How to prepare for an effective response when competition authorities come knocking at 6 a.m.
After several years pause when competition authorities around the world suspended on-the-spot inspections during the global pandemic, dawn raids have resumed with full force. In less than a year, more than 40 dawn raids have been reported by 16 different competition authorities across EMEA, the Americas and Asia alone involving companies in the automotive sector, defense, manufacturing, finance, energy construction, and healthcare, to name a few.
Antitrust and competition authorities have revived the use of dawn raids to uncover anti-competitive conduct, including backlogs for activities that may have occurred during the pandemic. Further, current inflationary pressures affecting global markets, and the economic downturn, often breed cartels and heighted coordination as competitors struggle to keep above water.
Dawn raids–—unannounced inspections of premises of companies s by competition authorities seeking to gather evidence of suspected antitrust violations, often involving suspect cartel activity and other anti-competitive business practices–place considerable stress on many facets of a business at once. When competition authorities conduct simultaneous raids at foreign company locations, they can be particularly nerve-wracking.
If a company fails to comply with its legal obligations during a dawn raid, significant fines can be imposed, and individuals can face civil or criminal sanctions. At the same time, it is important to ensure the impact of a raid on day-to-day business operations is minimized.
Dawn raids come home
Pre-pandemic, agency and law enforcement investigations included office searches of corporate file servers, local computer files, mobile devices, electronic storage devices, mobile devices, cloud repositories, email and physical document repositories.
While the focus of dawn raids are still focused primarily on electronically stored information (ESI), a hybrid workforce adds significant new complexities to responding effectively and efficiently to a dawn raid. In an April raid at an individual’s private home, the EC indicated that it intends to expand its powers to raid homes of suspect company employees in the future. This means that agents can request access to data stored on computers and devices used by employees working from home, including personal devices that fall within the remit of a competition authority’s powers to search.
Prepare early and often to mitigate the impacts of unanticipated raids
By taking some proactive steps, companies can prepare better for the pressures of a dawn raid.
Assemble a response team
An internal response team should be appointment for handling potential on-site inspections along with remote or hybrid employee searches at private homes. The team should be cross-functional, including members from the legal department and IT who can assist with authorities document and data requests. In many cases, the response team also includes law firms who can help oversee the investigation process, external experts who can assist with digital forensics and collections (including remotely), discover hidden or falsified evidence and provide earlier insight into the data.
Update policies and procedures by conducting detailed scoping assessments
Companies need to ensure that access to their data can be provided to authorities at very short notice. Reviewing and updating policies and procedures with detailed scoping discussions with IT can provide companies with an assessment of gaps and potential issues, along with areas for improvement, taking training of what to expect and how to respond one step further. One of the things that this approach does not typically allow is for conversations with actual custodians – these conversations (such as where the data is stored within the organization) can help to identify the difference between IT policy and what happens in the organization. This can be a key point, as it exposes weaknesses that IT may not be aware of because as far as they know policies are adhered to.
Policies and procedures should also take into account that routine data destruction may need to be suspended when a document preservation or legal hold notice is applicable to some employees, and include the processes, people and legal technology necessary for preservation efforts.
Adapt collection plans that address a hybrid workforce
With more employees working from home or in a hybrid environment, on-premises raids have shifted to home environment collections. Communication forms, such as collaboration and chat platforms, have become a primary way of communicating among remote and hybrid employees, and that, along with employees’ company and devices that may be off network, add complexity from a collection standpoint. It’s thus critical that IT teams and their external collection experts have the tools and experience for remote collection.
Test the robustness of your incident response mechanisms
“Mock” dawn raids, including discussions with custodians to identify the difference between policies and procedures and actual practice regarding data management practices, can test the thoroughness of dawn raid response planning and expose gaps.
Investigate early and often
Compliance investigations, where data is collected, fully processed and reviewed, can be used as a tool in response to specific concerns to look for red flags. A mock dawn raid in this form can be used as an exercise to perform a mass collection of data (which may otherwise be complicated and raise questions) so an actual investigation can be carried out. If signs of non-compliance are found, rapid investigation with a specialized “strike team”, along with reporting to the competition authority, can mitigate potential consequences for the company before it turns into a full-blown investigation.
There’s no sympathy for excuses
Like an unexpected audit, most businesses do not know how to manage unexpected investigations or dawn raids. In addition to policies, procedures and training, organizations need to know their employees and their data, but how to execute the most expeditious and non-disruptive collection effort.