Which is the best location for document review?

A recent report by A. T. Kearney analysing the global outsourcing market found that of the top 10 most popular countries, Poland was the only European country listed. The rest of the top ten were all located in Asia. This trend has also been present when it comes to legal process outsourcing, which has steadily been drifting eastwards. But in today’s global world, how do you choose the right location for your review? Just as each document review project is unique, there are advantages and disadvantages to going further afield for your document review services.

Far eastern promises?

Document review providers in the Far East can offer attractive savings compared to those in Europe and America but scratch the surface and often there are issues which could make these locations a false economy. Common issues include:

  • Poor connectivity
  • Language and cultural barriers
  • A different approach to project management
  • Underqualified staff
  • Time-zone issues

Legal process outsourcing such as document review is different to other business functions (for example, customer services or software development). Clients using document review centres are working to strict deadlines and success relies on a combination of technology, project management and legal expertise. Often, the quality of service in far eastern locations might not meet these requirements.

Look further West… 

We recently opened a document review centre in Poland and clients have found it a useful resource for cases with cost conscious clients who still want a quality document review service conducted by EU qualified lawyers.  The feedback we have received has been very positive with clients commenting on:

  • Superior infrastructure
  • A more compatible time zone, especially for European clients
  • Superior English language skills
  • The availability of  European languages
  • EU data privacy compliance

Which is the right location for you?

Outsourcing abroad isn’t always the right option. Some clients prefer the convenience of being nearby or choose to keep data within their own country for privacy and security reasons. Our flagship London document review centre, as well as German document review centres offer high quality, in-country solutions for cases that benefit from a more local approach.

For more information on our Polish document review centre or our other review centres, please contact david.harris@krolldiscovery.com

KrolLDiscovery opens new ISO 27001-certified data centre in Ireland

KrolLDiscovery has opened its newest ISO 27001-certified data centre in Ireland in response to growing international investigations and other legal matters that require local support and hosting. With this new centre, KrolLDiscovery becomes the largest ediscovery provider with a dedicated presence in
the country.

Companies based in Ireland face additional litigation risks due to cross-border data regulation and international arbitration. Additionally, global investigations led by U.S. authorities are on the rise and expose corporations to increased legal risk, as does cooperation between regulators enforcing antitrust laws across multiple countries.

“KrolLDiscovery will be able to address many of the challenges organizations in Ireland face today with our latest global data center opening,” said Chris Weiler, CEO of KrolLDiscovery. “We have noticed a growing number of international matters that require organizations to collect, analyze and produce electronic documents in a timely and cost-effective manner in-country. Our experience with high-profile, high-stakes investigations and litigation will be a significant asset to these organizations.”

“We know that it is important to our clients to be able to process and host data in-country in response to stringent data protection laws and timeliness is key in many legal matters,” continued Weiler. “The new KrolLDiscovery data centre will give organisations more control over their data. We could not be more excited to bring our best-in-class technology, footprint and signature ‘white glove’ client service to this market.”

In addition to Ireland, KrolLDiscovery operates data centres in the U.K., Germany, France, Japan and the U.S. For more information, please email info@krolldiscovery.com or visit www.krolldiscovery.com and www.krollontrack.com.

Get to the top of the pile: making your document review CV stand out

 Friday, 3pm, London Document Review Centre

Great news – we have won a new document review project!  Everyone is excited.  To land this project we need to find 15 French-speaking, legally qualified document reviewers who are available to start 9am on Monday.  The clock is ticking… Job adverts go out and the CVs flood in …

Getting noticed is the first step to landing your next document review project

In the fast-paced world of document review, having a clear and structured CV is make or break when it comes to landing your next project. If a CV doesn’t contain or highlight the information we need, we move on onto the next because we simply don’t have the time. That’s why I want to help you to make your CV stand out so you don’t miss any more opportunities.

Having reviewed hundreds of doc review CV’s, here are the details we look out for (in order of importance):

1) Your qualification (are you legally qualified, and if so, in which jurisdiction?)

