Destruction of documents, or allegations thereof, is always a topic that can cause temperatures to rise. It is also an action that is subject to much debate and argument – especially given the transient nature of data in several systems, especially with more modern communication tools. What is interesting in this case is that it is the first time a person has been charged by the FCA with this offence under the Financial Services and Markets Act 2000.

Regardless of the outcome of the case, it is an important marker for organisations and individuals to be aware of. Not only does it mean that regulators such as the FCA are prepared to use their powers to charge people, but also that they are actively looking for cases where this may have occurred.

Also destruction of documents is not as easy as it may sound when you consider the various places data can be stored – for example: when you consider other parties to communications, back-up media, transient data stores and the way certain devices and systems actually delete, or don’t delete data. It is true that given enough time and opportunity, electronic documents can be destroyed, but it is not simply a case of pressing the delete key. That is why when conducting an investigation, recovering, or partially recovering, deleted data can be a key avenue to explore – and can often help identify potentially critical documents.

Just like destruction is not full-proof, recovery is not either and much will depend on how documents were deleted and what has happened with the device since that point. Getting to the devices quickly and in an untampered manner is crucial to the success of any recovery attempts. This is why our forensic technology experts are a crucial component of the team in all investigation projects we undertake, and are often amongst the very first responders helping to secure vital evidence.

If you’d like to know more about our investigation capabilities, please do not hesitate to contact me.