Introduction
This checklist suggests the steps an organisation should take in conducting an internal competition law audit. It is aimed at in-house lawyers and compliance professionals across various industries who wish to review their organisation’s compliance with EU competition law.
It comprises a series of steps to assist with preparing for and undertaking an internal competition audit including planning an audit, review of agreements; employee interviews and the actions to take once the audit is complete.
The checklist covers the following steps:
- Prepare and plan
- Review process and documentation
- Conduct employee interviews
- Assess audit results
It is presented as a list of requirements that can be reviewed as they are addressed. The end of this document also includes explanatory notes and specific notes that correspond to each relevant step in the checklist.
This checklist can be used in conjunction with How-to guides: Understanding the competition law prohibitions in Article 101 and 102 TFEU, How to design a competition law compliance programme, How to identify and prioritise competition law risk in your organisation as well as the Checklist: Competition compliance.
Step 1 – Prepare and plan
| No. | Action |
| 1.1 | Set out a broad plan for the competition law audit |
| 1.2 | Identify resources required, including who will perform the audit, locations and the records to be examined |
| 1.3 | Identify the business areas where resources need to be concentrated by referring to your competition law risk assessment |
| 1.4 | Identify which areas of the competition law audit will require more detailed planning |
| 1.5 | Consider whether to restrict access to the competition law audit |
| 1.6 | Consider whether, and in what circumstances, any notes and report(s) might attract privilege |
| 1.7 | Tell senior management about the competition law audit and ensure that they endorse it |
| 1.8 | Ensure periodic engagement with senior management |
| 1.9 | Conduct a robust assessment of your organisation’s market share |
Step 2 – Review process and documentation
| No. | Action |
| 2.1 | Review key agreements identified in your competition law risk assessment |
| 2.2 | Conduct an extensive review of key agreements that are associated with competitors |
| 2.3 | Review your organisation’s documentation covering potential transactions, trade association minutes (including information sharing, discussions with competitors), and potential or recent bids for business |
| 2.4 | Review your competition law policies, procedures and training records |
Step 3 – Conduct employee interviews
| No. | Action |
| 3.1 | Conduct employee interviews to assess your organisation’s general contractual practices, pricing strategies, trade associations and transactional activities |
| 3.2 | Assess the responses relating to competition information and competition compliance |
| 3.3 | Assess the role of the employees who act as gatekeepers or approvers |
Step 4 – Assess audit results
| No. | Action |
| 4.1 | Review the results of your document review and interviews and identify areas of concern relating to competition law compliance |
| 4.2 | Develop and adopt a competition law remedial plan that is suitable for your organisation |
Explanatory notes
General notes
This checklist sets out a structured set of steps you can follow in order to carry out an internal competition law audit.
In practice, the frequency of internal audits will be largely determined dependent on the competition law risks faced by your organisation. This can be assessed, for instance, by understanding the practical implications of Articles 101 and 102 TFEU and by referring to:
- your competition law risk assessment;
- the results of previous internal audits;
- information escalated by other internal reporting channels; or
- past examples of identified infringement activity (either directly relating to your organisation or indirectly from public information relating to another organisation in the same or a similar business sector).
The above information will also be relevant in determining the scope of the internal competition law compliance audit. The scope should be tailored to your organisation and determined in advance of commencing the audit and pre-agreed with senior management. This will provide an opportunity for any pre-existing issues to be flagged to the audit team in advance of the audit. For instance, this might include potential infringement activity where remediation work has already begun. Highlighting this information in advance will help to ensure the internal audit is not duplicating issues already escalated and understood as requiring remediation.
Typically the task of an auditor is to flag identified competition law risk to top-level management (eg, your audit committee and/or board members) so that they understand the consequences of non-compliance and develop remedial plans that are suitable for your organisation. While the scope of the audit has various significant parts to it, it is key to note that the auditor can play a vital role in helping businesses understand and manage their risks around non-compliance with competition law.
Organisations that identify areas of concern or suspected infringement of competition laws and report this to the European Commission and/or relevant EU member state national competition authority, may receive a reduced or completely erased penalty. See How-to guide: How to identify and address competition law infringements.
Notes on specific requirements
Step 1 – Prepare and plan
Step 1 of the checklist covers the broad preparation and planning for the competition law audit which includes goals, scope, steps, timing and the required outcome.
1.1 Set out a broad plan for the competition law audit
This requires you to set out a broad plan for the competition audit that consists of the goals, scope, steps and their respective timings and the desired objectives.
1.2 Identify resources required, including who will perform the audit, locations and the records to be examined
Identify who will perform the audit including key personnel and consider whether external counsel and accounting auditors will be required. The internal auditors must have the necessary objectivity, authority and expertise not only to provide assurance in relation to your risk management and compliance functions, but also to assess your competition law risk and business control culture. The possibility of maintaining privilege over notes and the final report may be a factor in deciding whether or not to engage external counsel (see further step 1.6 below).
Specify which jurisdictions need to be included in the audit and whether international counsel will be sought. Subsequently, identify which categories of records will be audited and where the required records are located, either in hardcopy or electronically (including soft-site and business continuity storage).
