What Should You Do in a Dawn Raid, Belgium (BCA Inspections 2026)

Understanding what should you do in a dawn raid is no longer optional for any company operating in Belgium. Since the Belgian Competition Authority (BCA) published its Guidelines on the Conduct of Inspections on 20 June 2025, the duties placed on undertakings during unannounced inspections have been sharpened, particularly around active cooperation, IT‑search protocols and the handling of copied data. This article delivers a Belgium‑specific, 2026‑updated playbook covering your rights, your obligations, privilege safeguards, IT forensics steps and post‑raid remediation. Whether you are an in‑house counsel, compliance officer or IT lead, the minute‑by‑minute checklist below is designed to be activated the moment inspectors arrive at reception.

TL;DR, your three non‑negotiable first moves:

• Call external counsel immediately. Do not wait for inspectors to begin copying files.
• Accompany every inspector, everywhere. Assign at least one company representative per inspector team.
• Protect privileged material and document everything. Log every document reviewed, every room entered and every device accessed.

What Is a Dawn Raid?, Scope, Types and Who Can Conduct Them in Belgium

A dawn raid is an unannounced inspection in which a regulatory authority enters business premises, typically early in the morning, to search for and copy evidence of suspected infringements. In competition law, dawn raids target cartels, bid‑rigging, market allocation and other anticompetitive conduct. The element of surprise is deliberate: it prevents the destruction of evidence.

In Belgium, several authorities hold inspection powers. The Belgian Competition Authority is the primary enforcer for domestic competition infringements, but the European Commission may also conduct inspections on Belgian soil for EU‑level cartel investigations. Financial regulators, the FSMA and the National Bank of Belgium (NBB), hold separate statutory inspection and seizure powers over regulated entities. More recently, the European Public Prosecutor’s Office (EPPO) has exercised cross‑border investigative measures that can include on‑site searches in Belgium.

Before the Raid, Preparation and Your Dawn Raid Playbook

The best response to a dawn raid starts months before inspectors arrive. Industry observers consistently note that companies with a tested, pre‑distributed dawn raid playbook respond faster and make fewer costly errors during live inspections.

Policy and Training

Every company with operations in Belgium should maintain a written dawn raid policy that is distributed to reception staff, management, legal, IT and HR. The policy must include a contact cascade, a list of names and mobile numbers for external counsel, the General Counsel, the compliance officer, and the designated IT forensics lead. Reception staff, in particular, need a one‑page script telling them exactly what to say and whom to call. Regular tabletop drills, at least annually, turn a policy document into muscle memory. The International Competition Network publishes training resources that can be adapted for Belgian‑specific scenarios.

IT Readiness

IT preparedness is frequently the weakest link. Before any raid, the IT team should have a documented imaging plan that covers: which servers and endpoints hold potentially relevant data, how forensic images will be produced, where the chain‑of‑custody log is stored, and who is authorised to interact with inspectors on technical matters. The BCA’s 20 June 2025 guidelines place specific expectations on electronic‑data cooperation, making advance preparation essential.

What Should You Do in a Dawn Raid, Minute‑by‑Minute Checklist (First 0–60 Minutes)

The first hour determines whether a company preserves its rights or inadvertently creates obstruction exposure. Below is a stepwise operational timeline aligned with the Belgian Competition Authority guidelines 2025.

Minutes 0–5: Reception and First Contact

1. Remain calm and professional. Instruct reception to welcome inspectors politely. Do not refuse entry, this could constitute obstruction.
2. Ask for credentials. Request official identification, the inspection decision or court order authorising the search, and the written scope of the investigation.
3. Activate the contact cascade. Call external counsel immediately. Notify the General Counsel, CEO and compliance officer. Alert the IT forensics lead.
4. Say the script: “You are welcome to proceed. We will cooperate fully. We have contacted our external lawyers, who are en route. In the meantime, a company representative will accompany you at all times.”

Minutes 5–15: Organise Escort Teams

1. Assign shadow teams. At least one company representative must accompany each group of inspectors, ideally a lawyer or trained compliance professional.
2. Begin the master log. Open a dedicated log (paper or secure digital) and start recording: time of arrival, names of inspectors, rooms entered, documents reviewed, devices accessed.
3. Secure the privilege room. If your premises include a room or cabinet holding files marked as legally privileged, direct inspectors’ attention to these markings. Do not allow copying of privileged materials without an agreed review process.

