Procedure For Corporate High-tech Investigations
In today’s digital landscape, corporate security is more important than ever.
ABSTRACT
To combat new and emerging fraud, companies need to have strong corporate governance and compliance structures that are adaptable and innovative. This research aims to describe the requirements for conducting a corporate investigation. Corporations now and in the future will have to review audit and compliance procedures frequently and have the capacity to conduct internal investigations promptly where fraud has occurred. Corporate fraud investigations into individuals and corporations by enforcement agencies, statutory regulators, and internal companies’ committees have increased in intensity over the past few years. In today’s world, businesses must be ever-vigilant when it comes to cyber security. With cybercriminals becoming more sophisticated and organized in their attempts to steal valuable corporate data, companies need to ensure they have the right measures in place to protect themselves. One such measure is corporate high-tech cyber forensics investigations. This type of investigation can provide a company with the necessary information they need to strengthen its security systems and prevent future incidents from occurring. In this blog post, we will discuss what corporate high-tech cyber forensics investigations are and why they are important for businesses to consider implementing.
Types of Corporate High-Tech Cyber Forensics Investigations Some common types include:
- Email Investigations: Email investigations are often conducted to recover deleted or lost emails, as well as to investigate suspected email fraud or harassment.
- Computer Forensics Investigations: Computer forensics investigations are used to examine electronic data for evidence of criminal activity or unauthorized access.
- Network Forensics Investigations: Network forensics investigations are used to track down the source of network attacks and to monitor network activity for signs of suspicious behavior.
- Wireless Forensics Investigations: Wireless forensics investigations are used to Analysis of wireless networks and devices for evidence of criminal activity or unauthorized access.
- Database Forensics Investigations: Database forensics investigations are used to recover data from damaged or corrupted databases, as well as to investigate suspected database breaches.
KEYWORDS
Types of Corporate High-Tech Cyber Forensics Investigations, Importance of Corporate High-Tech Cyber Forensics Investigations, Preparation of investigation, Collection, and analysis of Evidence, Reporting and Presentation of Findings
INTRODUCTION
In today’s digital landscape, corporate security is more important than ever. With the rise of cybercrime, companies must take proactive steps to ensure their data stays secure. That’s where corporate high-tech cyber forensics investigations come in. High-tech forensic investigations allow companies to investigate and respond to any potential cyber threats or malicious activity quickly and effectively. This blog post will explore the importance of these investigations and how they can help protect your company’s data and reputation.
Cyber forensics is the application of investigative techniques to identify, collect, preserve, and analyze data to answer questions about a digital event or crime. It can be used to find out who did something, what they did, how they did it, and when they did it. Cyber forensics can be used in criminal cases, civil cases, and administrative cases.
Cyber forensics is a relatively new field, and there is still no agreed-upon definition of what it is. However, most people agree that it includes the following elements:
-The use of scientific methods to collect and analyze data
-The use of legal principles to determine if a crime has been committed
-The use of investigative techniques to identify the perpetrator of a crime.
Cyber forensics is a growing field, and new technologies are constantly being developed to help investigators find and preserve evidence. The Different Types of Cyber Forensics Investigations There are three main types of corporate high-tech cyber forensics investigations: data recovery, malware analysis, and network forensics. Data recovery is the process of retrieving data from damaged or corrupted storage media. Malware analysis is the study of malicious software to determine its purpose and functionality. Network forensics is the capture, recording, and analysis of network traffic to investigate a security incident.
Pros and Cons of Cyber Forensics Investigations
When it comes to cyber forensics investigations, there are both pros and cons that businesses should consider. On the plus side, these types of studies can help to uncover evidence of criminal activity, which can then be used to help prosecute those responsibly. Additionally, they can also assist in identifying security breaches and discovering vulnerabilities within a company's systems. However, there are also some potential downsides to conducting cyber forensics investigations. For one, they can be highly time-consuming and costly. Additionally, because they often require access to sensitive data, they can pose a privacy risk. Finally, if not conducted properly, they can end up damaging evidence or creating new security risks.
What to Expect During a Cyber Forensics Investigation?
A corporate high-tech cyber forensics investigation is a complex and time-consuming process. It often requires the use of specialized software and hardware, as well as the expertise of a team of trained investigators. The goal of a corporate high-tech cyber forensics’ investigation is to collect and analyze data to identify the cause of a security breach or incident. The first step in a corporate high-tech cyber forensics’ investigation is to create a timeline of events leading up to the incident. This timeline will help investigators understand what happened and when it happened. Next, investigators will collect data from all systems and devices that were involved in the incident. This data includes system and application logs, network traffic data, and any other relevant information. Once all data has been collected, investigators will begin their analysis. They will use various techniques to examine the data and look for clues about who was responsible for the incident. In some cases, investigators may need to use special software to decrypt encrypted data or recover deleted files. Once the analysis is complete, investigators will prepare a report detailing their findings.
