An effective in-house eDiscovery function is essential in addressing the challenges faced by global financial services organisations. Knowing which processes are supported better by internal resources and which should be outsourced is key to building a scalable and cost-efficient, end-to-end eDiscovery service.
In-house teams can bring value to all stages of the eDiscovery Reference Model (EDRM), from initial intersection with an organisation’s information governance stakeholders to support to external counsel during ultimate production.
In 2008, UBS began to insource eDiscovery activities and meanwhile developed its global eDiscovery function comprising the eDiscovery Counsel Team on the legal side and eDiscovery Technology Services (eDTS) on the IT side to fulfil this role. In this article, we will share our insight into how to build an in-house function around eDiscovery best practices based on our experience at UBS.
eDiscovery challenges faced by global financial organisations
Many of the eDiscovery challenges faced by a global financial organisation will be familiar to practitioners in most industries. We are faced with an environment where Electronically Stored Information (ESI) and big data continue to grow exponentially. Data sources are increasing in number and complexity and laws and regulations governing litigation and information governance evolve constantly. This results in higher eDiscovery costs as the volume of ESI to be collected and reviewed rises.
Within a global financial organisation, many of these demands are intensified by the regulatory environments in which we operate and the sophistication and custom nature of our IT landscape. Firstly, requirements to create and retain records are broad; retention periods are long and cover many types of ESI not typically addressed by eDiscovery suppliers.
As an example, UBS is required to record communications with clients and trader communications, including telephone conversations, which UBS creates and retains – for up to 20 years in certain jurisdictions. This translates into several hundreds of thousand hours of audio material per day. With an individual employee creating up to 80 hours of voice recordings per day based on different types of audio devices, even a small discovery process can quickly encounter vast quantities of non-textual data that traditional eDiscovery processing and review tools struggle to manage effectively.
Secondly, eDiscovery professionals working in global organisations are only too aware of the sometimes competing requirements of discovery on the one hand and privacy and protection of data on the other. Financial institutions are faced with additional obligations arising from banking secrecy regulations. With the addition of blocking statutes in certain jurisdictions, the process of collecting and producing ESI, particularly in a cross-border context, becomes an increasingly complex task.
Thirdly, the IT landscape of a global financial organisation contains thousands of custom-built applications, managing both structured and unstructured data and often with data retention policies applied automatically. Volumes of transactions are high with system knowledge residing with a limited number of specialists. Output formats can be non-standard, challenging even the most advanced eDiscovery platform to process, parse and render the data in a reviewable format. To speak of unstructured data, a typical preservation and collection project may involve data from more than 10 internal and external chat systems, with extracted files running from one single line of text to years of conversations in an ongoing chat room.
“Best practices and standard processes are carried through to suppliers, with constant sharing of know-how promoting better vendor performance”
Finally, a simple human resources issue adds up to the overall challenge: it is difficult to find specialists with US-style eDiscovery expertise in jurisdictions where US-style eDiscovery has no history
Building an in-house function around eDiscovery best practices
Fundamental to the building of an in-house function is the establishment of processes based on eDiscovery best practices. These processes should be formalised, scalable, standardised, reproducible, reliable and cost efficient. Supported by a team with eDiscovery expertise, they allow for efficient preservation, collection and review of ESI while meeting data privacy, banking secrecy and any blocking statute requirement.
The focus is moving more and more from general eDiscovery readiness in the sense of ‘can we deliver and process large amounts of data in due time and do we really preserve all potentially relevant data?’ to an even more complex question ‘do we do all that in compliance with different legal requirements?’. Other aspects of an in-house service are:
■ A global programme, measurable and scalable, staffed by a strong team of experts
■ Leveraging technology to reduce risk and cost
■ Strategic management of third party suppliers for processes and projects where outsourcing is the best fulfilment model
■ Control framework and Quality Assurance
■ Knowledge conservation and training
■ Partnering with in-house and outside counsel, information governance and IT data stewards
How an in-house eDiscovery team can bring added value
An in-house eDiscovery team can add value to each stage in EDRM. For information governance, the team has a seat at the table when data security and records retention policies are being developed and new IT systems are built and deployed. A core team with institutional knowledge of where and how a company’s data is stored underpins an effective identification process. It provides the ability to build and maintain a data map or inventory, incrementally growing as new data sources are created. Documented procedures for gaining access to data and formal and informal relationships with data owners lead to efficient preservation and collection of ESI.
Team members have high awareness of privacy and banking secrecy requirements and the importance of adhering to these. Technical and other limitations are known, documented and addressed with consistent processes. There is tight integration with investigation and litigation and eDiscovery project initiation and management is formalised between the different teams.
Processing of non-standard data types can be an industrialised process. At UBS specific tools have been developed to allow this data to be fed rapidly and consistently into a review tool, either in-house or through a hosted solution. For all phases of EDRM, reiterative analysis ensures continuous improvement of our policies and processes with the team learning as an organisation, not as individuals. With the ability to support smaller review, production and presentation processes quickly and efficiently in-house and the experience and expertise to manage third party service providers for larger matters, the in-house team provides a cost-efficient and scalable solution for all sorts of eDiscovery scenarios. Best practices and standard processes are carried through to suppliers with constant sharing of know-how also promoting better vendor performance.
In a highly regulated industry where the need to collect and review ESI arises on a daily basis, an in-house team, built around best practices, is invaluable for focusing on the strategic direction of eDiscovery while fulfilling day-to-day service requirements. Long-term initiatives to improve upstream processes impacting eDiscovery can be undertaken and new tools can be implemented. A defined service model provides a range of proportional and cost-efficient approaches. A project management layer provides metrics and KPI tracking for both internal and external processes, with vendor management providing cost control and high service levels. An-house team leverages today’s best practices to predict and prepare for tomorrow’s new challenges.
About The Author:
Siegrun A. Heberle is an Executive Director at UBS AG and the Regional Head of eDiscovery Technology Services. She was working in environmental research before she joined UBS in 2001. Based on her vast organizational and project management experience in UBS IT, Siegrun was asked to support the data provisioning for a high-profile litigation case in 2011. What was meant to be a temporary engagement became a long-term mandate that constantly increased in scope. Meanwhile Siegrun is enthusiastically working on the maturation of a still growing organization that supports Switzerland, EMEA, and APAC with the non-legal activities of the EDRM.
Siegrun holds a B.Sc. in Environmental Technology and an M.Sc. degree in Information Engineering from University of Constance, Germany.