In our last post we discussed the preliminary considerations an employer should take into account before conducting a wage and hour audit. Once the preliminary considerations have been addressed, it generally is advisable to develop a written information-gathering mechanism. In most cases, this mechanism will take the form of a questionnaire, which should be as broad as possible in order to gather all information necessary to effectively conduct the audit. It is advisable to involve counsel in the development of the questionnaire. The written mechanism will help to make the information gathering phase as objective and comprehensive as possible. The development of the questionnaire should be coordinated with appropriate human resources professionals who are familiar with the company and its operations, including the company’s organizational structure, relevant policies and practices, job descriptions, performance appraisals, bonus plans, and record-keeping practices.
As noted in our last post, a critical decision is to identify those company employees to be interviewed in the audit. A representative cross-section of employees and records should be included in the audit process. No reasonable person would expect that every member of management responsible for wage and hour administration be interviewed, for example, or that every pertinent record be examined during the course of an audit. In essence, the number of interviews to be conducted is a function of the resources available to the audit team and the perceived risks posed by the issues to be audited.
A significant decision to be made is whether to interview only those who administer the policies or to include those affected by the policies and practices who in essence may be potential claimants if violations of the law are uncovered. A more thorough and credible audit includes employee interviews, or perhaps employee questionnaires or employee focus groups, involving those affected by relevant policies and procedures (i.e., the potential misclassification of certain employees). An employer should learn whether its employees believe that the employer is compliant with its policies and the applicable laws through the audit, rather than through subsequent litigation.
When auditors interview employees, it is important that the interviewees understand what is taking place. At the beginning of the interview, the auditor should explain: (1) the purpose of the audit and the role of the interviews; (2) how or why the interviewee was chosen to be interviewed (for example, randomly, because of his or her role in the company, particular knowledge, etc.); (3) the importance of maintaining the audit interview in confidence; (4) that anything the interviewee tells the auditor may be disclosed to the company; (5) if the interviews are conducted by counsel, that the employer, not the employee who is being interviewed, is the client; (6) that the company will not retaliate against the interviewee because he or she says anything unfavorable about the company (although this is not a guarantee of immunity if the interviewee has violated company policy or the law); and (7) that the auditors or another designated company official should be advised if anyone attempts to retaliate against the interviewee for anything said during an interview or if anyone attempts to pressure the interviewee to disclose what is said.
If the decision has been made to protect the audit within the attorney-client privilege, this should be explained to the interviewee, who should be advised that the questions are being asked for purposes of providing legal advice to the company and that, therefore, it is imperative to maintain the confidentiality of what each party says during the interview. All of these points should be confirmed in writing and the employee should sign a statement confirming that he or she has read and understood them before beginning the audit interview. The employee should also be asked if he or she has any questions concerning the audit process. An effective interview program should be designed to elicit from a representative sample of employees the way the company’s policies and practices are actually applied day in and day out.
In conducting the record portion of the audit, it is imperative to include document retention requirements. Determine whether the record retention policy and the actual practice comply with applicable law. Verify through spot checks that the required records have been maintained for the required time periods and, as appropriate, confirm that document destruction policies have been followed with respect to them once the appropriate time period to maintain the documents has elapsed. Finally, confirm that appropriate procedures exist and are followed to suspend document destruction policies when a legal claim or government investigation arises or is imminent.
Assuming the audit is tailored with the advice of counsel, to preserve the attorney-client privilege, one should consider taking the following steps:
- Consult with counsel at the outset to identify the purpose of the audit and how the results will be used.
- Unambiguously invoke the privilege at the beginning of the audit if that is the agreed upon strategy. Usually, this should be accomplished by a letter from a senior company official or member of management to outside counsel seeking legal advice.
- Document the specific legal basis for the audit.
- Ensure that counsel outlines in writing what documents and other information should be gathered and that this writing specifically includes a statement that the audit is being conducted for the purpose of rendering legal advice. Counsel should instruct those gathering the information about confidentiality. The information should be collected by someone in the client group (a high level manager, so as to preserve the privilege) and forwarded directly to counsel.
- Ensure that confidential information and communications be directed to counsel and higher level managers who are clearly part of the client group. Avoid sharing confidential communications with lower level employees to whom the attorney–client may not apply.
- Ensure that all audit reports or memoranda containing confidential communications and all copies (whether hard copy or electronic) are clearly and boldly marked: “Prepared for Counsel” or “This Document is Protected by the Attorney-Client Privilege.”
- Ensure that electronic reports or communications subject to the privilege are stored only in password-protected files and other secure areas. The information should not be generally available on the server.
- Ensure that both in-house and outside counsel are copied on all emails seeking legal advice or transmitting confidential communications, such as preliminary conclusions or assessments.
- Provide a statement to any management-level witnesses interviewed during the audit or investigation regarding the attorney-client privilege and that counsel is acting on behalf of the company.
- Refrain from forwarding emails from either outside counsel or in-house counsel to anyone without first checking with the lawyers. Similarly, any emails on which company attorneys have been copied should not be forwarded to third parties, including to non-secure home computers.
- Do not potentially waive the privilege by discussing the fact that an audit or investigation is taking place, the audit process, or any conclusions derived from the audit with anyone unless counsel is present or the communication is at the express direction of counsel.
Read more in our next post where we address key issues to evaluate when conducting an internal audit.