Antitrust Compliance 2.0: Insights from the DOJ’s Updated Guidance

On November 12, 2024, the Antitrust Division of the U.S. Department of Justice (DOJ) issued updated guidance for evaluating corporate compliance programs in criminal antitrust investigations. Although primarily directed at criminal prosecutors, the 2024 guidance also expressly indicates that companies should expect the civil team to use many of the same factors to evaluate the effectiveness of compliance programs for purposes of civil antitrust violations. These updates build on the DOJ’s July 2019 guidance, focusing on key elements of effective compliance programs that prosecutors should consider when determining whether to bring charges.

The 2024 guidance reiterates that prosecutors should evaluate the following factors, as applicable, when assessing the effectiveness of an antitrust compliance program: (1) program design and comprehensiveness; (2) company-wide culture of compliance; (3) responsibility for and resources dedicated to compliance; (4) antitrust risk assessment methods; (5) compliance training and employee communication; (6) monitoring, auditing, and program revisions; (7) reporting mechanisms; (8) compliance incentives and disciplinary measures; and (9) remediation efforts.

But the new guidance also introduces several key additions that companies should consider as they develop and improve antitrust compliance programs, including:

(a) risk assessment, monitoring, and responses to antitrust risks associated with electronic communications and emerging technologies, including Artificial Intelligence (AI);

(b) senior leadership’s and managers’ active contributions to fostering a culture of compliance;

(c) incorporation of lessons from past violations into compliance programs;

(d) deployment of experienced compliance personnel, appropriate resource allocation, and periodic program review; and

(e) confidential reporting, thorough investigations, and robust anti-retaliation measures.

Below is an outline of these new factors and suggested actions for companies to strengthen their antitrust compliance programs.

2024 Guidance Recommendations

(a) Risks associated with electronic communications and emerging technologies

The updated guidance instructs prosecutors to consider a corporation’s policies and procedures governing the use of personal devices, communications platforms, and messaging applications, including ephemeral messaging applications. Policies governing such applications should be tailored to the corporation’s risk profile and specific business needs and ensure that, as appropriate and to the greatest extent possible, business-related electronic data and communications are accessible and amenable to preservation by the company. Prosecutors should consider how the policies and procedures have been communicated to employees, and whether the corporation has enforced the policies and procedures on a regular and consistent basis in practice.

In terms of technology, the new guidance instructs prosecutors to consider how a company’s risk assessment addresses its use of technology, particularly new technologies such as AI and algorithmic revenue management software that are used to conduct company business. Under the updated guidance, prosecutors should consider whether compliance personnel are involved in the deployment of AI and other technologies to assess the risks they may pose and whether the compliance organization understands the AI and other technologies used by the company. Similarly, prosecutors should consider whether the compliance program monitors and detects decision-making by AI or other technology tools to ensure they are not violating antitrust law.

Companies should consider adopting clear guidelines regarding their use of ephemeral and other non-company methods of communication and have a clear rationale for preservation and deletion settings adopted for electronic communications. Companies should also monitor and periodically assess the antitrust risks posed by use of emerging technologies, including AI. Companies should involve compliance personnel in the deployment and oversight of AI and other technologies, ensuring they understand and monitor these tools to assess and mitigate potential antitrust risks in this area. 

(b) Top-down contribution of senior leadership and managers at all levels to a culture of compliance

The updated guidance recommends that prosecutors examine the extent to which corporate management, both senior leadership and managers at all levels, conducts itself in accordance with the company’s commitment to corporate governance. It is now recommended that prosecutors examine what concrete actions senior leadership and managers have taken to demonstrate a commitment to antitrust compliance and compliance personnel, including remediation efforts if relevant.

Prosecutors are also advised to examine whether the board of directors includes members with compliance expertise and whether the board or external auditors engage directly with compliance and control functions through executive or private sessions. Additionally, the guidance recommends assessing the information reviewed by the board and senior leadership in their oversight of the area where misconduct occurred.