Minutes 15–60: Active Cooperation and Documentation

1. Cooperate actively. Under the BCA’s 20 June 2025 guidelines, undertakings are expected to provide active cooperation, answering factual questions, providing access to premises and making documents available. Passive resistance or deliberate delays risk obstruction sanctions.
2. Monitor IT searches. Ensure the IT forensics lead shadows inspectors accessing servers, laptops and email systems. Record which search terms are used, which folders are accessed and which files are selected for copying.
3. Flag privileged documents in real time. If inspectors select a document you believe is privileged, assert the claim immediately, record it on the privilege log and request a sealed‑envelope procedure or separate review.
4. Do not volunteer information beyond what is asked. Cooperation does not mean offering narrative explanations. Answer factual questions; do not speculate.
5. Restrict internal communications. Instruct employees not to discuss the raid on email, messaging platforms or the phone. Anything said or written may be discoverable.

Dawn Raid Rights Belgium, The BCA’s Inspection Powers and Your Legal Protections

Understanding the boundary between BCA inspection powers and company rights is critical. The 20 June 2025 guidelines codify several important expectations for both sides.

Right to Counsel

Companies have the right to contact external counsel as soon as inspectors arrive. However, the BCA is not obliged to wait for counsel to arrive before commencing the inspection. In practice, inspectors will typically proceed, but they must allow a company representative to accompany them. Early indications suggest that companies that have external counsel on speed‑dial and in close physical proximity gain the most practical benefit from this right.

Right to a Company Representative

The undertaking is entitled to have a representative present during the inspection at all times. This right is both a safeguard and a tool: the representative’s role is to observe, document and, where necessary, raise privilege claims or scope objections in real time.

Confidentiality and Non‑Disclosure Obligations

Under the BCA guidelines, confidentiality obligations apply to both sides. The BCA commits to handling copied data in accordance with professional secrecy rules, and at the end of the inspection, the undertaking will receive a copy of all documents and data that have been copied by the inspectors. This reciprocity is a meaningful safeguard, it ensures the company knows exactly what the authority holds and can prepare its defence accordingly.

Legal Privilege in a Dawn Raid, Belgium‑Specific Guidance

Legal privilege during dawn raids is one of the most contested and high‑stakes issues in Belgian enforcement practice. Understanding what should you do in a dawn raid when privileged material is at risk requires advance planning and real‑time vigilance.

What Is Privileged Under Belgian Law?

Belgian law recognises legal professional privilege for communications between a company and its external counsel, provided those communications relate to the exercise of the right of defence. The scope for documents prepared by or exchanged with in‑house counsel is considerably narrower. Under EU case law (Akzo Nobel, C‑550/07 P), in‑house lawyers do not benefit from the same level of privilege protection as independent external lawyers. The practical effect is that internal legal memoranda, compliance assessments and emails from in‑house lawyers may be subject to inspection unless they are clearly prepared in the context of receiving or relaying external legal advice.

Handling Privileged Materials During IT Searches

When inspectors encounter material that the company asserts is privileged, the recommended approach is to request a sealed‑envelope procedure: the document is placed in a sealed envelope, marked as “privilege claimed,” and set aside for later review, either by the competition authority under a protected procedure or, if contested, by the Belgian courts. The company’s privilege log should record the document reference, a brief non‑revealing description, the legal basis for the privilege claim, and the name of the counsel involved.

Sample privilege log entry:

IT Searches in a Dawn Raid, Data Imaging and Chain of Custody

IT searches during dawn raids are where the most significant volumes of evidence are collected, and where the greatest operational risks arise for companies that lack a forensics playbook.

Do’s and Don’ts for IT Staff

• Do cooperate fully with inspectors’ requests for access to servers, email systems and endpoints.
• Do assign a dedicated IT representative to shadow every inspector accessing electronic systems.
• Do log every search term used, every folder opened and every file selected for copying.
• Do not hand over administrator passwords or root credentials without first consulting counsel.
• Do not disconnect, power down or modify any system during the inspection, this risks being treated as obstruction or evidence destruction.
• Do not delete logs, browser histories, emails or any other data before, during or after the inspection.

Forensic Imaging vs Ad Hoc Access

BCA inspectors may request either targeted access to specific folders and mailboxes, or broader forensic imaging of entire drives and servers. Under the BCA’s 20 June 2025 guidelines, inspectors are empowered to copy electronic data, and the undertaking is expected to facilitate this process. If the scope of imaging appears to exceed the written scope of the inspection decision, the company should raise this objection on the record, document it in the master log, and, critically, still allow the copying to proceed while preserving the right to challenge scope subsequently. The Norton Rose Fulbright dawn raid guide provides additional operational detail on forensic imaging best practices applicable across EU jurisdictions.

Shadowing and Chain‑of‑Custody Documentation

Every interaction between inspectors and electronic systems must be recorded in a chain‑of‑custody log. This log should capture: the device serial number or hostname, the inspector’s name, the time access began and ended, the search terms or parameters used, the files or folders copied, and the medium onto which copies were transferred (USB drive, external hard disk, cloud upload). This documentation is essential for any subsequent challenge to the admissibility or scope of seized evidence.

