Introduction
Companies are increasingly aware of the significance of complying with all applicable laws when carrying out their business activities. As a result, companies (both small and large) have implemented compliance programmes covering the most relevant areas of law, to ensure that they comply with these rules to avoid severe consequences, such as high fines or reputational damage.
In this context, a vital element within compliance programmes is competition law. Competition authorities worldwide advocate for the implementation of effective competition law compliance programmes. The adoption of effective competition compliance programmes may allow companies to gain certain benefits in the event of breaching competition law. These benefits may include, for instance, a reduction of the fines.
The advocacy of the relevance of competition law compliance programmes has not only been carried out by competition authorities, but also by other institutions. In this regard, it is worth noting that the International Chamber of Commerce (ICC) have also promoted the benefits of implementing competition law compliance programmes for companies.
This post seeks to examine the recent update of the ICC’s Antitrust Compliance Toolkit.
The Antitrust Compliance Toolkit
The ICC published in 2013 its First Antitrust Compliance Toolkit (FACT). The publication of the FACT was timely and useful, as there was no consensus at the time among competition authorities on how to support companies in their compliance efforts.
The FACT set out 11 criteria that companies should consider when adopting their competition law compliance programmes. The FACT thoroughly explained how to develop and implement each of the criteria to build a robust compliance programme.
In October 2024, the ICC published an updated version of the Antitrust Compliance Toolkit (Second Antitrust Compliance Toolkit (SACT)). This reflects all the changes in competition law compliance over the last decade. It is considerably shorter than the previous edition. It reduces from 11 to 10 the criteria to be considered when adopting an effective competition law compliance programme. In particular, the SACT removes the criteria related to “Antitrust Compliance Certification” included in the FACT.
Moreover, the SACT simplifies the content of all the criteria, focusing on the most relevant points. Unlike the FACT, the SACT does not include any Annex covering applicable standards for a robust competition law compliance programme or practical examples.
We will examine below the criteria established in the SACT to be taken into account when implementing competition law compliance programmes.
Compliance embedded as company culture and policy
The SACT states that the best way to implement a successful compliance programme is to embed the compliance culture as part of the company.
The SACT notes that “tone from the top” is a vital factor to prove that senior management is involved and committed in the company’s culture of doing the right thing. Senior management, not only the CEO, needs to show its support for competition law compliance. To prove this support, it is usually not enough to issue statements by senior management. They should also participate in training sessions to create a culture of awareness and empower employees to make ethical decisions.
Likewise, the SACT mentions that recognising competition law as a risk on its daily operations is a good way for companies to prove their commitment to be compliant. Companies should also appoint an employee to be responsible for competition law compliance.
Furthermore, the SACT indicates that the issuance of a Code of Conduct is useful to provide a reference for all the employees of the company regarding their business activities. However, the Code of Conduct is not enough to prove the commitment with compliance of the company.
The SACT also recommends that companies should implement their competition law compliance programmes as a whole. This means that the implementation of the competition law compliance programme should be conducted, by taking into account other compliance programmes (i.e., anti-bribery or data) already adopted by the company.
Compliance organisation and resources
The organisation and resources of competition law compliance programmes may surely vary between companies. However, the SACT specifically identifies three essential aspects that must be addressed: (a) compliance leadership and organisation; (b) regular reporting to the Board and the senior management and; (c) adequate resourcing.
Compliance leadership and organisation: Companies must appoint a person in charge of the implementation of an effective competition law compliance programme. This person must have direct access to the Board, as well as other relevant Committees within the company.
Regular reporting to the Board and the senior management: The Board and the senior management must be aware of the potential risks that the company faces. Reporting should be made on a regular basis, but its periodicity may change if new risks arise.
Adequate resourcing: The resources available to fund the implementation of competition law compliance programmes depend on the size of the companies and the risks which they may face. However, funding these programmes should be considered as an investment due to the severity of the consequences of breaching competition law, e.g., high fines, damages claims, reputational damages or even criminal liability depending on the jurisdiction.
