Creating a straightforward and easily accessible misconduct reporting system is essential for maintaining compliance, but you also need to ensure you investigate the reports in a robust and thorough manner. From the planning stage and reviewing the report to leading he inquiry and following up, an effective compliance investigation process helps you stop misconduct from taking a grip on your organisation, promote a compliance culture and dissuade others from wrongdoing.
When asked about the compliance landscape for 2023, Penelope Lepeudry of consulting firm Alvarez & Marsal’s Swiss branch commented that high inflation and interest rates had laid the foundations for financial misconduct. She said, “companies will find it harder to meet profitability targets, with some tempted to cross the ethical line. High pressure combined with low ethics and weak internal controls are key ingredients for fraud, with questionable transactions made ‘for the good of the company.’”
1. Pre-investigation preparation
1.1 Establish the investigation team
You need to establish who will investigate compliance issues within your organisation. It can be a delicate balance to get right, but you want to appoint a team with a good range of expertise and experience. It could include leadership, employees, union officials, external bodies or other stakeholders
As well as understanding the topics at the heart of the investigation, your members should be analytical, trustworthy, objective and persistent. As they are members of a team, they should be adept at collaboration.
Many companies will utilise the same team for every investigation. However, there may be times when a stakeholder’s position on the panel could cause a onflict of interest, necessitating finding another member to take their place.
1.2 Appoint a leading investigator
One member of your team should lead the investigation. They will oversee the inquiry, keeping it focused and to schedule. The leading investigator designates the roles within the team and then collects the findings together to create a report.
Their next task is to summarise the findings and communicate them to management as well as informing them of any next steps. It is a role that requires responsibility and an analytical mind.
1.3 Train investigation personnel
The investigation team needs to understand not only the compliance landscape and specifics of the regulations that apply in your country and industry, but they also should be fully informed on the internal code of ethics and conduct for the organisation.
This means undertaking training sessions so that the team can factor these elements into their investigation and gain an accurate picture of whether the offence contravened the law or internal policies.
1.4 Document the investigative process
Be sure to record how you resolved the case. Include any sanctions administered and any appeals that either party made. This will serve as a ecord to inform any other similar cases that arise, as well as to help future employees understand the reasoning behind policy changes made in the wake of a compliance breach.
2. Tips for conducting successful compliance investigations
Tip | Explanation |
Remain fair and impartial | Everyone is entitled to a fair hearing, and that means being open-minded when dealing with compliance reports. |
Preserve confidentiality | Whistleblowers must be allowed to maintain confidentiality as they may fear retaliation. The accused should not have their identity revealed, as public knowledge of their investigation could ruin their reputation, and they might not be guilty |
Adhere to ‘need to know’ standard | Keeping the information within a tight group of investigators helps to maintain the integrity of the investigation and prevent rumours from circulating and interference from occurring. |
Preserve original documents | You need to be able to back up your decision-making with a solid audit trail that shows the evidence you used to reach your verdict. |
Maintain chain of custody | Document the route that the evidence takes through the investigation, including who has access to it and how it is used. This helps in the event of future litigation. |
3. Conclusion
An effective compliance investigation process starts at the point where there is a report or suspicion of non-compliance inside the company. It involves putting together the right team, approaching the situation objectively, being thorough with evidence and documenting the process meticulously. Then you can report your findings and work on the next steps for the organisation.
IntegrityLog makes it simple for people to report wrongdoing, letting them issue their report remotely. It maintains confidentiality, with a secure system that is only accessible by authorised personnel and keeps you on track with deadlines, too. Request a demo today to find out how IntegrityLog can streamline your investigation procedure.
4. References and Further
- Whistleblower rights and protections in the EU
- The key compliance KPIs to track
- How to build a futureproof compliance programme
- Examples of a powerful code of conduct
- Conduct risk examples