Dawn Raids by Polish Prosecutors and Regulatory Authorities: How Businesses Should React During Criminal Investigations

Dawn raids carried out by Polish prosecutors and regulatory authorities have become one of the most disruptive tools used in criminal investigations and complex regulatory proceedings. They take businesses by surprise, often at the very start of the workday, and can fundamentally reshape the course of a case – and, in extreme scenarios, the future of an entire organisation.

For international companies operating in Poland, a dawn raid is not only a legal challenge, but also a test of crisis management, internal governance and cross‑border coordination. The ability to react correctly – in the very first minutes and hours – can significantly influence the scope of search and seizure, the way evidence is assessed and, ultimately, the risk of criminal liability for the company’s management and employees.

This article provides a structured, practitioner‑oriented overview of how businesses should react to dawn raids by Polish prosecutors and regulatory authorities. It combines practical experience from white‑collar crime proceedings with the expectations of international compliance standards, helping companies align their internal policies with Polish criminal procedure and regulatory practice.

What is a dawn raid in Poland and who can conduct it?

In the Polish legal system, a dawn raid generally refers to an unannounced visit by law‑enforcement or regulatory bodies aimed at search and seizure of evidence in the course of a criminal investigation or regulatory inquiry. Typically, such measures are conducted by the public prosecutor, the Police, the Central Anti‑Corruption Bureau (CBA), the Internal Security Agency (ABW) or specialised regulatory authorities such as the Office of Competition and Consumer Protection (UOKiK) and the Polish Financial Supervision Authority (KNF).

Each of these authorities operates under a specific legal framework, but dawn raids on business premises are most often based on the Polish Code of Criminal Procedure (Kodeks postępowania karnego) or sector‑specific statutes. For international businesses, it is crucial to understand that Polish law provides a relatively broad range of powers to conduct searches and secure documents, IT systems and physical evidence, subject to judicial control and proportionality requirements.

Importantly, dawn raids may target not only entities already formally charged, but also third‑party businesses that are deemed to hold potentially relevant evidence. This means that companies not directly suspected of wrongdoing may still face intrusive search measures, with significant implications for confidentiality, trade secrets and business continuity.

Legal basis for search and seizure in Polish criminal investigations

The core provisions governing search and seizure in criminal matters are contained in Articles 219–236 of the Polish Code of Criminal Procedure. They regulate the conditions under which prosecutors and law‑enforcement officers may search business premises, servers, vehicles and private devices, as well as seize physical items, documents and electronic data relevant to an ongoing criminal investigation.

As a rule, searches at business premises require a prior court order issued upon the prosecutor’s request. However, in urgent cases, the prosecutor or police may carry out a search based on a written warrant or – in exceptional circumstances – even without prior written authorisation, subject to subsequent judicial review. This flexibility underscores the need for companies to be prepared for dawn raids without advance notice.

In parallel, sector‑specific regimes – for example, competition law or financial supervision – may provide separate bases for inspections and dawn raids by regulatory authorities. While these are not always criminal in nature, evidence collected in such proceedings may later be used in criminal cases, which further increases the stakes and requires coordinated legal defence from the outset.

First 15 minutes of a dawn raid: what should businesses do?

The first minutes of a dawn raid in Poland are decisive. Reception staff, security and the first managers on site must have a clear protocol. They should immediately verify the identity of officials, request to see the search warrant or relevant authorisation, and promptly notify the designated in‑house or external counsel responsible for crisis response.

While cooperation with law‑enforcement is obligatory, it should be conducted in a controlled, informed manner. Employees should avoid making spontaneous statements, granting uncontrolled access to unrelated areas or handing over devices without proper documentation of what is being seized. A calm, professional tone and strict adherence to internal procedures can significantly reduce the risk of overbroad search and seizure.

From a practical standpoint, companies should maintain an internal “dawn raid checklist” in English and Polish, accessible to key staff, specifying immediate steps, contact numbers and responsibilities. In a multinational environment, early notification of regional or global headquarters and alignment with cross‑border legal teams is often crucial, particularly where data subject to foreign legal privilege or data protection rules may be affected.

How to verify the legality and scope of the raid?

Upon arrival, officials must present documents authorising the search and seizure. Businesses have the right to review these documents, including the court order or prosecutor’s warrant, and to verify the scope of premises, time frame and type of evidence indicated. This is not a mere formality: it allows the company to identify attempts at exceeding the authorised scope.

