Dawn Raid Preparedness Guide

A "dawn raid" is an unannounced inspection conducted by a competition authority at a company's premises to gather evidence of suspected anti-competitive conduct. The term originates from the practice of authorities arriving at office premises early in the morning — typically at the start of the business day — to maximise the element of surprise and minimise the risk of evidence being destroyed or concealed.

Dawn raids are the single most powerful investigative tool available to competition regulators worldwide. In India, the Competition Commission of India (CCI) exercises this power through its investigative arm, the Director General (DG), who is empowered under Section 41 of the Competition Act, 2002, read with Regulation 24 of the CCI (General) Regulations, 2009, to conduct search and seizure operations. Globally, the European Commission, the US Department of Justice (DOJ), the UK Competition and Markets Authority (CMA), and virtually every major competition authority possess analogous powers.

The consequences of a dawn raid extend far beyond the immediate disruption. Poorly managed raids can result in obstruction charges (which carry independent penalties), inadvertent waiver of legal privilege, destruction of the attorney-client relationship, employee panic leading to inconsistent statements, and reputational damage that far exceeds any eventual fine. Conversely, a well-prepared organisation can navigate a dawn raid professionally, preserve its legal rights, protect privileged communications, and position itself favourably for the investigation that follows.

This guide provides a comprehensive framework for dawn raid preparedness. It covers the legal basis for investigations in India and the EU, the specific powers and limitations of investigators, the critical first 60 minutes of a raid, employee protocols, privilege protection, digital evidence handling, and the essential steps for building a robust dawn raid response plan. Whether your organisation operates in a single jurisdiction or across multiple markets, the principles outlined here form the foundation of effective competition compliance.

The objective is not to obstruct lawful investigations — which is itself a serious offence — but to ensure that your organisation cooperates fully while protecting its legitimate legal rights. The distinction between cooperation and capitulation is one that every compliance officer and in-house counsel must understand before a raid occurs, because there is no time to learn it during one.

The Competition Act, 2002 (as amended in 2023) establishes a two-stage process for investigations. First, the CCI must form a prima facie opinion under Section 26(1) that a contravention of Sections 3 (anti-competitive agreements) or 4 (abuse of dominant position) has occurred, and direct the Director General to investigate. The DG's investigative powers are then exercised under Sections 36(2), 41, and 42 of the Act.

Section 41(2) is the primary dawn raid provision. It empowers the DG to exercise the powers conferred on a civil court under the Code of Civil Procedure, 1908, in respect of: (a) summoning and enforcing attendance of any person and examining them on oath; (b) requiring discovery and production of documents; (c) receiving evidence on affidavit; (d) issuing commissions for examination of witnesses and documents; and (e) any other matter as may be prescribed. The DG can also requisition information under Section 36(4) from any enterprise, and non-compliance is punishable under Section 43 with penalties up to INR 1 crore, with a continuing penalty of up to INR 10 lakh per day of default.

Section 36(2) provides that the CCI, in the exercise of its functions, has the same powers as a civil court under the CPC in respect of summoning witnesses, requiring production of documents, receiving evidence on affidavit, and issuing commissions. These powers are delegated to the DG when an investigation is ordered under Section 26(1). Under the Competition (Amendment) Act, 2023, Section 41 was enhanced to clarify that the DG may enter and search premises, examine books and records, seize documents and electronic devices, and take copies of any documents relevant to the investigation.

Section 42 addresses penalties for non-compliance with orders of the CCI or the DG. Any person who fails to comply with directions issued under Section 36(2) or Section 41 may be punished with a fine up to INR 1 crore. Where the non-compliance is a continuing one, a further penalty of up to INR 10 lakh per day of default may be imposed. Critically, Section 45 addresses the offence of making false statements or omissions in information furnished to the CCI or DG — punishable with a fine up to INR 1 crore.

The DG's office is structured with investigating officers who conduct the actual raids. They typically carry: (i) a copy of the CCI order under Section 26(1) directing the investigation; (ii) an authorisation letter from the DG; and (iii) identification documents. It is essential that your dawn raid response team verifies all three documents before permitting entry. The DG does not require a judicial warrant for inspections — the CCI order itself serves as authorisation, distinguishing competition raids from criminal search and seizure under the Code of Criminal Procedure.

Recent enforcement trends show an increase in DG investigations. In FY 2024-25, the CCI directed over 30 new investigations, a significant increase from previous years. The cement, pharmaceutical, real estate, and digital markets sectors have been particular targets. The DG's office has also become more sophisticated in handling electronic evidence, often bringing forensic IT specialists to image hard drives and server data on-site.

In the European Union, the European Commission's inspection powers are set out in Council Regulation (EC) No. 1/2003 of 16 December 2002, which replaced Regulation No. 17/62. Articles 20 and 21 provide the legal framework for inspections of business and non-business premises respectively, while Article 19 governs the power to take statements.

Article 20 empowers Commission officials to: (a) enter any premises, land, and means of transport of undertakings and associations of undertakings; (b) examine books and other records related to the business, irrespective of the medium on which they are stored; (c) take or obtain copies of or extracts from such books or records; (d) seal any business premises and books or records for the period and to the extent necessary for the inspection; and (e) ask any representative or member of staff of the undertaking for explanations on facts or documents relating to the subject matter and purpose of the inspection, and record the answers.

Article 20(4) distinguishes between inspections by simple authorisation (Article 20(3)) and inspections by decision (Article 20(4)). Under a decision-based inspection, the undertaking is obliged to submit to the inspection, and refusal or obstruction can result in fines under Article 23(1)(c)-(e) of up to 1% of total worldwide turnover in the preceding business year, and periodic penalty payments under Article 24(1)(e) of up to 5% of average daily worldwide turnover per working day of delay. These are substantial amounts — for a multinational, the penalty for obstruction alone can reach hundreds of millions of euros.

Article 21 extends inspection powers to non-business premises, including private homes, where there is a reasonable suspicion that business records are kept there. This power requires prior authorisation from a national judicial authority. Article 21 was a significant expansion introduced by Regulation 1/2003 and was first used in 2007 (Commission inspections in the marine hose cartel investigation). The threshold for Article 21 inspections is higher: the Commission must demonstrate reasonable suspicion that relevant evidence is stored at the specific non-business premises.

