Dawn raids don't happen during the pandemic, right? Wrong! Are you prepared to respond to a dawn raid when your offices are closed? Do your employees have the procedures and technology in place to provide access to data remotely? How will you handle a dawn raid in a "work from home" environment? This alert provides a snapshot on how authorities have adjusted their dawn raid practice and procedures to handle unannounced inspections during lockdowns, and what you need to do to adjust your internal dawn raid procedures to a "hybrid" work environment in which staff split their time between the office and home.
In a world where business is done over a wide range of online communication platforms, work-life boundaries have blurred, and detection of crisis misconduct is a priority, regulators have been thinking how to re-purpose their existing investigation tools to ensure continued effective detection of problematic behaviour. While the number of investigations has certainly dropped over the past year, regulators have adjusted their dawn raid practice and procedures to lockdown situations and the new "work from home" reality - where a "hybrid" work environment means that on any given day, key staff are split between the office and their homes. The latest experience shows that regulators are still conducting raids, and that they are more aggressive than ever. With more than 20 antitrust authorities having conducted dawn raids across EMEA, the Americas and Asia in the last 12 months, the need to adjust dawn raid policies and dawn raid preparedness training has never been clearer.
- The fact that offices are closed during the pandemic has not deterred antitrust regulators from trying to conduct raids. A global survey conducted by Baker McKenzie indicates a proliferation of different technologies used by authorities to conduct dawn raids remotely: from using virtual data rooms for an initial triage of documents or conducting remote interviews with key business personnel, up to, in some cases, accessing company data virtually via video conference facilities without any prior notice.
- For example, the Italian competition authority initiated dawn raids at a company's closed offices in recent months, with the assistance of the tax police. Despite offices being closed and no employees other than a receptionist being present on-site, the authority insisted on getting access to the premises. In another recent raid, only virtual shadowing of the Italian competition authority's review of data was allowed, instead of the usual in-person filtering of data. In this recent case, the authority downloaded a large amount of data while it was present on-site at the company's premises, and left the premises with all this collected data without having done any further filtering for relevance. The filtering process, i.e., applying search terms and doing a quick review of the documents to ensure they fall within the scope of the inspection mandate and/or are not legally privileged, was done online, with the authority and external counsel being on a video call, and the authority sharing its computer screen when filtering through the data, allowing external counsel to (virtually) shadow the process and ensure that no out-of-scope or legally privileged materials were being retained on the case file.
- Similar online tools were used by the Colombian Competition Authority who is known to have "invited" companies to virtual meetings, surprising these companies during the meeting by requesting them to provide the inspectors with "control" rights to the employees' laptops so that the authority could access remotely specific data available on those laptops. Screenshots of folders were taken, including screenshots illustrating the sizes of specific folders, noting to employees that no data was to be deleted from these folders unless and until the relevant files were collected by the authority.
Access to data and employees during an inspection remains a priority. With companies transitioning to permanent hybrid home/office working realities, the risk of data destruction and/or obstruction of investigations is becoming ever more challenging. Companies need to ensure they have updated procedures to address these new challenges, and that their employees have been trained to handle dawn raids at the company premises without core staff on-site, and/or at employees' private homes. For instance:
- Companies need to ensure that access to data can be provided to authorities at very short notice even where only very limited staff are available on-site. Employees need to know that they may be called upon to assist with a dawn raid even when they work from home - whether that means travelling to the office on short notice, attending remote interviews or providing access to data remotely from their laptops at home. With significant amounts of work data being stored at home, employees should also know what to expect and how to respond to a dawn raid taking place at their own homes, including searches of data stored on their own devices at home.
- Dawn raids are likely to be accompanied by ever more cumbersome data preservation / retention requirements, and extensive requests for information. Companies need to ensure that they have the right technology available to fully preserve all data environments used by their employees (including data rooms, chat functions, mobile devices, collaboration platforms, emails and server data), and be prepared to respond in a matter of weeks if not days to vast requests for information covering thousands if not millions of documents.
The penalties for obstruction of an investigation are extremely high, and antitrust authorities are showing very little sympathy for excuses, or for the challenges which companies face when confronted with a dawn raid in the current working environment. Dawn raid preparedness should remain a core consideration for companies in this new environment. Companies need to ensure that their internal policies are adapted to the latest dawn raid practice, and that their employees are re-trained to handle "remote" raids or raids taking place at their homes. Company technology and internal dawn raid procedures should be tested to ensure they are effective, and work in practice in this new hybrid home/office reality.