For many years the DOJ took the position that its primary tool to encourage compliance with the antitrust laws was its amnesty/leniency program, whereby the first party to voluntarily reveal that it has committed an antitrust violation may qualify for complete amnesty from criminal prosecution. Everyone else was out of luck, no matter what kind of compliance program they had. Under this approach, the fact that there was an antitrust violation proved (at least as far as the Antitrust Division was concerned) that it was a “failed” compliance program, not deserving of any sort of credit. Over the years, numerous efforts were made to get them to change their position, and there were indications that the Division was warming-up to the notion that encouraging antitrust compliance programs was a good thing, particularly as other parts of the Justice Department increased their emphasis on the value of compliance programs. In April 2018, the Division held a public Roundtable on Criminal Antitrust Compliance, where Assistant Attorney General Makan Delrahim stated that corporate compliance was the key to the Division’s ultimate goals of preventing and uncovering criminal antitrust violations and protecting consumer and small businesses. It definitely looked like the Antitrust Division approach to compliance programs was changing.
On July 11, 2019, the Antitrust Division announced the release of Evaluation of Corporate Compliance Programs in Criminal Antitrust Investigations. These guidelines brought the Antitrust Division in line with the approach to compliance programs outlined in United States Sentencing Guidelines and the rest of the Department of Justice by adopting a policy that compliance efforts can be considered at both the charging and sentencing stage counted to mitigate a sentence recommendation. It reviewed the language from the FSG regarding compliance, and incorporated guidance from the Justice Manual and the compliance guidance provided by the International Chamber of Commerce and OECD.
But what was most notable about the guidelines was that there was nothing in the content that should have surprised any compliance professional. Even under the Division’s prior policy, you should have been doing these things all along. If you weren’t, that’s unfortunate, but now it is time to ramp-up your efforts.
What can also be done now (unless, of course, you have no gaps in your existing program) is to take these guidelines to your board of directors and identify a plan to satisfy them. This, of course, could/should have been done when the FSG for organizations were first issued many years ago, or when other guidance from the DOJ was issued more recently, but now there is further emphasis on what the government expects to see. And, it goes without saying, a prudent company would do these things to reduce the odds of violating the law and not just to please the DOJ.
The Guidelines start out with a very general overview. They quote the Justice Manual’s approach to looking at a compliance program to influence a charging decision. The Justice Manual asks three fundamental questions:
- Is the corporation’s compliance program well designed?
- Is the program being applied earnestly and in good faith?
- Does the corporation’s compliance program work?
While these questions certainly go to the bona-fides of a compliance program, they really don’t give a compliance officer (or a prosecutor) a lot of guidance. The Division’s prosecutors would ask three more high-level questions about the efficacy of a compliance program:
- Does the company’s compliance program address and prohibit criminal antitrust violations?
- Did the antitrust compliance program detect and facilitate prompt reporting of the violation?
- To what extent was a company’s senior management involved in the violation?
So, the Guidelines then go on to outline how they would review the effectiveness of an antitrust compliance program by examining the following factors:
- the design and comprehensiveness of the program;
- the culture of compliance within the company;
- responsibility for, and resources dedicated to, antitrust compliance;
- antitrust risk assessment techniques;
- compliance training and communication to employees;
- monitoring and auditing techniques, including continued review, evaluation, and revision of the antitrust compliance program;
- reporting mechanisms;
- compliance incentives and discipline; and
- remediation methods.
For each of these nine aspects, the Division asks a series of questions to test whether there is an effective compliance program. One way to approach the use of these questions in evaluating (and improving) your compliance program would be to put all the questions into a simple 2-column form. The left-hand column would have the questions from the guidelines and the right-hand column would identify the aspect of your program satisfies that requirement, whether through manual or automated controls. The existence of empty right-hand boxes should speak volumes to a board member who is concerned about protecting the company with an effective compliance program, as well as protecting his or her own hide from a Caremark-type lawsuit.