National Competition Authorities (NCAs) of EU Member States also have their own inspection powers under national law. Under Article 22 of Regulation 1/2003, the Commission may request NCAs to carry out inspections on its behalf. In practice, Commission inspections in a Member State are conducted jointly with NCA officials, who also act as witnesses under national procedural requirements. This means a company may face simultaneous inspections at multiple sites across several Member States — coordinated raids at 6:00 AM across five countries are not uncommon in major cartel cases.

The case law of the EU Courts has developed important limitations. In Nexans and Prysmian v Commission (Cases T-135/09 and T-140/09), the General Court confirmed that the scope of the inspection must be limited to the subject matter described in the inspection decision — so-called "fishing expeditions" are prohibited. In Deutsche Bahn v Commission (Case C-583/13 P), the Court of Justice clarified the requirements for judicial review of inspection decisions. Companies must challenge inspection decisions within the prescribed time limits or lose the right to contest them.

Understanding the full extent of investigators' powers is essential for effective preparation. Across jurisdictions, competition authority investigators typically possess the following powers during an authorised inspection:

Access and Entry: Investigators may enter all business premises, including offices, warehouses, factory floors, parking areas, and reception zones. In the EU, under Article 20, this extends to "any premises, land, and means of transport." In India, the DG's officers may enter and inspect any premises where books, papers, or documents relating to the business are kept. They do not need to wait for external counsel to arrive before beginning — though professional practice in many jurisdictions allows a brief courtesy delay (typically 30-60 minutes), this is not a legal right.

Document Examination and Copying: Investigators may examine all business records regardless of format — paper files, electronic documents, emails, instant messages, WhatsApp conversations on company devices, presentations, board minutes, notebooks, diaries, and calendars. They may take copies of any relevant documents. In the EU, the Commission's Explanatory Note on Inspections confirms that officials may use their own photocopiers and scanning equipment. In India, the DG may requisition and take copies of any books, papers, or documents under Section 41 read with the CPC powers.

Electronic Evidence: Modern dawn raids are overwhelmingly focused on electronic evidence. Investigators may: (a) take forensic images of hard drives, servers, and network drives; (b) search email accounts and email servers, including archived or deleted emails; (c) examine mobile phones and tablets issued by the company; (d) access cloud-based storage and collaboration platforms (SharePoint, Google Drive, Slack, Teams); (e) use keyword searches across electronic repositories; and (f) take copies of metadata associated with electronic files. The European Commission's Directorate-General for Competition (DG COMP) routinely brings specialist forensic IT teams equipped with imaging hardware and forensic search software.

Questioning: Investigators may ask oral questions of any employee, officer, or director present at the premises. In the EU, under Article 20(2)(e), officials may ask for explanations on facts or documents relating to the subject matter and purpose of the inspection, and may record the answers. In India, the DG may summon and examine any person on oath under Section 41(2). Critically, while employees must provide factual answers, they are generally not required to make admissions or provide self-incriminating statements. However, refusing to answer factual questions or providing misleading answers carries independent penalties.

Sealing: In the EU, Commission officials may seal any business premises and books or records for the period and to the extent necessary for the inspection (Article 20(2)(d)). Seals are typically placed overnight on offices or server rooms when an inspection spans multiple days. Breaking a seal is a serious offence — E.ON was fined EUR 38 million in 2008 for a broken seal. In India, the DG does not have an explicit sealing power under the Competition Act, but may request that premises remain undisturbed and can apply to the CCI for appropriate directions.

While investigative powers are broad, they are not unlimited. Understanding the boundaries is critical to protecting your organisation's rights without crossing the line into obstruction. The following limitations apply across most major jurisdictions:

Scope Limitation: Investigators are restricted to the scope defined in the authorisation document (CCI order, Commission decision, or judicial warrant). They cannot conduct "fishing expeditions" — the search must be directed at evidence relevant to the suspected infringement described in the authorisation. In the EU, the General Court in Nexans v Commission annulled parts of an inspection decision that was too broadly worded. In India, the DG investigation is limited to the specific contravention referred by the CCI under Section 26(1). If investigators attempt to examine documents clearly outside the scope, the company's legal representative has the right to object and note the objection on the record.

Legal Professional Privilege: Communications between a client and an independent external lawyer for the purpose of obtaining legal advice are protected from seizure. In the EU, following AM&S Europe v Commission (Case 155/79) and Akzo Nobel Chemicals v Commission (Case C-550/07 P), privilege applies only to communications with external lawyers admitted to the bar of an EU/EEA Member State. Communications with in-house lawyers are NOT privileged under EU law — a critical distinction that many companies fail to appreciate. In India, Sections 126-129 of the Indian Evidence Act, 1872 (now Bharatiya Sakshya Adhiniyam, 2023, Sections 126-129) protect communications between an advocate and client.

Self-Incrimination: The right against self-incrimination, while not absolute in competition proceedings, provides some protection. In the EU, the Court of Justice in Orkem v Commission (Case 374/87) held that a company cannot be compelled to provide answers that would involve an admission of the existence of an infringement. However, companies can be required to provide factual information and pre-existing documents, even if these may be incriminating. In India, Article 20(3) of the Constitution protects against self-incrimination in criminal proceedings; the applicability to CCI proceedings (which are civil/administrative) is debated but provides a residual safeguard.

Personal Belongings: Investigators generally cannot search personal belongings, personal devices, or private vehicles of employees without specific authorisation. However, if a personal device has been used for business communications (e.g., personal mobile phone with work WhatsApp groups), the position becomes more complex. Best practice: company policies should prohibit the use of personal devices for business communications to maintain a clear boundary.

Use of Force: Competition authority investigators, unlike police officers, generally do not have the power to use physical force. If entry is refused or obstructed, they may: (a) record the obstruction; (b) impose fines for non-cooperation; (c) seek assistance from national law enforcement (in the EU, under Article 20(6), Member States shall afford necessary assistance, including police assistance); or (d) apply to a court for an order compelling entry. In India, obstruction of the DG's investigation can be referred to the CCI for penalty proceedings under Section 42.

Questioning Limits: Investigators may ask questions about facts and documents, but they cannot compel employees to speculate, interpret ambiguous documents, or provide legal opinions. Employees should answer factual questions truthfully but are not required to go beyond the factual scope of the question. "I don't know" and "I would need to check" are legitimate answers when genuinely true — but "I don't remember" used systematically as an evasion tactic is easily identified and may itself constitute obstruction.

Legal professional privilege (LPP) is the single most contested issue during dawn raids. Protecting privileged communications requires advance preparation, clear labelling protocols, and a deep understanding of how privilege operates in each relevant jurisdiction. Getting this wrong can result in either waiving privilege over critical legal advice or obstructing the investigation by overclaiming privilege — both with serious consequences.

