Faegre Drinker Biddle & Reath LLP, a Delaware limited liability partnership | This website contains attorney advertising.
Filter your search:
Filter your search:
Updates
May 12, 2026

What Corporate Management Should Consider When Responding to Government or Stockholder Demands

The Corporate Guide
Authors:

At a Glance

  • Companies rarely receive advance notice that an internal investigation is needed. Instead, potential issues typically surface through stockholder demands, regulatory inquiries, or third-party allegations — each of which may signal underlying risk.
  • Although these triggers may appear distinct, they often raise the same core question:Does the company need to investigate potential misconduct, and if so, how should it do so in a disciplined and defensible manner?
  • This guide provides a practical framework for (1) identifying common triggers for internal investigations and (2) executing an effective, privilege-protected investigative process.

What are Common Triggers for Management-Level Internal Investigations?

Stockholder Demands

Books and Records Demands (also known as Section 220 Demands)

Delaware law permits stockholders to request access to corporate records for a “proper purpose,” most commonly to investigate suspected mismanagement or wrongdoing, clarify financial discrepancies, or value their shares. These demands must identify the documents sought with precision, and they are usually a precursor to derivative litigation or other claims. 

Books and records demands are often used to:

  • Evaluate potential claims against directors or officers
  • Gather information for derivative litigation
  • Pressure the company to respond to alleged issues

Appraisal Demands

In the context of a merger or acquisition, dissenting stockholders may demand a judicial determination of the “fair value” of their shares, rather than accept the consideration offered in the transaction. These matters often focus on:

  • The company’s valuation process and financial disclosures
  • Potential issues relating to conflicts, projections, or process integrity

Derivative Demands

Stockholders may demand that the board of directors pursue claims on behalf of the company, typically alleging breaches of fiduciary duty by the directors or officers of the company. Responding to such demands often requires the board to:

  • Assess the underlying allegations
  • Determine whether pursuing litigation is in the company’s best interests

That evaluation frequently necessitates a credible and independent internal investigation, particularly where the allegations involve senior management or directors.

White Collar and Government Triggers

Companies may also face potential investigations initiated by regulators or law enforcement.

Common triggers include:

  • Grand jury subpoenas or civil investigative demands
  • Search warrants or requests for interviews
  • Informal inquiries from regulatory agencies
  • Threat letters from counterparties or whistleblowers
  • Notice that a third party has contacted enforcement authorities

These events often require prompt evaluation of whether the company should initiate its own internal investigation to establish a reliable factual record.

Insider Threat Triggers

Companies also face the risk that an “insider” — someone with access to company facilities or systems like employees or trusted vendors — will use that access to engage in some form of misconduct. The types of misconduct can vary, ranging from threats or acts of workplace violence to physical or data theft to sabotage. Indications of a potential insider threat warrant evaluation for an appropriate response. That may include an internal investigation and is often iterative in nature.

When is an Internal Investigation Warranted?

An internal investigation may be appropriate where:

  • There are credible allegations of misconduct, and this includes gatekeeping reviews to determine credibility.
  • A regulator has indicated, through formal or informal means, that there is potential misconduct.
  • The issue could affect:
    • Financial reporting or disclosures
    • A pending or contemplated transaction
    • Regulatory compliance or enforcement exposure
  • The company must respond to stockholders, auditors, or regulators.
  • The board is required to make a formal decision, such as responding to a derivative demand.

In these circumstances, engaging experienced counsel — often outside counsel — can help ensure that the investigation is conducted effectively and with appropriate independence.

What are the Core Steps for Boards and Management in the Investigation Process?

A well-structured investigation enhances credibility, preserves privilege, and positions the company to respond effectively to stakeholders.

Establish Oversight and Independence

The company should clearly define:

  • Who the client is (e.g., the company, the board, or a committee)
  • Who will oversee the investigation

Where allegations implicate senior management or directors, companies often:

  • Form a special committee of independent directors
  • Engage independent outside counsel

Initial Assessment and Scoping

  • Convene a small, trusted working group of senior management and counsel (in-house and/or outside) to triage the demand.
  • Assess the nature, source, and potential severity of the issue.
  • Consider: Is this a regulatory, criminal, or civil threat? Is there board or management involvement?
  • Determine whether to engage outside counsel, which is strongly advised for sensitive or high-profile matters, or where independence is critical.
  • Analyze potential conflicts, and whether there is a need for separate counsel for particular employees or members of management.
  • Determine an appropriate rhythm and method for periodic updates on the status of an ongoing investigation.

