How-to guide: How to identify and prioritise competition law risk in your organisation (EU)

Updated as of: 06 October 2025

Introduction

This how-to guide outlines the steps to help identify and prioritise competition law risks specific to your organisation. Its purpose is to assist your understanding of how your organisation can be compliant with EU competition law. It may help you to spot when others are engaging in illegal anti-competitive behaviour.

There is no mandated approach to compliance and the steps taken will therefore vary depending on the risks that an organisation faces. This guide suggests steps you can take to identify, assess, appraise and control your organisation’s common risk areas in order to effectively manage competition law risk, however the appropriateness of the steps may vary depending on your organisation.

It incorporates practical tips, examples and government guidance to aid your compliance with the EU competition law rules. It is aimed at in-house lawyers and compliance professionals in organisations of all sizes and all sectors who might be subject to EU competition law.

This guide covers the:

  1. Identification of competition law risk
  2. Assessment of competition law risks
  3. Mitigation of competition law risks
  4. Review of risk assessment

Competition law compliance can sit comfortably and can be addressed in an integrated fashion with other items on a business's risk management governance agenda, such as:

  • anti-bribery and corruption;
  • internal anti-fraud controls;
  • conflicts of interest;
  • health and safety; and
  • environmental concerns.

Section 1 - Identifying competition law risk

Your first step will be to understand what type of business practices are caught by Article 101 or Article 102 of the Treaty on the Functioning of the European Union (TFEU) (the EU legislation). After familiarising yourself with the legal provisions, you can then begin the process of managing the relevant competition law risks faced by your organisation.

Broadly, the EU legislation contains two main prohibitions:

  1. Prohibition on anti-competitive agreements - the ‘Article 101 prohibition’; and
  2. Prohibition on abuse of a dominant position - the ‘Article 102 prohibition’.

For further information, see How-to guide: Understanding the competition prohibitions in Article 101 and 102 TFEU.

1.1 Article 101 prohibition – anti-competitive agreements

The Article 101 prohibition covers agreements between undertakings (undertakings being entities that engage in an economic activity), decisions by associations of undertakings and concerted practices which have as their object or effect an appreciable:

  • prevention;
  • restriction; or
  • distortion of competition.

1.1.1 Risk identification related to agreements

Anti-competitive agreements may take the form of a cartel (ie, where businesses agree not to compete with each other). Cartels are the most serious types of anti-competitive agreements. Cartels deprive consumers and other businesses of the benefits of fair competition. Among other things, they can result in a lack of consumer product choice by restricting supply of goods or mandating higher prices. In the long run, cartels undermine competitiveness in the wider economy.

In addition to agreeing to not compete, exchanges of information (even if unilateral) will usually be treated as cartels. The scope of the law in relation to the disclosure or exchange of commercially sensitive information is broad. The key issue is whether the disclosure or exchange of information substantially reduces uncertainty around the organisation’s future commercial behaviour in the marketplace. The fact that sharing of commercial information can start easily and seem relatively harmless at first makes cartels a significant risk.

Other agreements (ie, other agreements with competitors or resale agreements with distributors) may also give rise to breaches of competition law. Risks in respect of both cartels and other agreements should be identified.

Set out below is a non-exhaustive list of factors to consider in identifying risks related to agreements. The presence of any of these factors is not, in and of itself problematic but rather may give rise to a risk of anti-competitive behaviour and therefore may require further diligence and preventative measures.

Cartel risk

  • The organisation is a member of a trade organisation or other association at which competitors will be present;
  • Staff have contact with competitors, whether at formal meetings or socially, frequent or infrequent;
  • Staff seem to have insight into competitors’ pricing, future intentions or other commercially sensitive information;
  • Your business operates in a market characterised by tenders;
  • Your business operates in a market in which elements of competition are limited by extraneous factors;
  • Your organisation is vertically integrated and so its competitors at one level of production/supply are its competitors on another level; or
  • Your organisation works in cooperation with competitors (eg, through a joint venture).

Other agreements risk

  • Your organisation has a joint venture subsidiary with a competitor;
  • Your organisation is party to other cooperation agreements with competitors, such as joint selling or purchasing agreements;
  • Your organisation has agreements with distributors with long exclusivity periods (over five years);
  • Your organisation imposes restrictions on the terms on which goods can be resold including restrictions on the buyer’s ability to determine its sale price or which restrict the territory into which or customers to whom a buyer may sell contract goods; or
  • Your organisation licences IP and those licensing agreements contain exclusivity provisions.

1.2 Article 102 prohibition – dominant companies

Your organisation’s next task under this step will be to consider whether it might have a position of dominance such that the Article 102 prohibition might be relevant to its activities. The Article 102 prohibition prohibits conduct on the part of one or more undertakings which amounts to an abuse of a dominant position if it may affect trade within the EU.

1.2.1 Risk identification related to dominance

Set out below is a non-exhaustive list of factors to consider in identifying risks related to dominance. The presence of any of these factors is not, in and of itself problematic but rather may give rise to a risk of an abuse of a dominant position and therefore may require further diligence and preventative measures.

