In 2017, the Department of Justice and US Securities and Exchange Commission brought 27 corporate enforcement actions.
Government investigations pertaining to fraud, bribery, money laundering, price-fixing, and corruption result in deferred or non-prosecution agreements or civil settlements with enforcement and regulatory agencies. In the aftermath of these investigations, the DOJ, SEC, and federal and state prosecutors and regulators often rely upon independent compliance monitors to ensure compliance with the conditions of regulatory settlements and resolutions. These corporate monitorships have become a highly specialized practice area that requires diligent testing and close scrutiny of the monitored company’s compliance with its agreement with the authorities. While the concept of monitorships is nothing new, many in the e-discovery and litigation community do not have a great deal of visibility into what the process entails.
A Relativity Authorized Partner, Control Risks is currently supporting independent monitors on four separate multi-year monitorships—three in relation to large multinational banks and one involving an international petrochemical company. We had the opportunity to talk with Brad Kolacinski and Fidel Amaro, directors at Control Risks, about what these monitorships entail and how their team is involved.
What is a Monitorship?
As part of a regulatory or law enforcement settlement, the DOJ, SEC, or other federal and state regulators and enforcement agencies often appoint an independent monitor to ensure the corporate entity is complying with the terms of the settlement or resolution agreement. The agreement might relate to a commitment by the monitored company to provide relief to consumers who were impacted by the wrongdoing that led to the settlement, or to implement and improve processes and internal controls that would prevent wrongdoing in the future. The independent, third-party monitor evaluates and assesses the company’s compliance with its obligations under the relevant agreement and then reports those findings back to the regulator or regulators.
A typical monitor is an attorney at a leading law firm with deep skills and experience related to both the misconduct in question and the particular industry involved. The lawyers, however, often look to consulting firms to provide additional resources with compliance testing expertise, data analytics, and technology to help make the monitoring process more effective.
At Control Risks, a team of compliance professionals, forensic accountants, former prosecutors, data analysts, and e-discovery professionals is involved in these lengthy monitorships, which can last anywhere from two to five years.
“When we started working with outside counsel, we were providing compliance expertise as well as technology solutions,” Brad explained. “While the details and parameters of each monitorship can vary, our end goal remains the same: to centralize monitorship-related information and help streamline the inefficiencies between the monitor, the monitored company’s in-house and outside counsel, and, ultimately, the government.”
Not Your Typical e-Discovery Project
At the inception of the monitorship, the independent monitor and company counsel created an initial data warehouse to store and swap voluminous information—like email, electronic files, financial information, and chat or IM archives—from various departments within the organization being monitored. This “deal room” served as an online document repository that the independent monitor and Control Risks team used to understand underlying policies and procedures, prepare for and follow up with company interviews, and test transactions for compliance issues.
In support of one monitorship, the team at Control Risks started to organize and review documents, test transactions for compliance issues, and report findings to the monitor. This process, however, soon became cumbersome. Given the high volume of stakeholders, transactions, and detailed reporting requirements, their workflow quickly became untenable.
“Not only was this initial deal room costly and disruptive, but there was no functionality that enabled our forensic accountants to record the results of their detailed transaction testing, or to link those results to each transaction. Furthermore, our reporting to the monitor would have been a manual process,” Brad said.
Facing data organization, review, documentation, and reporting challenges, they needed to leverage a new solution for the independent monitor.
Turning to Relativity, Control Risks created a custom solution to serve as its centralized repository to access monitorship information.
“With Relativity, we were able to create a custom solution that would deliver a secure, online, and auditable repository to (1) review and organize data, (2) document detailed transaction testing, and (3) streamline reporting,” Brad explained. “Taking advantage of basic Relativity functionality and leveraging RDOs to centralize the analysis, our team was able to upload all supporting documentation and users were able to start uploading documents directly into Relativity and jump right in.”
“The various teams involved all wanted a solution that was collaborative, flexible, and yet sufficiently structured to drive all of the necessary progress tracking and substantive reporting. Each monitorship team’s needs were generally similar, but quite different when you got into the details. One of the most powerful features of Relativity is its extensibility,” Fidel added.
By creating custom forms with rich dynamic objects (RDOs), their team was able to log the results of detailed transaction testing and tie these findings to the individual transactions as records in Relativity. Control Risks was able to then query the database and fields within the custom forms to report on the results of detailed transaction testing at a very granular level. Custom dashboards enabled the Control Risks team to summarize progress status for sharing with the independent monitor as well.
The Future of Monitorships
Individual companies may have different compliance needs depending on their size and the risks associated with their businesses, among other factors. When it comes to compliance, there is no one-size-fits-all program. With a data-driven, forensic mindset, however, proper compliance lifecycles can be both cost effective and non-disruptive.
“Unlike traditional e-discovery, compliance-related projects are often proactive,” Brad said. “An effective compliance program is a huge component to long-term strategy for corporations. We’re committed to providing not only the tools to be effective, but also the expertise to monitor these programs throughout their lifespan. Consulting firms supporting independent monitors will have to leverage AI and analytics to identify red flag compliance issues, remediate weaknesses in internal controls, and develop custom solutions to integrate structured and unstructured data sources for analysis.”