Deloitte Middle East Whitepaper; ‘Forensic Data Collection in the GCC: Ensuring your electronic review doesn’t fall at the first hurdle’.
When a company’s management takes the serious decision to commission a forensic data collection, it usually involves sensitive, stressful and potentially risky circumstances such as fraud, litigation or a regulatory breach.
The process involved, from the GCC viewpoint, is explored in a new Deloitte Middle East whitepaper titled; ‘Forensic Data Collection in the GCC: Ensuring your electronic review doesn’t fall at the first hurdle’.
Computer Forensics: The Six Steps – Adrian T.N. Palmer, Managing Director, Kroll Ontrack Computer Forensics
Rick Barker; “At this sensitive point in any company’s business, it is imperative that the management ensures that they get value for money, the right advice, the right solution and know how to avoid the whole process being undermined from day one.” — Rick Barker, director and Head of Forensic Technology at Deloitte Corporate Finance Limited, Middle East
The Deloitte Whitepaper identifies three common scenarios that might necessitate a forensic collection in GCC countries. The first is international companies, usually with exposure to the U.S. or UK, who would need to investigate allegations of prohibited activities in their local branch office or subsidiary, which may have to be reported to a regulator. Typically this relates to allegations of bribery of foreign government officials or transactions with sanctioned countries. The second scenario is for companies in arbitration or litigation where there is a need to identify relevant documents or communications for disclosure. The final common collection scenario is where a company’s management is investigating staff for misconduct and dishonesty, usually related to fraud or “kick-back”.
“When the management of a company deems forensic data collection to be necessary, they expect that the collection and review process will be effective and not expose them to further risk,” explains Barker, who advises companies in forensic data collection.
The Deloitte whitepaper also looks at a number of aspects in the collection process, in particular in relation to complying with data laws. The whitepaper notes that it is critical to take into consideration the complete scope of legal constraints in the jurisdiction where the collection is undertaken, and potentially, any associated jurisdictions. It also answers the question of whether foreign laws can be ignored in the GCC during the process. Tips on seeking legal advice, as well as important recommendations for the technical aspects of data collection to ensure key evidence is not overlooked are also included.
Getting the forensic data collection right ensures a firm foundation for subsequent reviews, findings and legal action. On this Barker concludes; “With so much at stake, companies and their legal advisors cannot afford to make assumptions or make avoidable mistakes.”
To read the full whitepaper, visit; ‘Forensic Data Collection in the GCC: Ensuring your electronic review doesn’t fall at the first hurdle’.