Lawyers, Bribes and Money
It is surprising how often companies rely on outside auditors to detect and then investigate suspected bribery. I have nothing against outside auditors — the Big 4 and other auditing companies are indispensable as part of an internal review team. But companies are making a strategic error when they rely solely on auditors to review the company books, identify potential suspicious payments, and then help the company navigate the resolution of the issue.
Just so my point is clear, I am not questioning independent auditors who conduct annual reviews for public companies. That is a completely different ballgame.
The question comes up when a company wants to conduct a forensic audit for anti-corruption compliance. Companies need to structure such an inquiry by relying on outside counsel, who in turn, can bring in a forensic auditor to conduct an anti-corruption review.
There are several practical but significant reasons for such a structure.
First, the company must preserve its legal privilege. It is well established that communications with an auditor are not protected by attorney-client privilege (although there could be a work product privilege but that is a different issue). Relying on outside counsel protects and preserves the privilege. Outside counsel retains the forensic auditor to assist in advising the company on legal issues. The interviews of company officers and employees, if conducted by outside counsel or in outside counsel’s presence, will be protected from disclosure under the protection of the rpivilege.
Second, the company needs to protect an advice of counsel defense. Outside counsel can gather revelant information, with the assistance of the auditor, and then provide a legal opinion which may help the company protect itself from future charges of knowing violations by assertion of an advice of counsel defense. At a minimum such evidence helps to negate any criminal intent.
Third, auditors have an obligation to disclose suspected illegal activity. Under Section 10A of the Securities Act, auditors are required to raise suspected illegal acts with senior management and the Audit Committee. If they are not satisfied with the company’s response, auditors may have an obligation to report the conduct to the SEC.
Outside counsel has no such obligation and can advise the company on how to handle information about suspected illegal activity. This is critical when a company is considering if and how to voluntarily disclose such information to the government. Companies need to weigh the pros and cons of such disclosures, and auditors cannot contribute to that review in the same way outside counsel can.
In general, auditors and outside counsel are not subject to the requirement to file suspicious activity reports. But some auditors consider it a required practice, especially when they part of an accounting firm which falls under the “financial institution” definition. This issue can usually be navigated by using forensic auditors that are part of a consulting arms of an accounting firm rather than the accounting arm itself. Again, this is a very tricky issue that needs to be carefully weighed in the mix.
Companies need to act very carefully in this area — they can be setting up some nightmare scenarios. Working closely with outside counsel and forensic auditors, companies need to preserve options, protect the privilege and carefully address the surrounding issues.