Stay Out of Hot Water With a Document-Retention Policy An attorney at Arthur Andersen’s Chicago headquarters sent a memo to its Houston office on Oct. 12, 2001, urging staffers to comply with the firm’s document-retention policy (DRP). The policy specified how long employees should keep various written and electronic records and when to destroy them. DRPs usually protect businesses from liability related to destroying documents. So why did Andersen get in trouble for destroying documents even though it had a DRP? The answer can help ensure that your company destroys documents appropriately. Learning From Andersen’s Mistakes On its face, the Andersen lawyer’s advice seems reasonable. Every company, big and small, needs a DRP, and every company should regularly comply with it. But Andersen’s memo was problematic because it: o Failed to direct Houston staffers to preserve all documents related to the SEC’s investigation of Andersen’s client, Enron, the now-bankrupt energy trader, and o Aroused suspicion months later because the firm had rarely invoked its policy. In fact, an Andersen partner who had been with the firm for 30 years testified later that he didn’t even know of the policy before October 2001. Why had Andersen chosen that particular moment to issue the memo? And why did Andersen shred thousands of documents and erase multitudes of e-mails relating to Enron’s accounting irregularities? Prosecutors argued at trial that Andersen’s newfound enthusiasm for file purging in compliance with its policy was an implicit order to destroy documents that might have tied it to the Enron scandal. A jury convicted Andersen in June 2002 of obstruction of justice. Andersen’s conviction and later decline points up two important lessons about document retention and destruction: 1. Every company should adopt a policy and follow it consistently and regularly, and 2. The policy should provide for the suspension of its rules if some documents otherwise scheduled for destruction might relate to a dispute, court action or investigation. Here are some guidelines for creating and enforcing a policy for your firm. What To Include A DRP doesn’t have to be long and complex. It can be just a few paragraphs, though DRPs more commonly cover several pages. Basically, a good policy states: o How long, how and where to store various kinds of documents — including paper and electronic records, o How to dispose of records when their retention periods end, o Under what circumstances and by whose authority to suspend the policy — such as a dispute, lawsuit, subpoena or investigation, o Who is in charge of enforcing, monitoring and updating the policy, and o How to organize and catalog stored records so that employees can retrieve them quickly when necessary. Obviously, no one-size-fits-all policy exists. The specifics — such as retention periods and disposal methods — depend on your company’s nature and type and your storage capacity’s physical limits. You may have to keep some records indefinitely. For best results, work with your financial and legal advisors to nail down your policy’s details. How To Implement When you introduce a new or revised policy to your employees, make sure you educate everyone in the company about its meaning and use. Also, appoint a few employees to conduct periodic audits to make sure you’re saving documents as long as necessary and destroying them on time. Remember that computer archives are discoverable and even deleted files can be retrieved. Also appoint an administrator or a committee to monitor the effectiveness of your retention plan, and recommend improvements or periodic updates, especially when new regulations or standards come along. Avoiding Liability Most important, remember that destroying documents in the context of a lawsuit or investigation — even if according to your policy — can result in civil liability, court sanctions or, as Andersen learned, even criminal charges and company decline. If anything is worse than an incriminating document, it’s an illegally destroyed document. Moreover, destroying records is a felony punishable by up to 20 years in prison under the Sarbanes-Oxley Act of 2002, passed as a direct result of Enron and other recent debacles. We urge you to review your current retention plan or begin drafting one. Please call us for advice on writing and implementing a plan. Sidebar: Multipurpose Policy The purpose of creating and enforcing a document-retention policy is much broader than the need to avoid obstruction-of-justice charges. Other compelling reasons to have a policy include: o Compliance with governmental rules. The IRS, for example, sets rules for how long you must save copies of tax returns. Similarly, the Occupational Safety & Health Administration dictates how long you must retain safety and health records. Consult your tax and legal advisors to make sure you comply with all governmental rules. o Compliance with industry or professional standards. Ask your trade or professional association for guidelines. o Dispute resolution and litigation. Saving documents that relate to sensitive negotiations, large transactions and major contracts, for example, can help support your position in a dispute or claim. Also, should litigation arise unexpectedly, a written policy gives you a reasonable basis for explaining why you destroyed related documents. o Storage costs. Storing massive amounts of paper documents and even electronic data takes up space and costs money. A written policy helps manage costs by requiring you to maintain only useful or necessary files and to destroy all others. o Information management. In many cases, saving obsolete records, superseded documents, first drafts and outdated information can cause confusion. Often the best policy is to save only the final (or latest) version of a document. o Confidentiality. The less of a paper trail you leave, the lower the chances that your competitors will get their hands on proprietary information. Contact | Legal Disclaimer