India: Under the Bharatiya Sakshya Adhiniyam, 2023 (formerly Indian Evidence Act, 1872), Sections 126-129 protect communications between a barrister, attorney, pleader, or vakil and their client. Section 126 prohibits disclosure without the client's express consent. Section 129 provides that no one shall be compelled to disclose confidential communications between a client and their legal professional adviser. The privilege extends to documents prepared by or for the lawyer in connection with giving legal advice or in contemplation of litigation. However, the privilege does not cover: (a) communications in furtherance of any illegal purpose; (b) facts observed by the lawyer in the course of employment that show a crime or fraud has been committed since the commencement of the engagement; or (c) purely commercial or business advice from lawyers (the "dominant purpose" test applies — the communication must be for the dominant purpose of obtaining legal advice).

EU: The EU position is narrower following the Court of Justice's landmark ruling in Akzo Nobel Chemicals and Akcros Chemicals v Commission (Case C-550/07 P, 2010). Privilege in EU competition proceedings applies ONLY to: (a) communications with external lawyers who are qualified in an EU/EEA Member State; and (b) communications made for the purpose of the client's rights of defence. Crucially, communications with in-house counsel are NOT privileged, regardless of the in-house lawyer's bar qualifications. This was confirmed despite strong advocacy from the legal profession and several Member States whose national laws do protect in-house counsel communications. The practical implication: any sensitive competition law advice should come from external counsel, or should be communicated in a way that keeps the external lawyer's advice clearly demarcated.

The Privilege Claim Procedure: During a dawn raid, if investigators seek to examine a document that the company claims is privileged, a specific procedure applies. In the EU: (a) the company identifies the document and states the basis for the privilege claim; (b) investigators may briefly examine the document to assess the claim (in the presence of the company's representative); (c) if the claim is disputed, the document is placed in a sealed envelope; (d) the sealed envelope is taken by the Commission; and (e) the dispute is resolved by the Commission, subject to review by the General Court. The "sealed envelope" procedure was clarified in Akzo Nobel. In India, the procedure is less formalised, but the company should: object to the seizure on the record, note the privilege claim in writing, and reserve the right to challenge the seizure before the CCI or a competent court.

Practical Privilege Protection: The following measures should be implemented well in advance of any potential raid: (a) clearly label all privileged communications with a "PRIVILEGED AND CONFIDENTIAL — LEGAL ADVICE" header; (b) maintain a central privilege log that can be produced quickly; (c) store privileged documents in designated folders (physical and electronic) separate from general business files; (d) train employees to recognise privileged documents and to alert the legal team immediately if investigators request them; (e) ensure that external counsel's advice is not forwarded widely or summarised in non-privileged business documents; and (f) conduct periodic privilege audits to ensure that labelling and storage protocols are being followed.

Waiver Risks: Privilege can be waived inadvertently. Common waiver scenarios include: forwarding privileged advice to non-client third parties (e.g., joint venture partners, industry association members); summarising legal advice in board minutes or management reports that are not themselves privileged; failing to mark documents as privileged; storing privileged documents in shared drives accessible to non-legal staff; and discussing privileged advice in meetings attended by non-privileged persons. Once waived, privilege cannot be reclaimed — and waiver may extend to all related communications on the same subject matter.

Digital evidence has become the centrepiece of modern dawn raids. The days of investigators leafing through filing cabinets are largely over — today, forensic IT specialists arrive with disk imaging equipment, forensic analysis software, and the technical capability to search terabytes of data in hours. Preparing for this reality is a non-negotiable element of dawn raid readiness.

What Investigators Target: The primary targets for electronic searches include: (a) email accounts (current and archived, including deleted items and recovery from backup tapes); (b) instant messaging platforms (Teams, Slack, WhatsApp); (c) shared drives and cloud storage; (d) personal folders on company networks; (e) mobile devices (company-issued phones, tablets, laptops); (f) calendar entries and meeting invitations; (g) metadata (document creation dates, modification history, access logs); (h) browser history and download logs; and (i) backup tapes and disaster recovery archives. The European Commission's forensic teams use specialised software (such as Nuix, EnCase, or similar tools) that can perform keyword searches across all these data sources simultaneously.

Forensic Imaging: Investigators routinely create forensic images (exact bit-for-bit copies) of hard drives, servers, and mobile devices. A forensic image preserves all data, including deleted files that have not been overwritten, temporary files, system logs, and metadata. The imaging process uses write-blockers to ensure the original media is not altered, and the integrity of the image is verified using cryptographic hash values (MD5 or SHA-256). Companies should not attempt to prevent forensic imaging of devices within scope — this constitutes obstruction. However, the company has the right to: (a) request that its own forensic expert be present during imaging; (b) receive a copy of the forensic image; (c) note objections regarding scope (e.g., if personal data or privileged material is on the same device); and (d) request that the review of imaged data be conducted using agreed keyword searches rather than unrestricted browsing.

Cloud and SaaS Data: Modern businesses operate increasingly on cloud platforms. Investigators may request access to cloud-based email (Office 365, Google Workspace), collaboration tools (SharePoint, Confluence, Notion), CRM systems (Salesforce), and other SaaS platforms. The legal basis for accessing cloud data stored outside the jurisdiction is complex and evolving. In the EU, the Commission takes the position that if the data is accessible from the inspected premises (i.e., the employee can log in), it falls within the scope of the inspection. Companies should be prepared for this and should understand which cloud data is accessible from their premises.

Mobile Devices and BYOD: The increasing use of personal devices for business communications (Bring Your Own Device or BYOD policies) creates significant complications. If an employee's personal phone contains a business WhatsApp group used to communicate with competitors, investigators may seek to examine it. Best practice: (a) implement clear BYOD policies that distinguish business and personal data; (b) use mobile device management (MDM) software that can segregate business data; (c) prohibit the use of personal messaging apps (WhatsApp, Signal, Telegram) for business communications; and (d) train employees that personal devices used for business purposes may be subject to inspection. Some companies have adopted a strict "no personal devices for business" policy specifically for competition-sensitive roles.

Data Destruction Warning: Any attempt to delete, destroy, or alter electronic evidence after becoming aware of an investigation (or even when an investigation is reasonably anticipated) constitutes spoliation. This can result in: (a) independent penalties for obstruction; (b) adverse inferences drawn by the authority; (c) criminal prosecution in some jurisdictions; and (d) substantially increased fines in the underlying competition case. Automated document retention policies that routinely delete emails after a fixed period should include litigation hold mechanisms that suspend destruction when an investigation is anticipated or underway.