Obstruction Risks, Sanctions and Leniency Interplay

Obstruction Penalties in Belgium

Obstruction of a BCA dawn raid is treated seriously. Belgian competition law provides for administrative fines for undertakings that fail to cooperate, provide incomplete or misleading information, or interfere with the inspection process. The Belgian criminal code, including the provisions revised under the new criminal code entering into force in 2026, may also apply in severe cases, such as destruction of evidence, physical obstruction or active concealment of documents. Industry observers expect that penalties in Belgian enforcement will continue to tighten as the BCA builds its track record under the 2025 guidelines.

Leniency Strategy and Dawn Raids

If a dawn raid reveals evidence of cartel conduct, the question of leniency arises immediately. Under the BCA’s leniency programme, the first undertaking to disclose a cartel and cooperate fully may receive full immunity from fines; subsequent applicants may receive reductions. However, timing is critical, a leniency window may close quickly once a raid is underway. Companies that suspect cartel exposure should have pre‑identified leniency counsel who can be contacted within minutes of a raid commencing. Delaying this assessment, even by a day, can mean the difference between immunity and a multi‑million‑euro fine.

After the Raid, Remediation, Internal Review and Litigation Options

What should you do in a dawn raid does not end when inspectors leave. The first seven days after a raid are decisive for preserving rights and building a defence.

• Day 1: Conduct an immediate inventory review. Cross‑check the master log against the copy of all documents and data provided by the BCA at the end of the inspection. Identify any discrepancies.
• Days 1–3: Complete a privilege review. Examine every copied document for privilege claims. If privileged material was copied, initiate the formal challenge process immediately.
• Days 2–4: Engage external forensic analysts to produce a mirror image of all systems accessed during the raid. Preserve this as your independent evidentiary baseline.
• Days 3–5: Internal communications plan. Brief the board, senior management and relevant business units, but only after counsel has approved the messaging. Restrict written communications to a minimum.
• Days 5–7: Regulatory engagement. Decide whether to make a proactive submission to the BCA, apply for leniency, or prepare to challenge the scope or legality of the inspection through the Belgian courts.

Evidence preservation is paramount throughout this period. Issue a litigation hold immediately, instruct all employees and IT systems to retain all data, including emails, messages, drafts and deleted items, pending further instruction from counsel. For further context on cross‑border evidence handling and evolving data privacy obligations, coordinate with privacy counsel before sharing any seized data outside Belgium.

Comparison Table, BCA vs EC vs FSMA/NBB Inspections

Practical Lessons from Belgian Dawn Raid Defence

Vignette 1, the prepared company. A Belgian manufacturing firm received a BCA dawn raid at 07:30 on a weekday morning. Because reception had been trained and had a one‑page script taped inside the front desk drawer, external counsel was called within two minutes. Shadow teams were assigned within ten minutes. The company’s IT forensics lead produced a parallel forensic image of every system accessed and maintained a detailed chain‑of‑custody log. After the raid, counsel identified that three documents flagged as relevant by inspectors were in fact covered by legal professional privilege. A formal privilege challenge was filed within 48 hours, and the documents were ultimately excluded from the investigation file.

Vignette 2, the unprepared company. A services company in Brussels had no dawn raid policy. When BCA inspectors arrived, the office manager panicked, attempted to call the CEO (who was travelling) and left inspectors waiting in the lobby for 20 minutes before granting access. By the time external counsel arrived, inspectors had already copied significant volumes of data without any company representative present. Several documents later claimed as privileged had already entered the investigation file without a contemporaneous objection, making a subsequent challenge materially more difficult. The likely practical effect was a weaker negotiating position and higher legal costs throughout the enforcement process.

Conclusion

Knowing what should you do in a dawn raid is an operational necessity for every company with a Belgian presence. The BCA’s 20 June 2025 guidelines have raised the bar for active cooperation, IT‑search facilitation and real‑time privilege management, and the consequences of getting it wrong range from administrative fines to criminal exposure. The most effective defence starts before the raid ever happens: a tested playbook, trained staff, a pre‑positioned forensics plan and external counsel on speed‑dial. For a deeper look at white‑collar crime investigations and the critical role of computer forensics, or to find a specialist white‑collar crime lawyer in Belgium, explore the Global Law Experts directory.

Sources

1. Belgian Competition Authority, Cartels & Inspections Overview
2. BCA, Guidelines on the Conduct of Inspections (20 June 2025)
3. CMS Legal Update, New BCA Guidelines (16 July 2025)
4. Loyens & Loeff, What to Do in an Event of a Dawn Raid
5. European Commission, Inspections / Dawn Raids Overview
6. Norton Rose Fulbright, Dawn Raid Guidance
7. ICN, Training Resources on Dawn Raids
8. Practical Law / Thomson Reuters, Commentary on BCA Guidelines