The Forensic Technology Solutions team (FTS) finds truth from data. We capture and process vast amounts of disparate electronic information to find the evidence that proves a case.

It’s essential to have forensic technology specialists who are trained in the forensic acquisition and analysis of electronic evidence and are equipped with the most cutting-edge tools and technology.

It is even more important to have a team of professionals who understand the wider commercial issues — such as how to minimise the cost and disruption to the business - and the wider legal issues, such as data protection and proportionality.

We have the knowledge and experience to handle evidence in relation to specific regional requirements. We understand the implications of the Data Protection Act, the Computer Misuse Act, the Human Rights Act, disclosure rules and employment law. Critically, we understand the legal aspects of transferring data between multiple jurisdictions.

Our teams not only have this knowledge and experience, they’re supported by consistent methodologies built from our experience with engagements across the globe. Our reach is extensive: our global network of over 300 forensic technology professionals spans 30 countries. Here in the UK we have dedicated professionals in our forensic labs in London, Birmingham and Belfast.

Responsive services (summary)

We do a great deal of work helping clients respond to incidents such as:

• Regulatory orders and regulatory investigations (including Foreign Corrupt Practices Act (FCPA) investigations)
• Corporate investigations (including whistle-blowing, suspicion of fraud, etc)
• Dispute analysis, litigation support and electronic disclosure
• Insolvency and business recovery.

Since the vast majority of business records are created and stored electronically, these incidents require us to respond quickly to capture, analyse and deliver the relevant information. In general, our methodologies involve the following steps:

• We map the data universe and determine what is relevant
• We capture and validate that information
• We work with our clients to determine what is responsive
• We analyse the information (see below) or make it available for review
• We produce the results.

Extensive analysis can include:

• Conducting a fraud investigation or other form of corporate investigation
• Collecting email and other electronic documents, scanning and OCRing paper documents, determining which documents are responsive to a disclosure or a regulator’s order and making those documents available for clients or lawyers to review online
• Sifting through vast volumes of transactions in financial or ERP systems and performing sophisticated data analytics to look for fraud, anomalous transactions or control weaknesses.

With all our work, preservation of the evidential integrity is paramount, and we provide clients with the ability to examine electronic data in a legally robust manner.

Professional Advice (summary)

From thousands of engagements in over one hundred countries we’ve learned a great deal. Whereas much of our work is responding to incidents, there is also a proactive aspect to much of what we do. These are some areas where our clients are engaging us to provide our advice:

• Data loss and data compromise
• Transaction risk analysis and transactional reconciliation
• Licence management and  software licensing
• Litigation readiness

Responsive Services (detail)

Corporate Investigations (including whistle-blowing and suspicion of fraud)

We often assist corporations’ internal audit or relevant departments with their investigations. We can work as an integral extension of the internal team or work in locations where clients don’t have investigations personnel. We will capture data from individual workstations, servers or enterprise systems (such as enterprise resource planning (ERP) or financial systems). We will analyse the data and provide the results in a variety of easy-to-use tools that allow the investigators to review the results.

For further information on how we can help you manage corporate investigations please contact Jon Hayton.

Data analytics

Large organisations have massive amounts of data, often split across financial systems, enterprise resource planning (ERP) systems, procurement systems and so on.

We have developed sophisticated routines to unlock the data that these systems contain, and we help clients:

• Investigate suspicion of fraud
• Extract data (such as financial data or clinical trial data) to comply with regulatory disclosure
• Investigate regulatory compliance, such as looking for payments to agents that violate the Foreign Corrupt Practices Act (FCPA)
• Look for corruption or collusion
• Extract data (such as financial data or clinical trial data) during litigation support or electronic disclosure
• Verify or dispute creditor claims or perform other claims management
• Perform detailed calculations such as key performance indicators (KPIs), demographic and statistical analysis
• Conduct data mining
• Support business decisions through business intelligence reports
• Look for patterns or trends
• Search for anomalous transactions.