2)  Your language skills (specify your fluency)

3)  Your recent document review experience. For each past job, highlight the following:

  1. Recruiting Law Firm and/or Agency
  2. Date of engagement
  3. Type of project (discovery, internal investigation…)
  4. Area of law and sector
  5. Language
  6. Review platform
  7. Any specifics (privilege, redaction, data extraction)

The above may seem obvious, but you would be surprised how many people omit these basic details. Follow this guidance and don’t miss out on another document review job opportunity!

If you’d like to hear more about our latest document review opportunities, please register your interest and (your newly improved CV!) at registration@krolldiscovery.com

Beyond record keeping: the importance of Information Governance

Information governance is no longer limited to simple record keeping. In today’s workplace, it is the backbone of best practice across business functions and encompasses:

  • information security
  • compliance and risk management
  • privacy
  • data storage and archiving
  • business operations and management
  • IT management
  • Business intelligence and big data

In my role as an ediscovery consultant, I have seen the impact information governance has on legal scenarios involving litigation, regulatory investigations and data protection related requests such as the right to erasure. Furthermore effective information governance can bring many benefits and ensure the smooth management of various legal scenarios that depend on the production and identification of electronic evidence such as right to erasure requests.

Companies thathave their house in order generally find that requests for information are fulfilled with minimum disruption to their business. Rather than spending time searching for electronic documents, they can respond to the request right away, honing in on data quickly. Because they understand their data architecture searches  collection can be less widespread and therefore cheaper. In contrast, those with poor infrastructure waste valuable time and money seeking this out and often spend more on forensics services, processing and hosting fees.

In terms of compliance, we find that information governance and efficient compliance programmes go hand in hand. You can’t have a good compliance programme if you do don’t have a handle on where your data is, what data you are collecting and what backup systems are in place. Poor information governance provides a useful camouflage for those engaged in unlawful behaviour. Those who have been embroiled in regulatory investigations or experienced fraud know all too well the financial and reputational damage caused by not preventing misconduct.

Take the lead towards improving information governance at your company

If you have concerns about how your company is managing information, it is vital that you raise the issue with senior management, IT and other departments and begin the process of enacting change. As general counsel, your legal knowledge and responsibilities make you a key stakeholder in the process.

Where do I begin?

Some elements of information governance do require technical knowledge and specialist services such as ediscovery and data analytics. An experienced ediscovery vendor will be able to offer consultancy to tailor a specific programme for your company’s needs. However below is an outline of the typical steps involved in improving information governance:

  • Mapping and assessing data estates

Using consultative assessments, data mapping, system inventories and data mining technologies, your consultant will outline how important or sensitive data is created, secured, managed and retained throughout your organisation.

  • Analysing and classifying data

Once you know where your data resides and the extent of it, this data can then be defined and classified. Redundant and obsolete information can be eliminated using a specialist review platform, freeing up server space and reducing backup costs. Key information can be preserved and managed more easily.

  • Building context and monitoring activity

Technology such as predictive data analytics can then be deployed to mine critical information, evaluate the facts in context and define relationships between data sets and measure trends.

With stronger insight into trends and anomalies in targeted sets of content, you can holistically manage or predict risks and make informed legal decisions whilst reducing reactive legal fees.

  • Futureproofing your systems

Information governance is an ongoing process and not a one off project. Your ediscovery consultant will be able to design and implement sustainable policies, technology enabled solutions, flexible training programs, and periodic audits. This will ensure your information governance program can stand the test of time as cultural, business, legal and technical needs evolve.

KrolLDiscovery named in Inc. 5000’s fastest growing companies list

Inc. magazine revealed its 36th annual list of the 5,000 fastest-growing private companies in America, including KrolLDiscovery at No. 2024. The list represents a unique look at the most successful independent small and midsized companies. Past honorees include Microsoft, Dell, Domino’s Pizza, Pandora, LinkedIn, Yelp, Zillow and many others.