Risk identification and assessment
The SACT notes that, to implement an effective compliance programme, companies should define their own risk assessment and methodology. This allows companies to identify and assess the risks which they may face in their daily business operations.
During the risk assessment process, the SACT suggests involving other employees from different areas, such as Finance and competition law lawyers, to better understand the approach to risk management of the company. Companies should normally assess their competition law risks, taking into account different factors including the industry, their position in the market, the focus of competition authorities on certain practices, the interactions with competitors, etc.
Having identified potential competition law risks, companies should put in place internal controls to ensure compliance with the applicable law. These controls may differ in each company, but they should certainly include compliance handbooks, training sessions, business alerts, internal checks or registers.
The SACT points out that the implementation of effective internal controls helps to build a strong compliance culture within companies. This culture enables companies to mitigate their competition law risks and/or to hire and retain staff that want to work for ethical companies.
Antitrust compliance know-how
The SACT states that companies need to train all their employees in competition law to increase their awareness and minimise the risks of potential infringements.
The SACT points out that companies should draw up handbooks or guidelines by in-house or external lawyers that reflect the specific competition law risks that may face their business units. The following elements should be included: (a) the language should be clear and simple, including precise rules (e.g., “Do’s and Don’ts” are helpful); (b) the guidelines should address specific risks that business units may face in its daily operations and; (c) the method and wording of the guidelines should be business friendly to facilitate the understanding of their content.
The SACT also emphasises the relevance of competition law training as an essential part of an effective compliance programme. The content of the training should be focused on explaining the rationale of the compliance policies, as well as the consequences of potential violations. Despite the above, training sessions also should cover dawn-raids and, in particular, employees with high exposure in this situation, such as IT, security or front-desk, since the lack of cooperation or breaking the seals may lead to high fines.
The SACT contains some practical recommendations related to the organisation of competition law training sessions. The most relevant are: (a) the training and its frequency should be tailored to the specific needs of every business unit; (b) new hires should also receive competition law training during their onboarding; (c) training sessions may be in person, online or virtual; (d) trainers must be experts in competition law; (e) senior management and team leaders must attend competition law training sessions to show the compliance culture of the company to the rest of the staff and; (f) attendance records.
Antitrust concerns-handling systems
Most companies have already implemented whistleblowing procedures which allow employees to report suspected misconducts. The internal reporting systems may vary between companies. The SACT indicates that there may be either an open-door approach or internal helpline systems to resolve questions that may arise in day-to-day business activities.
The SACT notes that the mere implementation of a whistleblower channel is not enough to be effective. It also indicates that the reporting system must be confidential and anonymous to ensure its effectiveness. The data revealed by the whistleblower and his/her identity should be maintained confidential as long as possible and companies should thus use the most appropriate means to protect such information. The reporting system must also ensure that employees speaking up will not suffer retaliation from other employees or even the management of the company.
The SACT emphasises that companies should aim at informing all employees of the existence and the functioning of the reporting channel so that they can ask questions or report any misconduct. Companies should also broadly communicate that the information provided will be appropriately treated to keep it confidential and employees will not suffer any retaliation.
The SACT states that companies should respond promptly and fairly to any compliance concerns. Compliance programmes should at least make clear that: “a) Managers have an obligation to take seriously any compliance concerns…; b) The company will investigate any bona fide report or genuine concerns of rules being broken; c) Appropriate action will be taken to prevent similar incidents again; d) The investigation process will be full and fair for everyone involved; e) Action will not be taken against anyone before an accusation/concern has been appropriately investigated and; f) Non-retaliation and confidentiality will be guaranteed”.
Handling of internal investigations
Companies typically conduct internal investigations after receiving a complaint from potential misconduct.
The SACT highlights the relevance of implementing an efficient, trustworthy and well-funded process for investigating the allegation of misconduct and documenting the company’s response. The person responsible for conducting the internal investigation is generally the Chief Ethics and Compliance Officer or a member of his/her team, but it is not unusual to outsource the internal investigation for legal privilege reasons, or to prove the impartiality of the company’s process.