Companies should consider aligning their hiring and incentive structures to promote an ethical culture and providing antitrust compliance training to senior leaders and managers. These steps demonstrate a proactive commitment to compliance and mitigate risks of future violations.

(c) Learning from past antitrust violations within the company and industry

The updated guidance underscores the necessity for companies to make good-faith remedial efforts to develop or enhance effective antitrust compliance programs. Prosecutors are advised to assess whether a company has implemented measures in response to past antitrust violations to mitigate the risk of recurrence. Similarly, it is recommended that prosecutors consider how the company amends its compliance program to account for previous violations at the company or in the industry in which it participates, to avoid repetition of previous violations. Prosecutors are also encouraged to evaluate how a company measures the effectiveness of its compliance program and what corrective actions are undertaken based on those evaluations.

The new guidance suggests that antitrust compliance training should include industry-specific materials and address, and incorporate lessons learned from, prior violations relevant to the company’s operations.

(d) Experienced compliance personnel, proper resource allocation, and adequate training

The new guidance places increased emphasis on the qualifications of compliance personnel and decisions regarding resource allocation to the compliance function. The guidance asserts that for an antitrust compliance program to be effective, those with operational responsibility for the program must have sufficient qualifications and experience. The guidance recommends that prosecutors consider whether compliance personnel have been in place long enough to be effective, without excessive turnover, and whether compliance personnel report to senior leadership on the effectiveness of antitrust compliance. The guidance also places an emphasis on the training of compliance personnel and managers to recognize antitrust red flags, as well as permissible and impermissible uses of new and emerging technologies.

The updated guidance also instructs prosecutors to consider whether an appropriate level of resources has been devoted to the compliance function, whether requests for resources have been denied, and, if so, on what grounds. The guidance also directs prosecutors to ask questions about the assets, resources, and technology available to compliance personnel, including as they compare to commercial functions of the business.

Companies should ensure that compliance personnel have sufficient qualifications and experience and are allocating sufficient recourses toward their antitrust compliance program. Adopting technology-driven compliance tools, particularly if those are used in other divisions of the company, can be an effective way for companies to address this factor.

(e) Confidential reporting, investigation of complaints, and anti-retaliation policies and practices

The updated guidance directs prosecutors to assess a company’s mechanisms for confidentially reporting and investigating antitrust complaints, emphasizing independence, objectivity, and thorough documentation of such investigations. It further advises prosecutors to evaluate whether the company’s policies foster or suppress the reporting of antitrust violations, including the presence and enforcement of anti-retaliation measures.

Additionally, the new guidance recommends scrutiny of whether employees, including supervisors, are adequately trained on anti-retaliation protections under the Criminal Antitrust Anti-Retaliation Act (CAARA). Prosecutors are instructed to examine the company’s use of nondisclosure agreements and other restrictive covenants to ensure they do not inhibit whistleblowing or conflict with CAARA. Such agreements should explicitly allow employees to report antitrust violations both internally and to government authorities without fear of retaliation.

Companies should establish confidential reporting mechanisms that ensure independence and thorough documentation while fostering a culture that encourages reporting without fear of retaliation. Companies should train employees, including supervisors, on anti-retaliation protections under CAARA and ensure nondisclosure agreements explicitly permit whistleblowing internally and to authorities. Regular reviews of policies and practices should confirm alignment with these standards to promote compliance and protect whistleblowers.

Takeaways

The DOJ’s 2024 guidance underscores a heightened focus on integrating compliance into all levels of corporate operations, with particular attention to emerging technologies and the fostering of a culture of accountability. It conveys an expectation that companies proactively address antitrust risks, ensure robust oversight by leadership, protect whistleblowers, incorporate lessons learned, and allocate sufficient resources to compliance functions. Companies should consider reviewing their compliance programs to align with these new priorities. 

Law clerk Sophie Borne also contributed to this blog post.