Creating Corporate Dawn Raid Guidelines

Since the pandemic, the first EU regulatory inspections took place in the middle of 2021 when the European Commission carried out unannounced inspections for suspected anti-competitive practices in Germany.

Further dawn raids highlighted the renewed momentum for regulatory inspection. These were led by the European Commission and national authorities investigating suspected antitrust breaches in France, Greece, Hungary, the Netherlands, Norway, Poland, Romania, Portugal, Spain and Slovenia.

It is unlikely that post-Brexit, the UK will be spared. Andrea Coscelli, the Competition and Markets Authority (CMA) CEO, publicly announced a push to increase its volume of competition cases under investigation.

Corporate dawn raid guidelines

1. What are Dawn Raids?
2. Who conducts Dawn Raids?
3. What are your rights & obligations during a raid?
4. How should you respond to a dawn raid?
5. What powers do inspectors have?
6. What should you do after a dawn raid?
7. How can you avoid dawn raids?

The CMA is not obliged to conduct a formal investigation into all potential breaches of competition law. Rather, it investigates a small proportion of allegations, basing its decision on the strategic significance and the need for a deterrent, likely consumer impact, likelihood of success, and the possible cost of an investigation.

1. What are Dawn Raids?

Dawn Raids are unannounced inspections at premises linked to the business under investigation, carried out by competition regulators to gather evidence for investigations. The rise of hybrid and remote work means that a good deal of business is outside the traditional office environment.

In this new post-pandemic world, inspectors ringing your doorbell are replacing the familiar scenes of documents and hard drives ferried out of a corporate office.

When a breach of competition law is suspected, regulators may conduct unannounced inspections to gather evidence. Although historically, they would take place early in the morning – ensuring an element of surprise, hence the phrase 'Dawn Raid' – they now tend to occur during the day's first working hour.

Raids are often coordinated across multiple locations and sometimes across different countries. They may target companies' corporate offices, suppliers, competitors, and even employees' places of residence – wherever the competition authority believes that evidence may be stored.

2. Who conducts Dawn Raids?

The key regulator of competition law in the UK is the CMA, but a sectoral regulator with similar oversight and powers may also take the lead. The CMA may involve the police and courts to ensure inspectors have the requisite powers to conduct inspections.

It is vital to establish who is leading and involved in a raid. Furthermore, it's important to understand the procedures that need to be followed and the relevant limits on the powers of inspectors.

3. What are your rights & obligations during a raid?

Significant fines and potential civil and criminal penalties may be waiting for those who fail to comply with their legal obligations during a dawn raid. That's why all executives, employees and associates must know how to respond appropriately to a dawn raid if they experience one.

Equally, it is important to minimise the effect on the company's business and limit overreach by inspectors. Everyone must understand their rights and the relevant limits on the inspectors' powers.

4. How should you respond to a dawn raid?

The easy answer is that there should be a plan in place before any possible raid, and everyone should be knowledgeable of and stick to the plan. Companies should update the plan to reflect remote and hybrid working scenarios.

Relevant staff (ensuring availability) should be fully aware of the company's information security policy (and how it applies to remote and hybrid working arrangements).

Making staff aware ensures they can understand and document where data is stored. Data maps could be employed to highlight which employees easily have access to relevant information.

Actions for those with first contact (e.g. reception)

• If onsite, reception should immediately alert a member of the Internal Response Team (IRT). In line with internal information security protocols, they should arrange visitor name badges for each of the inspectors (if at home, it is still important to alert senior management of the raid immediately). Keep any conversation limited to administrative matters.
• The inspectors should be ushered into an empty room to await the arrival of a senior member of staff, if onsite and available.
• Politely ask the inspectors to await the arrival of the company's lawyers before proceeding with the inspection.
• Generally speaking, inspectors are not obliged to negotiate terms, follow internal company protocols, or await the company's lawyers/senior management. So they don't hamper them if they insist on proceeding. Keep any delays to a minimum, or you may be accused of failing to cooperate or obstructing the investigation (fifteen minutes may be considered reasonable, but anything over half an hour would be pushing it).
• Take a copy of the inspection team's IDs, authorisation documents and any court warrants – they are obliged to show these to you.