Of the tens of thousands of companies that have applied to the Inc. 5000 over the years, only four percent have made the list six times.

“We at KrolLDiscovery are honored to continue our stay on the Inc. 5000 rankings and be included in Inc.’s seminal list for a sixth year in a row,” said Chris Weiler, CEO of KrolLDiscovery. “Our commitment to providing excellent service and technology for our clients is the reason we continue to grow at this pace.”

Added Weiler, “It’s also important to recognize and congratulate the KrolLDiscovery team for their continued passion and dedication over the last year.”

“The Inc. 5000 is the most persuasive evidence I know that the American Dream is still alive,” said Inc. President and Editor-in-chief Eric Schurenberg. “The founders and CEOs of the Inc. 5000 tell us they think determination, risk taking and vision were the keys to their success, and I believe them.”

The 2017 Inc. 5000, unveiled online at Inc.com and with the top 500 companies featured in the September issue of Inc., is the most competitive crop in the list’s history. The average company on the list achieved a mind-boggling three-year growth of 481 percent. The Inc. 5000’s aggregate revenue is $206 billion and the companies on the list collectively generated 619,500 jobs over the past three years, or about eight percent of all jobs created in the U.S. economy during that period. Complete results of the Inc. 5000 can be found online at http://www.inc.com/inc5000.

How do ediscovery platforms manage the challenge of East Asian languages?

As a global company, it is always interesting to learn about how clients and colleagues use technology to overcome challenges. In our recent Face to Face with the Regulators symposium, one of the key requirements for clients working in Asia is capacity for their ediscovery vendors to deal with East Asian languages such as Chinese, Japanese and Korean.

We caught up with our friends and colleagues at KrolLDiscovery APAC to find out how ediscovery technology tackles these languages.

How have you seen Asian countries like China handle the challenge of handling data in multiple languages during international and national e-discovery projects?

Working in multiple languages either nationally or internationally can present a number of challenges. First, you need an ediscovery platform capable of handling multiple languages including Chinese, which comes with its own set of challenges specific to the written form (more on this later). Secondly, you need to have in place native speakers in each language who understand the legal and technological considerations of each case. For international projects, there is a third consideration that you need teams that can work locally in each country whilst still communicating and working as part of a wider global team.

Our Asian clients come to us because our combination of technology, global network and local expertise mitigates these challenges. In terms of technology, our ediscovery platforms can handle hundreds of languages including Traditional Chinese, Simplified Chinese, Korean and Japanese. One platform can handle multiple languages within one country, simplifying national ediscovery projects with multiple language requirements.

For international projects, we like to say we are around the globe but across the street. Our case managers, consultants and forensics experts are based in local offices and speak the local language but are part of something bigger and often work on cross-border cases in conjunction with our other teams around the world.  We believe this is the key to a successful ediscovery project involving multiple languages and jurisdictions as ultimately, there needs to be cohesion and collaboration to ensure the deadlines and requirements in all countries involved are met.

 What are some of the nuances or idiosyncrasies of the Chinese language which may make it more difficult than English to review for e-discovery practitioners and e-discovery tools / machines? Do other related Asian languages share the same nuances / idiosyncrasies?

The biggest challenge for ediscovery practitioners and ediscovery software developers alike is handling the written forms of Chinese and other East Asian languages. Unlike Western languages using Roman or Cyrillic alphabets where each letter represent sounds to build words, Chinese (traditional and simplified), Japanese and Korean language groups use a logographic system. As a result, single characters can represent anything from a single word to multiple words to entire phrases. Furthermore there are no spaces to segment individual words. A string of characters can be read differently depending on where they are segmented by the reader or indeed, in ediscovery cases, the platform.

When looking for an ediscovery platform to use in China, it is vital that effective tokenization systems are in place.  Tokenization is the process of segmenting character to strings to define words and phrases. The best ediscovery systems use sophisticated tokenization systems to ensure searches of accurate. In contrast, more basic platforms deploy a simplistic method whereby each character is assigned a word. Given the nuances involved, these systems can result in unreliable and inaccurate data filtering and processing.

