A Key Employee Just Resigned and Is Taking Customers/IP With Them — What Do I Do Now?

The Answer in 60 Seconds

First, do not confront with accusations — preserve evidence quietly. Lock systems access at the moment of resignation (or earlier if known intent), preserve email, retain server logs, secure customer communication records. Engage employment counsel immediately to assess: what restrictive covenants exist (non-compete, non-solicitation, confidentiality clauses) under the Singapore approach to restraint of trade, what evidence exists of breach, what remedies are available (injunctions, damages, account of profits). Standard insurance does not directly cover this scenario — there is no "key employee theft of customers" cover. Cyber Liability may respond if data exfiltration is involved. Crime / Fidelity Guarantee may respond if specific dishonest acts are involved (theft of records, IP). Trade Credit / Loss of Customer is generally not insurance-coverable. Recovery is via civil litigation under standard Limitation Act 1959 periods, often urgent injunction proceedings. Speed matters — every day customers transfer to the departing employee's new venture, recovery becomes harder.

The Step-by-Step

This is one of the most damaging crisis scenarios for SMEs that build their value on customer relationships and intellectual property. The employee has been preparing this departure for months; the moment of resignation is the point at which evidence is most accessible and intervention most effective. The article below sets out the practical sequence; the legal dimension is significant and qualified counsel must be engaged within hours.

Hour 0 — Detection and immediate response

Triggers that signal the scenario:

Resignation announcement of a key employee with significant customer relationships
Pattern of customer "thinking about it" / "delaying" / "going elsewhere"
Industry rumours of departing employee starting competing venture
Coincidence of multiple customer terminations or contract non-renewals
Discovery of files copied, emails forwarded to personal accounts, system access patterns

If detection is at the point of resignation:

Within 1 hour:

Lock systems access immediately. Email account, file sharing, CRM, accounting, customer database — all access revoked.
Preserve email. Place legal hold on the departing employee's email account. Do not delete; do not let auto-deletion proceed.
Preserve all access logs. Login history, file access patterns, email forwarding rules, USB device usage, printing logs — all should be exported and preserved.
Secure physical access to office. Departing employee should not be left alone in office during notice period; if departing immediately, escort.
Limit knowledge of suspicions. Departing employee should not know that monitoring is underway.

What not to do yet:

Confront the employee with accusations
Communicate with customers about the situation
Make public statements
Discuss with other staff beyond minimum necessary

Hour 0–24 — Engagement of counsel

Engage employment counsel. Within hours of detection. Specialist counsel familiar with:

Restraint of trade enforcement in Singapore
Confidentiality and IP protection
Urgent injunction applications
Evidence preservation in employment disputes

Verify contractual position:

Is there a non-compete clause? Scope, duration, geography?
Is there a non-solicitation clause? Customers, employees, both?
Is there a confidentiality clause?
Is there an IP assignment clause?
Is there a garden leave provision?
What is the notice period?

Singapore courts on restraint of trade:

Singapore courts apply common-law restraint of trade principles. A restrictive covenant is enforceable only if:

There is a legitimate proprietary interest to protect (customer connections, confidential information, trade secrets, workforce stability)
The restraint is reasonable in scope, duration, and geography
The restraint does not harm public interest

A blanket non-compete preventing the employee from working in any capacity for any competitor is generally unenforceable. A targeted non-solicitation of specific customers for a defined period is more typically upheld.

The case law is fact-specific. Notable Singapore decisions include those discussing the requirements for legitimate proprietary interest, the reasonableness assessment, and the appropriate scope of injunctive relief. Specific case citations should be verified directly on eLitigation before relying on them.

Day 1–7 — Forensic and evidence work

Forensic IT investigation:

For material cases, engage forensic IT specialists to examine:

Email forwarding to personal addresses
USB/external drive usage patterns
File access in the period preceding resignation
Cloud storage access (Dropbox, OneDrive, Google Drive)
Customer database export patterns
Print logs and printed material

The forensic investigator's report becomes evidence in subsequent proceedings.

Customer communication audit:

What communications between departing employee and customers in recent weeks/months?
Pattern of customer contacts at unusual times or via personal channels?
Customer scheduling changes coinciding with planned departure?
Customer cancellations after the employee's resignation announcement?

IP and confidential information audit:

What IP and confidential information did the employee have access to?
Customer lists, pricing, technical specifications, supplier relationships, business plans
What's been potentially taken?
What's the value of the protected information?

Day 1–14 — Counsel-driven response

Based on the evidence collected, counsel typically advises on:

Letter of demand to departing employee:

Asserts contractual obligations (non-compete, non-solicitation, confidentiality, IP)
Demands return of confidential information
Demands cessation of solicitation
Reserves rights to pursue damages and injunctions
Time-limited compliance window (typically 3–7 days)

Letter to new employer (if known):

Notifies of employee's contractual obligations
Reserves rights against new employer for tortious interference or assistance with breach
Sometimes effective in moderating the new employer's actions

Customer communications:

May or may not be advised depending on situation
If used, factual and non-defamatory
Can include reaffirmation of relationship value
Avoid direct attack on departing employee (defamation risk)

Urgent injunction application:

For significant cases, ex parte (without notice to defendant) injunction applications can:

Restrain employee from soliciting specific customers
Restrain use of confidential information
Require return of taken materials
Require accounting of profits

Singapore courts apply standard injunction tests:

Serious question to be tried
Damages would not be adequate remedy
Balance of convenience favours granting
Adequate cross-undertaking in damages by applicant

For matters where the employee is actively transferring customers or using confidential information, urgent injunction is often the most effective intervention.

