Author:  Adrian Palmer, managing partner at Proven Legal Technologies – the corporate forensic investigation and e-disclosure firm

The VW emissions scandal has shaken the automotive industry to its very core. Regulators across the world, car manufacturers of every brand and consumers in many countries are looking at the products they have approved, sold and purchased with doubt and some level of fear. A number of automotive companies are now facing possible fines in relation to the falsification of emissions data, alongside the management of millions of cars being recalled, and even jail sentences – but all are under investigation. The overwhelming demand for answers and explanation is paramount – how did this happen and who, ultimately, was responsible? Thorough analysis of the activity of employees at every level in the organisation is under way, using corporate forensic investigation techniques to identify the involvement of individuals.

Stage 1 – lockdown

The first step to be completed in the investigation is the preservation of data. Usually a process managed by the General Counsel, protective preservation instructions will be distributed across the organisation. The instruction requires everyone in the company to refrain from removing and deleting data – be it recent, archived, disused or out of date – across any platform on the system including computer systems, tablets and mobile phones.

Of equal importance is newly created data, ranging from communications to documentation. Staff must be aware that any correspondence – both internal and external – regarding the incident or investigation can also be used in the evidence gathering and therefore strict rules must be applied. For this reason, the General Counsel must once again play an immensely heavy role in the organisation of information sharing and in delivering news and memos. Beyond communications, meetings between senior figures or those that may find themselves under the most scrutiny throughout this process should also be clearly documented, including calendar invitations and attendees to calls and meetings.

By locking down the IT systems, companies can show regulators that they have a willingness to leave no stone unturned and to prove that this incident is an outlier and generally unacceptable within the remits and values of the company.

Stage 2 – return to the scene

The second stage of the investigation will begin with the software and technical functionality around the emissions and the software themselves. Objects to be searched would include emails, meeting minutes, Instant Messenger and wider electronic communications. However, the mere evidence that a meeting took place with a note of attendees could also be of value, so calendar invitations or messages referring to calls must not be missed. In order to establish an accurate timeline of the activities, data mapping would be used to look at the circumstances surrounding when the software was first entered into vehicles and who was involved in those decisions.

Stage 3 – follow the web

It is expected that this second step would then lead to a nexus of individuals and teams who might have been involved in, or aware of, the development and decision making process around the questionable activity. Of particular interest will be any reports from engineers that they were unable to develop diesel engines in line with the emissions requirements for particular models, leading up to the decisions taken.   Such reports could be a serious clue as to where the decision was taken.

Step 4 – where does the evidence stack up?

This situation is expected to see evidence leaning towards one of two options. The first would suggest that these escapades were the work of a rogue department that decided to fudge the system whilst the rest of business, and crucially the board, were unaware of the activity. Should this be the case, liability does not necessarily stop there. Breaches within a regulatory framework can be prevented with proper training and protocols lead by senior management.  There may be a boost in awareness courses both in the individual responsibilities and outcomes of such behaviour, but also the support available in reporting any internal misconduct.

The second scenario is that the relevant departments were able to either develop and/or implement this solution in to the cars in order to reach emissions targets. The mechanics and resulting potential business impact was then reported to senior management who approved the use of the systems with the intention to avoid regulation standards.

Is it too late for preventatives?

Across the automotive industry, this level of understanding as to the consequences of ignoring regulators and abusing technological advances must be a primary focus for management. Spotting rogue employees, be it a single person or an  entire team is a challenge, but one that can be limited through closer monitoring of communications and implementation of third party auditing services.

Departing with data

Following the outbreak of the scandal, many employees in senior management positions – including the CEO – are leaving their roles at VW. The issue of staff departure must be managed closely, as many are likely to have a number of electronic devices assigned to them that could contain valuable information for the investigation. Following the IT lockdown, the location of all mobile phones, laptops and tablets must be monitored carefully, and devices seized from individuals looking to leave the company. It is crucial that vital information is not left untraced or rendered unobtainable, and confidential data must not be allowed to find its way into the wrong hands when ex-employees take positions at other companies.

We will see VW attempting to prove that its own internal investigations are underway and guarantees that these will be secure and thorough, in order to appease and calm the regulators as much as is possible. Such preventative measures will be seen elsewhere in the business too, with promises to set aside huge cash allocations in order to pay fines and compensate businesses and consumers across the globe.