Language recognition can also present a problem during Asian ediscovery projects.  For example, the Japanese has three written language systems;  hiragana and  katakana which are syllabaries (phonetic writing systems where each character represents a syllable) and kanji. Katakana is primarily used to transcribe foreign words. Kanji is a logographic system that uses a lot of characters common to written Chinese. On a similar note, some Japanese text is written in ‘Romaji’ where the Roman alphabet is used to write in Japanese. As a result, some platforms may not recognize a text as being written in the Japanese.

When looking for ediscovery providers for projects in Asia, it is always best to choose companies that employ native speakers in their consultancy, case management and computer forensics teams. Aside from the complications involved for platforms handling Asian written languages, human readers can also struggle. Asian languages are richly nuanced and the meaning of a word or phrase can be changed by the use of different tones or regional dialect. Even fluent second language speakers may miss these nuances which could result in significant misunderstandings that may affect the outcome of a case or investigation.

Have you seen more e-discovery companies or practitioners use advanced technology like AI to better mitigate language challenges when conducting e-discovery? If so, how?

Asia is only just beginning to discover the advantages of predictive coding technology. The majority of our clients in Asia are using predictive coding to automatically create workflows by identifying documents according to language and then segregating documents for processing accordingly.

However, some of our more technologically savvy clients are starting to unlock the potential predictive coding has for refining the ediscovery process on projects involving Asian languages for example, to look documents containing for colloquialisms or other ambiguous language that requires further human review to improve clarity and understanding.



Face to Face with the Regulators in Tokyo

On July 26th, our Tokyo office hosted a unique event: Face to Face with the Regulators.  Delegates were able to get up close and personal with regulators from the US Department of Justice, US Securities & Exchange Commission and the US Federal Bureau of Investigation for a discussion on the following topic :

  • Enforcement trends
  • Industries under the regulators’ spotlight
  • The conflict between US regulators’ expectations and business culture in Japan
  • Clarifying regulators’ expectations
  • Managing ediscovery requirements and tips for a cost-effective process

Although the day was designed to help Japanese businesses, the insights that were shared are valuable for European businesses who have subsidiaries in the USA.  Below is a high level overview of the the key points that came out of the day’s discussions.

  1. Pay now or pay later. Implementing and investing in compliance programmes is something that will save your company money in the long run. It is always better and cheaper to uncover wrongdoing and use leniency programs than undergo an investigation triggered by a whistleblower or having attracted scrutiny from regulators. This applies to both anti-bribery and antitrust cases.
  2. Collaboration between national and international regulators is increasing each year.  This means there are more resources to conduct investigations leading to more prosecutions and subsequently more risks for companies operating domestically and abroad.
  3. Third party subsidiaries, partner organisations and suppliers remain a source of considerable risk for companies. Companies need to be vigilant and ensure that their compliance programmes and training extends to these organisations and individuals. Management needs to buy into to compliance and communicate directly with those on the ground to understand and manage risks.
  4. Individuals are becoming more important to investigations. Programs have been introduced that financially reward individuals for reporting wrongdoing to the authorities. This will incentivise potential whistleblowers into taking action against their companies. Equally, individuals violating antitrust and anti-bribery legislation are at risk from prosecution and can receive harsh including fines and prison sentences.
  5. Ediscovery is essential for effectively responding to regulatory investigations and facilitating efficient compliance programs. The sophistication of this technology means you can respond quickly to requests for information, uncover and preserve key evidence and avoid excessive costs associated with processing large volumes of data

Thank you to all of our speakers, delegates and our colleagues in the Tokyo office for making the event so informative and inspirational.

KrolLDiscovery Summer Party: Ornament, Armament, Merriment!

We hold many events all around the world; some are small seminars, others are panel discussions featuring prestigious speakers and many are practical workshops. But sometimes, we just want to have fun and thank our clients for working with us.

