Balancing Compliance and Legal Risk: Compliance Policies and the Attorney-Client Privilege

By

A unique challenge that companies face in the current regulatory environment is balancing compliance and legal risk. While those risks are often coextensive, they may also conflict. For example, on the one hand, a company must implement policies to regulate corporate conduct and comply with legal and regulatory obligations. But, on the other hand, a company must also undertake efforts to mitigate litigation risk. A company’s efforts to mitigate litigation risk may be compromised by a company’s compliance policies if those policies are used in civil litigation to establish a heightened standard of care. In an effort to avoid that result, companies have relied upon the attorney-client privilege to prevent the disclosure of their compliance protocols. But the effectiveness of that strategy is being eroded.

In the case In re Domestic Drywall Antitrust Litig., 2014 WL 5090032 (E.D. Pa. 2014), the United States District Court for the Eastern District of Pennsylvania recently held a company’s antitrust compliance policy was not protected by the attorney-client privilege in antitrust litigation because the policy was a business policy widely distributed throughout the organization. That holding by the federal district court presents important questions that compliance officers and in-house counsel must consider when drafting policies, disseminating information, and training employees on substantive legal and regulatory issues in a compliance platform.

Case Summary

In the action In re Domestic Drywall Antitrust Litig., 2014 WL 5090032 (E.D. Pa. 2014), the federal district court held that CertainTeed Gypsum, Inc.’s antitrust compliance policy was not protected by the attorney-client privilege and was subject to disclosure because the policy was a business policy that was widely distributed throughout the organization.

In the case, plaintiffs brought more than 20 antitrust lawsuits against domestic drywall manufacturers alleging defendants engaged in various antitrust violations, including collectively raising their prices following a trade meeting. Defendant CertainTeed was one of the drywall manufacturers named in the lawsuits. The lawsuits, which included claims by direct-purchasers and indirect-purchasers, were consolidated in the Eastern District of Pennsylvania for pretrial purposes.

During discovery, the indirect-purchaser plaintiffs (“IPPs”) sought all of CertainTeed’s documents concerning its “policies, practices, or guidelines concerning (a) the United States antitrust laws, (b) communications with competitors relating to price, output or supply, or (c) any antitrust training provided to your offices and employees.” 2014 WL 5090032 at *1.

CertainTeed produced its antitrust compliance policy for in camera review, but refused to produce the policy on the grounds of attorney-client privilege. Id. CertainTeed argued the policy was protected by the attorney-client privilege when it was drafted by outside counsel at the request of CertainTeed’s parent company and distributed to its employees. Id. The Court noted that CertainTeed’s policy was “intended to provide employees with an overview of general antitrust law principles and procedures,” and “summarizes anti-competitive practices to be avoided, provides guidance for situations that could lead to violations, and details possible sanctions for antitrust violations.” Id.

Plaintiff moved to compel the production of CertainTeed’s policy arguing it was not privileged because it lacked legal advice regarding a specific inquiry or investigation. Id. Plaintiff further argued that the policy was not a confidential communication because it was widely distributed within Defendant’s ordinary course of business.

CertainTeed countered that the policy is privileged because it satisfied all four of the privilege requirements: (1) a communication (2) between privileged persons (3) that was maintained in confidence (4) for the purpose of providing legal advice and guidance. Id; see In re Teleglobe Commc’ns Corp., 493 F.3d 345, 359 (3rd Cir. 2007).

The federal district court held the policy was not privileged and granted the motion to compel. In ordering the disclosure of CertainTeed’s policy, the court noted that the parties’ dispute was an issue of first impression in the Third Circuit regarding the disclosure of a company’s compliance policy. 2014 WL 5090032 at *2. The court also recognized the existing circuit split regarding the breadth of the attorney-client privilege as well as the narrow construction of the privilege applied in the Third Circuit. Id. at *3 (internal citations omitted).

