Austria's Federal Competition Authority ("FCA") has issued its first comprehensive guidance on inspections of undertakings carried out by the FCA.

The FCA's guidance on dawn raids, issued on 24 October 2017, provides an overview of the applicable law as well as the FCA's practice of conducting inspections. The guidance paper does not form part of statutory law but rather describes the process of carrying out a dawn raid from beginning to end, the rights and obligations of FCA staff as well as the rights and obligations of the undertaking inspected and its employees.

The guidance contains a separate chapter on the collection of electronic data which is highly relevant in practice. Referring to an Administrative Court judgment of 2015, the guidance explains the FCA's view that it may not only collect electronic data that is stored on a storage medium located on the premises to be searched but in fact may collect any electronic data that can be accessed from the premises that are being searched (this includes data stored on mobile devices, remote servers, or in the cloud).

In this context, the guidance paper emphasizes that the undertaking inspected may also have to disclose passwords to the FCA if this is necessary for the FCA to access the electronic data. Furthermore, the guidance notes that the most recent amendment to the Austrian Cartel Act (which entered into force in May 2017) introduced new powers for the Austrian Cartel Court, which can now impose penalty payments on undertakings at the request of the FCA in order to force undertakings to grant access to electronic data that can be accessed from the premises being searched during a dawn raid.

In light of the FCA's guidance paper, quick and efficient reaction by undertakings under inspection by the FCA is becoming ever more important.