Companies must observe strict data protection law requirements when conducting internal investigations, especially multijurisdictional ones. New rules adopted around the globe also impose stricter and more detailed obligations for companies processing personal data, and failure to demonstrate compliance with these rules may lead to claims for damages as well as administrative sanctions and high fines from the data protection authorities. Do these rules impair companies’ abilities to conduct internal investigations? Do they also reduce companies’ abilities to cooperate with authorities in multijurisdictional cases? This panel aims to answer these questions, providing a multidisciplinary view on the issue based on the experience to date of in-house counsel, regulators and external counsel in navigating the challenges imposed by data protection laws implemented in different jurisdictions. We will also discuss the OECD considerations on the issue taking into account the 2021 OECD Anti-Bribery Recommendation.