Over one-third of corporate frauds were discovered by accident, “making ‘chance’ the most common fraud detection tool. We have to ask ourselves two questions, “How much have we learned about dealing with economic crime and do corporations have effective structures in place to detect economic crime?” These revelations, despite the intensity of press reports, are not new. Profits of large international corporations have been shown to be fictitious. Recent surveys in e-commerce businesses indicate that executives, in many instances, are misinformed about the vulnerabilities of their network systems. In particular, accounting fraud has attracted the most recent attention simply because of the billions of dollars involved. It shook the confidence of investors and financial institutions in the world markets. We only have to look at the recent revelations of the Enron court proceedings which reveal allegations of purposeful “cooking of the books” and charges of conspiracy, fraud, and insider dealing which has caused the second-largest bankruptcy in US history. The corporate fraud train has been gathering momentum for some time, particularly in the USA, Europe, China, Japan, and Australia. The historical stations are somewhat repetitive. From the South Sea Bubble in 1720 to the Pecora investigation into market manipulation in the USA in 1933 (Pecora, 1939), to the corporate collapses in the 1980s, to the current day large fictitious frauds bringing down conglomerate corporate giants in this millennium. They are all landmarks that forerun countless government papers and investigations into corporate crime. Although the expression “white collar crime” was coined more than 50 years ago by Edwin Sutherland and Donald Cressy, it has taken on a new meaning in 2006. The measurement of corporate fraud has arguably reached a different dimension. Auditors, business analysts, accountants, lawyers, bankers, and company doctors should be independent and work for the advantage of the body corporate. Instead, they have pleaded guilty to the most significant corporate frauds in legal history, eroding the very reputation of these professions.
- WHAT IS WHITE-COLLAR CRIME?
offenses that are committed by those in professional occupations conducting dishonest activities, by themselves or their agents, for financial gain. Such crime is usually committed by persons in positions of trust or by persons within organizations who take advantage of their position. However, the dimension of crime extends to the activities of organizations involved in illegal conduct. In the last decade, corporate crime has been given new dimensions. The growth of information technology, environmental protection, and increased regulation of corporations. Corporate crime can be characterized as follows, crimes committed: against corporations by officers, directors, and employees. against corporations by outsiders. And for corporations by internal forces. Corporate crime evades every aspect of modern living including, company dealings, securities markets, trade practices, environmental protection, occupational health and safety, employment and discrimination, immigration, and taxation. These are overall areas that can interact with a consequence that corporate criminal offenses can involve any one or more of these areas
Traditionally, corporations have relied on government agencies to conduct their investigations and prosecute white-collar crime. However, in the next decade, law enforcement agencies will not have the capabilities to investigate all corporate crimes. There will be an increase in the role of private investigations to supplement some of the roles of enforcement agencies. Further, recent corporate frauds intuitively tell us that large corporations may need investigative capabilities in-house to ward off a major collapse. If effective it will act as an insurance policy for their survival. Companies have become increasingly complex and operate through international holding companies which could confound some of the best audit firms that oversee them.
- DIMENSIONS OF CORPORATE CRIME
The dimensions of corporate crime investigation are wide-ranging and include:
frauds – financial or otherwise, internal audit fraud and compliance breaches, securities contraventions, including non-disclosure to the public, bribery, insider dealing, market manipulation, corruption, taxation avoidance, trade practices, and market conduct, insolvent trading, fictitious or false accounting, misleading financial statements, corporate governance, related party transactions and directors duties, prudential regulation, food standards, road and rail standards, economic offenses against and by employees.
The opportunity for fraud arises when controls are weak and/or when an individual is in a position of trust. While the pressures on those to commit fraud are often financial, unrealistic corporate targets can influence employees to commit fraud to meet targets. The rationalization for fraud often includes beliefs that the activity is not criminal, their actions are justified. In many instances, management in corporations is just not up to date on the different developing frauds. Often, corporations only act when they are awoken to fraud. It is important for directors and management to constantly review internal procedures. They should introduce fraud awareness programs and update risk management requirements. There is growing support for the approach that pressures for logistical reasons for companies to launch investigations into corporate crime, to determine contraventions of the law or ethical standards
THE CONDUCT OF A CORPORATE INVESTIGATION
3.1 Choosing the right people
The core of any investigation is to have competent professional skills in a team. They must have the resolve to work hard and complete the investigation in a tight timeframe. In my experience, having the right skills mix is the most important factor in a successful investigative team. Depending on the scale of the fraud, the most appropriate team will usually consist of:
. an investigative lawyer;
. a forensic accountant; and
. a seasoned financial investigator
3.2 Document reason and basis of investigation
An investigative team should collate all the initial facts that have come to light. This can be done either through the complaint or information that leads to the commencement of the investigation. Enforcement agencies, by their statutes, are required to document the reasons for commencing the investigation and the use of statutory powers. Enforcement agencies can usually only commence an investigation if it is provided for within the powers of the state or federal legislation for the due administration of compliance with the law.