In discussing how these principles will be applied to influence a sentencing recommendation, the Division notes that the Sentencing Guidelines provide several ways to receive credit for an effective compliance program. It also notes that no credit would be given where that has been an unreasonable delay in reporting the illegal conduct to the government. There is a rebuttable presumption that a compliance program is not effective when certain “high-level personnel” or “substantial authority personnel” “participated in, condoned, or [were] willfully ignorant of the offense.” This presumption may be rebutted if (i) individuals with operational responsibility for the compliance program had direct reporting obligations to the governing authority of the company (e.g., an audit committee of the Board of Directors if applicable); (ii) the compliance program detected the antitrust violation before discovery outside of the company or before such discovery was reasonably likely; (iii) the company promptly reported the violation to the Antitrust Division; and, (iv) no individual with operational responsibility for the compliance program “participated in, condoned, or was willfully ignorant” of the antitrust violation.
The Division does not normally recommend probation for companies that cooperate with the investigation and accept responsibility, but may do so in certain circumstances, such as when a company did not put an adequate compliance program in place. Probation, periodic compliance reports, and the appointment of a monitor may be required to oversee implementation of an effective compliance program and timely reports.
Extraordinary post-violation compliance efforts may warrant a fine reduction. Division prosecutors would consider activities related to the activities of senior management to bolster the “tone at the top” in support of compliance), improvements to a pre-existing compliance program, creation of a robust compliance program, and implementation of disciplinary procedures for employees who violate the law or the company’s compliance program.
The grid that follows this summary is one way such a form might be presented. The firm is happy to provide assistance on upgrading your antitrust compliance program – or any area of your compliance program.
Ted Banks
compliancelaw@comcast.net
tbanks@scharfbanks.com
Questions to Review as Provided by the Antitrust Division’s Evaluation of Corporate Compliance Programs in Criminal Antitrust Investigations.
Question | What is In Your Company Program? |
1. Design and Comprehensiveness | |
Before becoming aware of any investigation, did the company have an antitrust compliance program establishing standards and procedures to prevent and detect criminal conduct? When was the company’s antitrust compliance program first implemented? How often is it updated? Is it periodically reviewed and does it seek feedback from employees? Are compliance materials updated with recent developments and periodically refreshed so they do not become stale? | |
What is the format of the antitrust compliance program? Is it in writing? | |
Who is responsible for integrating antitrust policies and procedures into the company’s business practices? In what specific ways are antitrust compliance policies and procedures reinforced through the company’s internal controls? For example, does the company have a way of tracking business contacts with competitors or attendance at trade association meetings, trade shows, and other meetings attended by competitors? Is that tracking system regularly monitored? | |
What guidance has been provided to employees who could flag potential antitrust violations (e.g., those with approval authority for pricing changes and participation in industry meetings, certification responsibilities for bidding activity, or human resources/hiring authority)? Do they know what antitrust risks the company faces and what conduct potentially indicates an antitrust violation? | |
What guidance has been provided to employees about document destruction and obstruction of justice? Does the company have clear document retention guidelines and does it educate employees on the ramifications of document destruction and obstruction of justice? | |
2. Culture of Compliance | |
What is the company’s senior leadership doing to convey the importance of antitrust compliance to company employees? How have senior leaders, through their words and actions, encouraged (or discouraged) antitrust compliance? What concrete actions have they taken to demonstrate leadership in the company’s antitrust compliance or remediation efforts if relevant? | |
Have senior managers tolerated antitrust violations in pursuit of new business, greater revenues, or maintaining customers? Were senior managers involved in the violation(s)? | |
Has there been personal accountability by senior leadership for failures in the company’s antitrust compliance? | |
What else is the company’s senior leadership doing to set the tone from the top or bring about culture change throughout the company? | |
3. Responsibility for the Compliance Program | |
Who has overall responsibility for the antitrust compliance program? Is there a chief compliance officer or executive within the company responsible for antitrust compliance? If so, to whom does the individual report, e.g., the Board of Directors, audit committee, or other governing body? How often does the compliance officer or executive meet with the Board, audit committee, or other governing body? How does the company ensure the independence of its compliance personnel? | |
