How to respond to a dawn raid: A guide to dawn raids in financial crime investigations

Following the Serious Fraud Office’s (SFO) announcement in February 2024 that it had “already gone through more front doors in the last three months than in the last three years” and its stated aim to “become a more assertive” law enforcement agency, it is clear the SFO is keen to speed up investigations. Over a year later, the SFO’s enthusiasm to maintain momentum remains clear, most recently evidenced by the arrest of three individuals at the end of April 2025 following dawn raids undertaken by more than 70 investigators across five properties in connection with alleged bribery by UK company, Blu-3. 

Companies should familiarise themselves with (or remind themselves of) the complexities associated with dawn raids. Forward planning, ensuring familiarity with the legal, practical and organisational foundations of a raid, is essential to mitigate the impact of a raid and protect a company’s rights and interests.

This article will look at the scope of the powers of both the SFO and the Financial Conduct Authority (FCA) to undertake dawn raids, how a company can prepare for a dawn raid, and practical steps that can be taken to pro-actively manage a raid and its aftermath.

Which authorities can conduct a dawn raid in financial crime investigations?

Dawn raids can be undertaken by a number of UK agencies and authorities including (but certainly not limited to) the SFO and the FCA. HMRC is another obvious example.    

The SFO’s dawn raid powers  

Under Section 2 of the Criminal Justice Act 1987 (CJA), the SFO can compel an individual or organisation to provide it with information or documents that it believes are relevant to its investigation. The SFO typically relies on section 2(4) CJA. This sets out that an entry and search warrant may be issued if there are reasonable grounds for believing that: (i) a person has failed to comply with an obligation to produce documents; (ii) it is not practicable to serve notice ordering the provision of documents; or (iii) service of such a notice may seriously prejudice an investigation.  

The FCA’s dawn raid powers

FCA investigators have a wide range of information gathering tools available to them. Part 11 of the Financial Services and Markets Act 2000 (FSMA) grants the FCA extensive investigative powers to support their regulatory duties. Section 176 FSMA enables a police constable (and others, including FCA staff) to enter premises under judicial warrant in certain circumstances. This allows the police and FCA to search the premises and take various steps, including taking possession of any documents which relate to the warrant.  

The FCA has said that “the reasonableness of deploying a particular statutory power depends on the circumstances of each individual case”¹. If the FCA suspects serious regulatory breaches and there are reasonable grounds to believe on notice powers would not be complied with or lead to the destruction of evidence, the FCA may seek to use without notice search powers.  

How can a company prepare for dawn raid?

There are a number of pre-emptive steps an organisation can take to prepare for the possibility of a dawn raid.  

Dawn raid policy and staff training

The essential starting point for an organisation should be ensuring a comprehensive dawn raid policy is in place and regularly updated. The policy should outline both the powers of key regulators and the consequences of not complying with those, as well as the nitty-gritty details of the practical procedures to be followed in the event of a dawn raid.

Active efforts should be made to disseminate the policy throughout the organisation. Practically speaking, it can also be useful to deliver tailored training to (and prepare “ready reckoners” as quick reference guides for) employees who are likely to be particularly involved in a raid, including receptionists, security, IT staff, in-house legal, management and directors. This is to ensure that those employees in particular understand what is specifically required of them in the event of a raid. Organising a mock dawn raid can also be an effective way of building a practical understanding of how raids operate and testing response procedures.

Document audit and privilege review

An organisation may also wish to carry out a document review to ensure that, where possible, privileged documents are segregated from other documents and clearly marked as “Privileged and Confidential”. Advance consideration of objectively defensible document destruction procedures would also be useful in limiting the amount of information and documentation which might otherwise be subject to a raid.    

What should you do immediately when a dawn raid begins?