1.3 Identify the business areas where resources need to be concentrated by referring to your competition law risk assessment
Certain business areas are likely to be at greater risk than others with regard to competition law risks, for example, an organisation with an active sales force that regularly attends events or meetings at which competitors are present may be at greater risk of an illicit information exchange than an organisation that relies upon other sales channels.
Assess the scope of risks in relation to any past compliance issues identified by internal or external reviews that your organisation may have been subject to (for instance, if a previous audit unearthed horizontal collusion, this may be more of a concern than vertical exclusivity). See How-to guide: How to identify and prioritise competition law risk in your organisation.
1.4 Identify which areas of the competition law audit will require more detailed planning
Recognise the areas of audit which require more detailed planning. For example, employee interviews or the use of statistical data to identify areas of focus for the audit.
1.5 Consider whether to restrict access to the competition law audit
It may be necessary to restrict the circulation of the audit report or surrounding correspondence or notes if potential competition law infringements are identified or to protect privilege (see below).
1.6 Consider whether, and in what circumstances, any notes and report(s) might attract privilege
The European Commission, as part of its investigatory powers in merger control reviews and competition investigations, has the ability to require companies to produce a wide range of documents. However, documents that attract legal professional privilege are protected from production. At an EU level, legal professional privilege protects the confidentiality of written communications between lawyers and clients. In order to benefit from protection on the grounds of legal professional privilege:
- the exchange with the lawyer must be connected to ‘the client’s rights of defence’; and
- the exchange must emanate from ‘independent lawyers’ qualified to practise in a Member State. By independent, this means lawyers who are not bound to the client by a relationship of employment (ie, not in-house counsel).
Therefore, if the organisation wishes to avoid having to disclose its findings from the audit, a consideration of the legal requirements for establishing that privilege applies will be important at the outset.
1.7 Tell senior management about the competition law audit
Communicate with your organisation’s senior management about the audit. Prior to the start of the audit, your organisation’s senior management must endorse it. It is essential that senior management are briefed before the review commences surrounding the scope of audit, the timing and the desired output.
In addition, the overall responsibility for your organisation’s competition law compliance programme sits with top-level management, so having their support in relation to the audit is key to securing an adequate financial budget to address any findings.
1.8 Ensure periodic engagement with senior management
Ensure periodic engagement with senior management to keep them updated in relation to this step and any changes to the original timeline or scope of the audit.
1.9 Conduct a robust assessment of your organisation’s market share
Conduct an assessment of your organisation’s market share in the product and geographic markets in which it operates (see for instance, Commission Notice on the definition of relevant market). Where the market share reveals significant market power, the scope of the audit and risk assessment may need to take into account matters related to the risk of an abuse of dominance. To assess your organisation’s relevant market and market share you may require assistance from external advisers (eg, specialist lawyers/economists).
Step 2 – Review process and documentation
Step 2 of the checklist is intended to determine the flow of information across various sections within the business with respect to the competition law audit.
2.1 Review key agreements identified in your competition law risk assessment
Review for compliance key agreements that are applicable to your organisation and identified in your competition law risk assessment, as including but not limited to: licensing agreements, supply agreements, distribution agreements, pricing agreements, franchise agreements and joint venture agreements.
In particular, in vertical agreements (ie, agreements with a counterparty at a different level of the supply chain) restrictions which amount to fixing prices, limit the territory into which or the customers to whom a buyer party might sell, restrict sales between authorised distributors in a selective distribution system and restrictions on the sale of components as spare parts should be carefully considered.
2.2 Conduct an extensive review of key agreements that are associated with competitors
Carry out an extensive compliance review of key agreements that are associated with competitors that are also suppliers or consumers, associates or partners in joint ventures and affiliates in other business transactions. In particular, these should consider the risks of competitively sensitive information exchanges with the competitor and should take into account not just the terms of the agreements but also the practical way in which they operate and effect is given to them.
2.3 Review your organisation’s documentation covering potential transactions, trade association minutes (including information sharing, discussions with competitors), and potential or recent bids for business
Review your organisation’s documentation covering potential transactions, trade association minutes (including information sharing and discussions with competitors) potential or recent bids for business and pricing documents. Consider the wording and language used in these documents and whether they pose a competition risk or could potentially lead to competition law violations such as price fixing arrangements, market sharing or other cartel activity.
2.4 Review your competition law policies, procedures and training records
Review key competition law policies and procedures. Identify whether these policies and training are complete and meet the needs of your competition law risk assessment. If gaps have been identified in your competition law risk assessment you should consider the need to update your policies and procedures.
Review training records to ensure that new employees receive training on competition law compliance when they join your organisation and that training for existing employees is regularly refreshed.
