Know your data or face sanctions … perhaps even jail-time!
By Benjamin Cher March 15, 2016
- Regulators can sanction companies even if they operate outside that country
- Companies should not wait till there’s an incident before engaging in ‘e-discovery’
IN today’s hyper-connected world, data is all over the place – it can reside at endpoints like PCs and on-premises servers, or even in the cloud. Figuring out where your data lies can be a challenge.
This is made more critical by the fact that the inter-connected nature of commerce means that regulators, both domestic and foreign, might be knocking on your door with some serious questions.
In South-East Asia, Singapore is currently leading the charge in ‘e-discovery’ in the legal domain, according to Kate Chan, Asia Pacific regional managing director of legal technologies at Kroll Ontrack.
“Singapore is pushing this forward, but it is taking a slower kind of adoption approach because it is opt-in – you could choose to use it or not,” she told Digital News Asia (DNA) in Singapore recently.
E-discovery is the process of searching, locating or securing data for use as evidence in a civil or criminal legal case. In countries like the United States, it is being driven by the legal fraternity, but in South-East Asia, the phenomenon is largely being driven by investigations.
This ranges “from small-scale investigations about employee fraud to large-scale investigations about distribution channel fraud or widespread third-party mismanagement,” said Chan.
The US Foreign Corrupt Practices Act 1977 (FCPA) allows its regulators to sanction US corporations and foreign corporations trading in securities in the United States.
This is driving the growth of e-discovery technology, as multinational corporations begin to grapple with the amount of data they have, and having to answer questions from regulators.
“Not knowing what’s out there, they’ll just get penalised,” said Chan (pic).
“The proactive thing is not easy to do, it only happens when there’s a fire … and they are being regulated and scrutinised.
“If that doesn’t happen, people usually look past these sorts of technology,” she added.
Companies serious about ethics and compliance are readily adopting e-discovery to figure out where their data is, but it’s the others that are an issue.
“For example, you have all these Japanese companies which have never been faced with a regulatory review, and you have all this data and you don’t know where everything is,” said Chan.
If, for example, the US Department of Justice started cracking down on auto parts companies, Japanese companies might be in a bind because they have never been exposed to US regulators, she added.
It is not just US regulators clamping down, but the European Union as well, and companies unable to answer questions from regulators because they do not know where the data is, risk sanctions.
“When they realise that they have a lot of electronic evidence but would not be able to meet the deadline to answer questions from regulators, they’ll be sanctioned and one of their executives is going to jail,” warned Chan.
“Only then do they want to get a grip and understand what is in their structure,” she added.
Digital Ethics 1: Balancing the risks and rewards
Could we be heading into data dystopia?
How file analysis tools can unleash the light in ‘dark data’
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.