February 21, 2023 Panel: Monaco Memo and its Impact on Antitrust Compliance Programs

On February 21, the Antitrust Section’s Compliance and Ethics, Corporate Counseling, and Cartel and Criminal Practice committees sponsored a panel entitled “Monaco Memo and its Impact on Antitrust Compliance Programs.” The panel was moderated by Lauren Briggerman, Miller & Chevalier, and featured Rebecca Ryan, U.S. Department of Justice, Antitrust Division; Eyitayo St. Matthew-Daniel, Paul Weiss; and Sarah Flanagan, Intel Corporation. The panel examined implications of Deputy Attorney General Lisa O. Monaco’s September 15, 2022 memorandum (the “Memo” or “Monaco Memo”) that revised the Department of Justice’s (“DOJ”) corporate criminal enforcement policies across all DOJ divisions.

The panel addressed pertinent questions about the Memo’s implications, including: What do the revised enforcement guidelines imply for the Antitrust Division’s consideration of a company’s compliance program? What are the key features of an antitrust compliance program in the Division’s eyes? How can companies improve their compliance programs and best position themselves for favorable consideration from the Division?

The Monaco Memo

The Monaco Memo, which is framed as “a combination of carrots and sticks,” provides a framework for corporate criminal enforcement policy across all enforcement divisions, including the Antitrust Division (“the Division”). The Memo emphasizes the need for companies to build robust compliance programs that incentivize good behavior, discourage misconduct, enable prompt and complete cooperation with the DOJ, and prevent recurrence of issues.

The Monaco Memo reemphasizes that “the Department’s first priority in corporate criminal matters is to hold accountable the individuals who commit and profit from corporate crime” and reiterates the DOJ’s policy that in order to be “eligible for any cooperation credit, corporations must disclose to the Department all relevant, non-privileged facts about individual misconduct.” In order to be eligible for cooperation credit, prompt cooperation with voluntary self-disclosure is paramount, particularly concerning individual misconduct. The cooperation must be complete, including in the collection and production of all relevant information. The Memo makes clear that any hindrances to a company’s cooperation, such as data privacy regulations, blocking statutes and other restrictions, are the company’s burden to resolve, and the Division must be provided with reasonable alternatives when they arise.

The preservation, storage, and production of relevant data was also prominently highlighted. The Monaco Memo specifically directs prosecutors to “consider whether the corporation has implemented effective policies and procedures governing the use of personal devices and third-party messaging platforms to ensure that business-related electronic data and communications are preserved.” Additionally, companies must carefully consider the use and storage of data and assess whether current policies reflect the way employees communicate and conduct business. The Division has placed a focus on ensuring relevant documents and data are not just produced, but that they are also preserved in the first place.

The Memo echoes the 2019 updates to the DOJ’s leniency program, requiring participating companies to use best efforts to address conduct, improve compliance programs, and to cooperate fully and promptly. To date, the Division’s apparent view is that companies that have created compliance programs effective enough to warrant a deferred prosecution agreement are already winning the leniency race. Going forward, the Division will continue to evaluate compliance as part of charging decisions, and the likelihood of a company receiving a deferred prosecution agreement based on their compliance program continues to increase.

Despite the Memo’s updated guidance, the panelists agreed that many key questions remain. For example, how can companies meet the Division’s expectation that compliance culture is fostered and incentivized structurally? How can compliance be rewarded? And how can companies meet the Division’s expectation concerning the preservation, collection, and production of business communication from new technologies, especially when cross-border impediments arise?

Best Practices for Compliance Programs

While acknowledging these open questions, the panelists recognized the Division’s clear guidance on many issues and examined the key features of effective compliance programs in light of this guidance. Despite ongoing ambiguities, companies can and should review their compliance programs to ensure they meet Division expectations and receive favorable consideration. We note several best practices that the Memo highlights and the panelists explored.

Know your industry and tailor your program. The Memo acknowledges that there is no specific checklist for compliance programs. Rather, each company’s individual risk profile and structure will warrant different, particularized actions. In designing bespoke compliance programs, companies should:

• Tailor the program to address those risks or forms of misconduct that are most likely to occur in their own industry (including potential HR risks);
• Evaluate industry dynamics, business practices, and company resources to focus policies and attention on areas of highest and recurrent risk (e.g., competitor collaborations, frequent interaction / communication with competitors, areas of prior enforcement actions);
• Ensure the program is aligned with the way the business actually operates and communicates (e.g., the medium or venues where competitor interactions take place);
• Target employees that pose risks based on access and authority (e.g., access to pricing, bidding, or salary data; competitor contacts);
• Continually reassess their risk profile; and
• Test corresponding policies through monitoring / auditing where appropriate.

Establish a true compliance culture. The program should be taken seriously, endorsed by senior executives, and recognized within the company. The Division will assess whether this culture exists and had an impact. Several guideposts can help companies demonstrate their compliance culture to the Division:

• Employees must attend trainings, understand what conduct was prohibited, and know how to report concerns (avoid trainings where employees just “go through the motions”);
• The program should be structured intentionally and evolve to address emerging risks;
• The program should enable the company to detect, investigate, and address problematic conduct; and
• Company culture should drive meaningful cooperation with the Division, including through self-disclosure.

Focus on areas of recent clarity from the Division. The Memo and other guidance have stressed compensation incentives and the investigation / e-discovery process. It is particularly important for companies to update their compliance programs and other policies in these areas.

• Compensation: Companies should consider incentives, (both annual compensation and bonus structures), clawback, and other mechanisms as their structure and resources allow. Clawback policies are key and likely easier to impose than complex incentives, particularly in global organizations. Companies should also consider other alternatives, like recognition for compliance efforts during annual reviews (e.g., KPIs), recognizing compliance leadership, and “doing the right thing” company-wide.
• E-Discovery / Investigation: Companies should establish or revise communications and investigations policies and protocol in light of modern communications, with an eye toward retention / preservation, record-keeping, and the prospect of future cooperation with the Division. Personal devices, ICM and new communication tools offer new means for business communications (e.g., “e-gift giving”) and other interactions that may heighten risk. It is thus important that all companies, and particularly large companies, have clear policies providing how documents and data, including on personal devices and messaging apps for business purposes, are to be preserved throughout the organization. It is also vital that internal reporting lines, the intake of allegations, and the process for identification of issues for investigation are clear throughout the organization.

Be prepared to engage with Division staff proactively. Finally, if and when issues do arise that lead to interaction with the Division, the Memo indicates that Division staff will scrutinize the company’s compliance program. While deciding when (and how) to engage with the Division staff is a complicated decision that turns on many factors, having a robust compliance program in place enables companies to move quickly (when warranted) and maximize the odds of favorable consideration. Coupling an effective compliance program with proactive engagement can benefit companies by:

• Minimizing the risk of staff developing anchored opinions on the company’s compliance culture (or lack thereof); and
• Enabling a thorough root-cause analysis of any problematic conduct to effectively explain to the Division how the company got here, how it will move forward, and how any changes to compliance culture will address these risks.

* * *

In sum, the Panelists discussed how—even while the Division’s guidance on compliance programs is incomplete—there are many steps companies can take today to ensure a robust compliance culture, minimize antitrust risks, and position their program for favorable consideration. These “best practices” can be honed if and when the Division further clarifies its guidance moving forward.