The U.S. Department of Justice’s Antitrust Division recently updated its Evaluation of Corporate Compliance Programs in Criminal Antitrust Investigations (Compliance Guidance). This latest iteration of the guidance largely takes the same approach as the first iteration released during President Trump’s first administration did, maintaining the same analytical structure and enumerating the same three preliminary questions and the same nine factors for consideration. Yet, some notable additions reveal points of emphasis for the Antitrust Division, including regarding (i) electronic communications and ephemeral messaging, (ii) artificial intelligence and algorithmic pricing, (iii) employee reporting and nondisclosure agreements, (iv) civil investigations and (v) multi-jurisdiction compliance. Below we provide a primer on the Compliance Guidance and some takeaway points from the latest additions, including considerations for updating corporate compliance programs.
Primer on Antitrust Division’s Approach to Corporate Compliance
The Compliance Guidance is a nonbinding “guidance document” used by prosecutors in assessing the impact of a company’s antitrust compliance program on their charging decisions and sentencing recommendations. It is not a regulation, nor does it impose any legal obligations, but it does provide a road map to how the Antitrust Division evaluates and credits corporate compliance programs. Before initial release of the guidance in 2019, the Antitrust Division generally did not credit corporate compliance programs when deciding whether and what to charge or what sentence to seek, based on the division’s view that an effective compliance program would either prevent the antitrust misconduct or enable the company to qualify under the agency’s Corporate Leniency Policy and thus avoid antitrust charges altogether. The 2019 guidance marked a rethinking of that view, though, and acknowledged the value of, and opened the door to crediting, an effective or improved antitrust compliance program, even when a corporate employee engaged in antitrust misconduct.
The updated Compliance Guidance directs prosecutors to assess a company’s compliance program as it existed at the time of the antitrust offense, as well as any subsequent improvements, and to consider the adequacy and effectiveness of the program at the charging and sentencing stages. The mere fact of an antitrust compliance program, even if deemed adequate and effective, would on its own be unlikely to shield a company from a charge if the company’s employees engaged in a serious and sustained antitrust offense and the company did not qualify for protection under the Corporate Leniency Program. The company’s compliance efforts, however, may be an important part of any successful campaign by company and counsel to persuade the Antitrust Division to enter into a deferred prosecution agreement (DPA). Under a DPA, the company is criminally charged with the underlying offense, but the prosecution is deferred and the charge later dismissed if the company complies with the DPA’s terms. Also, at the sentencing stage, compliance efforts may help persuade the Antitrust Division to make a recommendation for a reduced criminal fine or against court-ordered reporting obligations or an independent compliance monitor.
The Antitrust Division begins its evaluation with three preliminary questions, which should shape the design and implementation of an effective compliance program.
1. Does the compliance program address and prohibit criminal antitrust violations?
The Compliance Guidance describes the relevant violations as “criminal violations of the Sherman Act, 15 U.S.C. § 1 et seq., such as price fixing (including wage fixing and conspiracies to suppress other terms of price competition), bid rigging, market allocation, and monopolization, as well as obstructive acts that imperil the integrity of antitrust investigations.”
2. Did the compliance program detect and facilitate prompt reporting of the violation?
This question tests how effective the compliance program was in practice and how the company responded when it discovered the misconduct.
3. To what extent was a company’s senior management involved in the violation?
From the DOJ’s perspective, involvement by senior management in the violation sends the message that the company’s leadership failed to set a tone and culture supporting antitrust compliance and suggests that the compliance program was not effective when the offense occurred. At the same time, the company has an opportunity to reset the tone and bolster its commitment to antitrust compliance by improving its compliance program and incentivizing lawful behavior, including by disciplining or removing the responsible managers and employees and clawing back any bonuses they received.
Beyond these three basic questions, the Compliance Guidance also directs prosecutors to assess whether a compliance program is effective as designed and carried out or, conversely, whether it is “merely a ‘paper program.’” The guidance lays out nine further factors pertinent to evaluating compliance programs, while recognizing that not every factor will be relevant in every case, and that compliance programs will vary in terms of resources and design depending on the size of the company and the antitrust risk in its particular line of business. The nine factors for prosecutors to consider are:
- The design and comprehensiveness of the program.
- The culture of compliance within the company.
- Responsibility for, and resources dedicated to, antitrust compliance.
- Antitrust risk assessment techniques.
- Compliance training and communication to employees.
- Monitoring and auditing techniques, including continued review, evaluation and revision of the antitrust compliance program.
- Reporting mechanisms.
- Compliance incentives and discipline.
- Remediation methods.
Key Additions to the Compliance Guidance and Takeaway Points
Electronic Communications and Ephemeral Messaging
Among the new additions to the Compliance Guidance are provisions relating to electronic communications and ephemeral messaging. These additions reflect the Antitrust Division’s expressed concern that price fixing and other unlawful anticompetitive conduct could be facilitated by ephemeral messaging systems that leave no trail of communications among competitors. The guidance now directs prosecutors to investigate what electronic communications channels a company uses and what mechanisms are in place to manage and preserve information within these channels. Under the updated guidance, prosecutors assess whether the company has “clear guidelines regarding the use of ephemeral messaging or non-company methods of communications,” what “preservation or deletion settings are available” and what rationale the company has for those settings.