Authorised company representatives should carefully note the legal basis cited, the case reference number and the identity of leading officials. Where doubts arise regarding the legality or extent of the measure, counsel may raise formal objections and request that they be included in the search protocol. Although such objections do not stop the raid, they may later prove crucial in judicial review of the evidence‑gathering process.

In practice, effective oversight of the raid’s legality requires a combination of criminal law expertise and a practical understanding of regulatory expectations. Well‑prepared businesses will have already trained specific employees to perform this function, ensuring that the company’s rights are actively protected from the earliest stage of the criminal investigation.

Treatment of privileged documents and legal professional privilege

One of the most sensitive issues in Polish dawn raids concerns the handling of privileged documents and communications with external defence counsel. Under Polish law, documents containing information covered by attorney–client privilege are subject to special protection and may not, as a rule, be reviewed by prosecutors or law‑enforcement without a prior court decision.

If officials attempt to seize materials that the company reasonably considers protected by professional secrecy, representatives should clearly identify such items and insist that they be sealed and deposited for judicial review. This may include not only hard‑copy documents, but also email accounts and data carriers. Failure to assert privilege at the right moment may lead to irreversible disclosure of sensitive defence strategy.

International businesses should also be aware of potential conflicts between Polish rules and foreign concepts of privilege, especially regarding in‑house counsel. While Polish law does not provide the same scope of privilege to in‑house lawyers as to external attorneys, coordinated strategies can help mitigate risks, for instance by structuring key legal advice through external advisors admitted to the bar.

Managing employees and internal communications under pressure

During a dawn raid by Polish prosecutors or regulatory authorities, the behaviour of employees is closely observed and may significantly influence the course of the criminal investigation. Staff should be instructed to remain cooperative, avoid obstructing officials and refrain from deleting or modifying any data. At the same time, they should limit their statements to factual, necessary information and direct all substantive questions to designated spokespersons or legal counsel.

Well‑designed internal communication is essential. Management should quickly inform employees, in clear and neutral language, about the presence of authorities, the need to cooperate and the prohibition on evidence tampering. Internal emails or chats must avoid commentary that could be interpreted as an attempt to coordinate testimonies or conceal information.

From a human‑resources perspective, companies should anticipate that some employees may be approached individually for interviews or witness statements. Providing them with basic information about their rights under Polish criminal procedure – including the right to refuse to answer certain questions in defined situations – is consistent with international compliance standards and helps prevent misunderstandings.

Electronic data, IT systems and cross‑border data transfers

Modern dawn raids in Poland almost always involve search and seizure of electronic data: email servers, laptops, mobile phones and cloud‑based systems. Prosecutors increasingly rely on specialised IT units capable of securing vast volumes of digital evidence, often on‑site. This can create tension with business continuity, data protection and international data transfer rules.

Companies should work proactively with IT and legal teams to implement protocols for responding to data‑related requests, including the creation of forensic images, segregation of personal data and identification of information stored on foreign servers. The presence of external forensic IT experts supporting defence counsel can be helpful in ensuring that data collection remains proportionate and properly documented.

Particular attention must be paid to interactions between Polish criminal procedure and EU data protection law (GDPR), as well as sector‑specific regulations concerning bank secrecy or professional secrecy in regulated industries. International businesses should be prepared to explain their data architecture and, where necessary, argue for solutions that respect both investigative needs and legal constraints on cross‑border data flows.

Internal investigations: should a company launch its own inquiry?

A dawn raid is often the first visible sign of a broader white‑collar crime investigation. Once the immediate crisis is stabilised, management must consider whether to initiate an internal investigation aimed at understanding the underlying allegations, assessing potential exposure and preparing an informed defence strategy.

Internal investigations conducted in parallel with state proceedings must be carefully structured. They should respect employees’ rights, maintain the integrity of potential evidence and avoid actions that could be perceived as obstruction. At the same time, they provide invaluable insight into the factual background, enabling the company to make strategic decisions about cooperation, self‑disclosure or remedial measures.

In cross‑border contexts, internal investigations must also align with expectations of foreign regulators, auditors and investors. The ability to present a coherent, well‑documented response – based on legally sound internal fact‑finding – can significantly influence the outcome of both Polish and international proceedings.

Cooperation versus defence: how far should a company go?