How does the compliance function compare with other functions in the company in terms of stature, compensation levels, rank/title, reporting line, resources, and access to key decision-makers? Is the compliance function sufficiently senior within the organization to command respect and adequate resources? | |
Are compliance personnel dedicated to compliance responsibilities, or do they have other, non-compliance responsibilities within the company? If so, what proportion of their time is dedicated to compliance responsibilities? Why has the company chosen the compliance structure it has in place? Has the company’s size impacted that decision? | |
Do compliance personnel report to top management regarding the effectiveness of antitrust compliance? What is the format of their report? | |
Do compliance personnel report to top management regarding the effectiveness of antitrust compliance? What is the format of their report? | |
Does the company allocate sufficient compliance resources to educating employees on antitrust law? Are such resources allocated efficiently by focusing on high antitrust risk areas? For example, does the compliance program identify and adequately train employees who have frequent contact with competitors? | |
Who reviews the effectiveness of the compliance function and what is the review process? | |
4. Risk Assessment | |
Is the company’s antitrust compliance program tailored to the company’s various industries/business lines and consistent with industry best practice? Does the compliance program provide specialized antitrust compliance training for human resources personnel and executives responsible for overseeing recruitment and hiring? What efforts has the company made to implement antitrust-related policies and procedures that reflect and address the antitrust risks it faces, including legal and technical changes in the way the company conducts business? For example, as employees utilize new methods of electronic communication, what is the company doing to evaluate and manage the antitrust risk associated with these new forms of communication? | |
What information or metrics has the company collected and used to help detect antitrust violations? How has the information or metrics informed the company’s antitrust compliance program, e.g., through training, modifications, or internal controls? For example, if the company bids on contracts, is bid information subject to evaluation to detect possible bid-rigging? Does the company evaluate pricing changes for possible price-fixing? | |
Is the company’s antitrust risk assessment current and subject to periodic review? Have there been any updates to antitrust policies and procedures in light of lessons learned or marketplace, legal, technological, or other developments? Do these updates account for risks discovered through prior antitrust violations or compliance incidents? | |
5. Training and Communication | |
How has the company communicated its antitrust policies and procedures to all employees? Did the company introduce antitrust policies in a way that promotes and ensures employees’ understanding? In what specific ways are antitrust compliance policies and procedures reinforced through the company’s internal controls? | |
If the company has a Code of Conduct, are antitrust policies and principles included in the document? If the company has foreign subsidiaries, are there cultural, linguistic, or other barriers to implementing the company’s antitrust compliance polices, and how are those barriers addressed? | |
What mechanisms does the company have in place to ensure that employees follow its compliance program? See U.S.S.G. § 8B2.1(b)(5)(A). How is the compliance program distributed to employees? Are the compliance program and related training materials easily accessible to employees, e.g., via a prominent location on the company’s intranet? | |
Must employees certify that they have read the compliance policy? If so, how? Do the certification policies apply to all employees? Do they apply to members of the Board of Directors? How often must employees certify their antitrust compliance? | |
Does the company provide antitrust compliance training? In what form is the antitrust training and who provides it? Is the training provided online or in-person (or both), and what is the company’s rationale for its choice? | |
Who receives antitrust compliance training? What analysis has the company undertaken to determine whom to train and to tailor training to the company’s lines of business and antitrust risks? | |
Who receives antitrust compliance training? What analysis has the company undertaken to determine whom to train and to tailor training to the company’s lines of business and antitrust risks? | |
How often does antitrust compliance training occur? Is antitrust compliance training required when an employee begins work? Is antitrust compliance training required prior to attendance at trade shows or trade association or other meetings with competitors? Are employees required to certify their completion of the training program? See U.S.S.G. § 8B2.1(b)(4). If so, how? How is attendance at the training recorded and preserved? Who ensures that employees attended the required training and certified their attendance? | |
How does the training test the level of employees’ understanding of the antitrust laws? Is training tailored to the employee’s duties and does it provide examples that could arise in the business unit he or she is a part of? For example, if the company bids on contracts, does the company’s compliance program educate employees on bid rigging and market allocation? Are those with pricing authority educated about price fixing? | |
