On Nov. 12, 2024, the U.S. Department of Justice Antitrust Division released updated guidance on the “Evaluation of Corporate Compliance Programs in Criminal Antitrust Investigations.” The guidance highlights several new areas of focus, including how compliance programs should take into account artificial intelligence (AI), algorithmic pricing, ephemeral messaging, monopolization, civil antitrust violations and protections for whistleblowers. Many of these updates parallel recent updates to the Criminal Division’s guidance on compliance programs, which McGuireWoods summarized previously.
Purpose and Framework
The updated guidance serves as an aid to Antitrust Division prosecutors as they evaluate corporate compliance programs as part of their assessment of charging decisions and sentencing recommendations for criminal antitrust offenses. The guidance also provides a framework for companies seeking to design effective compliance programs that will prevent and deter antitrust violations and, in the event of a violation, detect the violation promptly. Early detection is important to best position companies to take advantage of the Division’s leniency policy, demonstrate good faith cooperation and take appropriate remedial measures.
The updated guidance reaffirms nine overarching factors that are considered in the evaluation of antitrust compliance programs: (1) the design and comprehensiveness of the program; (2) the culture of compliance within the company; (3) responsibility for, and resources dedicated to, antitrust compliance; (4) antitrust risk assessment techniques; (5) compliance training and communication to employees; (6) monitoring and auditing techniques, including continued review, evaluation and revision of the antitrust compliance program; (7) reporting mechanisms; (8) compliance incentives and discipline; and (9) remediation methods.
These factors have remained constant since the prior iteration of the guidance, but the update provides new considerations relevant to each factor.
Expansion to Civil Antitrust Violations
While directed towards criminal prosecutors, the updated guidance is clear that “a well-designed antitrust compliance program should also minimize risk of civil antitrust violations.” While that principle itself is not ground-breaking, the guidance goes further to suggest that companies with strong compliance cultures should self-disclose civil antitrust violations to the antitrust authorities. This concept is not explained further, and it raises difficult questions as the evaluation of a potential civil violation will often be less clear than a potential per se violation and will frequently involve complicated economic analyses to weigh potential effects. The Antitrust Division’s leniency policy only applies to criminal violations and does not provide protection from civil enforcement actions. The suggested incentives to self-report civil violations — avoiding court-mandated compliance requirements or imposition of monitors — are far short of the immunity for criminal violations that is provided under the leniency policy.
The Division’s reference to civil antitrust violations appears to be part of a broader expectation that good corporate citizens should self-disclose and cooperate with the government to remedy violations. It also follows recent investigations into antitrust violations that exist on the frontier between criminal and civil enforcement. For example, the Division recently brought a criminal monopolization case after decades of leaving monopolization offences to civil enforcement. In another instance, the Division brought a criminal case in which there were material vertical relationships between co-conspirators, which a federal Court of Appeals later concluded could not be construed as a per se violation of the antitrust laws. The Division has also used information-sharing cases to explore the frontier between civil and criminal liability. The Division’s inclusion of civil antitrust violations in compliance programs may be a recognition that the line between civil and criminal antitrust enforcement is blurring.
Forms of Electronic Communication
The guidance also adds explicit consideration to the “electronic communication channels” that companies use “or allow to be used” to conduct business. The guidance states that prosecutors evaluating compliance programs should ask what retention steps companies put into place with respect to these forms of communications and whether the company has “clear guidelines regarding the use of ephemeral messaging.” The Criminal Division’s guidance on compliance programs raises similar questions.
There are industries in which business communications are required to be on regulated channels, and companies in any industry will have retention obligations upon learning of potential criminal or civil liability. While the guidance does not expressly discourage use of ephemeral messages or personal devices, the practical effect may be to foreclose those options to companies that do not have the technical means or resources to implement or enforce appropriate retention protocols. Companies will need to determine whether the cost of compliance outweighs the cost savings and efficiencies of bring-your-own-device policies and using chats and apps to communicate for business purposes.
Artificial Intelligence and Algorithmic Pricing
In light of the Division’s enforcement actions related to algorithmic pricing, it is unsurprising that the updated guidance asks how “the company’s risk assessment address[es] its use of technology, particularly new technologies such as artificial intelligence (AI) and algorithmic revenue management software, that are used to conduct company business.” The guidance explains that prosecutors should consider risks that these technologies could create, such as price-fixing. As former Acting FTC Chair Maureen Ohlhausen said in 2017, “Is it ok for a guy named Bob to collect confidential price strategy information from all the participants in a market, and then tell everybody how they should price? If it isn’t ok for a guy named Bob to do it, then it probably isn’t ok for an algorithm to do it either.” These risks should be front of mind for companies seeking to update their compliance programs to keep pace with changing technology and the ubiquity of AI-assisted products.
Equally interesting is the guidance’s emphasis on the use of new technologies by compliance programs. The guidance asks, for example, “[i]s the compliance program using data analytics tools in its compliance and monitoring?” Quantitative screening and other forms of data analytics can be an important part of compliance programs and may help companies detect potential violations before they ripen.
Whistleblower Protections
The Criminal Division launched a new corporate whistleblower awards pilot program in August 2024, which McGuireWoods previously discussed. The new Antitrust Division guidance follows the Criminal Division’s lead on this topic, and significantly expands its discussion of the considerations related to confidential reporting structures and investigation processes. Several highlights include questions about the mechanisms companies have in place to allow employees to report criminal conduct without fear of retaliation, whether companies are trained on companies’ anti-retaliation policies and the protections offered by the Criminal Antitrust Anti-Retaliation Act, and whether the companies’ non-disclosure agreements are drafted or enforced in a way that discourages employees or former employees from reporting antitrust violations internally or externally.
Other Additions
Other updates include emphases on whether middle managers set the proper tone concerning compliance (which supplements a prior focus on the tone at the top), whether boards of directors have compliance expertise and visibility, whether companies are testing to validate all components of compliance programs, and whether companies have taken steps to ensure that investigations are independent, objective and appropriately conducted.
* * *
While the overarching structure of the Division’s updated guidance is familiar, companies reviewing the additional factors in the new guidance may find some of them daunting — and expensive — to achieve. McGuireWoods has experience conducting independent and thorough internal investigations of potential antitrust violations, counseling companies on leniency and disclosure issues, assisting companies with implementing and measuring the effectiveness of antitrust compliance programs, and advocating to the Division for appropriate outcomes such as declinations, deferred prosecution agreements, and credit for compliance and cooperation. Contact McGuireWoods’ antitrust attorneys for assistance on these topics.