Articles

Investigation triggers vary from whistleblower complaints, internal audits, hotline tips, anomalous financial patterns, vendor complaints, regulator inquiries, or the all too common scenario of lost and misappropriated funds. Nonetheless, whether we are dealing with an employee who is embezzling from the company’s funds, the creation of fictious vendors or accounts, or manipulating financial statements, one thing is certain - eventually these misdeeds will be uncovered - and will need to be resolved effectively and quickly while not only considering why these actions have occurred but also how to keep them from occurring in the future.

When engaged to lead an internal investigation, outside or in-house counsel typically structures the matter to preserve privilege, defines the scope with the client, and issues tailored preservation notices while conducting interviews and reviewing and reconciling relevant information and documentation.

Witness interviews are central to resolving employee misconduct. It is imperative for interviews to be conducted sequentially, beginning with fact witnesses and concluding with subjects and those closest to any misdeeds. One should consider whether to interview individuals outside of the organization or whether all interviews should be maintained within the organization’s employees and workers.

The interview process should be completed quickly yet effectively to ensure morale of the entity is not harmed during the process. Moreover, providing appropriate Upjohn-style warnings where counsel conducts interviews on behalf of the organization, clarifying that counsel represents the company, not the individual, and that the company controls privilege, is important to maintain an informed and privileged relationship.

Interview questions should be focused and pointed at the issue at hand. They also should be tailored to the individual being interviewed. The director or officer of a nonprofit entity should be interviewed differently from an employee. Additionally, one should consider who is present in the interview to ensure privilege is maintained.

Just as important, the interviews should be documented contemporaneously. Specifically, noting the answers to relevant questions, the demeanor and credibility of the individual, and also how that individual’s role is related to the operational control gaps that were manipulated or ignored.

Document review should be targeted yet comprehensive and realistic. Core financial source documents of financial fraud and embezzlement include, but are not limited to, all bank statements, including check images, cash payments, ACH and wire logs, payments effectuated through third parties such as Venmo and Cash App, corporate credit card statements, and general ledgers with a specific focus on journal entries and especially adjusting entries and the timing associated therewith.[1] The investigation should also consider who had access to these records from both a viewing and editing standpoint.

Internal investigations in nonprofit entities carry unique obligations. In addition to standard employment and financial controls, nonprofits must safeguard restricted funds, donor intent, and grant compliance, while honoring board fiduciary duties of care and loyalty. Investigations should assess whether expenditures aligned with restrictions, whether Form 990 disclosures and audited financials remain accurate, and whether conflicts of interest or related-party documentation were properly vetted under the organization’s policies.

Privilege is a pivotal consideration from the inception of a misdeed and the related internal investigation. When feasible, structure the investigation under the direction of counsel to support the attorney-client privilege and, where applicable, work-product protection.

Engagement letters and Kovel agreements with forensic accountants and other experts should be narrowly tailored to ensure experts involved in the matter also maintain privilege and can effectively communicate with counsel without fear of the communications becoming public or available to government agencies.

Communications and drafts should be labeled appropriately and distributed on a need-to-know basis. Interview memoranda prepared by counsel for the purpose of rendering legal advice may be privileged; however, privilege is not absolute and can be waived intentionally or inadvertently, including through broad dissemination or disclosure to third parties.

When the board of directors or owners of the organization were unaware that financial or behavioral malfeasance was unfolding, communication should be candid, empathetic, and solutions-oriented. To that end, any report submitted to management or stakeholders should provide a clear outline of what has occurred, any potentially responsible individuals, and, most importantly, how internal controls failed and how to best move forward with special attention and focus on preventing this situation from occurring again.

After the report is provided to the applicable decision makers, the entity should consider when, how, and where to discuss the report’s findings. Not only will this help fill in the gaps of the internal investigation, but it can also clarify the failure of internal controls and how best to effectively resolve these failures. Once again, the distribution of the report and the related meeting should consider privilege concerns and limit exposure when possible.

Internal investigations are not just damage control—they are a proving ground for leadership. When potential red flags surface, organizations that move with speed, structure, and integrity don’t simply plug holes; they rebuild trust and confidence.

Here at Whiteford, we are well versed and experienced in internal investigations and would be happy to help guide you through the process and alleviate the stress of doing so.
 

---