ARTICLE
23 June 2025

Understanding 'Shadow Investigations' Through The External Auditor's Lens

AC
Ankura Consulting Group LLC

Contributor

Ankura Consulting Group LLC logo
Ankura Consulting Group, LLC is an independent global expert services and advisory firm that delivers end-to-end solutions to help clients at critical inflection points related to conflict, crisis, performance, risk, strategy, and transformation. Ankura consists of more than 1,800 professionals and has served 3,000+ clients across 55 countries. Collaborative lateral thinking, hard-earned experience, and multidisciplinary capabilities drive results and Ankura is unrivalled in its ability to assist clients to Protect, Create, and Recover Value. For more information, please visit, ankura.com.
Explore Firm Details
When allegations of fraud, misconduct, or other illegal acts arise, internal investigations — often led by in-house counsel in coordination with external advisors — play a central role in a company's response.
United States Accounting and Audit
Paul Tan and Colin Flood

Introduction

When allegations of fraud, misconduct, or other illegal acts arise, internal investigations — often led by in-house counsel in coordination with external advisors — play a central role in a company's response. However, when such matters call into question financial reporting, internal controls, or the integrity of management (particularly those in financial oversight roles), the company's external auditors become critical stakeholders. In these circumstances, auditors frequently undertake a parallel review, commonly referred to as a "shadow investigation," to determine whether the internal investigation can be relied upon for external audit purposes.

Moreover, regulatory scrutiny of audit firms has intensified in recent years, bringing heightened enforcement actions, including fines and sanctions for audit deficiencies. In this environment, auditors are exercising enhanced caution when evaluating company issues and internal investigations, including increasingly calling upon forensic specialists within the audit firm to support in shadow investigations.

This article outlines the rationale behind shadow investigations, the elements auditors scrutinize, and practical implications for internal investigative teams, focusing particularly on matters intersecting with audit evidence and financial reporting.

Audit Requirements: The Need for Independent and Sufficient Evidence

External auditors are bound by professional standards and regulations requiring them to obtain sufficient, reasonable, and appropriate audit evidence. This evidence supports their conclusions regarding the accuracy of the company's financial reporting, the effectiveness of internal controls, and the reliability of management's representations. When an internal investigation addresses issues potentially impacting financial statements or senior management integrity, auditors cannot simply accept the investigation team's final report. Instead, they must evaluate the reasonableness and reliability of the investigative scope of work, procedures performed and fact-based findings.

Reliance on the process and findings of an internal investigation is only permissible if the auditors conclude that the investigation was conducted with appropriate independence, competence, and methodological rigor.

Reliance Is Based on Reasonableness, Not Replication

The shadow investigation team from the external audit firm is not expected to mirror or replicate the internal investigation. Rather, they must assess whether the investigative procedures undertaken were reasonable, given the nature of the allegations and the company's operating environment. This "reasonableness" threshold demands evidence of professional judgment, sound methodology, and alignment between the scope of the investigation and the risk at issue.

Evaluation of the Investigative Team and Process

Two interrelated components are subject to auditor scrutiny:

  • Investigative Team Composition: Auditors examine whether the investigative team possesses the requisite expertise, particularly forensic accounting or regulatory investigation experience, and whether its members are sufficiently independent of management and potential subjects of the investigation. In matters involving financial reporting irregularities, auditors typically expect forensic accountants to be involved, either as part of the team or as technical advisors. Lack of such expertise may raise concerns about the investigation's adequacy. Furthermore, a hallmark of an effective investigator is the ability to probe beyond surface-level explanations, challenge assumptions, and critically assess whether the facts presented align with the evidence. Through discussions with the investigation team, auditors typically evaluate whether the team demonstrated this mindset and whether they ensured that the explanations provided truly hold up under scrutiny.
  • Investigative Methodology: Auditors review the investigation methodology and approach, including the logic and responsiveness of the work plan, evidence collected, and analysis performed. Even experienced investigative teams may undermine reliability through flawed procedures or inadequate documentation.

