Independence under pressure: A governance test for workplace investigations

Lily Dou considers the circumstances surrounding a high-profile employment lawsuit, and how it shines a light on wider weaknesses of investigative processes.

Recent allegations surrounding Citigroup’s handling of harassment complaints has underlined how independence in investigations is no longer just a safeguard: it is a liability if absent.

On 10 March 2026, for International Women’s Day, Citigroup’s Head of Wealth, Andy Sieg, hosted a high-profile event featuring tennis champion Chris Evert. On its face, this was a familiar corporate endorsement of gender equality. But for Citi, the timing was awkward.

In January 2026, former Citigroup employee Julia Carreon filed a lawsuit in New York alleging harassment, retaliation, and a flawed internal investigation into her complaints. The claim follows a 2025 probe into Citi’s wealth division led by external law firm Paul Weiss. Together with earlier allegations by former executive Ardith Lindsey, the litigation has pushed Citi’s investigative process into the limelight.

In that context, the International Women’s Day photocall looks increasingly tone deaf.

For compliance professionals considering the public reports, the allegations themselves won’t be the only concern. A more important issue is the focus on the investigation itself: the alleged cover-up has become, in the public perception, worse than the alleged crime. When internal complaints spill into the public sphere, that is inevitably an indictment of the process itself. The company moves from conducting an investigation to defending its approach.

What happened, and why it matters

Citi’s investigation was launched in August 2025 following complaints within its wealth management division, including allegations of bullying, marginalisation, and discriminatory treatment affecting senior women. The bank engaged its longstanding corporate lawyers, Paul Weiss – which had regularly defended it in litigation – to conduct the investigation.

Paul Weiss interviewed more than a dozen individuals, but the current public criticism stems from what did not happen. Multiple press reports claim that several senior women who raised concerns – including Ida Liu, former Global Head of Citi Private Bank, and Senior Executive Naz Vahid – were not interviewed as part of the process. At least five complainants were reportedly excluded from the investigative process.

Whether those decisions were justified, the effect is clear. Once key complainants are not interviewed, the credibility of the investigation itself becomes the issue.

The choice of investigator has compounded that concern. Paul Weiss is not a one-off appointment. It is a longstanding legal adviser to Citi, including on major litigation matters. That dual role as both investigator and ongoing commercial adviser creates an immediate perception problem. As one employment lawyer put it in response to the reporting: ‘Either you defend or you investigate. You can’t do both’.

That tension sits at the heart of the current debate.

From internal process to external scrutiny

Concerns about the investigation began to surface publicly in late 2025. By January 2026, they had escalated into litigation.

Carreon’s lawsuit alleges harassment, retaliation, and a hostile work environment, alongside claims that the internal process was biased. Her filing describes HR as ‘weaponised’ and the culture as reflecting ‘institutional misogyny’. Lindsey’s earlier claim goes further, characterising Citi’s investigations function as an ‘internal hit squad’.

Citi disputes these allegations. But their existence illustrates a familiar escalation pathway. When employees lose confidence in internal processes, they turn outward: to courts, regulators, and the media. At that point, the organisation no longer controls either the narrative or the forum.

More importantly, the focus of scrutiny shifts. The question is no longer simply whether misconduct occurred. It becomes whether the organisation’s response was credible, fair, and independent.

Independence necessary for trust

Workplace investigations are designed to establish facts. Their value and reliability depend on an independent approach and perspective, and the absence of a predetermined outcome.

Most organisations rely on one of two models: internal investigations led by HR, legal, or compliance teams, or external investigations conducted by outside counsel. Both approaches are widely used. Both also raise questions about independence.

Internal teams sit within management structures. External advisers, by contrast, are often engaged precisely to provide independence, and the appearance of independence. They bring expertise, procedural rigour, and a degree of distance from internal dynamics.

That objective is undermined, however, where the same advisers maintain significant ongoing commercial relationships with the organisation they are asked to scrutinise.

Economic dependence does not imply bias. But it creates conditions in which independence may reasonably be questioned, particularly where specific weaknesses can be easily identified in the investigative methodology, such as failing to interview key witnesses or complainants.

The Citi situation brings that dynamic into sharp focus. The issue is not whether external counsel can conduct independent investigations. It is whether an investigation is truly independent when the investigator is also a key commercial adviser. The question can fairly be asked whether there is any real benefit in paying for the purported independence of external counsel where similar pressures may arise.

