This site uses cookies to provide you with a more responsive and personalized service. By using this site you agree to our use of cookies. Please read our cookie notice for more information on the cookies we use and how to delete or block them.

Bookmark Email Print page

Bribery and illegal payoffs

Computer Forensics

Background:
We were engaged by a large industrial company. A senior employee at one of our client’s suppliers had claimed that one of our client’s procurement personnel was demanding and receiving pay-offs to pass business on to the informant’s company. This was despite the fact that the informant’s company regularly supplied high quality materials at a competitive price.

 

Concern:
To discover the truth of the accusations and, if found true, the extent of the payoffs.

 

Deloitte’s Actions:
• Using discreet techniques Deloitte acquired forensic copies, 'images', of the accused individual’s laptop and workstation computers.
• Deloitte also forensically extracted the individual’s mailbox from the company’s mail server, and his personal directory from the file server.

 

Deloitte’s Findings:
• Deloitte retrieved a number of emails apparently discussing payoffs between the accused individual and others in a number of different companies.
• Deloitte retrieved web browser remnants showing the accused individual’s share trading account. This showed that the individual was in possession of liquid assets in excess of 20 times his annual salary. Discreet investigations by our client uncovered no other potential source of these funds.

 

Results:
• The employee was placed on suspension, after refusing to disclose the source of his assets.
• Enquiries continue at a number of suppliers identified through our investigations.
• Our client is currently considering pursuing civil and criminal actions against the individual in question.

Comment:
This case demonstrates how important it is for companies to have properly written acceptable use policies. In this case our client’s policies explicitly reserved the right for managers to examine the entire contents of any hard drive on any computer in the company. All employees were obliged to agree to these terms as part of their contracts of employment, and were reminded of this policy by email at regular intervals. In the absence of this policy it would not have been permissible for us to recover the remnants of the subject’s share trading account (EU law permits corporate users 'reasonable private use' of corporate systems unless such use is explicitly prohibited.)

Page Last Updated

Material on this website is © 2013 Deloitte Global Services Limited, or a member firm of Deloitte Touche Tohmatsu Limited, or one of their affiliates. See Legal for copyright and other legal information.

Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/ie/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms.

Get connected
Share your comments
More on Deloitte
Learn about our site