Confirming authority and investigative powers 

The scope of the agency’s powers to investigate should be checked at the outset of a dawn raid by requesting a copy of the investigating team’s authorisation documents. As set out above, these are likely to include a court-issued search warrant which will provide guidance on the scope of the search to be carried out and any express limitations set down by the court. The exact business address the investigative team have the power to search will also be listed and should be double-checked, alongside any other practical details for example regarding the time and date of the search and the number of investigators authorised to attend the premises. It would also be good practice to request the identification documents for each member of the investigating team and validate them by liaising with the central office of the agency in question.  

It is therefore important that reception staff are trained to request the authorisation documents and identification papers of the search team on their arrival and to immediately provide copies of these to the team handling the dawn raid internally.

Can the investigators start their searches before lawyers for the company arrive?

Yes, there is no obligation on the FCA or SFO to await the arrival of your in-house or external legal team before commencing a search of the premises.

That said, a senior member of the internal team handling the dawn raid (who is immediately available on site) could meet with the investigators on their arrival and guide them to an internal meeting room (out of sight of other visitors) and politely ask the FCA / SFO to await the arrival of the legal team (providing an estimated arrival time) before proceeding with the investigation.

Can (and should) you seek to delay the investigation from starting?

No, if the investigators refuse to wait, the relevant team members should be clearly briefed not to, in any way, delay or obstruct the investigation from starting. The legal team can be kept up to date on developments whilst they are in transit to the premises and can be available to speak with the investigators on the phone, if necessary. Ideally, the legal team would arrive at the premises before the search team start reviewing documentation, however, if that is not feasible, the core team dealing with the dawn raid internally could look to identify low risk documents or locations for the investigation team to start reviewing.

Can (and should) you inform members of staff about the investigation?

When considering whether to inform members of staff about the investigation, it is advisable to first check with the FCA or SFO (as applicable) whether doing so would interfere with the investigation in any way. Assuming that is not the case, it may be appropriate to send a communication to all affected staff, emphasising that the dawn raid should not be discussed outside the company (including with the media) and otherwise explaining the need to cooperate courteously with the investigation but not to volunteer to provide information to the search team without first speaking with the core team handling the dawn raid internally. Staff should also be clearly advised not to conceal or destroy any documentation that may be relevant to the investigation and that there are criminal sanctions for such acts.

Management of a dawn raid

Can (and should) employees shadow the investigators?

Yes, your employees and/or your legal team (whether internal or external) are permitted to shadow investigators. It is advisable to appoint a team of shadowers who are familiar with dawn raid procedures at the outset of the investigation, allocating (so far as possible) a shadower to each member of the search team. Each shadower should be briefed on the scope of the search (established with reference to the warrant) and the investigating team’s powers, in particular in relation to the review and copying of documents.

As the investigation progresses, each shadower can be tasked with keeping a detailed list of the documents reviewed and copied and locations searched, as well as any questions asked. In terms of questions, as a general rule the investigation team should be allowed to ask specific factual questions (for example regarding the location of documents) but efforts should be made to postpone any substantial interviews or queries on the underlying facts to a later date.

What documents can investigators request during a raid?

What documents can the investigators ask to see and what are the limits on this (including in relation to irrelevant or privileged documents)?

Generally, the investigators will have the right to require any documents or data to be produced which they consider to be relevant to the subject matter of the investigation.  The scope of “documents” the FCA / SFO can ask to see is broad, including physical and electronic documents.  

Investigators will not typically be permitted to see documents or data that are irrelevant to the investigation. Whilst this will be immediately obvious in some cases, shadowers should also pay close attention to the time period of the investigation and the dates on which documents were produced. If there is a disagreement with the investigators as to whether a document is relevant, the company should proceed with caution, bearing in mind that insisting on the exclusion of disputed documents from the ambit of the search may leave the company open to claims that they have obstructed the investigation. A cost benefit analysis should be undertaken in those circumstances and in any event, a minute should be made to record the dispute surrounding the document(s).

Investigators are also not entitled to read documents that are subject to legal professional privilege. There may also be data privacy concerns regarding the provision of some documents to investigators. Where there is any disagreement on such issues, a practical solution would be to set aside the document or the location which is said to contain the sensitive material for further discussion at the end of the raid.

Can investigators take copies of documents?