A familiar governance debate

This tension isn’t new. Two decades ago, regulators and markets confronted a similar issue in the auditing profession.

In the late 1990s and early 2000s, concern grew that major audit firms were earning significant consulting revenues from their audit clients, raising justified criticism that these economic relationships undermined (or at the very least, appeared to undermine) their independence. The Enron collapse crystallised those concerns.

In 2000, Enron paid Arthur Andersen approximately $52 million, split between roughly $25 million in audit fees and $27 million in consulting services – a relationship that became a defining symbol of the problem.

More broadly, the incentives were systemic. By 1999, advisory revenues for the Big Five exceeded $15 billion, growing at around 26% annually between 1993 and 1999, far outpacing audit and tax. The uncomfortable question followed: could firms objectively challenge clients when their most lucrative work depended on them?

The issue was not only actual conflicts, but perceived independence. And perception, ultimately, proved decisive.

The response was both market-led and regulatory.

Several firms separated their consulting businesses: EY sold its consulting arm to Cap Gemini (2000), while PwC Consulting was acquired by IBM for approximately $3.5 billion (2002). The earlier Andersen split ultimately led to Accenture.

Regulators reinforced this shift. The Sarbanes-Oxley Act, and subsequent US Securities and Exchange Commission (SEC) rules, tightened auditor independence standards and prohibited certain non-audit services for audit clients, while strengthening oversight through audit committees.

The lesson from that period was not limited to actual conflicts of interest. It was about perceived independence. Markets and regulators concluded that even the appearance of economic entanglement could undermine confidence in the audit process.

Workplace investigations are not subject to the same regulatory framework as auditing. But the underlying governance question is similar. Where the same firm both advises and investigates, independence can be challenged, even if no impropriety exists.

For organisations, the risk is not simply legal; it is also reputational and operational. Once trust in the process is lost, the outcome becomes harder to defend.

A changing external environment

What makes the current moment more acute is the broader context in which these issues are arising.

In the UK, employers have been under a legal duty since October 2024 to take reasonable steps to prevent sexual harassment. Guidance from the Equality and Human Rights Commission and Acas guidance emphasises proactive risk assessment and effective handling of complaints. That raises expectations not only for prevention, but for the quality and credibility of investigations when issues arise.

Across Europe, whistleblower regimes have strengthened significantly, increasing scrutiny on how organisations respond to internal reports.

In the US, legislative changes have made it easier for employees to bring harassment claims in court rather than being confined to arbitration. At the same time, the use of non-disclosure agreements in this context is facing increasing restriction, public criticism and challenge.

Overlay these developments with heightened media scrutiny, a push for transparency and the amplification effect of social media, and one conclusion follows inevitably: workplace investigations are no longer internal exercises. They are public credibility tests.

Designing for independence

If there is a lesson from Citi’s example, it is not that investigations are failing. It is that the standards by which they are judged are rising.

Independence can no longer be assumed or asserted. It must be designed.

In practice, that is likely to involve a combination of measures. Organisations may need to separate investigation mandates from existing advisory relationships, ensuring that firms conducting sensitive investigations are not simultaneously engaged on significant commercial work for the same leadership teams. Panel or rotation models, similar to those used in audit and other areas of governance, may help reduce dependence on any single adviser.

Clearer commissioning structures will also matter. Investigations involving senior leadership may need to be commissioned and overseen at board or committee level, with protected budgets and direct reporting lines that bypass management.

Process transparency, within legal and confidentiality constraints, is equally important. Decisions about scope, witness selection, and methodology should be documented and, where appropriate, capable of explanation. The aim is not to expose every detail, but to demonstrate that the process was robust and impartial.

In practical terms, that may also require organisations to think more critically about who is best placed to conduct sensitive investigations in the first place. In some cases, that may mean instructing firms with no existing commercial relationship.

Above all, it requires a shift in mindset. Investigations are not just about establishing facts. They are about establishing trust.

The real test

The Citi allegations will, in time, be resolved through litigation or settlement – but the underlying issue will remain.

The real question is not whether their investigations are thorough or legally defensible. It is whether they are structured in a way that will be believed by employees, by regulators, by courts, and by the public.

Post-Enron, companies learned that gatekeepers cannot credibly scrutinise power while being too commercially entangled with it. That principle is now pressing on workplace investigations.

In today’s environment, the risk is no longer just getting the answer wrong. It could be having the right answer, and no one trusting how you got there.