The SACT outlines various types of internal investigations to ascertain the facts under investigation and the potential consequences. Internal investigations may be ad hoc screening using AI, in-depth legal assessments, internal compliance process audits and substantive forensic compliance investigations or due diligence investigations.
The SACT strongly suggests that companies should lay down a general guidance of internal investigations for potential breaches. Companies should also inform their employees of the content of the guidance. The guidance should cover rules on confidentiality, impartiality of investigators, timelines, scope of investigation and measures adopted to protect employees from retaliation.
In addition to that, the SACT notes that companies should elaborate specific guidance when conducting a competition law investigation, since it may lead to a leniency application. The guidance should include: (a) the members of the investigation team; (b) the roles of other internal units involved in the investigation such as IT, Audit, HR…; (c) confidentiality and legal privilege issues; (d) the relevance of preserving documents and electronic records; (e) how interviews and electronic searches will be conducted; (f) the scope of the investigation; (g) the use or not of AI during the investigation and; h) the individual’s right to separate lawyers and the company’s policy on paying legal fees.
Sometimes internal investigations run in parallel with leniency applications. For that reason, companies should avoid any leaks during their internal investigation to not harm their leniency applications and to not disrupt their business operations.
Disciplinary action
Competition authorities expect companies to react when becoming aware of any wrongdoing in their business activities.
The SACT underscores the relevance of including an internal disciplinary code which applies if any employee breaches competition law to build strong competition law compliance programmes. The disciplinary policy must be clear and transparent. To have a credible disciplinary policy, companies should consider the following factors: (i) disciplinary measures must be applied fairly and consistently regardless of the seniority of potential offenders; and (ii) employees must know in advance the consequences of breaching competition law.
The SACT also points out that a panel including Compliance, Legal, HR and senior management should adopt the disciplinary measures. Disciplinary measures should be graduated depending on the seriousness of the wrongdoing. These measures may range from an informal warning to dismissal in the most serious cases.
The disciplinary policy must also include aggravating and mitigating factors. The application of aggravating and mitigating factors allows companies to avoid pre-determined outcomes in these proceedings. It also enables companies to conduct a full review of the facts of the case. Mitigating factors may include collaboration during the internal investigation or the employee’s attendance at non-mandatory competition law training, whereas aggravating factors may include repeat offender, or the lack of cooperation during the internal investigation.
Lastly, the SACT contains a specific section referring to competition law cases. Companies may apply for leniency, and they, hence, need to secure total cooperation in the investigation conducted by the competition authority of the employees involved in the infringement. In these situations, companies may establish a system of deferred sanctions to ensure full collaboration with the competition authority during the whole proceeding before solving the internal one. In that regard, it should consider the specificities of the law applicable in each jurisdiction.
Antitrust due diligence
The SACT states that competition law due diligence may take different forms. Firstly, the SACT suggests that due diligence in new hires proves companies’ commitment to compliance. Companies should avoid hiring employees who have breached competition law.
Secondly, the SACT notes that companies should conduct regular assessments to review their exposure to competition law risks and to identify new ones.
Thirdly, the SACT recommends auditing specific business units or practices to discover the existence of real or potential infringements of competition law.
Fourthly, the SACT identifies trade associations as a potential big risk for companies under competition law but also recognises that trade associations perform a pro-competitive and useful role in the economy. To minimise these risks, companies must properly train their employees before attending meetings within the trade association. Besides, companies should check that trade associations have adopted appropriate competition law compliance policies.
Fifthly, the SACT strongly suggests conducting a competition law due diligence within M&A context. This enables companies to detect potential infringements that may affect the closing price of the transaction. It is also important for companies to identify these violations before closing the transaction to negotiate for the costs of the competition law compliance to be borne by the seller.
