We have prepared this article for General counsel and the legal team as they will play an important role in formulating a plan and in its execution, should the need arise.
Several regulatory and investigatory bodies have powers to undertake investigations at an organisation’s premises. Sometimes, these may occur without prior warning. Such events are known as dawn raids.
Because the visit is unannounced, it’s important not to be caught completely cold and to have a game plan – both for the day itself and for the follow up.
Being on the receiving end of a dawn raid by, say, the Competition and Markets Authority (CMA) or the European Commission (EC) can be stressful and disruptive for any organisation. And the outcome of a dawn raid can be highly damaging for both organisations and individuals.
But while no organisation wants to be the subject of a raid, there are steps that it can take to be better prepared so that, should a raid occur, its impact is managed and the stress and disruption minimised.
As with any contingent risk where the consequences are potentially highly damaging, it's important to plan thoroughly and to stress test the planning on as regular a basis as the organisations deems necessary in accordance with its risk profiling and risk management.
In any organisation where there is the potential for a dawn raid, in-house counsel will need to be closely involved in the contingency planning, with lawyers having specific roles to play both on the day of a raid, and in the follow up work.
While not a definitive or exhaustive list, here then are 10 steps that should be a part of any dawn raid planning.
1. External lawyers
You won't want to be thinking about which law firm to contact with the inspection team sitting in your reception. Your external lawyers need to be part of your planning process and need to be able to react quickly in the event of a raid. They'll already have advised on what is likely to happen should a raid happen and on the legal framework of rights and obligations that will arise. Of course, it's helpful if your lawyers know the organisation well without having to ask too many questions of you on the day.
If the organisation has more than one site, including in other jurisdictions, you may need a network of law firms to be involved, all of which need to be included in your contingency planning
2. First response
Your reception team may be the first to learn of a dawn raid and so they should be included in the planning so that they know how to react to the inspection team. This could include having a designated area for the inspectors to wait while relevant staff are mobilised and external lawyers contacted. There will need to be a call cascade in place so that key personnel (including external lawyers) are contacted swiftly. Reception staff may also be responsible for copying authorisation documents for passing to key designated personnel.
As well as senior staff and board executives are part of the communications plan, remember also executive PAs as they are usually the gateway to the executive and will need to know what to do on the day.
3. Roles and responsibilities
It will be important that both key personnel and staff generally are aware of how to react and respond in the event of a raid. If the inspection team (and shadow team) are moving around the premises it will be helpful if staff know what's expected of them, including in acting in accordance with their legal responsibilities. Your external lawyers will be on hand during the raid to deal with any particular issues arising and advise accordingly, but planning for who does what and when should help calm nerves and ensure that the day proceeds as smoothly as possible in the circumstances.
It will be important also to know who will comprise the response team (including alternates) whose role it will be to liaise and shadow the inspectors.
In the event of a dawn raid, the organisation will want to manage its internal and external communications. As well as the initial call cascade when the inspectors arrive, staff will need to be informed if a raid is underway and reminded how they should respond and the extent of their legal and other responsibilities, including in relation to, for example, interacting with the inspectors, confidentiality and documentation. Planning for external communications during and after the raid will cover a range of issues such as monitoring for information and announcements, preparing press releases or responses (as required), and any formal announcement the organisation may need to make. All of which will require pre-planning and clearly defined responsibilities.
5. Designated facilities
It's likely to be unsatisfactory for questions, discussions and IT and administrative tasks (copying for example) to be carried out in the middle of busy open plan offices. There should therefore be designated areas for both the inspection and response teams to allow this to happen.
6. Data policies and IT staff
Given that the purpose of a dawn raid will include gaining access to documents and data, much of which may well be held electronically, it will be important that IT systems allow for access and retrieval and that your IT staff are familiar with where data is stored and how it is retrieved.
7. Security personnel and cleaners
There may be rooms and floors that are sealed or out of bounds during and after the inspection, with restricted access. This may require security staff to be briefed and for cleaning staff to be stood down from sensitive areas.
8. The multi-site and international dimension
If your organisation has offices in different locations and jurisdictions, it’ll be important to include them in the overall planning process and factor in jurisdictional differences (including differing legal rules and procedures). A dawn raid may occur at more than one site simultaneously making coordinated planning a necessity.
9. The aftermath of a raid
Once the raid is complete there will be an agreed note of what occurred and an inventory of any items copied and removed. It will also be clear whether the inspectors will return and what further steps and discussions may be required. Consequently, there's likely to still be a lot to do. Your external lawyers will advise on the legal position and you will need to have a team in place to carry out the follow up work, including being involved in any discussions or negotiations. There may be further data to be retrieved and internal investigations to conduct.
10. Planning and stress testing
There’s nothing like a real life situation to let you know if your contingency plans really work. However, in the absence of a real dawn raid, you can stress test your plans by having periodic mock raids and by regularly reviewing and updating your planning. Your external lawyers and other specialist advisers will help in making sure that your planning and testing is as comprehensive and rigorous as it needs to be. And, of course, the risk of a dawn raid and the circumstances which may give rise to one, will need to be part of any organisation's risk and compliance management processes.
No organisation wants a dawn raid. They are stressful for staff, involve considerable work and the consequences can be damaging and disruptive for organisations and individuals.
But increasing focus on the responsibility and conduct of organisations and individuals generally, in both regulated and unregulated sectors, has increased the potential for dawn raids by a range of regulatory bodies.
Managing the risks posed by a dawn raid means implementing plans, processes and training so that staff know exactly how to respond should one occur. And the General Counsel, and likely other members of the legal team, need to be actively involved in the planning and implementation process.