We have in-depth experience with Oracle Financials, SAP, JD Edwards and PeopleSoft. We can help you determine which data to extract, then:

• Transfer the data (in its native format where possible, so the data import is faster, cheaper and more accurate)
• Validate the data, easily detecting exceptions
• Analyse the entire data set, not just a sample
• Create extremely complex tests (including compound analyses)
• Run red flag reports and reports customised to the business issue at hand.

For further information on how we can help you with data analytics please contact Karen Choy or Jon Hayton.

Dispute Analysis and Litigation Support

Many cases can be resolved before they go to court, and good litigation support can help cases settle more quickly. We can extend the reach and capability of law firms’ litigation support departments to provide the global reach and expertise required in the most demanding cases. We can also draw on our extensive forensics and investigation teams to examine the underlying matter and its related issues.

For further information on how we can help you manage dispute analysis and litigation support please contact Jon Hayton.

Electronic Disclosure

If your organisation is subject to litigation, chances are that over 95% of the information you are required to produce will be electronic. We routinely help law firms and their clients:

• Understand and comply with preservation orders
• Map the data universe and determine what is relevant
• Forensically capture and preserve relevant data
• Validate and de-duplicate the data
• Pre-search where appropriate to help with proportionality
• Use search terms and other methods to determine what is responsive
• Conduct online reviews of relevant data using secure web-based tools accessible from any location
• Deliver the data electronically and encrypted to the opposing party.

For further information on how we can help you manage electronic disclosure please contact Jon Hayton.

Insolvency and business recovery

The FTS group works with PwC Business Recovery Services (BRS) to aid insolvent companies.

Central to the success of any business recovery or corporate liquidation is reliable access to the company’s financial systems. Regardless of the reasons for the distress, it is vital to secure data immediately when it’s most cost effective to do so and while the information is still available.

At its heart, this is an IT and data capture issue. We can help you capture, secure and deal with massive volumes of information, providing you with essential reports and tools to aid restructuring and recovery—tools that the company’s own systems often lack. FTS can also identify which systems personnel are critical, which technology assets can be sold and which IT expenses can be cut, thus helping to reduce costs while maintaining business continuity.

For further information on how we can help you manage insolvency and recovery please contact Kevin Ellis.

Regulatory Compliance and Investigations (including FCPA investigations)

Many organisations must demonstrate compliance to a variety of regulators, including:

• Financial regulators, such as the UK Financial Services Authority (FSA), US Department of Justice (DoJ) and the US Securities and Exchange Commission (SEC)
• Industry regulators such as the UK Competition Commission (CC) or the US Food and Drug Administration (FDA).

We have conducted numerous FCPA (Foreign Corrupt Practices Act) investigations on behalf of global multinational clients in locations spanning the globe. This US legislation applies to many non-US corporations, and carries severe penalties.

Whether it’s redacting data from a clinical trial database to provide efficacy data to the FDA, or reviewing emails to disprove collusion or unfair competition, it still needs to be done in a forensically sound manner to satisfy the regulator.

For further information on how we can help you manage regulatory compliance and investigations please contact Jon Hayton.

Transaction reconciliations

Our clients often obtain our help to reconcile transactional data held in their systems, usually to validate results to another party — such as a regulator or another company with whom they have a contractual relationship (including licensees, licensors, suppliers, et cetera).

We work with both financial and non-financial systems to:

• Validate financial results
• Verify stock inventory
• Check royalties
• Review medical and healthcare data.

For further information on how we can help you with transaction reconciliations please contact Karen Choy or Jon Hayton.

Professional Advice (detail)

Data loss and data compromise

The compromise of customer data is emerging as a major threat and has been recognised by the Financial Services Authority (FSA) as one of the key risks to the sector here in the UK. A robust stance has been adopted by the regulator who are treating data compromise as a financial crime issue. We have developed an approach that can help organisations more effectively manage this threat.

The FSA’s view is quite clearly set out in their recent Financial Crime Newsletter which states that data compromise is not only an IT issue and that a significant majority of incidents were due to poor controls and breaches of procedure rather than sophisticated hi-tech attacks. Other areas that should be considered when assessing your exposure to the threat of data compromise include recruitment mechanisms, culture and awareness, physical security, monitoring and audit trails, third party and supplier management, fraud governance and compliance checking.

