DOJ Antitrust Division Updates Corporate Compliance Guidance

The U.S. Department of Justice, Antitrust Division (Antitrust Division) has published its updated guidance on the Evaluation of Corporate Compliance Programs in Criminal Antitrust Investigations (Guidance). The latest version of the Guidance, issued November 2024, is the first update since it was originally published in July 2019.

As with the original version, the Guidance is focused on assessing the effectiveness of corporate compliance programs in the context of criminal violations of the Sherman Act (e.g., price fixing, bid rigging, market allocation, and monopolization), as well as “obstructive acts that imperil the integrity of antitrust investigations.” Although the Guidance is primarily intended to provide direction to Antitrust Division prosecutors, it also provides helpful tips for companies seeking to mitigate antitrust risk.

The Guidance highlights five key issues in evaluating the effectiveness of a company’s compliance program, each of which we encourage companies to consider in assessing whether their own programs adequately address current risks.

1. How Does Company Leadership Promote Compliance?

Compliance Leadership From All Levels of Management. A repeated theme throughout the Guidance is that “an effective compliance program requires leadership to implement a culture of compliance at all levels of the organization.” This commitment is not limited to senior management, but applies to all levels of management within the company.

• “Prosecutors should examine the extent to which corporate management—both senior leadership and managers at all levels—has clearly articulated and conducted themselves in accordance with the company’s commitment to good corporate citizenship.”
• “How are managers at all levels demonstrating to employees the importance of compliance? What are managers doing to set the tone from the middle?”

Board-Level Involvement in Compliance. In addition to expecting company management to exhibit leadership in compliance, the Guidance emphasizes the importance of compliance expertise within the board of directors, highlighting the board’s key role in compliance.

• “Have the board of directors and/or external auditors held executive or private sessions with the compliance and control functions?”
• “What types of information have the board of directors and senior leadership examined in overseeing the area in which the misconduct occurred?”

2. How Does the Company Support the Compliance Function?

Continuous Improvement in Compliance. The Guidance explains that compliance programs should not be static, but instead adapt to both past issues and emerging risks. Companies are expected to update their compliance measures as risks evolve.

• “How does the company amend its compliance program to account for previous antitrust violations at the company or in the industry in which it participates, to avoid repetition of previous violations?”
• “Has the training addressed lessons learned from prior compliance incidents?”
• “Is there a process to identify emerging risks as the company’s business environment changes? Has the company undertaken a gap analysis to determine if particular areas of risk are not sufficiently addressed in its policies, controls, or training?”

Employee Training and Incentives for Compliance. The Guidance encourages companies to take compliance into account when making hiring and compensation decisions, and to ensure that compliance guidance is appropriately tailored and accessible to employees.

• “Has the company considered the implications of its incentives, compensation structure, and rewards for its compliance policy? Have there been specific examples of actions taken (e.g., promotions or awards denied, or bonuses clawed back) because of compliance considerations?”
• “To the extent that employees are trained on antitrust ‘hot’ words, is the focus on detecting and deterring antitrust violations, as opposed to making violations harder to detect?”
• “Are the compliance program and related training materials easily accessible to employees, e.g., via a prominent location on the company’s intranet? How does the company confirm that employees in practice know how to access compliance materials?”

Sufficient Resources for Compliance. The Guidance highlights the importance of providing adequate resources for the compliance program to function effectively.

• “How do the resources allocated to antitrust compliance compare to those devoted to other functions of the company? Is the level of technology devoted to compliance comparable to the level of technology devoted to other functions?”
• “Are there times where requests for resources from the compliance function have been denied? If so, on what grounds?”

3. How Does the Company Encourage Reporting?

Anti-Retaliation and Non-Disclosure Agreements. The Guidance provides that company policies should encourage employees to come forward to report potential wrongdoing, protect them from retaliation, and avoid practices that may chill reporting.

• “In practice, are the company’s policies encouraging reporting of antitrust violations or are the policies chilling reporting? How does the company assess whether employees are willing to report violations?”
• “Does the company have an anti-retaliation policy? Are employees, including managers and supervisors, trained regarding the anti-retaliation policy and the protections provided under the Criminal Antitrust Anti-Retaliation Act (CAARA)?”
• “Is the company’s use of non-disclosure agreements (NDAs) and other restrictions on current and former employee[s] consistent with ensuring that employees can report potential antitrust violations without fear of retaliation?”

4. How Does the Company Address New Technologies?

Artificial Intelligence and Algorithmic Tools. With the emergence of new AI and algorithmic business tools, it comes as no surprise that the Guidance focuses on antitrust risks resulting from these new technologies. Companies are advised that compliance should play a role in the deployment and use of new technological tools.

• “How does the company’s risk assessment address its use of technology, particularly new technologies such as artificial intelligence (AI) and algorithmic revenue management software, that are used to conduct company business?”
• “Are compliance personnel involved in the deployment of AI and other technologies to assess the risks they may pose? Does the compliance organization have an understanding of the AI and other technology tools used by the company?”
• “Does the compliance program monitor and detect decision-making by AI or other technology tools to ensure they are not violating antitrust laws?”

Use of Technology to Monitor Compliance. New technologies may also provide opportunities to enhance compliance, and the Guidance recommends that companies consider using technology to facilitate compliance.

• “How do compliance personnel utilize company data to audit and monitor employees? Can compliance personnel access all relevant data sources promptly? Is the compliance program using data analytics tools in its compliance and monitoring?”

Electronic Communications and Ephemeral Messaging. The Guidance is also concerned with preserving evidence for investigations, with a particular focus on ephemeral messaging and third-party communication platforms. This is a key focus area not just for the Antitrust Division, but for the Department of Justice as a whole, as well as for the Federal Trade Commission.

• “Does the company have clear guidelines regarding the use of ephemeral messaging or non-company methods of communication including the extent to which those communications are permitted and when employees must preserve those communications? What preservation or deletion settings are available, and what is the rationale for the company’s approach to what settings are permitted?”

5. How Does Compliance Apply to Civil Antitrust Violations?

Despite primarily focusing on criminal violations, the Guidance also states that the Antitrust Division will apply its principles in resolving civil violations. According to the Guidance, even if a civil violation is found, an effective compliance program may allow a company to avoid court-mandated compliance and reporting requirements or supervision by external monitors.

• “In seeking to resolve investigations into civil antitrust violations, companies . . . should expect the civil team to consider many of the same factors when assessing the effectiveness of their compliance program as criminal prosecutors do.”
• “A strong culture of compliance can allow a company to steer clear of civil antitrust violations and, if violations do occur, to promptly self-disclose and remedy them and cooperate with a civil antitrust investigation.”

Conclusion

In sum, the Guidance updates provide greater clarity on the Antitrust Division’s current views regarding corporate compliance programs. Companies would be well-advised to review their existing compliance programs to ensure that they address the government’s increased expectations as well as emerging and evolving risks.

© Arnold & Porter Kaye Scholer LLP 2024 All Rights Reserved. This Advisory is intended to be a general summary of the law and does not constitute legal advice. You should consult with counsel to determine applicable legal requirements in a specific fact situation.