Regulatory inquiries and investigations

Helping organizations understand and respond to an enforcement action

Requirements have always existed for public companies to keep accurate books and records. However, in today’s regulatory environment—post-Sarbanes-Oxley and Dodd-Frank—a significant amount of attention is being focused on corporate wrongdoing and individual responsibility within organizations, (both public and private) as well as safeguarding individual privacy.

A host of regulatory and quasi-regulatory agencies, from the United States (including the Department of Justice and Securities and Exchange Commission  to state attorneys general, Office of Foreign Assets Control, Commodity Futures Trading Commission and the Financial Industry Regulatory Authority as well as foreign governments are regularly performing inquiries and pursing enforcement actions. The results come in the way of claw backs, fines and penalties, as well as lengthy and expensive monitorships (in addition to pursuing criminal charges).

How can we help you?

To discuss how our team can help your business, contact us by phone 800.274.3978 or

The business environment today contains an ever growing and changing landscape of regulations, heightening the potential for lengthy government investigations and enforcement actions. Some examples of these changes include:

  • Anti-corruption and anti-bribery laws: To reduce fraud and corruption globally, many countries have adopted regulatory requirements akin to the foreign corrupt practices act (FCPA).
  • Data privacy: Increasingly, governments around the world are establishing additional trade restrictions and privacy rules (General Data Protection Regulation (GDPR), California Consumer Protection Act, etc.)
  • Whistleblower protection: Inquiries are on the rise due to increased regulatory attention, but also because of increasing global incentives (and protections) to encourage whistleblowers to come forward.

Multijurisdictional investigations

Inquiries are increasing, as regulatory agencies both in the United States and globally are cooperating to investigate issues within global organizations. Additionally, regulators are developing a somewhat consistent voice with respect to requirements for effective compliance programs. Detailed guidance has been established by governmental and quasi-governmental agencies with respect to key compliance program elements including the commitment by management (organizational oversight); autonomy and resources, internal controls, training, monitoring, due diligence processes, third-party management, investigations and incentives and disciplinary measures.

To combat the increase in inquiries, many organizations have sought leniency from potential enforcement actions by self-disclosing issues, cooperating with enforcement agency investigations, and proactively remediating or enhancing their compliance programs, in the hopes of avoiding punitive fines and minimizing penalties (e.g., external monitor, reporting requirements, etc.). 

Preparation is key to mitigating a compliance inquiry

Most importantly, the key to avoiding costly regulatory action is to develop and continuously improve upon an effective risk-based comprehensive ethics and compliance program. In a recent study conducted by NAVEX, 46% of respondents with reactive compliance programs faced legal action within the last three years, a percentage that was notably reduced by those respondents with more advanced programs.

As such, organizations that identify potentially significant compliance risks (and associated control gaps) before an incident occurs and a formal investigation is needed are able to reduce the risk of legal action, the consequences of which can be significant.

The DOJ recently provided guidance on what investigators would be looking for to judge a sound compliance program. Their evaluation of corporate compliance programs presents three fundamental questions to whether an organization’s compliance processes are sound:

  • Is the corporation’s compliance program well designed?
  • Is the program being applied earnestly and in good faith? In other words, is the program being implemented effectively?
  • Does the corporation’s compliance program work in practice?

Understanding these three questions and ensuring your organization can respond positively to each of them, is paramount to effectively constructing a sound compliance program.

The RSM difference

At RSM, our professionals work with you to develop and increase the maturity of your compliance program following established guidelines. We help you build and execute actionable action plans to avoid potential compliance violations and reduce regulatory enforcement risks. We collaborate with you and stay involved, helping you achieve long-term compliance with regulations.

Furthermore, we help you efficiently identify gaps and evaluate risk by leveraging proven processes and innovations like data analytics and machine learning. RSM forensic accountants have the experience and insight to efficiently analyze large volumes of data, driving investigative costs down and quickly finding the needle in the haystack.

Our team of regulatory investigation professionals is highly qualified to provide independent analyses and reviews of government inquiries. Our professionals can help you successfully communicate with appropriate government representatives at all levels, or work in concert with a management team or outside counsel, to implement optimal resolution strategies.

RSM understands your regulatory inquiry and investigation concerns, and can create multidisciplinary teams that are familiar with a wide range of governmental and regulatory regulations. Our advisors can foresee and avoid roadblocks during the investigative process due to our experience assisting with these matters in the past and representing companies in front of regulatory agencies. The RSM team has a multinational presence, including resources that are familiar with local customs around the world, eliminating language and culture barriers.

We have developed strong relationships with federal, state and local regulators and have practical experience with today’s key regulatory issues, including:

  • SEC inquiries
  • Federal, state and local regulatory reviews
  • Bank Secrecy Act/anti-money laundering (BSA/AML)
  • False Claims Act
  • USA Patriot Act
  • Consumer Financial Protection Bureau

While regulatory trends are difficult to predict, the global geopolitical instability leads us to believe that the current increase in global regulatory activity will continue. Key areas of growth and change include new and evolving regulatory inquiries (e.g., FCPA and GDPR), BSA/AML investigations due to increased criminal activity, scrutiny of organizations involved in international trade, and cybersecurity and controls to fight cyber fraud. Given the ever-evolving regulatory landscape, RSM can help your organization evaluate your current compliance measures. We also help our clients understand and respond to regulatory inquiries should they arise.