The first 60 minutes of a dawn raid determine the tone of the entire investigation. The actions taken by reception staff, security personnel, the first senior person on-site, and subsequently the legal and compliance team set the trajectory. A company that responds professionally — cooperative but rights-aware — earns respect from investigators and avoids the compounding problems that panic, obstruction, or confusion create.

Minutes 0-5: Reception and Security: The receptionist or security guard is typically the first point of contact. They must be trained to: (a) remain calm and courteous; (b) ask the investigators to wait in a designated meeting room (not a general waiting area where they can observe operations); (c) check identification and take copies of the authorisation documents; (d) immediately call the designated dawn raid coordinator (typically General Counsel, Head of Legal, or a designated senior manager); (e) NOT allow investigators to wander through the premises unaccompanied; and (f) NOT attempt to explain, argue, or question the investigators about the purpose of the visit. A script should be provided to reception: "Good morning. Please take a seat in this meeting room. I am contacting our legal team, who will be with you shortly."

Minutes 5-15: Dawn Raid Coordinator Activation: The dawn raid coordinator should: (a) proceed immediately to the reception area or meeting room; (b) introduce themselves and request copies of all authorisation documents; (c) verify the identity and authority of the lead investigator; (d) read the authorisation carefully to understand the scope of the investigation (what infringement is alleged, which entities and premises are covered, what time period is relevant); (e) contact external competition counsel immediately; (f) notify the CEO/Managing Director, General Counsel, and Head of Compliance; and (g) request a brief delay (30-60 minutes) to allow external counsel to arrive. This delay is a courtesy, not a right — investigators may decline, but most professional regulators allow a reasonable period.

Minutes 15-30: Internal Mobilisation: While waiting for external counsel, the dawn raid team should: (a) activate the dawn raid response plan; (b) assign shadow teams (one company employee to accompany each group of investigators — this is essential for maintaining a record of what documents are examined and copied); (c) prepare the log sheets for recording all documents examined, copied, or seized; (d) secure the privilege folder (physical and electronic) and alert the IT team that a raid is in progress; (e) send a company-wide notification that a regulatory inspection is underway, instructing all employees to cooperate but to answer only factual questions and to direct any complex or legal questions to the legal team; and (f) begin a contemporaneous log of all events (who arrived, when, what was said, what rooms were entered).

Minutes 30-60: External Counsel Arrival and Inspection Commencement: When external counsel arrives, they should: (a) meet with the lead investigator to confirm the scope and agree on logistics (e.g., which rooms will be searched first, how privilege claims will be handled, whether forensic imaging will occur); (b) brief the shadow teams on their duties; (c) ensure the log is being maintained; (d) begin identifying any privilege issues with documents in the areas to be searched; and (e) establish a secure "war room" for the legal team to work from, out of earshot of the investigators. Even if the investigation begins before counsel arrives, the company's right to have counsel present during the remainder of the inspection is well-established.

Critical Rule: At no point during the first 60 minutes — or at any point during the raid — should any employee: (a) destroy, hide, or alter any document (physical or electronic); (b) lie to investigators or provide misleading answers; (c) contact other companies being investigated (particularly co-cartelists); (d) remove any documents or devices from the premises; or (e) send emails or messages about the substance of the investigation. Any of these actions can result in independent penalties and will severely prejudice the company's position.

The following table provides an at-a-glance reference for employees during a dawn raid. This should be included in the company's dawn raid manual, distributed to all relevant staff, and reviewed during training sessions.

DO	DO NOT
Remain calm, polite, and professional at all times	Do not panic, argue, or become confrontational with investigators
Immediately contact the designated dawn raid coordinator and external counsel	Do not attempt to handle the raid without legal guidance
Verify the investigators' identity and authority — take copies of credentials and authorisation	Do not refuse entry once proper authorisation is confirmed
Cooperate fully with all lawful requests — provide access to premises, documents, and systems	Do not obstruct, delay, or impede the investigation in any way
Assign a shadow to accompany each group of investigators	Do not leave investigators unsupervised — but do not physically block them
Maintain a detailed log of all documents examined, copied, and seized	Do not destroy, conceal, alter, or remove any documents (physical or electronic)
Answer factual questions truthfully and concisely	Do not speculate, volunteer information, or provide legal interpretations
Claim privilege over specific documents through the established procedure	Do not overclaim privilege or refuse to produce documents without a valid legal basis
Keep notes of all questions asked and answers given by employees	Do not coach employees on what to say or coordinate responses
Provide IT assistance to investigators as requested (passwords, access credentials)	Do not delete emails, clear browser history, wipe phones, or alter any electronic records
Request receipts for all documents and devices taken by investigators	Do not contact other companies under investigation or industry association members
Secure personal devices with personal-only content and explain the personal nature	Do not send messages (email, SMS, WhatsApp) about the substance of the raid

For Oral Questions: Employees should understand the following ground rules: (a) you must answer factual questions — "What is your role?", "Who do you report to?", "Where are the files for Project X kept?"; (b) you may say "I don't know" if genuinely true, but not as a blanket response; (c) you may say "I would prefer to have legal counsel present" for complex questions — but this may not prevent investigators from continuing; (d) you are not required to interpret documents, speculate about others' intentions, or provide legal analysis; (e) keep answers short and factual — do not elaborate beyond the question asked; and (f) if you are unsure whether a question is within scope, you may ask the company's legal representative for guidance before answering.

Special Situations: If investigators find a document that appears to be direct evidence of a cartel (e.g., competitor pricing communications), employees should NOT attempt to explain, minimise, or contextualise it. They should simply note that the document was found and immediately inform the legal team. Any spontaneous explanation given in the heat of the moment can be used as evidence and may be extremely damaging.

In-house counsel plays a pivotal but complex role during a dawn raid. They are typically the most senior legal resource on-site when investigators arrive, yet their position involves unique constraints — particularly in the EU, where communications with in-house counsel are not protected by legal professional privilege.

Immediate Responsibilities: In the absence of the dawn raid coordinator (or pending their arrival), in-house counsel should: (a) receive the investigators and verify their authorisation; (b) immediately contact external competition counsel; (c) alert senior management; (d) activate the dawn raid response plan; (e) coordinate the assembly of shadow teams; and (f) begin the contemporaneous event log. In-house counsel must resist the temptation to engage in substantive discussions with investigators about the merits of the investigation — this is external counsel's role.