In response to these additions, businesses should consider reviewing and potentially updating their policies and practices for electronic communications and ephemeral messaging to make clear what communications channels employees may use to conduct company business (including whether the use of non-company devices and systems is permitted or prohibited). Businesses should also consider reviewing their retention practices across the full range of communications channels and should document the justification for those practices, including any autodelete settings or protocols.
Artificial Intelligence and Algorithmic Pricing
The guidance additions also introduce a focus on how businesses conduct risk assessment and compliance for their use of technology, particularly emphasizing artificial intelligence and algorithmic revenue-management software. The Compliance Guidance now directs prosecutors to consider the role that compliance personnel or compliance organizations take in risk assessment related to the deployment of AI or other technologies, whether those compliance authorities understand those technologies and what risk-mitigation steps a business takes in its use of technology. The guidance further asks how “quickly” a company can “detect and correct decisions made by AI or other new technologies that are not consistent with the company’s values.”
While the use of technologies such as AI and algorithmic software or services can make companies more efficient and more competitive, businesses should be aware that both the Antitrust Division and the Federal Trade Commission are focused on whether new technologies, particularly AI and algorithmic pricing tools, have anticompetitive potential or effects. Accordingly, as part of compliance efforts, businesses should consider implementing a process to assess antitrust risk of, and potential risk-mitigation measures for, new technologies. (General guidance on risk assessment and mitigation strategy is provided in our recent Informed Board article “The Age of the Algorithm: Understanding the Rewards and Risks of Algo Pricing.”)
Employee Reporting and Nondisclosure Agreements
The updated Compliance Guidance also reflects an Antitrust Division concern that employees may be reluctant to report potential antitrust violations, including due to a fear of retaliation or the use of nondisclosure agreements (NDAs). The guidance now directs prosecutors to inquire about what “mechanisms” a company has “in place to allow employees to report or seek guidance regarding potential criminal conduct without fear of retaliation.” The guidance also adds a line of inquiry into NDAs, asking whether they are “utilized or enforced in such a way that they act to deter whistleblowers or violate” the Criminal Antitrust Anti-Retaliation Act (CAARA), a 2020 statute designed to protect employees from adverse employment action or discrimination for reporting a potential criminal antitrust violation to their supervisors, compliance personnel or the federal government or for cooperating in a federal criminal antitrust investigation. The inquiry considers whether the company has an anti-retaliation policy in place and what training the company conducts on that policy and CAARA. The updates also aim to ascertain the effectiveness of these efforts, asking whether employees can make “anonymous and confidential reports”; whether the policies “in practice” are “encouraging reporting of antitrust violations” or “chilling reporting”; and, significantly, how a company is measuring “whether employees are willing to report violations.”
These updates to the Compliance Guidance provide an opportunity for businesses to devise or revisit policies regarding employee reporting, anti-retaliation and NDAs. For example, the policies should account for the implications of the relatively recently enacted CAARA, and any NDAs and company policy should be “clear that employees can report antitrust violations internally and to government authorities.” This also serves as a reminder to assess how effective these policies are by, for example, examining internal reporting rates for both antitrust and other potential issues and surveying employee opinions on reporting.
Civil Antitrust Investigations
The Compliance Guidance adds a new provision that extends the basic principles of the guidance — which, as noted above, is by its terms focused on criminal antitrust violations — to civil antitrust investigations. Specifically, the guidance now provides that when companies ask the Antitrust Division to “take notice of existing or improved compliance efforts” when seeking to resolve investigations of “civil antitrust violations,” the Antitrust Division will “consider many of the same factors” outlined in the guidance for criminal antitrust investigations. While the Antitrust Division maintains prosecutorial discretion, the guidance acknowledges that an effective compliance program may help companies avoid court-mandated compliance and reporting requirements or external monitors in civil resolutions.
Multi-Jurisdiction Compliance
Lastly, a new provision acknowledges that compliance programs for a multinational enterprise may need to account for and reflect varying standards imposed by the jurisdictions in which the firm operates. Specifically, the guidance now instructs that when prosecutors evaluate the design of a compliance program, they “should be aware that the program may reflect efforts to meet standards across a number of areas of law and jurisdictions.” Accordingly, counsel should ensure prosecutors understand not only why a company designed a program to comply with varying antitrust standards around the globe, but also why privacy and employment standards in some jurisdictions may limit the ability of a company operating in those jurisdictions to take certain steps in connection with their compliance efforts.
This memorandum is provided by Skadden, Arps, Slate, Meagher & Flom LLP and its affiliates for educational and informational purposes only and is not intended and should not be construed as legal advice. This memorandum is considered advertising under applicable state laws.
For further information, please contact:
James J. Fredricks, Partner, Skadden
james.fredricks@skadden.com