A Dawn Raid is an unannounced inspection by a regulatory authority, aimed at investigating suspected breaches of the law.
Dawn raids are fact-finding exercises that focus on identifying and securing evidence of infringement. They can involve the following:
- Physical searches of premises;
- Electronic searches of files/emails/messages/chats;
- Seizure of documents;
- Copying of documents;
- Questioning; and
- Formal interviews.
Dawn raids can represent a major intrusion on any business and carry with them potentially lengthy investigations and legal proceedings that can lead to potential sanctions and reputational damage. Therefore, it is important to be fully prepared for the possibility of any potential dawn raid. Here, we will go through the sequence of events involved in a typical dawn raid.
Dealing with the arrival of the inspectors
Inspectors arriving on site to conduct a dawn raid will typically present themselves at the reception of a premises unannounced at the start of the working day (rarely at dawn)! They will usually have with them:
- An authorisation to conduct the raid (e.g. a warrant issued by a court);
- Official IDs; and
- An explanatory note describing the powers of the regulator, the purpose of the inspection and the type of material being sought.
It is important the reception team knows what to do when inspectors arrive. It is usual to request the inspectors to wait in a designated area until the company response team (relevant management and legal teams) have been contacted. Depending on the nature of the inspection, some officials will wait for up to 30 minutes for the response team to arrive, but others may look to start the inspection without waiting. The company response team should also contact external lawyers.
In an investigation by an Irish regulatory authority, the inspectors may be accompanied by members of An Garda Síochána.
Handling the inspection
Upon the arrival of the response team and the beginning of the inspection, it is important to establish a number of things with the officials, ideally in a meeting with the official leading the inspection:
- Confirm your intention to cooperate with the inspection;
- Establish clear reporting lines and escalation channels on both sides;
- Clarify anything that is unclear from the authorisation documents; and
- Agree ground rules for shadowing, dealing with issues such as legally privileged material and substantive questioning of individuals.
Each inspector should be "shadowed" at all times during the inspection by someone from the company or an external lawyer and a detailed note taken of all actions they take.
Officials will bring a forensic IT expert and will seek prompt access to IT systems. Specific individuals of interest will have been identified by the regulator and officials will look to seize their respective data and/or devices. Given the rise of home/off-site working, it is possible that a number of relevant individuals will be off-site when the officials arrive. This issue would need to be addressed at the initial meeting with the officials.
Any specific individual that has been identified by the regulator may be interviewed by officials. It is important to establish at the outset whether the interview is voluntary/ compulsory/ cautioned/ not cautioned. For any interview, ensure that a support person / lawyer is present and takes notes. Interviewees would need to proceed carefully before providing information voluntarily and, above all, must not knowingly provide false or misleading information to the officials.
It is good practice to have a template email on file in order to send internally to alert all staff in the case of an inspection. This template email should include a warning to all staff not to tamper with any material that is subject to the inspection, which could result in penalties (including criminal penalties for individuals) being imposed.
Similarly, if inspections last more than one day, officials may apply tamper-proof seals to offices/rooms/files overnight. Breaking the seals is a very serious matter and can result in substantial fines (e.g. up to 1% of global turnover in EU cases). Therefore, it is important that overnight security and cleaning staff are properly briefed, or measures are put in place to ensure seals not tampered with.
What to do at the end of an inspection
A closing meeting with officials will be held to confirm the following:
- Check the inspectors' schedule of documents seized and ensure that you have a copy of all documents;
- Note any outstanding issues or unresolved disputes (e.g. involving relevance or legal privilege);
- Assert confidentiality over any materials seized;
- Reserve the right to supplement or clarify any answers given during questioning and reserve the right to challenge the taking of documents on grounds of scope/relevance or privilege; and
- Obtain confirmation from the inspectors that the company has cooperated during the Inspection.
An inspection is typically just the start of a longer investigation. As a follow up, any materials that have been seized need to be reviewed quickly in order to allow the company under investigation to ascertain the extent of the substantive risk. Upon assessing the material that has been seized, options for mitigating any risks can be identified and an action plan can be set out.
This article contains a general summary of developments and is not a complete or definitive statement of the law. Specific legal advice should be obtained where appropriate.