This year, we threw our biggest summer party yet; at the Tower of London. Led by the famous Yeoman Warders, our guests were given a private viewing of the Crown Jewels before enjoying champagne and canapes in and around the famous White Tower.

By day, the Tower is a busy place, thronging with tourists and tour guides. Amongst the commotion it can be hard to appreciate on the hundreds of years of history. But by night when the crowds have dissolved and the sun sets, it truly is magical.

You can check out some of the photographs from the night here: https://mattharquail.smugmug.com/KrollDiscovery-Summer-Party/n-KB2dKF/

An overview of Sapin II

Fraud, corruption, bribery. Across the globe, these challenges hit close to home for legal and IT professionals regularly called on to collect, analyze and produce data in support of an active investigation or compliance audit.

In France, game-changing legislation is taking effect to strengthen anti-corruption efforts and U.S. businesses with global operations need to be prepared. The provisions of new anti-corruption legislation, Sapin II, have just come into force in France (as of May 2017). Sapin II, adopted on November 8, 2016, is modeled on the U.S. Foreign Corrupt Practices Act (FCPA) and the UK Bribery Act.


In 2005, Sapin II was first proposed and named after Michel Sapin, a French politician and France’s Finance and Economic Minister. Like many countries, France has attempted to combat fraud through multiple anti-corruption laws. However, these laws had several loopholes. The main aim of Sapin II was to strengthen existing anti-corruption legislation by implementing provisions that would close existing loopholes in France’s anti-corruption laws.

Sapin II is a comprehensive anti-corruption framework, some parts of which are more important than others. Below are a few key provisions of Sapin II, along with brief explanations.

1. France’s Expanded Jurisdictional Reach: Prior to Sapin II, French prosecutors had limited jurisdiction in bribery cases. Sapin II removed these restrictions and gave criminal prosecutors the opportunity to charge more offenders in bribery cases.

2. Creation of the French AntiCorruption Agency (AFA): Sapin II created a new administrative agency known as the AFA. The AFA has replaced the Central Service for the Prevention of Corruption (SCPC). It is monitored by a presidential appointee and a sanction commission. The AFA has four major responsibilities:

  • Prevent and detect corruption in the private and public sector;
  • Help companies implement compliance programs that are required;
  • Report violations of the law to prosecutors; and
  • Oversee the monitorships of corporations.

The AFA sends informative reports to the Justice and Budget Ministries to work together to keep up with fraud and anti-corruption strategies.

3. Compliance Program Requirement: Under Sapin II, a company must have a compliance program in place when there are more than 500 employees and the company has a gross revenue exceeding 100 million euros. This is applicable to both French subsidiaries and non-French companies who fulfill the above criteria. There are eight criteria that must be met in order for a compliance program to be deemed to be sufficient by the AFA. The most important criteria are that there must be corporate risk mechanisms and disciplinary procedures in place. Failure by a company to have a compliance program could lead to directors and managers being sanctioned by the AFA.

4. Whistleblower Protection Provision: Sapin II protects those who with good faith report against those who have violated any of France’s laws, international treaties where France is a party, or have threatened the public interest. In order for the whistleblower to receive protection he or she must notify a supervisor directly or indirectly. If the issue is not resolved within a reasonable amount of time then external parties may be notified and if three months have gone by and it is still not resolved, the public may be notified about the violation. Retaliation against a whistleblower can lead to both criminal and civil punishment.

5. French Deferred Prosecution Agreements (DPA): Sapin II’s DPA is modeled on the U.S. DPA. French corporations are forced to argue facts that have been listed by the DPA. Whether a corporation is punished depends on the judgment from a court through a public hearing. If found guilty, a fine of 30 percent of the company’s average revenue for the past three years must be paid to the French Treasury.

6. New Criminal Offenses and Bribery: It is now a crime for any company or individual to offer a donation, gift or reward to sway a public officer to abuse their discretion with public authority or government. This new criminal offense combines both French criminal law and anti-corruption efforts to stop and prevent fraud.


