fight to resist those efforts by claiming the protection of the attorney-client privilege and work-product doctrine.

As a general rule, if information is not maintained in a confidential manner, it will be difficult to maintain any privilege. For example, if the results of an investigation are to be publicly released, it will be difficult to maintain attorney-client privilege.

Even an oral briefing of government investigators by counsel, subject to a confidentiality agreement, could be interpreted by the courts as a waiver of the privilege. For example, on July 20, 2006, Gregory Reyes, the former CEO of Brocade Communications, was charged by both the SEC and the DOJ with securities fraud in connection with an alleged scheme to award backdated options to company recruits. Details of the activity in question had been provided to the government by the law firms that had been hired by the company to conduct an internal investigation.

When the company tried to have the information ruled as inadmissible because it was protected by attorney-client privilege, the court said the privilege had been waived when the lawyers briefed the government. (U.S. v. Reyes, U.S. District Court for the Northern District of California, 2006).

The work-product doctrine can be similarly difficult to establish. Because it only applies to documents that are created in anticipation of litigation, whether the protection will attach is often determined by an analysis of the circumstances that led to the initiation of the investigation.

For instance, one recent decision held that an investigation of accounting fraud undertaken to satisfy the demands of the company’s outside auditors, who refused to complete their audit prior to the completion of the investigation, was performed for a business purpose, rather than because of likely litigation resulting from the fraud. Therefore, the court refused to allow the company to withhold the documents on the basis of the work-product doctrine. (In re Royal Ahold N.V. Secs. & ERISA Litigation, U.S. District Court for the District of Maryland, 2005).

Another court held that a company’s investigation of one of its employees for expense report fraud, though undertaken with the expectation of litigation with the employee, was primarily for the purpose of determining whether or not to terminate the employee, which the court characterized as a business decision. (Electronic Data Systems Corp. v. Steingraber, U.S. District Court for the Eastern District of Texas, 2003). The court held that the attorney work-product protection did not apply and allowed the employee access to the investigative report during litigation.

These cases demonstrate that a company cannot automatically assume that the results of an investigation performed by counsel will be protected from discovery in all circumstances. A company can, however, take certain steps at the outset of an internal investigation conducted by an outside law firm to maximize its ability to protect the findings.

At a minimum, the engagement letter between the client and counsel conducting the investigation should make clear that a purpose of the investigation is to give legal advice and not just to gather facts. In addition, steps should be taken to limit the number of people with access to the process and information as the investigation is ongoing. Moreover, all documents prepared should contain a “privileged and confidential” legend.

In an effort to make it easier for companies to be cooperative with government investigators without losing attorney-client privilege protections, the DOJ released new guidelines relating to the prosecution of corporation fraud in late August. The guidelines note that as long as companies provide relevant information, they may get credit for cooperation, even if they do not waive the attorney-client privilege or work-product protection.

Potential Pitfalls

A company can face numerous challenges in conducting an internal investigation of major crimes. Among the most critical issues are preserving documents, conducting interviews, upholding the rights of employees, and determining whether to issue a report.

Preserving documents. The credibility and effectiveness of the internal investigation depends on the investigators having unfettered access to all potentially relevant documents. A request to preserve documents should be distributed to all employees who may have relevant information when the investigation begins. The notice should provide sufficient detail as to the scope of the internal investigation, but it should not telegraph its direction or otherwise jeopardize its integrity.

The company should also issue a notice to all relevant staff members to immediately suspend destruction of potentially relevant documents, including those stored remotely. If there is a concern about intentional destruction of documents, the office and files of affected employees should be secured until investigators can identify any potentially relevant evidence.

E-mails are a critical source of information given that they reflect the contemporaneous and sometimes unfiltered state of mind of the sender. Thus, they are as important to obtain and analyze as other documentation.

E-mails can be retrieved from the network. In some situations, the hard drives and PDAs of relevant personnel should be taken for analysis as well. If it appears that relevant e-mails have been deleted, great efforts should be made to restore them. E-mails should typically be reviewed and analyzed for each witness who is interviewed.

Given the increasing importance of e-mail, it is no surprise that courts and regulators have begun to look harshly at any company that fails to maintain or produce e-mails relevant to potential wrongdoing. As an example, Banc of America Securities was fined $10 million for a series of delayed and incomplete e-mail productions during an SEC investigation. The size of the fine shows the emphasis that the regulators place on e-mail evidence.



The Magazine — Past Issues


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.