Skip to content

Illustration by Security Management; iStock

Conducting Investigations Internationally: Know Before You Go

Imagine you receive a report from a colleague working in the global accounting team for your company. The report indicates that some unusual activities were identified during a routine business practice. The global accounting team believes these activities may require the attention of the security investigations department. After a bit of research, a few meetings, and a good look at the data, you realize that there are indications of misappropriated funds.

The challenge is that the investigation will play out in a country thousands of miles away from the organization’s nearest regional or global headquarters. Investigators must also operate in a nation with a legal system that differs from their home country. Fortunately many heads of security and investigations are accustomed to conducting sensitive investigations globally—virtually every organization that operates internationally faces this challenge. By sticking to some fundamentals, you can manage the situation in a way that not only resolves the case but might even help improve processes within your organization.

To accomplish this, you must look at several critical areas—specifically legal preparation, investigations planning, team organization, reporting results, and follow-up. A strong grasp of each of these areas is critical to successfully handling the investigation. Conversely, failing to take the time to prepare properly can lead to significant blowback for your organization and department.

Legal Considerations

This must be the first step in determining how to conduct an international investigation. This is because the legal system for each country determines the playing field and rules of engagement under which an investigations team must operate.

The best place to start is with the company’s own legal team. Most international organizations employ someone—usually a member of the general counsel’s staff—who understands how business is conducted internationally. That employee’s expertise in business operations will help you better understand what will and will not work for the company. Additionally, general counsel can provide detailed knowledge of the restrictions and reporting requirements that could impact the organization, such as the U.S. Foreign and Corrupt Practices Act. Reviewing your plan and investigative goals with this team must occur before beginning any international investigation—unless there are special circumstances that prevent this.

Another legal element is cooperation with local or national law enforcement. Most companies maintain a policy of cooperating with law enforcement officials in the legal performance of their duties.

Speaking from experience, successful cooperation can depend on the personality and position you are dealing with. The trick is determining which law enforcement official best complements a specific case.

A good technique for managing this challenge is to develop a database outlining any prior contacts with law enforcement officials. Keeping track of officers and investigators with whom you worked in the past—and the results of those investigations—can help determine who to contact, given the specifics of the case. Additionally, by building rapport with law enforcement officials where your organization has a presence, you can ensure they understand the restrictions under which you operate and clarify expectations. This is particularly important when operating in areas with higher levels of corruption, including a “pay to play” attitude from law enforcement officials regarding investigations. The five countries perceived as the most corrupt in 2022 were Somalia, South Sudan, Syria, Venezuela, and Yemen, according to Transparency International’s Corruption Perceptions Index. These nations have remained in the top five since at least 2019.

The regional security officer (RSO) of the U.S. Department of State Diplomatic Security Service is also a potential source of help for U.S. companies. As part of their normal duties, the RSO has regular interactions with local law enforcement officials and could provide valuable guidance insight.

Planning the Investigation

A better understanding of the pertinent legal environment and the local law enforcement will provide a sounder foundation for planning investigations. At this point, it is best to create a written investigative plan.

This plan should start with a statement identifying the reason for the investigation—also known as a factual predicate. The factual predicate is essentially the who, what, where, when, and why an investigation was opened.

The next critical element of the investigative plan is the goals. These should be precisely written statements identifying the investigation’s objectives, a compass keeping the investigations team on the proper path. By articulating these written goals, you can prevent complex and sensitive investigations from being mired with additions that could result in a situation with unintended and unfortunate results.

Selecting the Investigations Team

This is where things can get quite tricky. International investigations require extensive experience and knowledge of the country, as well as awareness of accepted international standards.

To accomplish this, heads of security and investigations should develop or have already developed relationships with the appropriate organizations or vendors that can assist in identifying the proper on-site investigator—whether that is someone already in the country of interest or someone with permission to operate there. Depending on the size of the organization, the company might already employ a qualified investigator—perhaps even a member of the security team—who can conduct the investigation.

International investigations often require a team approach. The investigations manager should consider having a small group oversee an investigation, especially in sensitive cases. When selecting international assets, your database will again be critical. A little bit of advance work—for example, keeping records on business contacts and how well they performed—will pay dividends.

The investigations team should hold regular meetings to review the goals and overall progress. These meetings should go over the investigation’s details, as well as review the courses of action and how they are reaching the set goals. Technology can greatly assist here as online platforms, such as Microsoft Teams and Zoom, allow for virtual meetings that can connect dispersed team members.

Regarding information sharing, maintaining confidentiality is very important. It is unfortunately a true statement for most security and investigations managers that the more people know about a case, the more likely it is for the investigation to fail. Except for the investigators working the case, the number of people aware of a case should be restricted to the smallest group possible. A written need-to-know list (NTKL) should include people who must either be made aware than an investigation is underway or aware of the contents of the investigation. This list is usually restricted to at least one person in the organization’s legal department or general counsel and at least one person from executive leadership. The NTKL is as essential as the plan itself.

Regardless of their motivation, the more people who know about a case, the more likely it is that someone will share case details with at least one other person. This often results in the accidental release of information and can compromise the success of the investigation, preventing investigators from meeting the set goals.

By having a good team, conducting regular meetings to review what is being done, and only sharing information with people on the NTKL, the investigations manager can handle the internal politics associated with investigations. Once the team has completed their report, it will be up to the leadership to decide what is shared and not shared.

Reporting and Follow Up

Every investigation should culminate in a written report based on the investigation’s plan and include the mission statement and goals. It should also contain the case’s conclusions, detailing the results of each investigative goal. The report should have attachments supporting any claims made in the conclusions—such as witness statements, photos, digital copies of documents, and so on. The goal here is to provide all necessary information that leadership and the legal team will need to determine which options are in the best interest of the organization.

An additional benefit that investigations provide is that typically investigators will discover if any organizational guidelines or procedures require creation, adjustment, or revision. The investigative team will have spent a great deal of time reviewing detailed information about rules and methods specific to the case and can likely identify a few areas with room for improvement.

Managers, executives, and personnel are often more willing to consider changes when faced with the negative consequences that the existing environment may have contributed to. Therefore, recommending new or updated policies for leadership to consider that can help reduce the risk of repeat incidents makes this a crucial part of every investigation.

For example, an investigation into an assault on an employee during a business trip involved a review of the client organization’s policies for staff reporting activities—both professional and personal—while traveling. The review found that there was no requirement for an employee to seek permission or report when he or she intended to travel to or within high-risk locales. After identifying this security gap, a policy was implemented that requires supervisor approval for employees to visit locations where they might be exposed to medium to high levels of personal safety risk, mitigating potential interruptions to business operations and increasing employee awareness of risks.

Any security professional operating internationally who is also responsible for internal investigations will require a carefully thought-out game plan for various incidents. If the investigation occurs outside of the professional’s home country or in a country he or she is unfamiliar with, this becomes an even more complicated investigative minefield. Taking time in advance to prepare for these cases—by meeting with the legal team, understanding the fundamentals of a good investigative plan, identifying competent investigators who can assist in the nations of interest, and producing a report that clearly articulates the conclusions and their reasons—will improve the chances of success while mitigating the risk of significant blowback for an improper investigation.


Ralph “RC” Miles is the global director of safety and security for the AIDS Healthcare Foundation (AHF). He has more than 25 years of private sector experience in the design, development, and implementation of comprehensive security, investigations, and intelligence strategies in a variety of business climates and organizational cultures. Prior to his civilian career, Miles spent nine years serving as an officer in the U.S. Army in various assignments around the world. He is also a member of the board of directors for the ASIS CSO Center.