For conspiracies, bid-rigging and other criminal competition offences, the risk of detection, prosecution and punishment has never been greater — cartel cases are up 3,000% in Canada since 2000. And the costs of contravening the law (or even simply becoming entangled in a criminal investigation) have never been greater: damaging publicity, disruption to business operations, millions of dollars spent conducting internal investigations and defending criminal and civil litigation, multi-million dollar fines, potential incarceration and disqualification from public procurement.
Unfortunately, despite these realities, a surprising number of companies still lack rigorous (or any) compliance programs. For those companies with some form of compliance program in place, many continue to rely exclusively on (what the Canadian Competition Bureau refers to derisively as) a "paper and preach" approach, based on (some) training alone.
As recent cases in Canada, the United States and the Europe show, however, by itself, training will not overcome rogue behaviour or the personal incentives that employees perceive that lead to significant problems for companies. Increasingly, competition law regulators, including the Competition Bureau, expect companies to go beyond training and develop a "culture of compliance" with controls and incentives for compliant behaviour.
In its June 2015 Corporate Compliance Programs Bulletin, the Bureau has prescribed what it considers the minimum requirements for a “credible and effective” compliance program; specifically:
- Management Commitment and Support
- Risk-based Compliance Assessments
- Corporate Compliance Policies and Procedures
- Compliance Training and Communication
- Monitoring, Verification and Reporting Mechanisms
- Consistent Disciplinary Procedures and Incentives for Compliance
- Ongoing Compliance Program Evaluation
In particular, the Compliance Bulletin makes it clear that having an effective system of internal controls is an essential ingredient of a credible and effective program.
"A corporate compliance program should be tailored to the operations of a business and establish internal controls that reflect its risk profile."
"Compliance policies and procedures should establish internal controls designed to prevent contraventions from happening, scaled to a company's risk profile."
Such controls include the segregation of employee responsibilities to reduce risk, integrating compliance obligations into day-to-day business procedures (including computer systems, forms, reporting systems, contracts and other legal documentation), ensuring that employees who handle purchases from suppliers who are also competitors are distinct from those responsible for sales and/or marketing, requiring approvals before communicating or meeting with competitors (including trade association events where competitors are likely to be present), systems to monitor pricing practices, systems to ensure adequate and proper testing of product claims before they are made, dual sign-offs for high-risk business processes and due diligence requirements before engaging with certain third parties.
The Compliance Bulletin also emphasizes that compliance auditing (periodic, ad hoc and event-triggered), to proactively identify evolving risk areas (before there is a problem), confirm a company's full compliance with competition laws and verify that its compliance program has been properly implemented and is operating effectively (and to update and enhance it when gaps or issues are identified), is also crucial to the credibility and success of any compliance program.
Compliance with the law is no longer just its own reward (if it ever was). The potential benefits of enhancing your compliance program are significant and flow to the bottom line. They include (but are not limited to):
- Maintaining a good business reputation;
- Reducing uncertainty as to what is or is not legal, allowing both more aggressive competition where lawful and reducing the risk of a contravention of the Competition Act;
- Avoiding adverse publicity and the disruption to operations resulting from an investigation, prosecution and follow-on class action litigation;
- Saving millions of dollars in legal and expert fees associated with an investigation and litigation;
- Reducing the exposure of employees, management and the company to criminal and civil liability;
- Influencing the Bureau's decision to pursue a matter civilly, rather than criminally, where both options are available;
- Triggering early warnings of potentially illegal conduct thereby allowing the company to be the first-in to request immunity from prosecution or to be better placed to apply for lenient treatment in sentencing;
- Allowing a company to avoid being charged in connection with the unlawful conduct of a rogue employee; and
- Enabling a company to establish a due diligence defence.
Companies that do not have a competition law compliance program should implement one. Those with programs that have not been reviewed or updated for some time should do so in light of the best practices highlighted here. As recent history and current enforcement trends indicate, there is a significant risk that the failure to do so will ultimately inure to the detriment of those who fail to act.
For more information, reach out to us directly, or visit blg.com/competition.