Internal investigations typically involve a blend of ensuring regulatory compliance and mitigating legal risks with the ultimate aim of maintaining corporate integrity. Therefore, it is not always clear where this role should sit. Particularly in organisations which have separate legal and compliance functions: is there a natural fit, or does it depend on the nature of the investigations?
We’ll take a look at the pros and cons of each option.
The case for placing Internal Investigations under Compliance
Independence from Legal Defence Strategies
The compliance function is designed to proactively prevent wrongdoing and promote ethical behaviour. Housing investigations within compliance ensures that findings are not influenced by a company’s legal defence strategy and can be addressed with corrective action, rather than legal shielding.
Stronger Ethical and Regulatory Alignment
Compliance teams are focused on addressing regulatory concerns, enforcing policies and ensuring that staff are fully trained and compliant. Aligning internal investigations with compliance ensures that issues are addressed with ethical remediation prioritised over legal positioning.
Improved Transparency and Whistleblower Trust
Employees may feel more comfortable reporting misconduct if they perceive the compliance function as independent from the legal team, which is often seen as protecting the company rather than ensuring accountability.
Regulatory Expectations
In heavily regulated industries such as finance, healthcare and government contracting, regulatory bodies often expect compliance teams to handle internal investigations to ensure unbiased assessments.
The case for placing Internal Investigations under Legal
Attorney-Client Privilege
Housing investigations within the legal department allows companies to protect sensitive findings under attorney-client privilege, which can be critical in litigation or regulatory proceedings.
Legal Expertise in Complex Issues
Many internal investigations involve complex legal matters such as employment law, fraud and regulatory compliance. Legal teams have the expertise to assess risk exposure and advise on the best course of action while ensuring compliance with laws and regulations.
Coordinated Defence Strategy
When an investigation uncovers potential legal violations, legal involvement ensures that the company is prepared for potential litigation, regulatory inquiries or enforcement actions.
Consistency in Legal Interpretation
Legal departments ensure a consistent approach to investigations across different jurisdictions, particularly in multinational organisations where compliance obligations vary significantly.
A hybrid approach: The best of both worlds?
Given the strengths of both compliance and legal, some organisations opt for a hybrid model where investigations professionals work under a joint structure. In this setup:
- The compliance team handles routine investigations related to policy violations, ethical concerns, and workplace misconduct.
- The legal department takes the lead on investigations with significant legal implications, such as fraud, corruption, or regulatory breaches.
- A cross-functional investigations committee (involving compliance, legal, HR, and risk management) ensures a balanced and independent review process.
Or, there is a third option: Audit
It’s not unusual for Internal Investigators to sit within an audit function, either. Indeed, there is a strong argument for this arrangement.
Independence and Objectivity
Internal audit functions operate independently from management, providing an impartial perspective on organisational risks. Housing internal investigations within audit reduces conflicts of interest and ensures findings are assessed with objectivity, rather than being influenced by legal defence strategies or business interests.
Risk-Based Approach
Audit departments specialise in identifying and assessing risks, making them well-equipped to investigate fraud, financial misconduct and operational weaknesses. By embedding investigations within audit, organisations can take a proactive, data-driven approach to detecting and mitigating risk.
Strong Analytical Expertise
Auditors possess deep analytical and forensic accounting skills, which are crucial for uncovering financial irregularities and control failures. Their expertise in data analysis and process evaluation enhances the effectiveness of internal investigations, ensuring thorough and evidence-based findings.
Enhanced Internal Controls
Audit departments focus on strengthening internal controls to prevent future misconduct. When internal investigations are integrated within audit, findings can be directly linked to control improvements, reducing the likelihood of repeat violations.
Final Thoughts
There is no one-size-fits-all answer to where internal investigations professionals should sit within an organisation. Each option has clear pros and cons. The decision should ultimately align with the company’s corporate governance priorities.
Regardless of where they sit – whether it’s within Legal, Compliance or Audit - internal investigations teams must always have the independence, authority and resources to conduct thorough and unbiased investigations.