Preserving Privilege and Independence

Maintaining attorney-client privilege and work product protection is critical. To do so:

  • The company should form a special committee of disinterested directors and engage independent outside counsel to direct the investigation.
  • The investigation must be conducted for the purpose of providing legal advice.
  • Communications should be limited to those with a need to know.
  • Employees should receive appropriate Upjohn warnings during interviews.

Companies should also recognize that disclosure to third parties may risk waiver, even where interests are aligned. Where a third party may be required to assist with the investigation, such as a cybersecurity forensics vendor or investigative services firm, they should be retained by the legal department or outside counsel and the contract should be clear that they are assisting counsel with the provision of legal advice.

Communicating with Stakeholders

Internal investigations often involve sensitive and potentially discoverable information. As a result, companies should adopt a thoughtful communications strategy that includes:

  • Providing targeted updates to the board and relevant stakeholders
  • Limiting written communications where appropriate
  • Delivering oral updates in circumstances where written materials may create risk

Not all stakeholders warrant the same level of communication in every circumstance. Below are some stakeholder-specific considerations when addressing an ongoing or planned internal investigation:

  • Board and senior management. Provide regular, candid updates to the board or relevant committee. Oral updates are preferred to minimize the risk of future discovery, especially where litigation or regulatory action may follow. 
  • Auditors. Auditors may request information on the scope and progress of internal investigations; coordinate with counsel before responding to avoid unnecessary waiver of privilege.
  • Stockholders and regulators. Disclosures outside the privileged circle should be carefully considered, as they may waive privilege. Board communications in response to Section 220, appraisal, or derivative demands should be factual, limited, and reviewed by counsel. 
  • Employees. Communicate only with those who need to know; reassure employees as appropriate but avoid speculation about outcomes.

Investigation Execution and Tabletop Exercises

For companies facing significant risk, tabletop exercises can be a valuable tool.

These exercises simulate scenarios such as:

  • Receipt of a subpoena or search warrant
  • Parallel civil and criminal investigations
  • Media or market disclosures

Tabletop exercises allow companies to:

  • Assign clear roles — designate a point person for outside counsel, a contact for the board, and leads for document management and interviews.
  • Create an investigation protocol — who will be interviewed, what documents will be reviewed, timelines, and reporting cadence.
  • Identify gaps in escalation procedures.
  • Align legal, compliance, and business teams.
  • Develop a plan for document collection and preservation.
  • Maintain an investigation log tracking key decisions, findings, and communications.

Reporting Findings

At the conclusion of the investigation, the company must determine how best to communicate findings, particularly whether the report should be oral or written. Oral reports are often preferred because they reduce the risk of creating discoverable materials and allow greater flexibility in communicating findings.

Regardless of format, reporting typically includes:

  • The scope and purpose of the investigation
  • Key factual findings
  • Identified limitations
  • Conclusions and, where appropriate, recommended remedial actions

A typical report (oral or written) should be limited to only those with the need to know, and they should include:

  • The reason and scope for the investigation
  • Summaries of witness interviews and key documents
  • Limitations of the investigation
  • Factual findings and conclusions
  • Recommended remedial or corrective actions (if applicable)

Conclusion: Best Practices and Pitfalls

  • Respond promptly and in good faith to all stockholder and government demands — delay or intransigence can result in adverse inferences, fee-shifting, or reputational harm. 
  • Maintain a clear record of the board’s oversight and involvement; this is critical protection if the investigation is later scrutinized by a court or regulator.
  • Carefully consider privilege risks when communicating with auditors, business partners, or third parties.
  • If criminal or regulatory action is possible, coordinate closely with outside counsel to avoid interfering with government investigations and to manage parallel proceedings. 
  • Use investigation findings as an opportunity to strengthen compliance, remediate issues, and update company policies or training as needed.
The material contained in this communication is informational, general in nature and does not constitute legal advice. The material contained in this communication should not be relied upon or used without consulting a lawyer to consider your specific circumstances. This communication was published on the date specified and may not include any changes in the topics, laws, rules or regulations covered. Receipt of this communication does not establish an attorney-client relationship. In some jurisdictions, this communication may be considered attorney advertising.

Meet the Authors

Related Legal Services

Related Topics

Suggested Reading

Updates July 2025

What To Do When Your Company Receives a Stockholder Demand To Inspect Corporate Records

The Corporate Guide
12 min read