Managing Employees: One of in-house counsel's most critical functions is managing employee behaviour during the raid. This includes: (a) circulating the internal notification to all staff (which should be pre-drafted and ready for immediate distribution); (b) briefing employees on their rights and obligations before they are questioned; (c) being present during employee questioning where possible (though investigators may not always permit this); (d) identifying employees who are panicked or likely to make damaging admissions and ensuring they are supported; and (e) intervening when questions go beyond the factual scope or the authorised subject matter.

The Privilege Trap: In-house counsel must be acutely aware that their own communications may not be privileged. In the EU, this means: (a) do not create contemporaneous written analysis of the investigation during the raid on company systems — use external counsel's systems or hand-write notes that are handed directly to external counsel; (b) do not email legal analysis to colleagues — it may be seized; (c) do not prepare documents summarising the company's legal exposure — these are not privileged if created by in-house counsel under EU law; and (d) channel all substantive legal analysis through external counsel's firm. In India, the position is somewhat better — if in-house counsel is a qualified advocate enrolled with a State Bar Council, their communications in their capacity as legal adviser may attract privilege under BSA Section 126, but this is not settled law and should not be relied upon without external confirmation.

Post-Raid Debriefing: After the investigators leave, in-house counsel should immediately: (a) compile all logs, notes, and records maintained during the raid; (b) conduct individual debriefs of all employees who were questioned (recording their recollections of questions asked and answers given while memory is fresh); (c) identify all documents and data that were examined, copied, or seized; (d) assess whether any privileged material was inadvertently produced; (e) prepare a comprehensive report for external counsel; and (f) implement a litigation hold if one is not already in place. These debriefing notes should be prepared as external counsel work product (i.e., at external counsel's direction and for the purpose of providing legal advice) to maximise privilege protection.

Coordination with External Counsel: In-house counsel acts as the bridge between the company and external advisers. They should maintain a single, secure channel of communication with external counsel during the raid (preferably by phone, not email or messaging), provide real-time updates on the progress of the inspection, flag privilege issues as they arise, and ensure that the company's responses are consistent and measured. The in-house counsel should not attempt to negotiate settlements, make admissions, or discuss leniency applications with investigators — these are strategic decisions that require careful consideration by the full legal team and the company's board.

External competition counsel is indispensable during a dawn raid. Their independence provides privilege protection (particularly in the EU), their specialist experience enables effective rights assertion, and their distance from the company's day-to-day operations allows them to provide objective strategic advice. The question is not whether to engage external counsel, but how to ensure they are available and effective when needed.

Pre-Engagement (Before Any Raid): Every company with material competition law exposure should: (a) identify and formally engage an external competition law firm before any investigation arises — this is not the moment for a beauty parade; (b) ensure the firm has experience with dawn raids in all relevant jurisdictions; (c) provide the firm with a standing brief on the company's business, organisational structure, key personnel, IT systems, and data storage arrangements; (d) share the firm's contact details with the dawn raid coordinator, reception, and security; (e) agree on fee arrangements, so that cost is not a barrier to immediate mobilisation; and (f) ensure the firm can deploy a team to your premises within 30-60 minutes (or has local correspondents if you have premises in multiple cities or countries).

During the Raid: External counsel's role during the raid includes: (a) engaging with the lead investigator on scope, logistics, and procedure; (b) reviewing the authorisation documents and identifying any jurisdictional or procedural deficiencies; (c) asserting privilege claims through the proper procedure; (d) overseeing the document review process to ensure that investigators stay within scope; (e) being present during (or immediately debriefing) employee questioning; (f) maintaining a legal strategy record (which documents are sensitive, which employees are at risk, whether leniency is a consideration); and (g) advising on whether to seek interim relief from a court (e.g., to challenge the scope of the inspection or protect privileged material).

Multi-Jurisdictional Raids: In cartel investigations, simultaneous raids across multiple jurisdictions are common. The European Commission coordinates with NCAs across Member States, and information is shared with competition authorities in other jurisdictions through bilateral cooperation agreements. If your company operates in multiple countries, your external counsel network must be able to mobilise in all relevant jurisdictions simultaneously. This requires: (a) a lead firm that coordinates the overall response; (b) local competition counsel in each jurisdiction where premises may be raided; (c) a pre-agreed communication protocol (who calls whom, how information is shared across the network while maintaining privilege); and (d) a consistent global position on cooperation, privilege, and leniency.

Leniency Considerations: One of external counsel's first strategic assessments during a dawn raid is whether to apply for leniency. In India, the CCI's lesser penalty regime under Section 46 of the Competition Act incentivises the first applicant with up to 100% reduction in penalty, the second with up to 50%, and the third with up to 30%. In the EU, the European Commission's Leniency Notice provides full immunity for the first applicant and significant reductions for subsequent applicants. The window for a first-in leniency application may be extremely short — sometimes only hours after a raid begins. External counsel must be prepared to make this strategic assessment rapidly, in coordination with the company's board, and file marker applications in all relevant jurisdictions simultaneously if the decision is to cooperate.

Document preservation and privilege logging are two sides of the same coin: the company must preserve all potentially relevant documents (including those adverse to its interests) while simultaneously maintaining a clear, defensible record of which documents are protected by legal professional privilege. Failure on either front can be catastrophic.

Litigation Hold: A litigation hold (or legal hold) is a formal instruction to all relevant personnel and IT systems to preserve all documents, data, and records that may be relevant to an actual or anticipated investigation. The hold should be issued: (a) immediately upon receiving a CCI order, Commission investigation decision, or dawn raid; (b) when the company first becomes aware of facts suggesting an investigation is likely (e.g., press reports of an industry investigation, departure of a key employee to a competitor who may report conduct, a competitor's leniency application); or (c) when internal compliance monitoring identifies a potential infringement. The hold must cover all document types (paper, electronic, email, messaging, cloud), all relevant custodians (employees, former employees, contractors, agents), and all time periods relevant to the suspected infringement.

Preservation Obligations: Under Indian law, once an investigation is directed under Section 26(1) of the Competition Act, the company has an obligation to preserve all relevant documents. Destruction of evidence after an investigation has commenced can result in: (a) penalties under Section 42 for non-compliance with CCI directions; (b) adverse inferences by the CCI; (c) potential prosecution under Section 43 of the Competition Act; and (d) obstruction charges. Under EU law, the destruction of documents after an inspection decision has been notified constitutes obstruction under Article 23(1) of Regulation 1/2003. Even before formal notification, if the company was aware of the investigation, document destruction may be treated as an aggravating factor in penalty calculations.