Yes, the SFO / FCA will have the right to copy documents. They also have the right to remove original copies of documents if they insist on doing this.

Can the company keep a record / take copies of documents reviewed by investigators?

Yes and in any event, this is best practice.

Can investigators bring in forensic IT experts?

Yes, investigators will almost certainly use forensic IT experts to search, copy or “image” company IT systems and servers. These experts may look not only at the company’s IT servers but also at desktop computers, laptops and other mobile devices. The investigators may require temporary interruptions to the company’s IT systems to enable their search.

Non-cooperation with a dawn raid

What are the consequences of non-cooperation with the investigating bodies during the dawn raid?

SFO investigation

A firm or individual who fails to cooperate with an investigation by the SFO opens itself up to the risk of criminal prosecution and penalties under section 2 CJA. This provides for:

• up to six months in prison and/or a fine for any person who fails (without a reasonable excuse) to comply with the requirements imposed on them by the SFO;
• up to two years in prison and/or a fine for any person who makes a statement to the SFO, which they know to be false or misleading, or recklessly make such a statement; and
• up to seven years in prison and/or a fine for any person who knows or suspects that an investigation is likely to be carried out and falsifies, conceals, or destroys documents that are known or suspected to be relevant to the investigation.

FCA investigation

Various offences in relation to non-cooperation are set out in section 177 FSMA. This provides that:

• if a person fails without reasonable excuse to comply with an FCA investigation requirement, the court may deal with that person (and in the case of a body corporate, any director or officer) as if they were in contempt of court;
• a person who knows or suspects that an investigation is being or is likely to be conducted will be guilty of an offence if: (a) they dispose of a document which they know or suspect is or would be relevant to such an investigation; or (b) they cause or permit the falsification, concealment, destruction or disposal of such a document, unless in either case they show that they had no intention of concealing facts disclosed by the documents from the investigator;
• a person who, in purported compliance with a requirement imposed on them: (a) provides information which they know to be false or misleading in a material particular; or (b) recklessly provides information which is false or misleading in a material particular, will be guilty of an offence; and
• any person who intentionally obstructs the exercise of any rights conferred by a warrant under section 176 FSMA will be guilty of an offence punishable by imprisonment for up to three months or a fine.

What steps should be taken after a dawn raid?

In the aftermath of a dawn raid, if not already done so, a response team comprised of representatives from senior management, in-house counsel and external counsel should be formed. Copies of all documents taken by investigators should be urgently passed to the response team for review and in particular an assessment of whether any documents that have been taken are legally privileged.

The response team should consider meeting with any employees who dealt with investigators to prepare a report on the raid, including all questions asked and answers given. This will help establish the focus of the raid and inform priorities in the document review.

It would also be wise for the company to prepare for any follow-up inspections. An external communications strategy should also be given careful consideration. This may involve instructing third party PR advisors to provide ongoing assistance. As an initial step, the company should consider preparing a written statement to, if necessary, be provided to the press.    

Proactive planning to mitigate the impact of a dawn raid

In a time where Nick Ephgrave, director of the SFO, has made clear that the SFO will use dawn raids more often than in the past, understanding the intricacies of such raids is essential for companies. Proactive planning and a thorough grasp of the extent of the investigative powers of agencies and authorities is not only key to protect a company’s interests but also to minimise the commercial disruption a raid might otherwise cause.

For further insight on the position in Switzerland, follow this link to an article written on this topic by our colleagues Pierre Bydzovsky and Steven Fillettaz.

With offices in many of the world’s major financial centres including London, Geneva and Zurich as well as Paris, Milan, Dubai, Hong Kong and Singapore, we are ideally placed to work with you to prepare for or assist with financial crime dawn raids as they arise, whatever the law, language, rules, industry sector, or subject matter of that raid may be. 

Please contact Rhys Novak, Emilie Brammer or your usual Charles Russell Speechlys LLP contact if you would like to get in touch. 

¹ Information on dawn raids conducted by the FCA -October 2022 | FCA