Polish practice, similar to many other jurisdictions, increasingly values genuine cooperation by businesses during criminal investigations. Transparent, timely provision of requested information, voluntary disclosure of relevant facts and implementation of remedial measures may mitigate the risk of severe sanctions or influence prosecutorial discretion.

At the same time, cooperation cannot be equated with unconditional surrender of all rights. Companies are entitled to protect privileged communications, challenge unlawful search measures and contest overly broad requests. A balanced strategy requires experienced counsel able to navigate between legitimate cooperation and the preservation of core defence rights, particularly where individuals in management are personally exposed to criminal charges.

Decisions about the level of cooperation should be informed by a realistic assessment of evidence, potential liability and the broader regulatory landscape. For multinational groups, alignment with global policies on investigations and settlements – including potential engagement with foreign enforcement agencies – is essential.

Why specialised legal counsel is critical during dawn raids in Poland

Experience shows that companies represented by counsel with specific expertise in dawn raids, white‑collar crime and cross‑border criminal investigations are significantly better positioned to protect their interests. Effective defence begins not in the courtroom, but at the moment officials appear at the door, and continues through strategic decisions in the months and years that follow.

The law firm Kopeć Zaborowski Adwokaci i Radcowie Prawni has extensive experience in handling dawn raids by Polish prosecutors and regulatory authorities, including complex, high‑profile matters with international dimensions. Businesses benefit from comprehensive support: from on‑site assistance during searches, through management of electronic evidence and internal investigations, to representation in criminal, regulatory and civil proceedings, including protection of personal rights and reputation.

For organisations operating in sectors particularly exposed to regulatory scrutiny – finance, pharmaceuticals, technology, energy or infrastructure – engaging specialised counsel capable of coordinating multi‑jurisdictional strategies is no longer optional. It is a core element of responsible corporate governance and risk management in an increasingly enforcement‑driven environment.

Building a dawn raid preparedness programme

To reduce the disruptive impact of unexpected dawn raids, companies should develop and periodically update a formal dawn raid preparedness programme. This typically includes written protocols, simulation exercises, training for key employees, and integration of dawn raid scenarios into broader compliance and crisis‑management frameworks.

Such programmes should cover both legal and operational aspects: identification of “raid response teams”, clear chains of communication, procedures for accompanying officials during the search and seizure, and guidelines on dealing with the media and external stakeholders. They also need to be adapted to the company’s specific risk profile, industry and international footprint.

From an E‑E‑A‑T (Experience, Expertise, Authoritativeness and Trustworthiness) perspective, documented preparedness measures support the narrative of a responsible, compliant organisation. In some cases, evidence of robust compliance efforts can play a mitigating role in prosecutorial and judicial assessments of corporate liability.

Next steps after the raid: strategic positioning for the investigation

Once the immediate phase of a dawn raid is over, the company should not lapse into passivity. A detailed internal debriefing, review of the search protocol, and assessment of what documents and data were seized are necessary to shape the ongoing defence. Early analysis allows counsel to anticipate investigative directions and prepare for future procedural steps, such as witness interviews or requests for explanations.

Management should be briefed on realistic scenarios, potential timelines and strategic options, including settlement negotiations, voluntary disclosures or robust litigation. In certain cases, it may be appropriate to engage in early dialogue with the prosecutor or regulatory authority to clarify misunderstandings or propose constructive solutions, while carefully managing admissions and preserving legal defences.

For businesses committed to long‑term operations in Poland and the wider CEE region, drawing lessons from a dawn raid – and translating them into improved compliance, governance and risk‑management structures – is essential. In this way, a disruptive search can become a catalyst for strengthening internal systems and reducing exposure to future enforcement action.

Bibliography

• Polish Code of Criminal Procedure (Kodeks postępowania karnego), in particular Articles 219–236 (search and seizure).
• Act on the Public Prosecutor’s Office (Ustawa o prokuraturze).
• Act on the Office of Competition and Consumer Protection (Ustawa o ochronie konkurencji i konsumentów).
• Case‑law and guidelines of Polish courts concerning search and seizure and attorney–client privilege.
• European Commission, “Explanatory Note on Commission inspections pursuant to Article 20(4) of Council Regulation No 1/2003”.
• European Data Protection Board, Guidelines on processing of personal data for law enforcement purposes (relevant for cross‑border data issues).
• Specialist commentary in: P. Hofmański (ed.), “Kodeks postępowania karnego. Komentarz”, latest available edition.