Privilege Log: A privilege log is a detailed register of all documents over which legal professional privilege is claimed. For each document, the log should record: (a) date of the document; (b) author(s) and recipient(s); (c) type of document (email, memorandum, presentation, etc.); (d) subject matter (described at a level of generality sufficient to support the privilege claim without revealing the privileged content); (e) the specific basis for the privilege claim (legal advice privilege, litigation privilege, or both); (f) whether the document has been provided to any third party (which might waive privilege); and (g) the name of the external lawyer or firm involved. The privilege log must be prepared in advance — not during the chaos of a raid. Best practice is to maintain a rolling privilege log that is updated monthly and can be produced to investigators within hours of a raid commencing.

Document Retention Policies: Every company should have a document retention and destruction policy that operates in normal times and is suspended (via litigation hold) when an investigation arises. The policy should specify: retention periods for different document categories, the method of destruction (secure shredding, certified electronic deletion), the responsible person for each category, and the procedure for triggering a litigation hold. A well-implemented retention policy that routinely destroys documents after the expiry of their retention period is legally defensible — but a policy that is selectively applied, or that is hastily invoked when an investigation is anticipated, will attract severe scrutiny.

Electronic Discovery Readiness: Companies should invest in e-discovery readiness measures including: (a) enterprise search capabilities that can identify documents by custodian, date, keyword, and document type; (b) email archiving that preserves deleted items for a defined period; (c) the ability to image individual laptops and mobile devices quickly; (d) documented data maps showing where all company data is stored (on-premises servers, cloud platforms, third-party processors); and (e) tested litigation hold procedures that can be activated across all systems within 24 hours. These capabilities are not luxuries — they are essential infrastructure for any company operating in regulated markets.

The conclusion of the physical inspection does not mark the end of the dawn raid process — it marks the beginning of the response phase. The actions taken in the hours, days, and weeks after a raid are critical to the company's legal position and strategic options.

Immediate Actions (Day 1-2): Within 24-48 hours of the raid concluding: (a) complete the contemporaneous event log while memories are fresh; (b) conduct individual debriefs of all employees who interacted with investigators — record their account of all questions asked and answers given; (c) compile a complete inventory of all documents and data examined, copied, or seized (cross-referenced against investigator receipts); (d) identify any privileged documents that may have been inadvertently produced or examined and immediately notify the authority and external counsel; (e) preserve all internal notes, logs, and records created during the raid (these may be needed for litigation); and (f) issue a formal litigation hold if not already in place, covering all custodians and data sources identified during the raid.

Strategic Assessment (Days 3-14): External counsel should conduct a comprehensive strategic assessment covering: (a) the likely scope and direction of the investigation based on the documents sought and questions asked; (b) the company's factual exposure — what evidence exists, who is involved, what is the timeline of the suspected conduct; (c) the leniency calculus — is the company a potential leniency applicant, and if so, in which jurisdictions and on what timeline; (d) the position of other companies (co-suspects, potential leniency applicants, complainants); (e) privilege issues — have any privileged documents been compromised, and what remedial steps are available; (f) employee exposure — are individual employees at risk of personal penalties or director disqualification; and (g) the public relations dimension — has the raid been reported, and what is the communication strategy.

Regulatory Engagement (Weeks 2-8): After the initial assessment, the company must decide on its engagement strategy with the authority. Options include: (a) full cooperation with the investigation (answering information requests, providing documents voluntarily, making employees available for interviews); (b) cooperation with leniency application (requiring full disclosure and ongoing cooperation); (c) measured cooperation (complying with formal requirements but not volunteering additional information); or (d) contesting the investigation (challenging the scope, procedure, or jurisdiction). The choice depends on the company's factual position, the strength of the evidence against it, the availability of leniency, and the potential consequences of different outcomes. External counsel's role is to present these options clearly and advise on the strategic implications of each.

Employee Welfare: Dawn raids are extremely stressful for employees, who may feel personally at risk, guilty, frightened, or angry. The company should: (a) provide clear communication to all staff about what happened and what it means (without revealing investigation details); (b) offer individual support to employees who were directly involved in the raid; (c) retain employment counsel to advise on any potential personal exposure of individual employees; (d) address rumours and speculation promptly; and (e) ensure that employees understand their continued obligations (document preservation, no contact with competitors, cooperation with internal and external counsel). Companies that neglect the human dimension of a dawn raid often find that disgruntled or frightened employees become cooperating witnesses for the authority.

Board Reporting: The company's board of directors must be informed promptly. The board report should cover: the fact and scope of the raid; the company's initial legal assessment; the recommended engagement strategy; the estimated timeline; potential financial exposure (fines, damages claims, legal costs); and any required disclosures to stock exchanges, insurers, or counterparties. In India, listed companies may have disclosure obligations under SEBI (LODR) Regulations if the investigation constitutes a material event.

A dawn raid response plan is only as effective as the people who implement it. Training and mock exercises are essential to ensure that when a real raid occurs, every member of the response team — from the receptionist to the General Counsel — knows their role and can execute it under pressure.

Annual Training Programme: The following personnel should receive annual dawn raid training: (a) reception and security staff (first contact protocol, identification verification, immediate notification); (b) the dawn raid coordinator and backup coordinator; (c) all members of the legal and compliance team; (d) IT managers and administrators (forensic imaging, access provisioning, litigation hold activation); (e) executive committee/senior management; (f) executive assistants and secretaries to senior management (who may hold diaries, travel records, or access to sensitive files); (g) sales and commercial teams (who are most likely to have competitor contact); and (h) finance and procurement teams (whose documents may evidence anti-competitive conduct). Training should be role-specific — reception staff do not need detailed legal training, and lawyers do not need detailed IT forensics training.

Mock Dawn Raid Exercises: A mock dawn raid is a simulation conducted by external counsel (sometimes with the assistance of former authority officials) that replicates a real inspection as closely as possible. The exercise typically involves: (a) unannounced arrival at the premises by the mock investigation team; (b) presentation of (simulated) authorisation documents; (c) testing the reception protocol, coordinator activation, and internal mobilisation; (d) simulated document searches (including electronic searches); (e) simulated employee questioning; (f) testing the privilege claim procedure; (g) testing the event logging and shadowing process; and (h) a comprehensive debrief identifying strengths and weaknesses in the company's response. Mock raids should be conducted at least annually, and ideally at multiple sites if the company has more than one premises.

