Tag Archives: due diligence

E-discovery Challenges for Fraud Examiners

black-signI returned from the beach last Friday to find a question in my in-box from one of our Chapter members relating to several E-discovery issues (electronically stored information) she’s currently encountering on one of her cases.  The rules involving E-discovery are laid out in the US Federal Rules of Civil Procedure and affect not only parties to federal lawsuits but also any related business (like the client of our member).  Many fraud professionals who don’t routinely work with matters involving the discovery of electronically stored information are surprised to learn just how complex the process can be; unfortunately, like our member’s client company, they sometimes have to learn the hard way, during the heat of litigation.

All parties to a Federal lawsuit have a legal responsibility, under the Rules of Civil Procedure and numerous State mirror statutes, to preserve relevant electronic information.  What is often not understood by folks like our member’s client is that, when a party finds itself under the duty to preserve information because of pending or reasonably anticipated litigation, adjustment in the normal pattern of its information systems processing is very often required and can be hard to implement.  For example, under the impact of litigation, our member’s client needs to stop deleting certain e-mails and refrain from recycling system backup media as it’s routinely done for years.  The series of steps her client needs to take to stop the alteration or destruction of information relevant to the case is known as a ‘litigation hold’.

What our clients need to clearly understand regarding E-discovery is that the process is a serious matter and that, accordingly, courts can impose significant sanctions if a party to litigation does not take proper steps to preserve electronic information.  The good news is, however, that if a party is found to have performed due diligence and implemented reasonable procedures to preserve relevant electronic data, the Rules provide that sanctions will not be imposed due to the loss of information during the ‘normal routine’ and ‘good faith’ operations of automated systems; this protection provided by due diligence is called the ‘safe harbor’.

To ensure that our clients enjoy the protections afforded them through confirmation of due diligence, my recommendation is that both parties to the litigation meet to attempt to identify issues, avoid misunderstandings, expedite proper resolution of problems and reduce the overall litigation costs (which can quickly get out of hand) associated with E-discovery.  The plaintiff’s and defendant’s lawyers need some sort of venue where they can become thoroughly familiar with the information systems and electronic information of their own client and those of the opposing party.  Fraud examiners can be of invaluable assistance to both parties in achieving this objective since they typically know most about the details of the investigation which is often the occasion of the litigation.  Both sides need to obtain information about the electronic records in play prior to the initial discovery planning conference, perhaps at a special session, to determine:

–the information systems infrastructure of both parties to the litigation;
–location and sources of relevant digitized information;
–scope of the electronic information requirements of both litigants;
–time period during which the required information must be available;
–the accessibility of the information;
–information retrieval formats;
–costs and effort to retrieve the required information;
–preservation and chain of custody of discover-able information;
–assertions of privilege and protection of materials related to the litigation.

Technical difficulties and verbal misunderstandings can arise at any point in the E-discovery process.  It often happens that one of the litigants may need to provide technical support so it that digital information can even be used by the opposing party … this can mean that metadata (details about the electronic data) must be provided for the data to be understandable.  This makes it a standard good practice for all parties to test a sample of the information requested to determine how usable it is as well as to determine how burdensome it is to the requested party to retrieve and provide.

It just makes good sense to get the client’s information management professionals involved as soon as possible in the E-discovery process.  A business will have to disclose all digitally stored information that it plans to use to support its claims or defenses.  When faced with specific requests from the opposing side, your client will need to determine whether it can retrieve information in its original format that is usable by the opposition; a question that often only skilled information professionals can definitively answer.

Since fraud examination clients face E-discovery obligations not only for active Federal litigation but also for foreseeable litigation, businesses can be affected that merely receive a Federal subpoena seeking digital information.   Our questioner’s client received such a subpoena regarding an on-going fraud investigation and was not ready to effectively respond to it, leaving the company potentially vulnerable to fines and adverse judgments.

