What is an Internal Investigation?

So, what is an internal investigation? In simple terms, an internal investigation is an inquiry that determines if there has been a violation of regulatory policies or workplace practices. They are often conducted after a complaint, suspicion of misconduct, allegation, harassment accusation, or fraud suspicion. Many of these fall under state or federal laws.

What is an Internal Investigation?

How Organizations Assess Allegations of Misconduct

When there is an allegation of misconduct, there will be a complaint. This is where a corporate internal investigation begins. The complaint might be made by an employee, a potential litigant, a regulatory agency, or an anonymous whistleblower. The goal of the investigation is to detect and respond to wrongdoings or eliminate suspicions. Your response to the investigation should not only act on the specific incident but also discourage similar violations in the future. Every step of the investigation should be documented carefully. Make sure that you have a detailed written complaint as well so that the allegations don’t change over time and there is an endpoint to the investigation.

The first step of an internal investigation is determining if there is a factual basis for the complaint. This requires you to collect relevant information, including electronically stored information (ESI). You can use an eDiscovery solution such as Casepoint to identify relevant information, conduct data analysis, and identify useful sources. If there is evidence of misconduct, the solution will also support the production of relevant data.

An internal investigation’s outcome will depend on if the investigation has yielded any evidence supporting the allegation. Next, you will have to take action against the perpetrators. To avoid misconduct of similar nature in the future, you should also conduct staff training and implement new policies. It is also crucial to have a well-documented investigation for any follow-ups in the future.

Using eDiscovery Software for Internal Investigations

Conducting Internal Investigations with Casepoint

For an effective internal investigation, you must have a rapid response. This is something that has become almost impossible with a manual process, thanks to the huge volumes of ESI we deal with today. You can use an eDiscovery software for internal investigations to create a comprehensive and streamlined investigation process.

The eDiscovery solution that you use should not only reduce errors and costs but should also be easy to use and able to uncover the facts quickly. Here are certain key features of an eDiscovery software that are beneficial for internal investigations:

  • Legal hold templates
  • Custodian tracking
  • Reminders and notifications
  • Tools for document review with intuitive search filters
  • Build-in data processing
  • Automated deduplication
  • Automatic redaction of sensitive data

Using these features, you can ensure that your eDiscovery investigation is carried out seamlessly and effectively.

Various Types of Internal Investigations

Section Image

Due diligence is usually done in response to regulatory scrutiny or around a proposed merger or acquisition. Since these are usually associated with multi-billion dollar deals, they are often document intensive.

Due Diligence

Section Image

Alleged employee misconduct is one of the most common reasons for the internal investigation. They are usually addressed by the Human Resources department. The department also oversees issues pertaining to equal employment opportunities.

Employee Misconduct

Section Image

Organizations might also conduct an internal investigation to find a whistleblower. It is usually conducted in anticipation of a follow-on litigation or a government investigation. Since law enforcement or government agencies such as the Department of Justice (DOJ) might be involved, it is crucial to have a well-documented investigation. This includes timely identification, followed by a thorough document review.

Whistleblower Actions

Section Image

Cyberattacks are on the rise. If any internal or external hacker gets improper access to your data, it could expose your organization to a massive risk. They could get their hands on internal confidential information, trade secrets, valuable IP, and more. To mitigate the existing breach, you must determine the method of access and remediate it immediately. You should adopt new policies to prevent future breaches.

Insider Threat and Cyber Breaches

About Internal Investigations

Section Image

There are a lot of reasons why you need to investigate. These can be due to a business crisis or because of the results of the actions of an individual. There are certain steps that your organization can take that will impact the likelihood of the success of your investigation. It is crucial to determine the goal of the investigation as it frames the scope of the review. You should also draw up the terms of reference, which include the details of the investigation team. This team will be responsible for finding out what happened, how the findings will be reported, and the steps taken to remediate the issue.

Why Investigate?

Section Image

Every individual in the investigation team should know that their assigned roles might develop over time. They will need a combination of skills to deal with this and decide how to conduct an internal investigation. There must be a team of lawyers on the team as it will help with legal professional privilege. You will also need some members from the IT, security, and operations teams. When you are choosing the members, make sure that there is no conflict of interest. If there is, consider third-party investigation services.

Who Investigates?