Compliance incentives
The SACT states that companies should offer incentives to their employees to bolster a culture of compliance. Incentives can be challenging to implement in practice, and it is recommended to include them when the compliance programme is well-established within the company. Compliance incentives can be soft such as either individual or group commendations from senior business leaders for exemplary business conduct. There may also be more tangible incentives such as monetary rewards or promotion prospects.
Monitoring and continuous improvement.
The SACT states that companies should regularly assess their competition law compliance programmes to ensure that they cover all the risks faced by companies.
The SACT indicates that companies should monitor and assess their processes and controls within their compliance programmes to check whether the measures adopted are appropriate and work effectively and efficiently.
The SACT also highlights the relevance of regularly conducting substantive assessments to determine whether companies comply with competition law. This assessment would demonstrate the companies’ commitment to comply with competition law. It also allows companies to prove either that risks remain the same and no changes are necessary, or to identify new risks, so new controls must be put in place.
Having examined the competition law compliance programme, companies should prepare an action plan to correct and mitigate all the new risks and gaps identified. This action plan must include a delivery plan setting out the deadline and the person responsible for each action.
Conclusion
The SACT published by the ICC is an extremely helpful tool for companies and competition lawyers to get an in-depth overview of how to implement a competition compliance programme. The SACT compiles the main developments in competition compliance over the last decade.
The SACT stresses that competition law compliance cannot be addressed in isolation. In fact, the SACT points out that competition law compliance should be managed along with other vital areas of compliance such as data protection or anti-bribery. The raison d’être of having a single compliance programme with different areas is to allow companies to promote and develop their own compliance culture.
The SACT repeatedly exposes that the “tone from the top” is an essential factor to implement an effective compliance programme. The “tone from the top” implies that senior management must actively take part in compliance activities to prove to employees that competition law compliance is a priority for the company. As a result, the mere endorsement of compliance programmes by senior management is not enough to comply with this criterion.
The SACT highlights that companies should conduct risk assessments on a regular basis to ensure that their compliance programmes are updated to their real risk exposure, so they can either adopt new control measures, or amend the current ones in force to tackle the new challenges. The factors to be taken into account when assessing risks are, inter alia, regulatory changes, industry developments or the market position of the company.
The SACT clearly states that even if handbooks and guidelines related to competition law are useful to provide legal guidance for employees, training sessions are indispensable. However, these training sessions cannot be generic. These sessions should be specifically tailored for their attendees to deal with real problems that they can face in their daily business activity.
The SACT makes clear that companies ought to establish a clear guidance explaining how they will conduct internal investigations. In particular, the guidance should include rules on confidentiality, timelines, scope of the investigation, or measures to protect employees from retaliation. The investigations allow companies to detect and correct potential weak points. The existence of clear guidance can help when companies conduct internal investigations and apply for leniency at the same time since leakages can negatively affect the leniency application.
The SACT stresses that the internal disciplinary regime to be applied as a result of competition law infringements must be known in advance by all the employees. It must be clear and transparent. The disciplinary measures should be applied taking into account all the circumstances of the case to grade the potential sanctions. The disciplinary regime must be applied uniformly to all the staff without granting beneficial treatment to senior employees.
The SACT also underscores that companies should implement incentives, tangible and intangible, within their compliance programmes to support their compliance culture.
The SACT demonstrates that competition law compliance is an important matter for companies conducting due diligence in M&A transactions or internal transactions to detect potential infringements or risks. The SACT also recommends carrying out due diligence actions when hiring new employees to verify whether these employees have breached competition law. This proves a real commitment of companies to comply with competition law.
In conclusion, the SACT clearly explains the benefits for companies of implementing effective compliance programmes. It is shorter and more concise than the FACT and incorporates all the developments in competition law compliance over the last decade. Moreover, the SACT provides useful guidance to build a strong competition law compliance programme. It offers companies flexible solutions to implement competition law compliance programmes tailored to their specific operational risks.
________________________
To make sure you do not miss out on regular updates from the Kluwer Competition Law Blog, please subscribe here.