Tabletop Exercises: In addition to full-scale mock raids, tabletop exercises (scenario-based discussions) can be used to test decision-making processes. Tabletop scenarios might include: "The DG team has found an email between your sales director and a competitor's sales director discussing pricing — what do you do?"; "Investigators want to image the personal mobile phone of an employee who has resigned — what are your options?"; "A junior employee has told investigators that 'everyone knows we fix prices with [competitor]' — how do you respond?"; "The investigation is in a sector where you have a pending leniency application in the EU but not in India — what are the implications?". These exercises are lower-cost than full mock raids and can be conducted more frequently.

Training Content: Training materials should include: (a) the company's dawn raid response plan (with role-specific summaries); (b) the dos and don'ts card (pocket-sized, laminated, kept at desk or in wallet); (c) the contact tree (dawn raid coordinator, backup coordinator, external counsel, General Counsel, CEO); (d) a summary of investigators' powers and limitations; (e) privilege identification guidance (how to recognise a privileged document); (f) IT-specific guidance for the IT team (forensic imaging protocol, litigation hold activation, cloud access management); and (g) FAQs addressing common employee concerns ("Can I be arrested?", "Do I have to answer?", "Can they search my personal bag?"). All training should be documented, and attendance records maintained — evidence of a robust training programme can be a mitigating factor in penalty assessments.

Refresher and Updates: Training must be refreshed whenever: (a) there is a change in the law or the authority's investigation practices; (b) personnel change (new dawn raid coordinator, new reception staff, new General Counsel); (c) the company enters a new sector or jurisdiction with different competition risks; (d) a real dawn raid occurs (lessons learned should be incorporated); or (e) the annual refresh cycle is due. Stale training is almost as dangerous as no training — it creates a false sense of preparedness.

The financial consequences of a competition investigation — including fines, legal costs, damages claims, and reputational harm — can be existential for a business. While insurance cannot protect against all of these risks, specialist products exist that can mitigate the financial impact. Broader risk mitigation strategies can reduce the likelihood and severity of investigations.

Competition Law Insurance: Specialist insurers offer policies that cover: (a) legal defence costs incurred in responding to competition authority investigations (including dawn raid response costs, document review, interview preparation, and hearing representation); (b) legal costs of appeals against authority decisions; (c) legal costs of defending private damages actions following an infringement finding; and (d) in some cases, a portion of the fines imposed (though the insurability of fines varies by jurisdiction and policy — in many jurisdictions, fines imposed for intentional anti-competitive conduct are uninsurable as a matter of public policy). Policies typically do not cover: the fines themselves (where law prohibits), damages awarded in private actions, or internal compliance programme costs.

Directors' and Officers' (D&O) Insurance: D&O policies may provide cover for individual directors and officers who face personal liability in connection with competition law infringements. In India, Section 48 of the Competition Act imposes personal liability on directors or officers responsible for the company's affairs at the time of the contravention. In the EU, individual liability is primarily a matter of national law, though the European Commission can hold parent company directors responsible under the single economic unit doctrine. D&O policies should be reviewed to ensure they cover competition law investigations and that carve-outs for intentional or dishonest conduct are not so broad as to vitiate coverage.

Risk Mitigation Beyond Insurance: The most effective risk mitigation is prevention. This includes: (a) a robust competition compliance programme (training, monitoring, reporting, enforcement); (b) regular competition audits of high-risk business areas (sales, procurement, trade associations, joint ventures); (c) clear policies on competitor contact, information exchange, and trade association participation; (d) whistleblower mechanisms that enable early identification of potential infringements; (e) tone from the top — board-level commitment to competition law compliance; and (f) swift and decisive response when potential infringements are identified (including self-reporting and leniency applications where appropriate).

Contract and Indemnity Provisions: Companies should review their commercial contracts for competition law risk, including: (a) indemnity provisions in joint venture agreements, distribution agreements, and supply agreements that address competition law liability; (b) termination rights triggered by competition authority investigations; (c) information sharing protocols in joint ventures that prevent exchange of competitively sensitive information; and (d) audit rights that enable monitoring of counterparties' competition law compliance. In M&A transactions, competition law warranties and indemnities should cover the risk of pre-acquisition infringements that are only discovered post-closing — including dawn raids relating to conduct that predates the acquisition.

Crisis Communication Planning: Reputational risk from a dawn raid can be as damaging as the financial penalties. Companies should prepare: (a) holding statements for media enquiries ("We can confirm that [authority] is conducting a routine regulatory inspection. We are cooperating fully. It would be inappropriate to comment further at this stage."); (b) internal communication templates for employees, customers, and suppliers; (c) a designated media spokesperson who is briefed on competition law sensitivities; and (d) a protocol for coordinating public communications with external counsel (to avoid statements that could prejudice the legal position). In India, listed companies must also consider SEBI disclosure requirements — material investigations may need to be disclosed to stock exchanges under Regulation 30 of the SEBI LODR Regulations.

Real-world dawn raids offer invaluable lessons for preparedness. The following case studies illustrate both best practices and costly mistakes:

Case Study 1: Cement Cartel (India, 2012-2016) — In one of the CCI's landmark cases (Builders Association of India v Cement Manufacturers Association, Case No. 29/2010), the DG conducted extensive investigations into 11 cement companies for price-fixing. The DG's investigation included searches of company premises, examination of industry association records, and analysis of pricing data and communications. The CCI imposed a total penalty of approximately INR 6,714 crore (approximately USD 1.1 billion at the time) — one of the largest competition fines globally. Lesson: Industry association meetings and communications are a primary target. Companies must ensure that trade association participation policies are in place and that employees understand the boundaries of permissible information exchange.

Case Study 2: E.ON Seal-Breaking (EU, 2008) — During a European Commission inspection of E.ON Energie AG in May 2006, Commission officials sealed a room overnight. When they returned the following morning, the seal had been tampered with. E.ON argued that the seal may have been damaged accidentally, but the Commission rejected this and imposed a fine of EUR 38 million solely for the seal-breaking. The General Court upheld the fine in Case T-141/08. Lesson: Treat Commission seals with absolute respect. Designate security personnel to guard sealed areas overnight and ensure no employee — no matter how senior — enters a sealed area. The cost of a broken seal (EUR 38 million) exceeded many cartel fines at the time.

