Is e-mail putting your firm at risk? Before you send -- or delete -- that e-mail, read this.

A survey on workplace e-mail and instant messaging makes an inbox sound like a scary place. According to a poll of 840 companies by the American Management Association and The ePolicy Institute, one in five U.S. companies has had employee e-mail subpoenaed in the course of a lawsuit or regulatory investigation, and another 13 percent have battled workplace lawsuits triggered by employee e-mail.

Given those facts, it's somewhat surprising that the same survey shows that only 35 percent of companies have an e-mail retention policy in place, and only 6 percent retain and archive IM business records. Only one in five have adopted a policy governing IM use and content. Didn't Andersen attorney Nancy Temple and the now-famous Oct. 12, 2001, e-mail reminding staff about the firm's document retention policy teach us anything about e-mail's potentially damaging effects?

In spite of the fact that e-mail and instant messages -- which the survey refers to as "the electronic equivalent of DNA evidence" -- are a primary source of evidence, the AMA and The ePolicy Institute say that businesses are failing to educate their employees about the risks, rules and policies associated with those types of correspondence.

According to the AMA and The ePolicy Institute, while 54 percent of those surveyed said that their organizations conduct e-mail policy training, 37 percent of employees don't know or are unsure about the difference between an electronic business record that must be retained versus an insignificant message that may be deleted. This could pose a problem. Perhaps accounting firms that have had their e-mail records yanked in investigations into audit failures or tax shelter issues could offer some advice in this area.

Worse yet, among the 42 percent of respondents who perform a job function that is governed by government or industry regulations, 43 percent don't adhere to or are unsure if they comply with regulatory requirements governing e-mail retention. According to ePolicy Institute executive director Nancy Flynn, for financial services firms and others in regulated industries, "the failure to properly retain e-mail and IM can -- and regularly does -- lead to six-figure fines, criminal charges, civil lawsuits and damaging publicity." Due to the highly litigious nature of our society, CPA firms may want to make sure that their staff is on the ball in these areas.

And it isn't just employee-client correspondence that firms need to worry about. Flynn notes that "off-the-cuff, casual e-mail conversations among employees are exactly the type of messages that tend to trigger lawsuits." Yet, while more than half of firms monitor incoming and outgoing e-mail, only 27 percent of companies monitor internal e-mail conversations between employees. And even fewer -- 11 percent -- monitor IM use, even though 31 percent of employees say they use it. According to the AMA and The ePolicy Institute, "from the standpoint of content and retention, employers should view IM as a form of turbocharged e-mail, creating a written business record that should be monitored and managed."

So, what's in your inbox?

Register or login for access to this item and much more

All Accounting Today content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access