Applying Third Circuit precedent, the court explained the attorney-client privilege only applies to communications from an attorney if the communication reveals client confidences or provides legal advice. Id. at *3. The Court stated that CertainTeed’s policy was not privileged based on that narrow construction when the policy did not contain specific advice:

“CertainTeed’s policy…is general and does not contain any specific advice. Its purpose is to help insure that its employees do not violate the antitrust laws. No court has yet held that a corporate policy of lawfulness is protected from discovery as privileged.”

Id. at *4. Instead, the court stated that CertainTeed’s policy was “more akin to a reference or instructional guide.” Id. And although the policy was based on legal advice, it was primarily a “business policy”:

“CertainTeed’s argument is no better than a company arguing that because its decision on how to market or advertise a product, or what conditions of sale should apply, was based on legal advice subject to the attorney-client privilege, the company’s business policies are themselves privileged.”

Id. The court further noted that CertainTeed’s policy was drafted by both outside counsel and in-house counsel by CertainTeed’s parent company, and was “intended to provide employees with an overview of general antitrust law principles and procedures… [The policy also] summarizes anticompetitive policies to be avoided, provided guidance for situations that could lead to violations and details possible sanctions for antitrust violations.” Id.

Finally, the court explained that CertainTeed’s argument that it maintained the policy in confidence because it has not distributed it outside the company was undermined by the relevant facts: CertainTeed’s policy was widely-distributed within the company, including to more than 120 executives and sales and marketing personnel at an annual antitrust compliance training, was available to employees through the company’s internal website, and was never labeled confidential or privileged when disclosed. Id. Nor was any evidence presented by CertainTeed that its parent company would have refrained from creating the policy absent the privilege. Id.

In so ruling, the Court placed emphasis on the decision by the Northern District of Illinois in the action In re Sulfuric Acid Antitrust Litig., 432 F.Supp.2d 794, 796 (N.D. Ill. 2006), in which case the federal district court similarly concluded an antitrust compliance manual prepared by counsel and distributed to marketing, sales and production management employees was not privileged because it did not reveal client confidences, only provided an overview of antitrust law in various jurisdictions and, therefore, was “outside the scope of the attorney-client privilege, whether viewed broadly or narrowly.” Id. at 4 (quoting In re Sulfuric Acid Antitrust Litig., 235 F.R.D. 407, 430 (N.D. Ill. 2006))[1]

Application to Compliance Programming

The holding in Domestic Drywall presents important questions that compliance officers and in-house counsel must consider when drafting policies, disseminating information, and training employees on substantive legal issues in a compliance platform. For example, even if a policy is based on substantive legal grounds, a company may be required to disclose the policy, including any inherent confidential or propriety information upon which the policy is developed.

More critically, if a compliance policy is based on substantive legal grounds then the policy, if disclosed, may inadvertently establish a standard of care in ensuing litigation, especially if the policy is intended to ensure compliant behavior in accord with those legal grounds. This is particularly concerning in civil litigation as the establishment of a de facto standard of care may deprive a company of available defenses or unfavorably position the litigation. Particular attention must also be paid to compliance policies that contain internal, aspirational guidelines as the violation of those aspirational guidelines may set a heightened standard and/or serve as an additional basis for liability.

Accordingly, when designing, distributing and training employees on compliance programs, compliance officers and general counsel must (1) analyze the applicability of the attorney-client privilege particularly when a corporate compliance policy is based on substantive legal grounds, such as federal antitrust law, the Foreign Corrupt Practices Act, HIPPA, etc.; and (2) monitor how courts continue to resolve disputes at the intersection between corporate compliance policies and the attorney-client privilege.

[1] The Domestic Drywall court also analyzed other cases on the motion to compel, including Hartford Life Ins. Co. v. Bank of America Corp., 2007 WL 2398824 (S.D.N.Y. 2007)(holding due diligence presentations appended to the bank’s manual was not privileged because it was generic and did not disclose confidential information) and Coastal States Gas Corp. v. Dep’t of Energy, 617 F.2d 854 (D.C. Cir. 1980)(memoranda from Dep’t of Energy counsel to auditors in response to requests for regulatory interpretations represented guidelines, did not contain any legal advice, and were not privileged).