Dominance risk

  • Pricing levels are set at such a level that profits are being sacrificed in the short term;
  • Obligations on customers to purchase exclusively or to a large extent only from the dominant undertaking (or obligations which lead to the same effect);
  • There is a practice of giving rebates if customers’ purchases over a defined period exceed a certain threshold;
  • Where products are offered together, either because customers that purchase one product are required to purchase another or where products are bundled together (either where they are only sold as a bundle or where the products are available separately but are cheaper when purchased together);
  • Excessive pricing;
  • Circumstances exist whereby different prices are charged or different terms offered in respect of equivalent transactions; or
  • Where there has been a refusal to supply a downstream customer with an input which is needed in order to manufacture a product or provide a service.

Section 2 – Risk assessment

Once competition law risks have been identified, the next step is to assess each risk in light of the specific business operations of your organisation and categorise each identified risk. This will help to prioritise your compliance efforts.

Activities can be categorised on a scale of likelihood or highest risk (eg, 1 to 5 or high/medium/low) in order to provide data and metrics on the relevant risk exposure of various areas of your organisation. Along with a consideration of the broad categories of competition law infringement risk, your risk categorisation should consider:

  • Risks specific to your organisation - for instance, one of the key questions to address will be whether your organisation operates in any sectors that are perceived as particularly sensitive from a competition law perspective, because they are prone to collusive behaviour (e.g. industries where the products are homogeneous, such as cement, chemicals, consumer products or services (especially products deemed by customers to be interchangeable), construction, digital, pharmaceuticals, procurement and supply chain parts;
  • Results of any compliance audits - useful as part of this initial step will be to establish if your organisation has undertaken any formal competition law compliance audits and if so, when. If any potential competition law compliance issues or red flags were identified as part of any internal or external audits conducted in the past two to five years you will need to determine how these matters were dealt with and include this information in your competition law risk assessment. Likewise, if any internal reports or complaints flagged potential competition law compliance issues, this information must also be considered and included; and
  • Who within the organisation might be the highest risk. For example, sales people who regularly attend trade shows where competitors are present and at which socialising happens might be deemed to be at a higher risk of participating in an illicit information exchange than employees who work in back office functions.

The categorisation assigned to an activity will indicate where competition law procedures and preventative controls are required or where compliance efforts should be focussed.

This exercise can be time consuming but will pay dividends by allowing you to tailor the management of competition law risk in your organisation and focus your efforts on the areas that present the highest degree of risk. See How-to-guides: How to implement a culture of compliance with competition law in your organisation and How to design a competition law compliance programme.

Section 3 – Managing and mitigating competition law risks

Once risks have been identified and assessed, the next step is to manage and mitigate the applicable risks in line with the potential exposure through your compliance programme. This means correctly assessing the appropriate mechanisms needed to manage competition law risk and these will vary depending on the risks identified and the organisation.

The mechanisms you use to manage the competition law risks will largely be determined by the levels of risk exposure your organisation faces, and the budget made available for the project by top-level management. An intelligent and proactive risk management approach that is tailored to your organisation, rather than a ‘tick box’ compliance exercise, is strongly recommended.

A useful first step would be to map all the identified risks to your competition law compliance programme. See How-to guide: How to design a competition law compliance programme. This task is necessary to reduce the likelihood of the competition law infringement risks you have identified occurring. For instance, if you have identified as a risk that staff are members of a trade association with competitors, you should ensure that the risks associated with this are highlighted in your policy document, that staff who attend have received training on competition law, that they understand the risks and what to do if competitively sensitive information is disclosed or exchanged. In conducting this exercise, account should be taken of whether any policies or training should be refreshed in light of time elapsed and other metrics such as staff turnover.

Once risks have been mapped across to your organisation’s compliance programme it should be possible to identify in particular any gaps where risks are not addressed by existing policies and procedures. These gaps should be addressed by implementing changes to policies and/or procedures and ensuring that these are communicated appropriately, which may involve running training sessions for high-risk staff. For more information on designing a competition compliance programme and preventative controls, see the How-to guide: How to design a competition law compliance programme.

Section 4 – Review

A risk assessment exercise should not be viewed as a one-off exercise. It should be repeated at regular intervals, including whenever circumstances change or significant new business is undertaken that may alter the overall risk profile of your organisation.

Additional resources

Related Lexology PRO content

How-to guides:

Understanding the competition law prohibitions in Article 101 and 102 TFEU
How to implement a culture of compliance with competition law in your organisation
How to design a competition law compliance programme
How to assess competition law risks in an agency agreement
How to identify and address competition law infringements

Checklists:

Competition law compliance
Conducting a competition compliance audit
Meeting with a competitor
Managing a dawn raid
Drafting a competition law compliance policy 

Quick view: 

Competition leniency programmes in the European Union 

Reliance on information posted:

While we use reasonable endeavours to provide up to date and relevant materials, the materials posted on our site are not intended to amount to advice on which reliance should be placed. They may not reflect recent changes in the law and are not intended to constitute a definitive or complete statement of the law. You may use them to stay up to date with legal developments but you should not use them for transactions or legal advice and you should carry out your own research. We therefore disclaim all liability and responsibility arising from any reliance placed on such materials by any visitor to our site, or by anyone who may be informed of any of its contents.

Filed under

Topics

Laws