Case Study 3: Nexans and Prysmian (EU, 2009) — The European Commission conducted simultaneous dawn raids on power cable manufacturers across Europe. Nexans challenged the scope of the inspection, arguing that Commission officials had examined documents outside the authorised scope and had taken copies of entire hard drives without applying keyword filters. The General Court (Cases T-135/09 and T-140/09) partially upheld Nexans' challenge, annulling parts of the inspection decision where the Commission had exceeded its stated scope. Lesson: The scope limitation in the inspection decision is legally enforceable. Companies should carefully read the decision, note its boundaries, and challenge any searches that exceed those boundaries — but contemporaneously, not retrospectively. Having shadow teams that document precisely what is searched is essential for any later challenge.

Case Study 4: Auto Parts Cartel (Global, 2011-2014) — The auto parts cartel investigation was one of the largest in history, resulting in coordinated raids by the US DOJ, European Commission, and Japanese JFTC across more than a dozen countries simultaneously. Over 40 companies and 60 individuals were ultimately charged. The DOJ alone obtained over USD 2.9 billion in criminal fines and sentenced 48 individuals to prison terms. Lesson: Multi-jurisdictional coordination is now standard. Companies must be prepared for simultaneous raids in multiple countries and must have counsel networks that can respond in real time across jurisdictions. Leniency decisions must be coordinated globally — applying in one jurisdiction but not another creates an asymmetric position that may be exploitable.

Case Study 5: CCI Pharmaceutical Investigations (India, 2015-2023) — The CCI has conducted multiple investigations in the pharmaceutical sector, including investigations into alleged price-fixing by chemists' associations and anti-competitive agreements between pharmaceutical companies. In Peeveear Medical Agencies v All India Organisation of Chemists and Druggists (Case No. 30/2011), the CCI penalised AIOCD for mandating Product Information Service (PIS) requirements that restricted competition. The DG's investigations included on-site inspections and extensive document reviews. Lesson: Industry bodies and professional associations are high-risk entities. Companies whose employees participate in such bodies must ensure that association activities are monitored and that employees understand what can and cannot be discussed at association meetings.

Case Study 6: Akzo Nobel Privilege Dispute (EU, 2010) — As discussed in Section 6, the Court of Justice's ruling in Akzo Nobel Chemicals v Commission (Case C-550/07 P) denied privilege protection to communications with in-house counsel. During the underlying inspection, Akzo Nobel had claimed privilege over a set of internal emails between an in-house lawyer and business colleagues. The Commission examined the documents and rejected the privilege claims. Lesson: This case reshaped dawn raid preparedness across Europe. Companies must structure their legal communications to ensure that advice needing privilege protection is channelled through external counsel. The consequences of relying on in-house privilege in the EU are now unambiguously clear.

A Dawn Raid Response Plan is a living document that must be tailored to your organisation, reviewed regularly, and tested through mock exercises. The following checklist provides a comprehensive framework for building or auditing your plan:

A. Governance & Roles

• Designate a primary Dawn Raid Coordinator and a backup (ideally General Counsel + senior compliance officer)
• Define the notification chain: Reception/Security → Coordinator → External Counsel → General Counsel → CEO/Board
• Assign shadow team members (at least 4-6 trained individuals who can shadow investigators in pairs)
• Identify a designated meeting room for investigators (accessible, but away from sensitive areas)
• Prepare a "war room" for the legal team (secure room with locked door, not monitored by investigators)
• Maintain a current contact list: external counsel (partner and associate direct lines), dawn raid coordinator (personal mobile), IT manager, HR director, CEO, board chair

B. Documentation & Templates

• Dawn raid manual — comprehensive written plan, distributed to all relevant personnel
• Reception script — laminated card at every reception desk with the exact words to use
• Dos and Don'ts card — pocket-sized, laminated, distributed to all employees in training
• Document/evidence log template — for recording every document examined, copied, or seized
• Event log template — for recording all events chronologically during the raid
• Internal notification template — pre-drafted email/message to all staff when a raid begins
• Employee questioning record template — for recording questions asked and answers given
• Privilege claim form — for formally noting privilege claims over specific documents
• Post-raid debrief questionnaire — for systematic debriefing of all involved employees
• Media holding statement — pre-approved text for press enquiries

C. IT & Electronic Evidence Readiness

• Data map — current, comprehensive map of where all company data is stored (servers, cloud, mobile devices, backup tapes, third-party processors)
• Litigation hold procedure — tested and documented, capable of activation within 4 hours
• IT emergency contacts — IT manager and system administrators who can provide access credentials and technical assistance
• Forensic imaging protocol — policy on cooperating with forensic imaging while protecting personal and privileged data
• Mobile device register — inventory of all company-issued mobile devices, laptops, and tablets, with assigned users
• BYOD policy — clear policy on personal devices used for business, including the company's right to access business data
• Cloud access inventory — list of all SaaS platforms and cloud services with access credentials and data locations
• Automated deletion suspension capability — ability to pause all automated document/email deletion schedules

D. Privilege Protection

• Privilege log — maintained monthly, covering all current legal matters, identifiable and producible within 2 hours
• Privileged document storage — separate physical and electronic storage for privileged communications
• Labelling protocol — all privileged documents marked "PRIVILEGED AND CONFIDENTIAL — LEGAL ADVICE"
• External counsel engagement — standing engagement with competition law firm for investigation response
• In-house counsel awareness — training on the limitations of in-house privilege (particularly in the EU)

E. Training & Testing

• Annual training programme — role-specific training for reception, legal, IT, management, commercial teams
• Mock dawn raid exercise — conducted at least annually by external counsel
• Tabletop exercises — conducted quarterly for the legal and compliance team
• Training records — documented attendance and content for all training sessions
• Plan review — annual review and update of the dawn raid response plan
• New employee onboarding — dawn raid awareness included in induction for all relevant roles

F. Post-Raid Readiness

• Debrief protocol — structured process for debriefing all involved employees within 24 hours
• Board reporting template — format and content for reporting the raid to the board of directors
• SEBI/stock exchange disclosure assessment — process for determining whether disclosure obligations are triggered (listed companies)
• Insurance notification — procedure for notifying D&O and competition law insurers within policy time limits
• Strategic assessment framework — structured process for external counsel to assess exposure, leniency options, and engagement strategy
• Employee welfare protocol — support mechanisms for employees affected by the raid

This checklist should be reviewed and updated at least annually, and immediately after any real dawn raid, mock exercise, or material change in the law. The plan is only effective if it is current, accessible, and understood by everyone who has a role in it.