How often is antitrust training updated to reflect marketplace, legal, technological, or other developments? Has the training addressed lessons learned from prior antitrust violations or compliance incidents? | |
6. Periodic Review, Monitoring and Auditing | |
What methods does the company use to evaluate the effectiveness of its antitrust compliance program? Who evaluates the antitrust compliance program? For example, is there a compliance committee that meets periodically? How often is the program evaluated? Has the company revised its compliance program in light of any prior antitrust violations or compliance incidents? | |
What monitoring or auditing mechanisms does the company have in place to detect antitrust violations? See U.S.S.G. § 8B2.1(b)(5)(A). For example, are there routine or unannounced audits (e.g., a periodic review of documents/ communications from specific employees; performance evaluations and employee self-assessments for specific employees; interviews of specific employees)? Does the company use any type of screen, communications monitoring tool, or statistical testing designed to identify potential antitrust violations? | |
What is the company’s process for designing and implementing revisions to its antitrust compliance policy, and has that process changed over time? Does the company consult business units prior to making changes? | |
7. Reporting | |
Is there a publicized system in place whereby employees may report or seek guidance about potentially illegal conduct? Are there positive or negative incentives for reporting antitrust violations? | |
Do supervisors or employees who become aware of a potential antitrust violation have a duty to report it to those with responsibility for compliance? What disciplinary measures does the company have for those who fail to report such conduct? | |
Does the company periodically analyze reports or investigation findings for patterns or other red flags of a potential antitrust violation? | |
What mechanisms does the company have in place to allow employees to report or seek guidance regarding potential criminal conduct without fear of retaliation? May employees make anonymous and confidential reports? | |
8. Incentives and Discipline | |
What incentives does the company provide to promote performance in accordance with the compliance program? | |
Has the company considered the implications on antitrust compliance of its incentives, compensation structure, and rewards? Does the company incentivize antitrust compliance? Have there been specific examples of actions taken (e.g., promotions or awards denied, or bonuses clawed back) because of compliance considerations? Who determines the compensation, including bonuses, as well as discipline and promotion of compliance personnel? | |
What disciplinary measures does the company have for those who engage in antitrust violations or those who fail to take reasonable steps to prevent or detect violations? | |
Has the company disciplined anyone because of an antitrust violation? Has there been any management turnover because of the company’s participation in the violation? Were the actual reasons for discipline communicated to employees? If not, why not? | |
Are antitrust violations disciplined in the same manner as other types of misconduct? Can the company provide examples or data on this point? | |
What is the employment status of culpable executives who have not cooperated and accepted responsibility for antitrust violations? If the company still employs culpable executives, what are their positions? What role do they have with regard to pricing, the company’s compliance and internal investigation, and supervision of any potential witnesses in the government’s investigation? | |
9. Remediation and Role of the Compliance Program in the Discovery of the Violation | |
What role did the antitrust compliance program play in uncovering the antitrust violation? | |
What role did the antitrust compliance program play in uncovering the antitrust violation? | |
Has the company conducted an analysis to detect why the antitrust compliance program failed to detect the antitrust violation earlier? | |
Has the company revised its antitrust compliance program as a result of the antitrust violation and lessons learned? How did the company address, and determine how to address, failures in the compliance program? Was outside counsel or an advisor involved? | |
Has the company revised its antitrust compliance program as a result of the antitrust violation and lessons learned? How did the company address, and determine how to address, failures in the compliance program? Was outside counsel or an advisor involved? | |
Does the company believe that changes to the antitrust compliance program will prevent the recurrence of an antitrust violation? What modifications and revisions did the company make? How will the company evaluate the continued effectiveness of its antitrust compliance training? | |
How did the company convey the changes to antitrust policies and procedures to employees? Were employees required to certify they understood the new policies? | |
Does the antitrust compliance program provide guidance on how to respond to a government investigation? Does the program educate employees on the ramifications of document destruction and obstruction of justice? | |
Did the compliance program assist the company in promptly reporting the illegal conduct? Did the company report the antitrust violation to the government before learning of a government investigation? How long after becoming aware of the conduct did the company report it to the government? |