Actions of the Internal Response Team

• Contact and inform Legal/Compliance and/or external legal advisers and senior management, requesting their presence;
• Check relevant IDs, authorisation documents and warrants to determine the legal basis for the raid;
• Build rapport by undertaking that no documents will be destroyed/concealed and that all employees will be facilitative while trying to negotiate a protocol with inspectors to determine the scope of the investigation and help with an audit;
• Task employees and/or legal representatives to individually follow, supervise and document the activities of each inspector after having briefed them as to the limits of the inspectors' powers (Legal and IT personnel need to consider how they will 'shadow' inspectors and record a log of what they seize when an inspection takes place at an employee's residence or when they conduct an employee interview remotely);
• Liaise with lawyers in person or by remote communications (consider setting up one or more remote calls to ensure that a lawyer is supervising inspectors and is available);
• Ensure relevant members of staff (e.g. IT, HR, Accounts, Legal/Compliance) are available to comply and assist with any authorised requests of inspectors; and
• Send an e-mail to all staff to explain what is happening and the need to be cooperative. However, limit the disclosure to the specific questions asked. Ensure that staff members are told not to mention the dawn raid externally to limit the risk of tipping off.

5. What powers do inspectors have?

If the CMA chooses to investigate a potential breach of competition law, it may choose a civil or criminal approach. An investigation and a consequential inspection may only occur if the CMA has reasonable grounds for suspecting an infringement – it cannot conduct a dawn raid to 'fish' for evidence.

Inspectors' powers, which derive from legislation, will vary based on the nature of the competition investigation.

If the CMA chooses to investigate, it may choose a civil or criminal approach. Inspectors' powers, which derive from legislation, will vary based on the nature of the competition investigation.

A dawn raid relating to a civil offence needs to be supported by written authorisation, setting out the nature of the investigation. A warrant is also required to access business or domestic premises, which will authorise the use of force if reasonably necessary to enter and secure the specified premises.

Even if inspectors have not secured a warrant, it is not advisable to restrict access, as this may be taken as suspicious behaviour and may inspire a more detailed investigation.

During a dawn raid, inspectors may access electronic data; review, copy or remove physical or electronic documents; ask for factual explanations of documents relevant to an investigation; seal files and rooms on the premises; and interview individuals.

In practice, many dawn raids involve simply downloading data and taking copies of electronic servers and reviewing these at a later stage. Raids may be replaced, pre-empted or followed by mandatory formal requests for specific information and/or specific documents or document categories. Documents would include hard copies and electronic documents, irrespective of how and where they are stored.

IT staff will generally need to be on hand to provide access permissions and passwords and grant access to encrypted documents and communications.

The fact that documents or servers may contain confidential information does not protect them from being reviewed and copied by inspectors. However, documents protected by legal professional privilege will fall outside their purview, and requests for documents are limited to those documents that are relevant to the investigation. Consequently, it is important for staff to understand the relevant rules so that they may intervene if inspectors look to process documents that are irrelevant or privileged.

Dawn raids on business premises may be, and often are, augmented by conditional 'seize and sift' powers, which would allow inspectors to take away all potentially relevant material for subsequent review.

The inspection would not be invalidated even if someone later found the seized materials irrelevant or subject to legal professional privilege. Therefore, it makes sense that, as these blanket seizure powers are so invasive, formal notice backed up with a warrant must precede the exercise of these powers.

At the end of the raid, an inspector will generally provide a list of copied and/or seized material. However, a company needs to have its audit process in to allow cross-referencing and ensure that its senior management and legal representatives are kept fully aware of what they are dealing with. It may also be useful for 'shadowers' to take note of any keyword searches performed and any documents or matters in which inspectors seemed particularly interested.

As part of the investigation process, the CMA may issue a formal notice to individuals connected with the company requiring them to answer questions. This notice may also affect ex-employees, associates, suppliers and customers. As with documents, any questions must be directly relevant to the investigation.

As the CMA may use these compulsory interview powers during a dawn raid, the subject may be caught unaware, so it is advisable to request a delay to any such interview until the raid is over to allow for better preparation. Where the individual is not sure of an answer, they should undertake to provide a written response at a later date.

