Internal investigations: Navigating the Minefield of Conflicting Interests

M  Roche headshotBy Maximilien Roche, CFE
From Compliance & Ethics Professional, a publication for SCCE members

Paradoxically, many in-house compliance professionals increase their own work load by working hard and being good at their job. Indeed, establishing an efficient whistleblowing scheme and/or having fostered a speak-up culture across a company usually translates into an increased number of reported allegations and suspicions.

Having more work is generally good, because it raises the profile of compliance professionals internally. But without a robust process to assess and investigate allegations of non-compliance, the resulting backlog can easily become an embarrassment or a legal minefield.

[bctt tweet=”Internal investigations: Navigating the Minefield of Conflicting Interests @SCCE” via=”no”]

Balancing the interests of stakeholders
Internal investigations require a strong balance among the interests of multiple stakeholders. Protecting the whistleblower is obviously crucial, but it is also critical to safeguard the interests of employee(s) under investigation. Below are my three key tips to avoid major missteps while keeping the investigation process in-house as much as possible.

Tip #1 – Know in advance when to ask for help
Lawyers can and should help navigate through the minefield of conflicting interests, especially when the stakes are high. However, when the company receives hundreds of allegations a year from tens of different jurisdictions, systematic resort to external counsel to sort through these allegations is generally impractical and, in any case, expensive. On the other hand, on occasions when the company faces allegations or suspicions which may be of interest to regulators or could be litigable, attorneys should step in and take the lead to mitigate the company’s exposure and, ultimately, losses.

As a result, to properly manage a constant flow of allegations, investigators should be able to handle as much work as possible internally, but know exactly when to involve in-house or external counsel.

Tip #2 – Investigate selectively (but not subjectively)
Efficiently managing allegations does not mean investigating everything that comes in. On the contrary, teams should process allegations to identify factual, relevant, and investigable statements. Not all allegations contain such statements. Some of them require some clarification from the whistleblower, which cannot always be provided when the allegation is anonymous. Sometimes the whistleblower wants to report something that the company considers irrelevant, but some of the contextual elements alluded to by the whistleblower require some fact checking and should not be overlooked.

The organization in charge of centralizing allegations and suspicions should have a robust, transparent, and auditable assessment process in place to ensure that the interests of all the parties involved are taken into consideration when deciding to investigate or not to investigate.

If the organization decides to investigate, potential conflicts between global compliance frameworks and local data privacy or employment law need to be managed to make sure the investigation findings can be used in legal proceedings. Again, knowing when to ask for a legal opinion and what questions to ask are critical to ensure a fluid and cost-effective investigative process.

Tip #3 – Always adapt, never improvise
Investigations are usually quite diverse (that’s part of what makes this job enjoyable). As a result, investigators generally make decisions on a case-by-case basis, but that is not the same as improvising. The investigation manual or the relevant policies and procedures simply cannot contain the solution to every problem the investigator may encounter. Still, they should contain guidelines that allow investigators to take decisions with clear reference to their duties as well as the rights of, and obligations to, the employees under investigation. That procedural framework should be defined in advance and continuously refined, based on experience, to protect the investigators and the company when, with the benefit of hindsight, the inevitable questions are asked about specific investigative steps, taken or not.

Submitting such an investigation procedural framework to a formal legal review can be much more cost-effective than raising legal questions on every specific case.

Legal counsel and investigators (who can also be lawyers) need not necessarily to work hand-in-hand, day to day. But they must be aware of each other’s objectives and concerns to optimize the protection of the company’s interests, even when facing a high volume of reports through the hotline.

Maximilien Roche ( is Anti-Fraud Manager at STMicroelectronics in Switzerland.

Please note that all opinions expressed in this article are my own and may not reflect the position of, or suggest an endorsement by my employer. None of this content should be considered legal advice.


  1. Good advice. Not every report needs to be investigated unless there is a reasonable basis to believe misconduct (or similar non-compliance) has occurred. A better view of our SOX and related obligations is that each report must be received, reviewed and responded to in a commercially reasonable way.


Please enter your comment!
Please enter your name here