International - Written by on Thursday, July 21, 2016 8:58 - 0 Comments

Lessons from recent SFO cases. How to conduct an internal investigation

Print Friendly


  • Move quickly by instructing an external law firm to investigate the matter within a month of the allegation coming to light.
  • Ensure that the investigation is thorough and extensive, and:
  1. Widen the scope of investigation if the interim findings suggest that misconduct was farther reaching than had been originally expected.
  2. After the matter has been reported, discuss the investigation parameters and steps with the SFO and have them sanctioned.
  • Gather digital material in a forensically sound manner, and apply appropriate search terms to digital material before reviewing.
  • Be prepared to share a summary of the witness interviews, along with the documents shown in interview.
  • Ensure that the findings report is comprehensive, accurate and detailed. Remember that the SFO will test the content.
  • Take appropriate remedial actions, including:
    • dismissing employees who were involved;
    • terminating tainted contracts/ withdrawing tainted bid proposals; and
    • making improvements to your compliance programme.

Most companies understand the importance of conducting an independent internal investigation when allegations of potentially serious criminal conduct arise, but it is always difficult to judge the appropriate parameters of an investigation, particularly when trying to balance the management of the risks against the costs of an investigation.

Fortunately, the two recent DPAs settled against Standard Bank and XTZ Ltd offer us helpful guidance for the features of SFO approved investigations.

Scope and timeframe

In both DPA cases, the companies instructed external law firms to conduct the investigations in or around a month after the issues came to light.

The Standard Bank case was narrower than XYZ, as it concerned an isolated allegation of bribery relating to one deal. The date range for the investigation was just over a year.

Standard Bank’s lawyers were able to conclude their investigation which Lord Justice Leveson described as “detailed” and submit the findings report within approximately 16 months of the matter fist coming to light.

In contrast the XYZ internal investigation was much wider as it concerned systematic bribery by a group of key employees and agents across a number of jurisdictions, and over a long period of time.

XYZ’s lawyers took just over 2 years to conclude their investigation, and widening the date range of the investigation as it progressed. Ultimately the investigation which was described by Lord Justice Leveson as “extensive” covered a date range of 2004 – 2012, and 74 different contracts.

In the past the SFO have levelled stinging criticism against internal investigations, however in both DPA cases the internal investigations continued after the matter had been reported to the SFO.  General Counsel for the SFO, Alun Milford[1] explained that Standard Bank’s lawyers discussed the internal investigation with the SFO and the investigation was sanctioned by the SFO.

Digital Material review

Unsurprisingly both investigations involved digital material. The SFO have been clear on a number of occasions that digital material should be imaged in a forensically sound manner (generally by external forensic IT specialists). Furthermore Alun Milford has also stated that data gathering exercises should also be “prompt, covert, co-ordinated and simultaneous”, the process methodology must be recorded, and the process should be supported by witness statements from each of the people involved. Since the SFO approved both Standard Bank and XYZ’s investigations, we can assume that these conditions were met in each case.

The precise volumes of digital material reviewed in the Standard Bank matter were not made public, but the material consisted of e-mail servers held in Africa; inboxes and/or hard drives of team members working on the transaction and the contents of the relevant shared drive used as a central IT repository for documents by deal team members.

The XYZ investigation involved 90GBs of material from the server, and the laptops and/or external memory drives of relevant individuals.

Search terms were applied in both cases to narrow the volume of data for review. In the XYZ investigation ultimately 27,000 digital items were reviewed.

Hard Copy material

In the XYZ case, personal notebooks, agency files, contract files, invoices and shipping files were among the hard copy items reviewed.

CCTV images and telephone recording were also reviewed in the Standard Bank invetsigation.


In both cases the internal investigation involved witness interviews.

In the XYZ investigation only 4 witnesses were interviewed, but they were interviewed on average 3 times each. This is surprising as the SFO are frequently incensed by repeated interviews of a witness as they often diminish the quality and weight of the eventual SFO interview.   Since the SFO approved the XYZ investigation, we can assume that permission was given for the follow up interviews.

The Report

The SFO have made clear that ““whitewash” reports are unacceptable, and according to Ben Morgan, Joint Head of the Bribery and Corruption Division, they are not fooled by reports “intended to put the matter to bed before we had even looked at it”[2]

XYZ’s first investigation report (submitted 5 months into the investigation) consisted of 39 page and was described by Lord Justice Leveson as “comprehensive”.

XYZ’s lawyers provided two further update reports throughout the investigation. By the end of their investigation XYZ had identified to the SFO 28 implicated contracts. The SFO’s investigation tested the information provided in the internal investigation reports, and XYZ were afforded credit for the fact that the SFO’s findings were as reported by XYZ.

Similarly, Lord Justice Leveson stated that the SFO’s case against Standard Bank was “substantially reliant” upon the evidence voluntarily disclosed by Standard Bank. Alun Milford praised Standard Bank’s report as “thorough and it served as a helpful spring-board for our own independent investigation”


The misconduct in XYZ was uncovered during the implementation of an anti-bribery and corruption programme, and the misconduct in Standard Bank only came to light as a result of internal reporting.

Both companies were afforded full credit for the fact that but for the self-reports, the matters might not have come to the attention of the authorities

Each company cooperated with the SFO by identifying relevant witnesses; facilitating the interviews of current employees; and providing timely and complete responses to requests for information and material.

XYZ also voluntarily provided a cache of probative emails upon the SFO’s request, but Standard Bank’s cooperation went much further by providing the SFO with access to its document review platform.

Whether privilege attaches to the product of witness interviews conducted is a major bone of contention between companies and the SFO. The SFO have repeatedly stated that they are not interested in seeing legal advice, but they do expect to be provided with the factual narrative of the first account of a potential witness in their criminal proceedings.

The SFO’s position on this issue stems from the fact that they cannot discharge their prosecutorial disclosure obligations without this information. Consequently the best way to infuriate the SFO and to be deemed “uncooperative” is to refuse to provide the factual narrative of witness interviews.

XYZ’s lawyers were able to reach an acceptable compromise by providing oral summaries of the interviews. Standard Bank also provided summaries of the interviews, but it is not clear if these were written or oral summaries.  Standard Bank also disclosed copies of the documents shown in interviews.

Remedial actions

As a result of the findings from the internal investigation, XYZ dismissed two senior employees involved in the misconduct, terminated relationships with seven agents involved, and withdrew bids for two contracts which were affected by the misconduct.

Standard Bank also dismissed one of the senior executives involved in the misconduct and the other resigned.

Both companies took steps to improve and maintain their existing compliance programmes.

[1] Speech delivered in March 2016, published on SFO website.

[2] Speech delivered on 1 December 2015, published on SFO website.

Share Button

Comments are closed.

Brought to you by...

Barry Vitou &
Richard Kovalevsky Q.C.

The views expressed on this website are those of Barry Vitou & Richard Kovalevsky QC and/or our guest authors from time to time. Please see our terms of use