Step 3 – Conduct employee interviews
3.1 Conduct employee interviews to assess your organisation’s general contractual practices, pricing strategies, trade associations and transactional activities
Use the information set out in your competition law risk assessment to identify key staff who are likely to be exposed to the risk of competition law infringement. In this respect, it is essential to identify:
- which employees will be interviewed
- which employees are most likely to be at risk of breach of EU competition law
- how the interviews will be conducted
- who be conducting these interviews
- what will be recorded by way of notes
Conduct employee interviews with these staff to understand issues that might involve competition law compliance risk, including your organisation’s general contractual practices, pricing strategies and contact with competitors. The areas to be explored with employees will be informed by your organisation’s activities, risk assessment and role of the staff member in question. The below is a suggestion of the areas that might be explored with staff, this should be expanded upon or adjusted as necessary.
3.1.1 Identify your organisation’s pricing and distribution strategy
Identify and understand your organisation’s pricing and distribution strategy. For instance, this can be done through posing questions that highlight who sets the prices within the company, the factors that are considered in setting these prices and any pricing policies (formal or informal).
3.1.2 Identify how competitive intelligence is obtained and used
Gather information that identifies the informal and formal sources of gathering information about competitors’ activities (including information about pricing, strategy etc).
3.1.3 Identify the process by which your organisation communicates price changes
Identify how your organisation communicates price changes, for instance, the process for announcing pricing, whether price changes are ever announced and retracted, and the role competitor pricing plays in such instances.
3.1.4 If your organisation has a significant market share, consider whether pricing or other practices might be abusive
If your organisation has significant market share (dominant), consider as part of this step whether any of its pricing or other practices may be of concern. For further information refer to How-to guide: How to identify and prioritise competition law risk in your organisation.
3.1.5 Identify how contractual negotiations are approached and how any deviations from standard terms are agreed
Explore the process of contracting with third parties, how negotiations are approached and, where standard terms and conditions are used, how any deviations from those terms and conditions are agreed (including sign-off on the legality of provisions).
3.1.6 Identify the nature of contact with competitors
Identify the circumstances in which staff encounter competitors and the nature of any discussions. This might include formal contact (such as trade association meetings) or informal contacts (such as friendships between employees).
3.2 Assess the role of the employees who act as gatekeepers or approvers
Use the information from your competition law risk assessment for this step to assess the roles of the employees who act as gatekeepers or approvers and whether they have attended competition law compliance training. You need to verify that these employees are familiar with the limits on competitor discussions or contractual restrictions (as appropriate) and the need to escalate and report any breaches.
3.3 Conduct spot checks on understanding of competition law and sufficiency of training
It may also be worth considering the value of conducting spot checks of employees on their understanding of competition law and what they are and are not permitted to do. This should elicit information on training undertaken, any gaps to be filled by training and the frequency at which training should be refreshed. Spot checks should include questions to understand whether employees know what to do in the event that they need further guidance or want to report a concern about compliance.
Step 4 – Assess audit results
4.1 Review the results of your document review and interviews and identify areas of concern relating to competition law compliance
Review the results of your document review and fact finding interviews with employees in order to identify whether there are any areas of potential concern relating to competition law compliance.
4.1.1 Where no concerns are identified, continue to refresh compliance training
Review your audit results to identify if any potential areas of concern have arisen. Where there are none, remedial actions will not be required. However, it is important that compliance training is continued on a regular basis. This step should highlight the necessity to schedule subsequent or additional audits where there have been changes in the law or your organisation’s business operations.
4.1.2 Where areas of potential concern have been identified, consider next steps
Where areas of concern have been identified, your organisation should consider the steps it needs to take next. It may be that further information is required to establish whether there is in fact a potential infringement. Specialist legal advice may be advisable in considering next steps, which might include a more detailed internal investigation or self-reporting.
4.2 Develop and adopt a competition law remediation plan that is suitable for your organisation
In the event you identify potential or actual competition law infringements appropriate remedial action is required. Aside from any self-reporting that might take place, this is likely to include amending your competition law risk assessment, assessing and evaluating the scope of the potential infringement activity, adopting measures to prevent further breaches. Develop and adopt a remediation plan that is suitable for your organisation and ensure it covers a review of training materials, additional competition law compliance training, subsequent audits and a thorough update on specific changes to relevant business operations. See How-to guide: How to identify and address competition law infringements.
Additional resources
Related Lexology PRO content
How-to guides:
Understanding the competition law prohibitions in Article 101 and 102 TFEU
How to identify and prioritise competition law risk in your organisation
How to implement a culture of compliance with competition law in your organisation
How to design a competition law compliance programme
How to assess competition law risks in an agency agreement
How to identify and address competition law infringements
Checklists:
Competition law compliance
Conducting a competition compliance audit
Meeting with a competitor
Managing a dawn raid
Drafting a competition law compliance policy
Quick view:
Competition leniency programmes in the European Union
Reliance on information posted:
While we use reasonable endeavours to provide up to date and relevant materials, the materials posted on our site are not intended to amount to advice on which reliance should be placed. They may not reflect recent changes in the law and are not intended to constitute a definitive or complete statement of the law. You may use them to stay up to date with legal developments but you should not use them for transactions or legal advice and you should carry out your own research. We therefore disclaim all liability and responsibility arising from any reliance placed on such materials by any visitor to our site, or by anyone who may be informed of any of its contents.