In the short gap between IQPC in London and CEIC in Orlando, I was invited to join a panel at Pinsent Masons on the Bribery Act, one of a series organised by Barry Vitou of Pinsents and thebriberyact.com.
You will see from Barry’s report of the session that the panel comprised himself, barrister Richard Kovalesky QC, Howard Sklar from information software company Recommind, and me. The differing viewpoints of Barry and Howard appear from their respective web sites, Howard’s at the Open Air blog and Barry’s at thebriberyact.com, and are touched on in Barry’s report. I want to expand a little on what I said about the information management aspects.
This is one of those high-level terms which could mean anything. The suggestion is not that companies should set about a ground-up comprehensive records management programme because of the Bribery Act (I am not saying they should not do that anyway, but that big undertaking will be too much, and too late, for the immediate risk). Managing information is a component of managing risk; risk varies from company to company and (as Barry reminded us) between jurisdictions and sectors. The “information” to which I referred was the data which relates to identified areas of risk; “management” means knowing what you have got, knowing how to find what you need, and being able to distinguish between what is important and what is not. And “important” is a dynamic concept – you don’t know today what will be important tomorrow.
An additional spur to Board awareness
Those of us concerned with UK civil disclosure (I am a member of Senior Master Whitaker’s Working Party which drafted the new eDisclosure Practice Direction and Questionnaire) have long argued that the need to know about electronic disclosure lies with the clients as well as with lawyers and judges. The judges and those who appear before them need to know the rules and a little about the technology which exists to enable proportionate use of the rules. Knowing about the rules, however, is only part of it. The problem and, indeed, the documents themselves, belong to the client. If the client hands his lawyers an unsorted mass of documents saying “Your evidence is in there somewhere”, he can hardly complain at the size of the bill when he is effectively asking the lawyers to undertake retrospective information management in a hurry and at lawyer rates. It is still less appropriate to blame the civil justice system – that may have its faults, but it did not create the data volumes from which the facts must be found.
One of my standard slides shows a board meeting at which the chairman is thanking Mr Geek for his “interesting” paper on information management which the board will, perhaps, come back to at the next meeting. It seems likely that the Bribery Act will promote the subject up the agenda. The management of information (as defined above) is only one of many factors which a company must take into account along with others in considering its “adequate procedures”, but it is an important one.
There is a parallel here in the judgment of HHJ Simon Brown QC in Earles v Barclays Bank Plc in which he said:
Potential litigants need to anticipate having to give disclosure of specifically relevant documents and should have the means of doing so efficiently and effectively.
One may summarise this message as “those who expect to litigate must be ready to litigate”. That is a risk assessment like any other, and Bribery Act preparedness involves much the same exercise. If the need for pre-emptive information management will vary with the risk, the cost will depend also on the starting point – if you are at high risk and have done nothing to meet it then you will have more of a mountain to climb.
Your risk assessment may have concluded a year ago that the expense of pre-emptive measures was not warranted by the risk which the company faced. The arrival of the Bribery Act strongly suggests that one might revisit that risk assessment.
Keeping up with technology
It is not just the risk which changes. It makes sense also to go back over the applications and processes available to meet it – not just their costs but their capabilities. Vivian Robinson, General Counsel to the Serious Fraud Office, has talked of “repurposing” ediscovery applications for Bribery Act purposes. If you do not know what these tools can do, then you cannot see what other problems they could help with, and their scope extends all the time.
Getting there first
Barry Vitou’s article picks out the next point – if you have something lurking in your data which will point to bribery or other damaging conduct then you would rather know about it before the regulator or prosecutor finds it. Barry gave us some examples of words within e-mails which had been cover for something else – a 30% of sales commission described as “local support payments”, references in the context of travel arrangements to someone who had “contributed significantly to our win”, terms like “cash incentives” and “local processing fees” which could mean something beyond their bare words depending on the context. Software developed for civil litigation electronic discovery/disclosure was designed to look behind what was said and draw conclusions as to what was meant. The use of keywords is now considered inadequate as more sophisticated tools have been developed. No-one expects that you understand how Predictive Coding and Probabilistic Latent Semantic Indexing works, but you ought to know what it can do. If it can find stuff after the event then it could be used to spot problems as they arise.
From the horses’ mouths
It seemed worth passing on the flavour of the talks given at a day or two earlier by Allison Stanton, Head of Civil E-Discovery at the US Department of Justice and by Tony Wilson of the Serious Fraud Office. My notes of that are in this article and I will not repeat them here, save for one point: both had emphasised that, whilst they welcomed contact from companies who thought that they may have a problem, what is under scrutiny is the records policies which had been devised (or which should have been devised) in the past. Allison’s curt warnings “Deletion doesn’t look good” and “We will find it” are adequate reminders that ediscovery principles have a big role to play in Bribery Act investigations.
My thanks to Barry Vitou and Pinsent Masons for inviting me to take part in this session, which was so packed that a repeat with a different support act is planned for 6 June – details of that and his planned regional events are here.