Dawn raids are on the rise; the first three months of the new SFO's director's tenure saw two dawn raids and the FCA's dawn raid activity during 2023 was significantly increased compared with 2022. Our global investigations team is seeing a similar trend in other jurisdictions.

We expect authorities across the globe to continue to utilise dawn raid powers in 2024, with new challenges arising for both authorities and organisations in dealing with emerging and multiplying data sources and hybrid working models.

Businesses should ensure that they are prepared for dawn raids, including by updating their dawn raid manuals in light of hybrid working and emerging data sources, making sure they know where and how their data is stored, and conducting practical training for all relevant employees. We summarize below the approaches we are currently seeing from authorities in the UK and elsewhere around the globe, together with key practical steps to prepare for and manage a raid in the hybrid working world.

Content

Recent trends in the UK and elsewhere

  1. Hybrid raids. Since 2020, when COVID-19 changed working practices forever, authorities have in some cases been conducting "hybrid" raids, with some of the raid team arriving at a company's offices and others simultaneously arriving at the homes of key individuals. In its 2021 guidance, the FCA stated that firms must ensure employees are made aware of its powers to conduct a visit at any location where work is performed, business carried out, or employees are based (including at individuals' homes). Other authorities have taken a similar approach and in November 2023, the SFO raided nine sites simultaneously, including the homes of various individuals, as part of its investigation into collapsed law firm Axiom Ince.
  2. "Disguised" dawn raids. These may take the form of an authority requesting face-to-face meetings with senior management and then serving formal notices to require certain data on the same day, with other data to follow in short order (and at the company's cost). We have seen this being used in the context of regulatory supervision teams requesting a meeting, but then arriving with teams from their enforcement arm.

Quick turnaround compelled requirements. There is an increased use of quick turnaround information requirements, e.g. in the UK "here and now" requests under section 2 of the Criminal Justice Act , including broad requests for "data dumps" of files and correspondence and compelled requirements for mobile device data or data from instant messaging or file sharing platforms. We can expect these to increase with the recent broadening of the SFO's powers to compel information from individuals and companies before investigations have been opened (see more here).

What should businesses be doing to prepare for a dawn raid?

  1. Policies and procedures. Businesses should consider whether their current policies and procedures need updating to reflect hybrid working patterns and emerging data sources (as well as any other practical updates – it's important to have up-to-date emergency contact details for internal legal, compliance and IT and external legal/forensics providers in all jurisdictions and think about coverage in the event of a dawn raid – e.g. on a Friday when in some jurisdictions many people will be working from home).
  2. Data mapping. Businesses should ensure they have a clear understanding of what data is stored where and whether mobiles/laptops can be accessed remotely. Do not forget data sources such as instant messaging apps, document sharing platforms or trading or financial databases. So that potentially privileged data can be isolated quickly, it is also important to know where any potentially legally privileged material might be stored and maintain a list of current and former in-house and external lawyers.
  3. Training. The core response team (including reception and/or security personnel) should be trained on any updates to procedures and the powers of various authorities and mock dawn raids should be run. Ensure all relevant employees understand document retention/storage requirements, who to contact in the event of a dawn raid and that certain employees may receive a visit at home. Thought needs to be given to substitutes for the core team (e.g. in the event members are away from the office).

Key tips for managing a dawn raid

  1. Check the documentation. Upon arrival of the authorities, it is important to obtain copies of any warrant or authorising documentation and to check the ID of investigators (we have seen examples of individuals, such as protestors, impersonating investigators in order to obtain access to premises). Carefully check the scope of the authorisations and any limits to the authority's power to make sure anything handed over is within the scope of what is being sought (and the authority's powers). This should be done whilst the initial response team wait for lawyers to arrive.
  2. Try to understand the authority's objective. It is usually beneficial to try and establish what the authority is trying to achieve during the course of the day (noting that in many cases not all of the data will be able to be provided on the day). This will help to ensure that efforts are focused on trying to help the authority achieve that objective (or steps towards it) and then dealing with the remainder of any information requirements/notice by correspondence.
  3. Shadow. Someone should be appointed to shadow each investigator. Notes should be taken of any requests for documents or information the investigator makes. If the investigator requests to speak to individuals, they should be allowed to ask specific questions (for example about the location of data or documents) but businesses should seek to postpone any substantial interviews on the underlying facts to a later date.
  4. Public relations. The dawn raid will be confidential and all employees should treat any information as strictly confidential and not for wider dissemination. However, confirmation should be sought from the authorities as to whether they intend to issue a press release in relation to the raid, and public relations teams should be engaged to manage any public statements (working in conjunction with management and lawyers). The need for other disclosures (e.g. to insurers or the market should all be considered).

This article was first published on the FCPA Blog on January 30, 2024.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.