As legal and technology professionals in law firms and corporations begin to work under the new provisions of Sapin II, it will be increasingly important to turn to technology solutions to audit compliance programs and investigate fraud. Of particular interest within Sapin II, is the requirement that companies implement a procedure for assessing the effectiveness of a particular compliance program. The review of corporate electronic communication is one way of ensuring that organizations are complying with anti-corruption laws and ediscovery technology can be a critical piece of a thorough compliance audit. For example, the data analytics features in many leading ediscovery review platforms can help detect hidden or emerging compliance risks under anti-corruption laws.

In addition to assisting with a compliance review, legal professionals have increasingly leveraged ediscovery technology to facilitate the investigation and analysis of specific fraud matters. For example, in sensitive investigations, companies can rely on computer forensic experts to collect data and make use of mobile ediscovery technology which allows data to be processed, hosted and reviewed at the company’s premises, if need be. Data need not leave the premises while a sensitive investigation is underway. Most importantly, in France or anywhere around the globe, companies need to seek guidance from local experts to assist in the navigation of local data protection laws and with the collection, processing and analysis of electronic evidence in investigations and litigation.

Whether fighting fraud in France, investigating money laundering in Brazil or collecting data from a Chinese subsidiary in a U.S.-based litigation, organizations all over the world can manage a wide range of business and legal challenges using ediscovery technology.

James Farnell, KrolLDiscovery, Legaltech News

Editor’s note: this article originally appeared in Legaltech News.

IICE 2017: Chairman’s Report


We recently had the privilege of chairing this year’s IICE Summit. IICE brings together decision makers in Information Management, Investigations, Compliance, and eDiscovery to collaborate on the direction of disruptive regulation, technology, and organisational excellence.

At this year’s Summit we addressed a particularly challenging set of circumstances, driven by the complex landscape created when data, business and the law interact and at times collide.

There have been rapid regulatory developments in the past year in relation to privacy and data protection in Europe.  We have now entered the final year before implementation of the General Data Protection Regulation (GDPR) and this predicated a great deal of discussion at the Summit.

The future of privacy law is uncertain as regulations continue to evolve globally and conflicts arise due to differences in policy. As we heard from delegates, the biggest challenge for companies is to stay compliant with local, regional, and national regulations while putting their new data privacy frameworks in place.

One of the biggest concerns raised at the Summit was how to ensure new channels and platforms can be included in ediscovery exercises. Apps can be found just about anywhere on phones, tablets and even on appliances. All of them when downloaded are accessing data.  How do you keep your data safe in the mobile world?

Another big theme for this year’s Summit was cybercrime, a very real and present threat. In Q3 of last year (2016), 18 million new malware samples were captured by one company alone. That’s an average of about 200,000 per day. More than 4,000 ransomware attacks have occurred every day since the beginning of 2016. That’s a 300% increase over 2015, where 1,000 ransomware attacks were seen per day.

We also know new ways in which old offences can be committed. For example, we have companies sharing data, they are creating data lakes today but these will be oceans tomorrow.  The sharing of information is not a problem but if AI systems can bargain and talk to each other, then we may have a digital cartel on our hands.

We are seeing ediscovery used more and more in an anticipatory manner by organisations to identify, isolate and address concerns about compliance that could expose them to the risk of some kind of intervention or sanction.

Overall, the 12th IICE Summit represented a unique opportunity to benchmark implementation programmes against competitors, to ask some hard questions and to assess innovative solutions that are available to help with compliance.

Since last year’s conference we have witnessed significant changes in the ediscovery industry itself. The major changes in data protection law in Europe and the uncertainty around legitimate data transfers have sparked a series of mergers in the industry geared towards expanding global footprints and providing local risk free ediscovery solutions.

Ediscovery solutions that allow clients to process data in country and onsite are therefore essential and we heard delegates expressing their need for flexible and mobile solutions in the year ahead and beyond.

We would like to thank the delegates, speakers and event organisers who put so much time and enthusiasm into making this year’s Summit such a success.