Key Process Elements Under Auditor Review

Auditors typically scrutinize the following in connection with a company's internal investigation:

  • Custodian Identification and Data Collection: The custodian list (i.e., a list of company employees identified for the preservation and collection of their electronically stored information and/or hard copy documentation) should be comprehensive and risk-based, reflecting individuals likely to possess relevant information. Auditors assess whether data such as email and chat messages were preserved and collected promptly and thoroughly, and if a legal hold was put in place to ensure retention of evidence. The methodology for selecting custodians and evolving that list as the investigation progresses should be documented.
  • Electronic Data Review: Auditors evaluate the search parameters, document review platforms, and technologies used to review and analyze electronic documents and communications, as these impact the investigation's thoroughness and veracity.
  • Witness Interviews: Auditors inquire about who was interviewed, the timing, independence and expertise of interviewers, and documentation of interviews. Interview plans and follow-ups demonstrate thoroughness and align with the iterative nature of investigations — when issues evolve, additional individuals may need to be interviewed.
  • External Documentary Evidence: Auditors frequently expect the investigative team to obtain corroborating third-party evidence to support findings, especially when external parties or unusual transactions are involved. Examples could include third-party shipping documents or customer confirmations.
  • Work Plan and Progress Updates: Regular updates help auditors understand how investigative strategies evolve in response to findings, indicating professional judgment and skepticism on the part of the investigation team.
  • Response to Emerging Findings: How the investigative team adjusts scope or procedures based on new evidence is a key indicator of the investigation's integrity. An investigation should have a defined scope from the outset, but there should be flexibility to move outside the initial scope if it is justifiable in the circumstances to do so.

Attorney-Client Privilege in Internal Investigations

Internal investigations are often conducted under the direction of legal counsel — whether in-house or external — to ensure that attorney-client privilege and work product protections apply. As a result, the investigation's work product (e.g., interview memoranda, draft reports, and internal analyses) is generally restricted from distribution outside the investigation team.

Auditors rarely receive physical or digital copies of the investigation's work papers or final report. Instead, the audit team — and any related shadow investigation team — is typically provided with fact-based briefings summarizing the investigation's process, findings, and conclusions, while excluding privileged legal analysis or attorney communications.

This approach serves two key purposes:

  1. Preserving Privilege: Sharing full investigation materials with auditors risks waiving attorney-client privilege or work product protection.
  2. Avoiding Commingling: Keeping the investigation work product separate from audit work papers helps prevent it from becoming subject to disclosure in regulatory or legal proceedings.

In practice, legal counsel carefully controls the dissemination of investigation details to balance transparency with the need to protect privileged information.

The Role of Materiality in Auditor Decisions to Conduct a Shadow Investigation

Materiality is a fundamental consideration in auditors' decisions regarding whether to conduct a shadow investigation and how extensively to pursue it. Materiality extends beyond quantitative financial thresholds to qualitative factors, most notably management integrity. Even if an issue does not directly cause a material misstatement in the financial statements, it may still be material to the audit if it involves questionable integrity of senior management or those charged with governance, especially those within the financial reporting control environment. Audits fundamentally rely on management's representations as truthful and complete. If these representations are compromised, the audit conclusion's basis is undermined. Consequently, auditors often focus on whether investigations address concerns about management integrity, a key driver for their involvement and shadowing.

Benefits of Early and Transparent Engagement

Proactive engagement between internal investigators and auditors, and particularly their forensic specialists, helps build trust and reduces the risk of late-stage disruptions. Early transparency enables auditors to provide timely feedback, align expectations, and minimize duplication of efforts, supporting timely completion of the audit.

Root Cause Analysis and Internal Controls

Internal investigations frequently identify material weaknesses or deficiencies in internal controls over financial reporting. Auditors evaluate these findings closely, as they directly affect the company's control environment and the auditor's report on internal controls. Understanding the root causes and planned remediation efforts is material to the audit and influences the scope and timing of audit procedures.

Conclusion

Internal investigations related to fraud and misconduct are complex and high-stakes undertakings. When these investigations touch on financial reporting or management integrity, understanding the auditor's requirements is critical. Shadow investigations are an essential part of auditors' professional obligations to ensure audit reliability and safeguard stakeholders' interests.

By engaging qualified forensic professionals, applying rigorous and transparent methodologies, documenting thoroughly, and maintaining open communication with auditors, companies can enhance the credibility of their investigations, reduce the risk of audit delays and filings, and uphold the integrity of their financial reporting.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Paul Tan
Paul Tan
Photo of Colin Flood
Colin Flood
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More