Insurance considerations

Standard insurance options for this scenario:

Cyber Liability:

Responds to data exfiltration scenarios
Forensic costs may be covered
Typically does not cover customer loss as commercial damage

Fidelity Guarantee / Crime:

Responds to dishonest acts (theft of records, IP, customer lists)
Subject to the act being criminal in nature
Typically does not cover customer loss as commercial damage

Professional Indemnity:

Generally does not respond to ex-employee actions
May respond if departing employee acted negligently in service delivery before departure

Trade Credit:

Covers buyer non-payment, not customer migration
Not applicable to this scenario

Loss of customer / business income:

Generally not insurable as commercial commodity loss
BI policies require an underlying covered event (fire, etc.)

Legal Expenses Insurance:

Some Legal Expenses policies cover employer's costs for defending or pursuing employment-related claims
Limited Singapore market for this product
Where held, may help with civil litigation costs

The honest assessment: most of the commercial damage from this scenario (lost customers, reduced revenue) is not insurable. Insurance can fund investigation and litigation costs in some scenarios. Recovery is fundamentally through civil action and operational response.

Operational response in parallel

While legal action proceeds:

Customer retention focus:

Senior leadership engagement with at-risk customers
Reaffirmation of commitment, capability, continuity
Possibly improved terms, additional services, transitional support
Avoidance of "winning back at any cost" — the customer who leaves and demands extreme concessions to return is rarely a worthwhile retention

Internal communication:

Explain the situation to remaining team factually
Reaffirm culture and values
Address concerns about workload, redistribution, succession

Operational continuity:

Replacement hiring or restructuring
Customer-facing role coverage
Preservation of remaining customer relationships

Lessons learned:

What enabled the departure? Single-point-of-failure on relationships?
What contractual gaps existed?
What systems gave too much access to one person?

Specific scenarios

Scenario A: Junior salesperson resigns to join competitor, takes 2 small accounts

Likely uneconomic to litigate
Letter of demand may suffice
Operational customer retention focus
Update contracts going forward

Scenario B: Senior partner / key practitioner takes 30% of firm's customers

Material commercial damage
Strong injunction case if covenants in place
Forensic investigation
Potentially cross-cutting (accounts/insurance/PI claim coordination)

Scenario C: CTO leaves with technical IP / source code / architecture

Cyber and IP focus
Forensic IT investigation critical
Patent/trade secret protection
Possibly criminal prosecution under Computer Misuse Act 1993 if access exceeded authorisation

Scenario D: Recruitment-style departure of multiple key staff at once

Coordinated departure suggests planning
Possibly an organised raid by a competitor
Tortious interference angle against competitor
Material disruption requiring holistic response

Prevention going forward

The most effective response to this experience is preventing recurrence:

Contractual framework:

Reasonable, enforceable non-solicitation clauses
Confidentiality clauses with specific scope
IP assignment clauses
Post-employment obligations clearly documented
Garden leave provisions for key roles

Operational practices:

No single-point-of-failure on customer relationships
Multiple touchpoints with key customers
CRM discipline (relationship in system, not in employee's head)
Knowledge management (documentation, not just oral knowledge)
Cross-training on critical functions

Compensation structures:

Vesting schedules for equity
Long-term incentive plans
Retention bonuses for key roles
Voluntary garden leave with continued payment

Cultural factors:

Why might key staff want to leave?
Career development opportunities
Compensation appropriateness
Cultural fit and engagement

Common Mistakes / What Goes Wrong

Confronting employee with accusations. Tips them off; evidence may be destroyed.
Not locking access immediately. Continued data access is a direct exposure.
Delayed engagement of counsel. Each day matters in injunction availability.
Self-help approaches (calling customers to "warn" them). Defamation risk; not strategic.
Ignoring the contractual position. Restraint of trade clauses may or may not be enforceable; counsel review essential.
Treating it as "just business" without legal recourse. Where covenants exist and are breached, injunctions and damages can be material.
Public communication during proceedings. Compromises position.
Not learning from the incident. Operational vulnerabilities that enabled it remain.

What This Means for Your Business

For Singapore SMEs whose value depends on customer relationships and IP, the discipline:

Build contractual framework before need arises. Non-solicitation, confidentiality, IP assignment — all should be in place from hiring.
Avoid single-point-of-failure on customer relationships. Multi-touchpoint relationships, CRM discipline, knowledge management.
Train management on detecting departure signals. Pattern of customer issues, employee behaviour changes, industry signals.
Maintain pre-engaged employment counsel. This is not the moment to be searching for a lawyer.
Build culture and compensation for retention. The best preventive measure is people not wanting to leave.
Document operations. Relationships, processes, knowledge — all in systems, not in people.
At any departure of significant role, run a structured exit process. Access controls, customer transition, knowledge transfer, exit interview, monitoring of post-employment activity.

The objective is not zero employee turnover — that's neither realistic nor desirable. The objective is that any departure is operationally manageable rather than business-threatening.

Questions to Ask Your Adviser

Do my Cyber and Crime / Fidelity Guarantee policies cover specific aspects of this scenario (data exfiltration, IP theft)?
For employee dispute litigation costs, is Legal Expenses Insurance available in my market?
How do my employment contracts hold up under Singapore restraint-of-trade analysis?
What pre-incident measures (operational, contractual, cultural) do brokers and counsel typically recommend?
If I hire from competitors, what's my exposure to claims of inducement of breach?

Related Information

Published 4 May 2026. Source verified 4 May 2026. COVA is an introducer under MAS Notice FAA-N02. We do not recommend insurance products. We provide factual information sourced from primary regulators and route you to a licensed IFA who can match a policy to your specific situation.