A lawyer should be present for interviews if allowed, and both questions and responses must be documented. Individuals can refuse to answer self-incriminating questions. If an inspector suspects criminal activity, the individual may be invited to a voluntary interview under caution. The CMA can use interview information in a future case against the company.

Any obstruction of an authorised raid may be subject to civil and criminal penalties. These obstructions may include tipping off, giving false or misleading answers, corrupting or hiding documents or files, tampering with evidence or seals, and delaying or hindering the work of authorised inspectors.

It is not only the individual who may be liable for these actions but also the company may be penalised.

Inspectors will have the same powers as conducting a civil investigation in criminal investigations. Under a warrant obtained from the High Court or Competition Appeal Tribunal, the investigation powers of the CMA in a criminal investigation may be even stronger.

Inspectors may obtain evidence through surveillance and covert human intelligence sources. Also, criminal investigations are often conducted with the involvement of the Serious Fraud Office and the police.

The CMA can conduct parallel civil and criminal investigations into the same subject. Evidence compiled for one investigation may be used by the CMA in any parallel investigation so long as the relevant procedural rules for the type of investigation are adhered to.

6. What should you do after a dawn raid?

Before the inspectors leave, it is advisable to request a closing meeting to assess the company's state of affairs.

Advice should be sought on whether a company can resume business activities and under what conditions, whether any documents, files or servers should be kept off-limits and whether any seals should be kept in place. It will also be possible to formalise any outstanding commitments and undertakings and sort out any possible miscommunications.

Finally, this meeting could also allow senior management and legal representatives to assess where the investigation may go in the future, allowing for better contingency planning.

The CMA are likely to ask an authorised company officer to sign a list and/or a log of copied/seized documents/files. This is a good time to cross-reference the internal list with the inspectors.

Once the inspectors have left the premises, a debrief of senior management and legal representatives should be held to contribute to an ongoing risk assessment. Review the interviews and all documents copied/seized by the inspectors as part of the risk assessment.

If there are any lingering doubts about information accuracy, these should be rectified as soon as possible. Decide how the dawn raid (and any subsequent CMA actions) may adversely affect the company's reputation, and at this stage, senior management must discuss mitigation measures and contingency plans.

It is important to bear in mind that the CMA may issue a press release publicising its actions, in which case the company may need to consider whether it wishes to respond.

It will be necessary to inform all staff of the investigation (whether by e-mail or personal briefing), respecting any commitments and undertakings given.

Suppose there appears to be evidence of involvement in a competition law infringement. In that case, perhaps consider applying for a 'marker' under the relevant leniency regime(s) and submitting a leniency application.

7. How can you avoid dawn raids?

The answer to this question is not as easy as it might first seem. In theory, even a compliant company may end up on the wrong side of a CMA investigation.

However, in practice, the CMA has limited resources and does not waste its time investigating a company unless it has some evidence that the company has breached competition law. But there are some simple ways to avoid getting on the CMA radar in the first place.

Tips to avoid anti-competitive practices

1. Avoid conversations with competitors on pricing, strategy, territory and customers.
2. Always keep a lookout for anti-competitive practices within your company – spot and address red flags, don't ignore them.
3. Don't be led by the relative size of your company or the market, as any anti-competitive behaviour may lead to penalties, no matter how small your company or how big the market is.
4. Remember that anti-competitive behaviour is not limited to price-fixing and other cartel-like behaviour. It may also stem from abusing a dominant market position (abusing the fact that your company has a 40% or greater market share).
5. Ensure that your company has in place competition training, policies, and protocols to maximise understanding of anti-competitive behaviour and minimise the risk of employees and agents participating in that behaviour.
6. If you make a mistake, always confess and be sure to report any concerns that you may have – tell the CMA everything, minimising the need for them to investigate.

Want to learn more about competition compliance?

We have created a series of comprehensive roadmaps to help you navigate the compliance landscape, supported by several financial crime prevention courses in our Essentials Library.

We also have 100+ free compliance training aids, including assessments, best practice guides, checklists, desk aids, eBooks, games, posters, training presentations and even e-learning modules!

Finally, the SkillcastConnect community provides a unique opportunity to network with other compliance professionals in a vendor-free environment, priority access to our free online learning portal and other exclusive benefits.