Red flags in internal investigations in India
December 2022 | SPECIAL REPORT: WHITE-COLLAR CRIME
Financier Worldwide Magazine
December 2022 Issue
More often than not, internal workplace investigations into financial misappropriation and fraud are precipitated by system or process gaps or by integrity issues. What this means is that defaults are likely to be caused by either progress gaps that result in or allow errors (and consequently value leakages), or misuse of these system gaps through acts of misfeasance. While this scenario remains true globally, each jurisdiction will have its set of unique vulnerabilities, such as cultural, organisational and procedural characteristics – something which every investigation team must account for.
In India, we have seen management structures and a lack of control systems significantly influence exploitation of vulnerabilities. For example, several family-owned and relatively traditional companies in India have a rigid organisational hierarchy and top-down management structure. In such cases, the reporting mechanism is so rigid, and the sense of loyalty (whether misplaced or otherwise) is so strong, that employees are hesitant (or fearful) to deviate from orders coming down the chain (often following such orders religiously and without any independent analysis or judgement) or to report grievances or gaps that they have come across in their general course of work to anyone in the organisation. They may at times report this to their superior, but that individual may have a vested interest in keeping the whistleblower’s complaint from going up the chain.
Moreover, junior employees may not question instructions coming from their superior, even if they are patently unreasonable or out of the ordinary, and therefore may at times (and often, unwittingly) go along with or cover up misconduct. When a problem has been discovered and an investigation is underway, such organisational hierarchy and structures may also compromise confidentiality and the success of the investigation. For example, the natural reaction of a junior employee may be to share knowledge of the investigation, or the fact that he was interviewed, to his reporting supervisor, even though the reporting supervisor may be the subject of the investigation.
Loyalty aside, a number of employees also fear retaliation, which encourages a culture of silence during investigations. This is especially true when hiring and firing decisions rest with one person in the company or a particular team. We have seen several whistleblowers specifically request that investigations are conducted by external counsel or the company’s overseas headquarters. We have also seen whistleblowers reluctant to disclose their identity, or even provide information beyond their initial report. This is partly due to the absence of any legal whistleblower protections in India, and partly due to the fear (perceived or actual) that the whistleblowing and investigation processes will not be kept confidential if handled by business leaders or local department heads. On the other hand, having investigations conducted by the in-house legal department, external counsel or overseas headquarters generally lends more credibility.
Some companies also lack integration, which is often a contributing factor to unchecked process gaps. When teams and operating systems do not integrate with each other and operate semi-independently, it makes it difficult to reconcile highly complex and technical processes, such as those involving inventory management, vendor management, financial reporting, retail sales tracking, and so on, thereby allowing rogue employees to evade controls.
Other catalysts giving rise to financial misappropriation are poor documentation and failure to update data systems on a real-time basis. It is surprising to observe this vulnerability recurring across the board – from the smallest to the largest companies. In many cases, only the final ‘cleaned up’ figures and supporting documents are uploaded into the enterprise resource planning (ERP) system, providing scope for manipulation of costs, sales and other critical figures. If there is no regular external or impartial oversight of these accounting figures, delinquent employees can work ‘backwards’ to justify the final numbers and bury any red flags.
The investigation team also needs to be mindful that personal relationships can be exploited. Employees with decision-making authority may not declare conflicts of interest when appointing vendors and service providers to then exploit process gaps. Combined with filial loyalty or a hierarchical approach, this cabal becomes difficult to detect and deter unless the company has strong whistleblower and investigation processes.
Corporate criminal liability
That said, the need for robust whistleblower and investigation processes and teams is becoming more acute than ever, given the increasing environmental, social and governance (ESG) requirements and regulatory scrutiny. As much as the board may want to plug process gaps as a result of investigations, it should be equally concerned about how it handled the investigation, what disclosures were required, whether due process was followed and how fast it ringfenced the damage. To a substantial extent, a corporation’s (and the board’s) criminal and civil liability will depend on how the investigation was conducted and how the recommendations of the investigating teams were actioned.
Such issues highlight many of the unique investigation challenges that companies face in India. However, as with internal investigations in other parts of the world, there is no ‘one size fits all’ formula for conducting a successful internal investigation in India. The success of the investigation will to a large extent depend on the investigation team’s understanding and appreciation of these ‘India-specific’, or other region-specific, process gaps, and the ways in which they can potentially be manipulated.
Prashant Mara is a managing partner and Devina Deshpande is a principal associate at BTG Legal. Mr Mara can be contacted by email: prashant@btglegal.com. Ms Deshpande can be contacted by email: devina@btglegal.com.
© Financier Worldwide
BY
Prashant Mara and Devina Deshpande
BTG Legal
Q&A: Asset seizures and recovery
Some more carrots, and definitely more sticks: DOJ corporate criminal enforcement
The SEC’s enforcement regime may soon undergo a constitutional revamp
The SDNY’s early ventures into crypto-insider trading cases
The European Public Prosecutor’s Office: a new player in the fight against white-collar crime
Red flags in internal investigations in India