Raid Ready: A Case Study

By Daniel Rupprecht, Director – eDiscovery consulting, Competition & Investigations

A knock on the door

With substantial fines, potentially into the millions, regulatory investigations are a major legal risk to corporations. Many such investigations start with a bang – at least a bang on the door in the form of a dawn raid. A dawn raid is an unannounced inspection of a company’s premises conducted by a regulatory authority, often signalling the beginning of an investigation. Whether related to a competition law infringement, a financial regulatory infraction, or any matter requiring the interrogation of digital data or hard copy information, authorities such as the Competition and Markets Authority (CMA), the European Commission, the Serious Fraud Office (SFO) and the Financial Conduct Authority (FCA), have broad-ranging powers to collect and review relevant data held by corporations and individuals.

Preparation is key

It is difficult to predict when a regulatory authority might come knocking on the door, particularly if they have been alerted to potential wrong doing through a whistle-blower. Organising teams, both internal and external, is an important initial step, but understanding who, what and how to access information will be key and partnering with multidisciplinary teams, again both internally and externally, to handle all the moving parts will need to be considered ahead of time.

In preparing for a dawn raid, most organisations will need to look to their in-house legal team and external counsel to properly advise them on the various obligations and pitfalls associated with aiding investigators.

Beyond this legal advice, it is also important to be prepared from a technical perspective: understanding the approach required when dealing with the collection of electronically stored information, including:

  • Information governance and the importance of knowing your network.
  • What the authorities are looking for and where they are likely to look.
  • Collection and processing of data along with a detailed understanding of the tools that they use, such as Nuix.

Various internal departmental heads will need to be involved in the preparation, but it is usually IT who are the unsung heroes of the day. Ensuring that these gatekeepers of digital data are up to speed with regards to expectations is key in making sure that the day runs smoothly. Understanding how data is stored and accessed also helps to build a better relationship with the regulatory authority if push back on other issues outside of their control is necessary later in the process.

One of the most important things to be prepared for however is what to do in the crucial hours, days and weeks that follow a dawn raid: utilising the right tools to help identify exactly what the investigators are looking for. The law firm or corporation using the most advanced technologies and techniques in the first instance places themselves at a clear advantage over those who are not, which in a competition related matter, where there is often a race to leniency, is particularly important.

A case study

A corporate client was the subject of a dawn raid by a local competition authority. Understanding the importance of acting swiftly and in conjunction with the corporation’s external counsel, a multidisciplinary team was assembled that included Consilio, introduced to the relationship long before the raid occurred. This led to the implementation of a pre-designed plan to get data processed and into the hands of the law firm as quickly as possible, with workflows in place to identify potentially relevant information and any necessary custom amendments or additions specific to the case in hand.

The very first step was to deploy our forensics team on site to the client’s office.  This was not to “shadow” regulatory representatives, although this can sometimes happen, but to identify what was taken by the authority and how it was collected. The team was, therefore, able to recreate the collection on-site and as such, able to provide data for processing on a rolling basis, even prior to the raid being completed. In addition, knowing the tools that were used (and their function and limitations) the forensic collection experts provided a better understanding of not only what data may have been collected, but also what, potentially, was not.  In competition cases this can be critical.

In this particular case, the authority involved utilised a standard piece of forensic software to extract data from mobile devices, however due to limitations associated with the specific tool, likely missed some instant messaging communications. The tools used by our forensics team however were able to collect additional information that allowed the client to review data the investigators did not preserve.  The team were also able to identify additional sources of electronically stored information and work with the client to preserve data from areas the authority did not collect from, such as the home and personal drives of the custodians. This, coupled with an exact copy of all data collected, enabled the client to review not just the data that the investigators would be interrogating, but also further data not identified in the investigator’s export.

As data was provided on a rolling basis, it was immediately expedited for processing, ensuring no time was lost in providing it to the law firm for review. From the outset, our project management team worked closely with the law firm to create workflows that quickly identified potentially relevant documentation.

The project management team were also able to deploy our proprietary Advanced Message Review software, which allowed the reviewers to view mobile phone messages between two people in a single thread rather than as individual messages.  With massive volumes of data, being able to cull a large percentage of duplicative data found in texts was essential in getting to the right information more quickly.

Project managers also worked through the client’s search requests systematically, adding value by interrogating the data for common alternate spellings and typos, email address variations, and incorporating these into the search strings ensuring time sensitivities were not frustrated by approaches that did not lend themselves to efficient review.

Deploying advanced conceptual analytics based on identified hot documents and text from briefing notes to identify potentially responsive documentation, provided additional avenues of interrogation not typically found in a linear search term based review.  Used in conjunction with conceptual expansion on some of the keywords to identify further areas of interest and unknown correlations, our team was able to work directly with law firm to create workflows designed to isolate important data and gain clarity on what the authorities were looking for. A variety of other strategic efficiencies were implemented and realised throughout the review while maintaining complete transparency with the firm to help guide the investigation.

Conclusion

A dawn raid, and its aftermath, is a stressful scenario, which places corporations and their lawyers on notice that an extremely intrusive investigation is about to begin.  Many cogs in a giant machine are simultaneously set in motion. The key to managing any response lies in an effective coordination of all involved parties.  Taking time to be prepared in advanced of a potential raid, can give a critical advantage to the prepared party.

In this case, partnering with our multidisciplinary team with experience in managing eDiscovery technologies and techniques specifically related to competition matters, enabled the corporate client and their external counsel to focus on mitigating any potential issues rather than worry about whether or not their service provider appreciates the driving forces that make investigations of this sort very different to the approach required in a litigation.