Section Image

In the case of internal investigations, people should be informed only on a need-to-know basis. Even though internal written communication isn’t privileged, it should remain neutral. Your team must work under the assumption that everything written during the investigation will eventually become public. A small misstep might escalate the issue. In the case of legal advice, privilege should be maintained at each step.

Internal Communications

Section Image

When it comes to external communications, you should know the difference between the facts and your opinions about the facts. Start by asking if the person really needs to know your opinions on the facts and what they might do with this information.

In case of privileged matter, here is what you need to consider:

  • Do you have to communicate the information to a third party? If yes, why?
  • Can you separate the privileged and non-privileged data and communicate only the non-privileged information?
  • Can you get a waiver of privilege?

It is your responsibility to ensure that client confidentiality is maintained. If you have to share the information, make sure that you redact or omit the confidential details.

External Communications

Challenges in Internal Investigations

Internal investigations are time-sensitive operations. The large data volumes and the fact that the accused is still working in the organization can increase the pressure. There are also a lot of other factors to consider, such as controlling the information flow, ensuring defensible internal investigations procedures, and thorough documentation. It is of paramount importance that you start the investigation process quickly so that you can determine if you should look forward to regulatory investigation, litigation, or settlement in the future. This will allow you to stay ahead of the ramifications.

Here are some challenges you might face while conducting an internal investigation:

Section Image

Whether you are investigating an employee’s misconduct, performing due diligence prior to a merger or an investigation, or responding to a whistleblower — time is of the essence. You need to take a look at all the risks and facts to resolve the matter quickly.

Limited Time

Section Image

While you are conducting the investigation, the custodians and people of interest are still employed at the organization. So, it becomes more important than ever to ensure strict confidentiality and discretion.

The Accused Is Still in the Organization

Section Image

With the huge volumes of data organizations are working with, it is easy to get lost. Your investigation must remain laser-focused on relevant custodians and data. Your investigation team must work on determining the scope of the investigation and ensuring that they work under that scope.

Determining the Scope of the Investigation

Section Image

One of the most common challenges of conducting an internal investigation is to maintain the privacy of data. Since these investigations involve confidential business information, subjects under regulatory scrutiny, valuable IP, and more, the information should be communicated on a need-to-know basis. The eDiscovery software for internal investigation you use should be able to conduct reviews in a secure manner.

The Subject Matter Is Confidential

Section Image

A corporate internal investigation is not the end. The results of the investigation might be used as evidence in follow-on litigation or a government investigation. It is possible that the board of directors or the Securities and Exchange Commission might be reviewing the investigation’s results later. That is why it is important to be thorough during your data collection and review process.

Follow Up On Litigation or Government Investigation Might Be on the Way

Challenges in Internal Investigations

Best Practices

Now that you know the challenges of an internal investigation you might face, you know the importance of having a defensible, thorough approach. We have laid down some best practices that will help you:

  • Even though it is important to remain focused during the investigation, you should also try to be overinclusive in issuing legal holds and identifying and preserving data. Expanding the hold later on or needing to recover data after it has been accidentally deleted will lead to increased costs and a longer investigation. This will also help you avert the claim of spoliation.
  • An internal investigation doesn’t have to be as complex as finding a needle in the haystack, where you also have to organize the hay. AI features such as pattern recognition and semantic insights can significantly impact your investigation. Use an AI-based eDiscovery software such as Casepoint.
  • Internal investigations are of sensitive nature. With the potential culprit still employed in the organization and the reputation damage the claim might bring, it is important to limit the number of people involved.
  • It doesn’t matter how your investigation begins, it is possible that down the road, the scope increases. This might be because of the addition of more custodians or a follow-on government investigation. So, you need a solution that offers this level of scalability. This way, you won’t end up wasting time and resources.
  • As mentioned before, the results of an internal investigation are often used as evidence for a future government investigation or litigation. This is why you need to document everything and ensure a chain of custody. There must be an audit trail of the document review process and AI-driven data exclusion.


In terms of eDiscovery, internal Investigations are quite similar to traditional litigations and face many of the same challenges. The tools used for identifying relevant information for both are the same. The AI-based eDiscovery software that you use for your internal Investigations will help you deal with the cost pressures of the investigation. Regardless of the subject matter or the scale of the approach, it is important that you take a broad, auditable approach. This will help you avoid any sanctions or spoliations in the future.