Qui tam relators target – and gain access to – internal investigation on ground that attorney-client privilege does not apply
In an unsettling rejection of the attorney-client privilege, a judge for the U.S. District Court for the District of Columbia ruled last month that documents pertaining to a company’s mandatory, internal, compliance investigations – conducted mainly by non-attorneys and forwarded to the company’s legal department – were not protected by the attorney-client or attorney work-product privileges. This case raises important questions for an array of regulated companies with mandated reporting obligations whose internal investigations could be left unprotected. United States ex rel. Barko v. Halliburton Co. et al., No. 1:05-cv-1276 (D.D.C. Mar. 6, 2014). See http://www.crowell.com/files/US-ex-rel-Barko-v-Halliburton-Co.pdf for the full decision.
The case involves a qui tam action in which the defendants, including private military contractor Kellogg Brown & Root Services, Inc. (“KBR”), allegedly violated the False Claims Act (“FCA”) through improper bidding and billing practices for subcontract work invoiced to the U.S. military. The relator moved to compel the production of documents relating to KBR’s internal Code of Business Conduct (“COBC”) investigations of the matter. After conducting an in camera review, District Court Judge James Gwin held that the documents were not protected by the attorney-client or work-product privileges.
For the attorney-client privilege to apply, KBR had to show that the communications were made primarily for the purpose of securing legal advice or services. To determine the primary purpose of the communications, the court applied the “but for” test – meaning the court inquired whether the communications would not have been made “‘but for’ the fact that legal advice was sought.”
The court denied the attorney-client privilege because KBR’s internal investigations “were undertaken pursuant to regulatory law and corporate policy rather than for the purpose of obtaining legal advice.” As the court explained, “Department of Defense contracting regulations require contractors to have internal control systems such as KBR’s COBC program to ‘[f]acilitate timely discovery and disclosure of improper conduct in connection with Government contracts.’” KBR’s COBC policies, the court concluded, “merely implement[ed] these regulatory requirements.” Accordingly, the court held that the investigative materials did not pass the “but for” test because the “investigations resulted from [KBR’s] need to comply with government regulations” and would have been conducted “regardless of whether legal advice [was] sought.”
The court reasoned that employees who were interviewed during the investigations “were never informed that the purpose of the interview was to assist KBR in obtaining legal advice,” nor was that purpose mentioned in the confidentiality agreements signed by employees. Additionally, a non-attorney conducted the interviews, and therefore the interviewees could not infer the “legal nature of the inquiry.”
The court also held that the attorney work-product doctrine did not apply because the internal investigations were conducted “in the ordinary course of business irrespective of the prospect of litigation,” and “government regulations required KBR to investigate potential fraud.” The fact that the investigations took place several years before the lawsuit was unsealed further supported the court’s view, as did the fact that non-attorneys primarily conducted the investigations.
If upheld on appeal, the District of Columbia’s opinion would set a dangerous precedent. Internal investigations by regulated companies, especially those with mandatory investigation and disclosure obligations, would not enjoy privilege protection unless carefully conducted. Because mandatory compliance programs and internal controls are becoming standard in many industries, the effect would reach far beyond just government contractors. For instance, publicly traded companies subject to the Sarbanes-Oxley Act are required to maintain a system of internal controls and a mechanism for internal investigations, and health care companies are required to maintain compliance programs under the Patient Protection and Affordable Care Act.