17 July 2019
ICSA is collaborating with SAI Global to highlight the importance of effective competition law compliance.
Paula Davis, Director of Compliance Programme Operations, EMEA at SAI Global Compliance, Judith Frame Strategic Communication and Compliance Manager at the Competition and Markets Authority (CMA) and Steve Preece, Assistant Director and Head of Compliance at CMA, joined us in March for a members event chaired by ICSA President Lorraine Young.
As a follow up to this event Governance and Compliance brings you the following articles and resources to guide you through the complexities of antitrust regulation.
A Best Practice Framework Approach
Organisations are exposed to a host of risks. As well as competition law there is bribery and corruption, data privacy and information security all of which have similar enforcement procedures around them and similar penalties for non-compliance.
If your organisation operates in different countries, you can multiply that risk as most jurisdictions around the world and most of the markets that you operate in will have similar requirements.
Wherever responsibility for competition law compliance sits within your organisation, there are best practice steps to put in place a robust compliance management system. This will give you the best chance of not breaching competition law.
If you analyse the guidance that is available for how to comply with these various regulations, legislation and other best practice advice, it starts to crystallise into five key areas:
Identifying and assessing risk
Adequate policies, procedures and controls
Carrying out training and communication
Systems for monitoring and auditing and responding to compliance issues
Evaluating and improving the process
You need to develop policies, procedures and controls that will address and mitigate the risks that you have identified and make sure that individual employees understand what they have to do in practice.
Unless the sales teams and the procurement teams understand what they have to do you are not going to get compliance. This is a very dynamic and changing environment and you cannot just do this once. You have to review the systems in place and decide whether they are still adequate.
There are a range of kind of consulting and advisory services and tools, platforms and solutions to help you with this. You choice will depend on the nature of your business and the risks that you face.
You will never eliminate the risk of non-compliance or the breach of competition law completely. You have to decide on an acceptable appetite for risk within your business. There is acceptance that somewhere there could be one ‘bad apple’ and the key is a systematic approach and adequate procedures for managing, controlling and minimising risk. Often organisations use tools [include slide 44]. A risk register is also valuable to record the impact and likelihood of risks and the controls you have in place – such as tone from the top, training and guidance.
Having identified the risks, then you have to define a set of policies and procedures that will manage and control those risks and explain to people what their obligations are in compliance with the law. Best practice is to present this in the company’s code a conduct which is becoming a flagship document setting out principles and values.
There need to be detailed processes and procedures at the next level down so that there is effective guidance for employees about how to comply with the competition law. The term whistleblowing is not one that I’m particularly comfortable with, but some mechanism for employees to report concerns and questions without fear of retaliation is needed. If you want to take advantage of leniency provisions, you need learn about any issues before somebody else reports them externally.
Driving everyone through a sheep dip of common training programmes is not effective and does not mean you have covered off your responsibilities. This approach is not going to drive any meaningful behavioural change. People need to be able to recognise when they are in a risky situation with regard to anti-competitive practices and, for example, act with caution when in trade associations. What is interesting about the case studies [insert link] is that many people did not believe there was anything that wrong with what they were doing. You need to consider what employees do on a day-to-day basis and the nature of your business, then tailor the training to the risks that individuals face.
When building a culture of compliance through training, awareness and communications one piece that is often missed out is the tone at the middle. In the case studies [add link] it was not the CEO telling the people on the ground what to do. The behaviour was being modelled by middle management. This is the group that we have to capture to drive behaviour in the field.
You also need some mechanism for monitoring and recording compliance with requirements and keeping this evidence on hand should the regulator ever need to see it.
In terms of evaluation and improvement, the CMA is a relatively new organisation and compliance programmes will undoubtedly evolve as time goes on.
Paula Davis is Director of Compliance Programme Operations, EMEA at SAI Global Compliance
The role of the company secretary
Cartel is quite an old fashioned word. It conjures an image of smoke filled rooms and Havana cigars. In today’s world however it is more usually indicated by incriminating emails. A cartel is where a number of manufacturers in a market get together to agree not to compete with one another and to keep prices high.
This can take a number of forms: price fixing; bid rigging; customer allocation; output quotas or restrictions; or market sharing arrangements. Cartels are insidious and a form of cheating akin to theft because of the harm that they bring to consumers and businesses.
Academic research by competition authorities around the world has identified a number of common risk factors to being involved in a cartel. These include where:
The CMA’s role is to make markets work well in the interests of consumers, businesses and the economy. A strong competition regime contributes to economic growth by rewarding businesses that innovate to satisfy consumers. It encourages new entrants, new investments, and ensures that the terms of competition are fair for all.
The CMA’s strategic goal is to deter wrongdoing by delivering effective enforcement against those who engage in anti-competitive behaviour. The consequences of breaching the law are significant: fines up to 10% of turnover of the whole group of companies; director disqualifications of up to 15 years for civil enforcement; and prison and confiscation of assets following a successful prosecution for the criminal cartel offence.
There is also the reputational damage to the business and the individuals involved to consider, and how this impacts on shareholders, competitors, employees and customers. The CMA believes that the majority of businesses do want to comply with the law. We are committed to helping businesses understand how to comply and making sure that competition law compliance is on the agenda of UK boards.
At the moment there does not seem to be a natural home for competition law compliance within businesses. People know where fraud sits – for example, within finance – but competition law is less well known and people are not wholly sure about who is responsible for it.
The CMA talks to people who influence boards: risk managers, company secretaries, chartered secretaries and accountants. We speak with businesses from industries and sectors where we have delivered effective enforcement cases so they can learn from the lessons of others. We also conduct research to help us target where businesses might benefit most from compliance activity.
We want to ensure that smaller businesses that do not have in-house counsel or a large resource for governance are also able to understand and comply with the law, and so we are continually developing a range of new tools and techniques to help them do so.
Two recent cases demonstrate what anti-competitive behaviour looks like, the kinds of things that have got business into trouble and what lessons can be learned.
Judith Frame is Strategic Communication and Compliance Manager at the Competition and Markets Authority.
Commercial vehicles case (2013): this involved a series of separate infringements by Merceds Benz and several of its franchised dealers selling commercial vans and trucks The infringements varied between parties but included agreements to share markets, coordinate prices or exchange commercially sensitive information. For example, in one instance two dealers agreed that they would include a ‘substantial’ margin in quotations to customers based in each other’s area. In another, two dealers agreed that they would not prospect customers from each other’s area. The parties involved admitted to wrongdoing and ended up paying fines totalling £2.8 million. For one dealer, the fines wiped out up to 18 months’ worth of profit after tax. Further details about the lessons to be learned from this case are available here.Care home medicines case (2014): this case involved a few pharmaceutical companies who agreed to share a specific market for the supply of prescription medicines to care homes. By agreeing not to target each other’s customers, this arrangement had the object of reducing competition for supplying certain care homes and may have deprived end customers (i.e. the homes and those they cared for) from receiving value for their money. A company secretary at one of the businesses involved was alerted to the arrangement and set in motion an application for leniency. By being the first to come forward and report the activity, the business received immunity from fines and immunity from sanctions for its directors. Fines imposed on the other parties involved were over £370,000. Further details about the lessons to be learned from this case are available here.