3.3 Investigation plan
An investigation plan should be drawn up. This is to ensure you have a structure for your investigation. The plan could include the following:
. what are the facts to date;
. what is the best strategy to investigate this matter;
. what is the contravention/internal concern;
. who are the targets;
. who are the witnesses;
. what documents should be obtained;
. who should be interviewed;
. who will be of assistance;
. who will not be of assistance;
. where to keep documents/control procedures;
. relevant bank accounts;
. paper trail;
. phone records;
3.4 Investigation matrix
One of the most helpful tools in an investigation is a diagram or matrix that details the relationships between parties, key transactions, and events. The facts should be arranged in chronological order showing the commercial and financial transactional flows. Such diagrams are useful in all instances and help investigators assess the information obtained and what further information is required.
The matrix should include:
. bank account details;
. corporate structures;
. individuals involved;
. transfer of funds; and
. other entities involved.
3.5 Accessing relevant law
The investigation team should be led by an experienced lawyer or accountant to pinpoint applicable compliance provisions, relevant law, or statutory rules. Other issues that require legal advice may relate to the circumstances of the transaction. An example of this is when a stockbroker is involved in a questionable share transaction and the financial firm needs an opinion on whether the subject transactions contravened a law. Other instances where legal advice should be sought are in audit procedures, related party director transactions, and disclosure by directors. There could be many instances where legal advice should be sought. The investigative team should analyze the issues and consider what are going to be the legal “minefields” or difficult areas to investigate.
3.6 Secure and analyze documents
It is crucial that once an investigation is initiated, the relevant or primary documents should be secured. Enforcement agencies have special powers to obtain documents. The situation is not altogether clear about internal investigations. A corporation can obtain or retain documents that it owns. But what happens if these documents are at the employee’s home or storage facility? However, these proceedings cannot be used as “fishing expeditions” and evidence is required that the employee has possession of the documents sought after. If the corporation is fearful of the destruction of information outside the premises of the company, it should also bring a Mareva injunction. About computer evidence inside the corporation, the company should seek to capture the data using a forensic computer expert.
3.7 Considerations for the collection of evidence
Collecting evidence and retaining its continuity is essential for any investigation to succeed. All organizations that conduct internal investigations should have a document control procedure and an essential place where evidence can be securely stored. Some points that need to be considered are summarized as follows:
. have a written procedure for the collection of evidence;
. document the collection of evidence, detailing, time, place of origin, and circumstances of collection;
. identify documents;
. obtain relevant primary documents.
3.8 E-commerce – investigations
E-commerce technology and information as a result of the rise of the global market are essential to most organizations. Because of its nature, the misuse of the computer can be a real threat to the very survival of an organization. Contraventions of the law about the use of computers are referred to as “cybercrime”. This is where information technology is used to commit or conceal an offense within the organization. This area of law is difficult because of cross-border crime and the problems of investigating these types of offenses. The weaknesses of e-commerce
systems can be summarized as follows:
. inefficient systems;
. inadequate paper trail;
. poor IT security;
. poor maintenance of security systems;
. no internal capacity to investigate internal or external criminal breaches;
. multi-jurisdictional issues; and
. the anonymity of the perpetrator.
3.9 Interviewing witnesses with consent
Enforcement agencies have clear powers to interview suspects after appropriate warnings and notices are issued. However, in conducting corporate investigations, audit committees, management, and investigation staff may be required to interview persons with their consent. This assists the investigations for breaches of compliance, audit procedures, and statutory breaches. The purpose of such an interview is to obtain information, not grandstand or put the person “offside”. If witnesses are interviewed, the investigator should have prepared a form or questions. These should be wide enough to be flexible but should have a structure to the questioning that sets out to establish the required evidence. The most important rule is to listen and let the interviewee do the talking. The second most important rule is to be organized and for the investigator to control the process.
CONCLUSION
Corporations must learn and adjust to the new types of fraud both structured and unstructured. Recent events teach us that corporate economic crime is global and if unchecked, can bring down the entire company together with its external advisors. No amount of legislation and regulations will stop director or corporate misconduct. Often, poor ethical and moral judgment, by those in senior corporate positions, has allowed the conduct to go unchecked because of a lack of adequate procedures and processes. More importantly, because of their position, directors are often not open to compliance and investigation scrutiny from within the company.
Is your company “house” in order and able to deal with an economic crime within your organization? Corporate fraud can only be confronted where there is a willingness within corporate governance to see it as a real danger and deal with the Trojan horse before it can be built.
Wisemonkeys, is an LMS platform with unique features like “Ask a question” and get answers from experts within no time. It’s a mass initiative to spread knowledge worldwide, truly believe in “When we know knowledge is free then why not spread it.” From various sectors to industries, write your heart out and get noticed.
For the Monkeys | By the Monkeys.