In other words, a broad range of financial crime disciplines need to be applied to help effectively mitigate this risk. Our IT and data compromise expertise is provided against the backdrop of our experience preventing and detecting fraud and other economic crime.

Targeted Exposure Assessment

Our team can deliver targeted risk assessments of an organisation’s exposure to data compromise and help identify any potential opportunities for improvement. These are best described as risk assessments with a hard edge, and they go beyond the spectrum of international standards, best practice guidelines and methodologies (such as ISO27001 or PCI DSS) by also considering the current control environment in the same way as a criminal would. This type of assessment helps organisations focus on key areas of concern and gain a real understanding of their data compromise exposure.

The importance of this issue is underscored by the article Know your enemy — data compromise and identity theft from a corporate perspective, which starts on page 12 of the Autumn 2007 issue of PwC’s UK Financial Services Regulatory Focus magazine.

For further information on how we can help you manage the threat of data loss and data compromise please contact Neal Ysart.

Licensing management

Downloaded ringtones, CDs produced under licence in far-off countries, designer goods, mobile phones, silicon chips...these are just some of the areas where our licence management practice has helped clients recover revenue that was owed to them under their agreements with their licensees.

We helped one client solve record-keeping issues that were preventing them from paying royalty payments to artists, saving them money through increase efficiencies and improving their standing in the industry.

Licence reviews can vary from consumer product examinations to transactional reviews of online purchases. For these and everything in between, the licence management group is supported by forensic technology professionals so that all the findings are sound and will stand up in court if necessary.

For further information on how we can help you with licence management please contact Melanie Butler or Umang Paw.

Litigation Readiness

We work with our law firm clients to jointly advise organisations about technology issues that have legal ramifications, including:

• IT data retention and destruction policies: keeping backup tapes forever, for example, can create an enormous exposure if you are served with legal orders to produce. One company estimated it would cost them £7 million to process and de-duplicate all the data contained on their backup tapes
• Legal/IT communications: in today’s complex environment, simply sending a “litigation hold” email might not be sufficient. Instead, lawyers and IT professionals need to discuss the procedures and their ramifications. One company that didn’t follow a preservation order was fined £1.3 million and the court precluded the company from presenting its senior officers as witnesses. Because they had failed to preserve relevant data, they were unable to testify in their own company’s defence.

Transaction Risk Analysis

Large organisations have massive amounts of data, often split across financial systems, enterprise resource planning (ERP) systems, procurement systems and so on.

Fraudulent or other risky transactions can be hidden amongst millions of entries across multiple systems and sites. Whereas audits are designed to uncover material frauds and material weaknesses, companies are concerned about smaller frauds and weaknesses that “bleed the P&L”.

We have developed a unique and proactive fraud detection solution. We:

• Use our fraud and risk expertise to create a customised aggregate risk profile based on your organisation, industry and specific risks
• Analyse your systems to determine which sets of data we need
• Extract the relevant data sets (the entire data sets, not just samples)
• Run our standard risk, fraud and red-flag reports
• Run customised routines and reports based on your risk profile
• Further customise the routines to account for and eliminate false positives
• Analyse the results using complex risk-based scoring
• Run complex tests to examine related transactions.

When this work is complete, we can proactively pinpoint the areas of a business which are at the highest risk of fraud.

For further information on how we can help you with transaction risk analysis please contact Karen Choy or Jon Hayton.

Software licence reviews

Our teams help large organisations review their software licensing to ensure that they’re in compliance with all their vendors.

Software licensing can be complex, and a proper review requires experience with the many nuances of differing licensing agreements. Our teams have detailed systems knowledge and are able to unobtrusively extract the required information with minimal impact to the client’s systems. The extracted data is then reconciled using forensically-sound methods so that the findings are solid and our clients can be confident in the usage reports they provide to their software vendors.

For further information on how we can help you with software license reviews please contact Melanie Butler or Umang Paw.