Did the Auditors Fail? – Analytical Techniques to Determine Due Diligence

foster-HeartbleedFraud examiners are increasingly finding themselves in situations where they are asked to investigate financial frauds identified subsequent to the performance of single or even multiple external and internal audits.  In such situations fraud examiners and forensic accountants do well to consider the application of a number of analytical techniques to identify exactly which organizational control assertions (and/or the auditor’s examination of them), broke down; such assertions as existence, rights and obligations, valuation, completeness, occurrence, measurement and presentation, either alone or in combination.   One particularly powerful analytical technique, among several,  available to the fraud examiner in analyzing the performance of the parties to such a situation is Benford’s Law.

Benford’s Law is named after Frank Benford, a research physicist at the General Electric Research Laboratories in Schenectady, New York who, in 1938 and the years immediately following, performed a detailed study of numbers and found that certain numbers and number combinations appeared more frequently than others; Benford’s law predicts the digit patterns in naturally occurring sets of data.  He then tested the assumption that numbers ordered from smallest to largest would form a geometric sequence by using integral calculus to formulate the expected digit frequencies in lists of such numbers.   The significance of this for fraud examiners is that, after analyzing more than 20,000 pieces of data, he found that the chance of the first digit in the data (say,  a list of the dollar amount of invoiced transactions, for example) being “1” is not one in nine, but rather one in three, or 30 percent.  The chance of the first number in the string being “2” is only 17 percent, and the probabilities of successive numbers being the first digit decline until reaching “9”, which has only a five percent chance of appearance.  Benford found that in arrays of numbers, the digit “1” occurred more than any other number did.  The same type of predictable patterns were found to hold for the predicted frequencies of digits in the second, third and fourth positions, given the occurrence of all the differing initial digits (1 through 9).  Over the intervening years, further investigation and extension of Benford’s original work has made it possible to detect potentially fraudulent numbers in large data files by comparing the frequency of occurrence of initial digits in a list of financially related numbers to those anticipated by Benford’s findings.  For example, when a fraudster invents numbers in connection with the perpetration of a fraudulent scheme, s/he will tend to fake data containing too many instances of the initial digits 7, 8, and 9 and too few of 1, 2, and 3.

As a case in point, let’s say you have been engaged to determine whether or not external auditors performed due diligence in evaluating the client’s control assertions in a case where the existence of an existing fraud, contemporaneous with the auditor’s examination, was clearly not identified.  If the auditor was lacking diligence, damages are due to the plaintiff; on the other side, it may be the case that the auditor actually performed due diligence.  In the center portion of the spectrum is a grey area where due diligence is questionable.  Clearly, in this case, the plaintiff organization has an obvious monetary incentive to claim a lack of due diligence, while the defendants (the auditors) have a clear motive to claim the opposite.

The advantage the fraud examiner has in applying analytical tests to the facts of this particular hypothetical case is that both the auditor’s work papers and the client’s financial records as they were at the time of the audit are available for her analysis.  Analytical manipulations  like those represented by the most successful Benford’s Law tests (like the coincidence of same invoice number, same dollar amount and different vendor numbers) can identify clearly abnormal patterns in the  defendant’s analysis of the   plaintiff’s assertions that can either confirm or disprove the plaintiff’s claim for damages as a consequence of the defendant’s non-performance of due diligence.  This type of testing by the fraud examiner of the plaintiff’s data and auditor’s related work papers tends to reduce the grey area of doubt in either the plaintiff’s or defendant’s favor by applying techniques that juries will find relatively easy to understand while representing a credible source of evidence based on the relevant actual data available from both litigants.  Use of even the most basic digital tests of these available data can impress a jury and influence an appropriate due diligence decision one way or the other.   Thus, if the engaged fraud examiner acting for the plaintiffs can demonstrate that tests exist that, if applied, could have detected the fraud but that the tests were not applied, the auditors can expect to lose the case and face damage awards.   The point is that fraud examiners can run digital tests on all sorts of permutations, combinations, and subsets of the relevant data until the fraudulent transactions stand out as clearly significant deviations and in this way either support or refute the plaintiff’s claim of a lack of auditor due diligence.

To summarize, a jury might be more likely to accept the fraud examiner’s arguments for or refutation of the claims for due diligence, if those arguments are supported by concrete examples drawn from the actual data at play by her application of Benford and other related analytical tools to analyze the relevant data and organize her findings.