[Developers]

Conflict of Interest Investigation Tracking

The Conflict of Interest Investigation Tracking module provides a structured workflow for multi-strand inquiries, linking each investigative strand to the Terms of Reference that legally authorise its scope, compartmenta

Category: InvestigationLast Updated: Jul 16, 2026
investigationreal-timecompliancegeospatial

Overview#

The Conflict of Interest Investigation Tracking module provides a structured workflow for multi-strand inquiries, linking each investigative strand to the Terms of Reference that legally authorise its scope, compartmentalising access so that investigators see only the strands to which they have been admitted, and enforcing signed Conflict of Interest declarations as a prerequisite to access.

A national Commission of Investigation into public procurement irregularities rarely operates as a single team examining a single body of evidence. In practice, the Commission is split into several distinct investigative strands, each scoped to a separate department, contract period, or class of official. An investigator assigned to examine one ministry's records must not, without scrutiny, access the strand covering a department where they previously held a position. Before any access is granted, that investigator must formally declare whether a conflict of interest exists with respect to the subjects in that strand, and a record of that declaration must be retained for the duration of the inquiry.

Lead investigators and inquiry secretariats gain a real-time view of declaration status, strand progress, and access roster completeness across the entire parent case. The surrounding case workspace complements this governance layer with the day-to-day tools an inquiry team relies on: interactive relationship graphs on subject profiles, side-by-side review of scanned evidence, directory-based sharing, dependable exports and downloads, and pseudonym handles that protect subject identities until an explicitly audited reveal.

Key Features#

  • Strand Management: Divide a parent case into named investigative strands, each carrying its own scope description, strand code, and designated lead investigator, allowing large inquiries to be administered as a coherent set of parallel workstreams.
  • Terms of Reference Tracking: Record the foundational Terms of Reference that authorise the investigation and link each ToR to the specific strands it governs, ensuring every investigative activity traces to its legal or administrative mandate.
  • Conflict of Interest Declarations: Require every investigator requesting strand access to complete and sign a formal Conflict of Interest declaration before access is granted, with the declaration record retained and auditable for the life of the inquiry.
  • Granular Access Control: Grant, revoke, and audit strand-level access permissions independently of broader case visibility, supporting read-only access for advisers and full read and write access for active investigators.
  • Workflow Stage Assessment: Automatically derive the current stage of the investigation, including whether strands are registered, Terms of Reference are in place, and access rosters are complete, based on recorded activity rather than manual status entry.
  • Immutable Audit Trail: Record every access grant, revocation, and declaration event with a timestamp and actor identity, producing a tamper-evident log suitable for presentation to oversight bodies or judicial review.
  • Tenant Isolation: Enforce strict data separation so that records, declarations, and access rosters for one inquiry are never visible to users operating within a different organisational context.
  • Multi-Strand Roster View: Present inquiry secretariat staff with a consolidated view of declaration status and access completeness across all strands simultaneously, surfacing gaps before they become procedural failures.
  • Interactive Relationship Graphs: Explore how a subject connects to organisations and other people directly from the Relationships tab of their profile, rendered as an interactive, explorable graph rather than static data cards.
  • Scanned Evidence Review: Move scanned documents through an upload picker and review queue, then verify and correct the recognised text in a side-by-side comparison against the original page before it enters the case record.
  • Directory-Based Sharing: Choose recipients for shared case material from the organisation's user directory, so access is always granted to a verified colleague rather than a hand-typed address.
  • Dependable Exports and Downloads: Produce privilege log exports, evidence exports, and disclosure packs as correctly formed files, with downloaded evidence, redacted media, and imagery retaining their proper filenames and extensions; success and failure notifications reflect the real outcome of each action, and privilege claim appeals submit directly from the case privilege panel.
  • Pseudonym Handles with Audited Reveal: Display consent subjects and case participants by human-readable pseudonym handle, never by raw identifiers, with a pseudonym registry panel for viewing protected identities inside the case workspace and an explicit de-tokenisation step, recorded in the audit trail, required to reveal a real name.

Use Cases#

  • Commissions of Investigation: Manage high-profile public inquiries by isolating distinct investigative teams into strands and maintaining a verifiable record of each team's authorised scope and conflict of interest status.
  • Internal Affairs and Professional Standards: Conduct sensitive internal reviews where investigator impartiality is paramount, enforcing CoI declarations before any investigator accesses records that relate to colleagues or former employers.
  • Ethics Board Audits: Ensure that auditors reviewing financial or procurement anomalies have formally declared no personal or professional relationship with the entities under review, and that those declarations are retained.
  • Regulatory Enforcement Inquiries: Support sector regulators conducting parallel investigations into related firms or individuals, where different case teams must remain compartmentalised to preserve procedural fairness.
  • Parliamentary or Ministerial Inquiries: Provide a structured record of strand authorisation and access governance suitable for scrutiny by oversight committees or inclusion in published inquiry reports.
  • Pseudonymised Review Teams: Run a conflict of interest inquiry in which reviewers work entirely with pseudonym handles and only cleared staff perform identity reveals, giving oversight bodies evidence that every reveal was deliberate and logged.
  • Evidence Transcription Verification: Allow evidence officers to review the recognised text of scanned material side by side with the original document and correct it before it enters the formal record, while investigators explore a subject's connections to organisations and other people straight from the profile.

Integration#

The module extends the core case management system, attaching to the overarching case record and establishing its own structures for strands, access control, and Terms of Reference. It draws on the platform's identity and access management layer to resolve investigator identities and roles at the point of declaration and access grant. Conflict of Interest records and access events are surfaced through the same case timeline and notification system used across all investigation modules, so secretariat staff need not move between separate tools to monitor compliance. Within the case workspace, profile relationship graphs draw on the platform's relationship mapping capability, scanned evidence review connects to the evidence text recognition and provenance pipeline, sharing dialogs resolve recipients through the organisation's user directory, and pseudonym handling is provided by the platform's pseudonymisation and disclosure workflow, so protected identities behave consistently wherever they appear.

Open Standards#

  • ISO/IEC 27001 (Information Security Management): Access control, audit logging, and data segregation within the module align with the information security controls framework defined by ISO/IEC 27001, supporting accreditation by inquiry secretariats operating under formal security governance obligations.
  • RFC 4122 (UUID): All strands, Terms of Reference records, access grants, and declaration events are identified by version-4 universally unique identifiers, enabling unambiguous cross-system referencing and federated audit correlation.
  • OASIS XACML (eXtensible Access Control Markup Language): Strand-level permission decisions follow an attribute-based access control model consistent with the XACML policy evaluation framework, separating policy definition from policy enforcement.
  • W3C PROV Data Model: The immutable audit trail of declaration signings, access grants, and investigator activity is structured to align with the W3C Provenance Data Model, enabling machine-readable lineage records suitable for publication in inquiry reports.
  • NIST SP 800-162 (Attribute-Based Access Control): The combination of strand membership, declaration status, and investigator role as conditions for access follows the attribute-based access control guidance set out in NIST SP 800-162.
  • ISO 15489 (Records Management): Conflict of Interest declarations and Terms of Reference documents are managed as formal records in accordance with ISO 15489, preserving their authenticity and integrity over the full retention period of the inquiry.

Last Reviewed: 2026-07-16 Last Updated: 2026-07-16

Ready to Build?

Get started with our APIs or contact our integration team for support.