Trade associations are increasingly treated as direct antitrust targets — not as passive venues where competitors happen to meet, but as institutions that can themselves restrict competition through the way they operate.
This is the shift that many associations have not fully internalised. The legal exposure is not limited to what members do inside your meeting rooms. It extends to what your secretariat does: how it designs agendas, drafts minutes, structures surveys, manages working groups, and maintains informal channels. Those are operational decisions. Under EU competition law, they can be the basis for an investigation and a fine directed at the association itself.
If you run a trade association, you are already a compliance actor. The question is whether your operations reflect that.
The legal position of the association
Article 101 TFEU prohibits three categories of conduct: agreements between undertakings, concerted practices, and decisions by associations of undertakings. That third category is the one that places the association itself — not just its members — directly in the frame.
A "decision by an association of undertakings" does not require a formal vote or an explicit agreement among members. It covers any mechanism by which an association coordinates the commercial behaviour of its members: a recommendation, a guideline, a position paper, a survey that structures information exchange, a working group output that narrows competitive options. The form is irrelevant. What matters is the effect.
What Cartes Bancaires actually decided
The clearest illustration of how this works in practice is Cartes Bancaires (C-67/13 P).
Groupement des Cartes Bancaires was the French interbank association that governed the CB payment card network. Its members were banks. In 2004, the European Commission found that three internal governance measures the Groupement had adopted — pricing rules that imposed fees on member banks that issued more CB cards than they acquired transactions for — restricted competition under Article 101 and fined the association directly.
The stated rationale for the measures was legitimate on its face: newer member banks were free-riding on the CB network infrastructure without investing proportionally in building the acquiring side. The Groupement's response was to impose internal fees to correct this imbalance.
The Commission's position was that whatever the rationale, the practical effect of the measures was to make it more costly for newer, smaller banks to compete on card issuance — protecting the incumbents who controlled the Groupement's governance.
Two things make this case directly instructive for associations.
First, the association itself was the addressee. Not the individual banks. The Groupement had adopted the measures through its own governance bodies, and it was the Groupement that faced the investigation and the fine. Operating through an association's internal decision-making process did not insulate anyone from Article 101.
Second, the case established that internal governance is not a shield. The Groupement did not hold a meeting where banks agreed to fix prices in the market. It adopted internal rules through its own structures. That was enough. The form — an internal association decision rather than an inter-company agreement — changed nothing in the legal analysis.
The operational implication is precise: when your association adopts a rule, a fee structure, a guideline, or a governance mechanism that affects how members compete — even if the stated purpose is to run the association better — you are in Article 101 territory. Your own decision-making process is the conduct under scrutiny.
Four operational blind spots where associations create their own exposure
Enforcement files are rarely built on one incriminating document. They are built on a pattern of operational elements. Here is where association secretariats consistently generate liability without realising it.
1 Agendas
The secretariat controls what goes on the agenda, how items are framed, and how often they recur. That control is influence — and it is attributed to the association.
"Market update," "pricing environment," "capacity outlook": these are standard agenda items in many associations. They are also the items that, in practice, become vehicles for members to share forward-looking commercial data in a structured, recurring format. The association did not intend to facilitate a concerted practice. But it designed the forum, set the cadence, and circulated the invitation.
The control is an agenda approval workflow with a competition checklist. Before any item is added, someone with legal oversight signs off on whether the framing is safe. Sensitive items are either restructured or removed. A standing antitrust reminder and escalation path appears on every agenda. This is not bureaucracy — it is the difference between a defensible record and an incriminating one.
2 Surveys and benchmarking
Associations frequently run benchmarking surveys as a member service. This is one of the highest-risk activities an association undertakes, and the one most often designed without adequate legal input.
The Commission's 2023 Horizontal Guidelines set out the conditions under which information exchange among competitors can avoid Article 101 concerns: sufficient aggregation across respondents, a time delay before sharing (at least three months for historical data as a general reference point), no access to individualised responses, and collection through an independent third party where possible. Surveys that collect current pricing, discount structures, planned capacity, or forward-looking strategy without meeting these conditions are not a member service. They are a liability.
The association's role should be to aggregate and anonymise data, not to transmit. Purpose limitation should be documented, not assumed.
3 Working group outputs
Working groups produce guidelines, codes of conduct, standard-setting documents, and industry positions. These outputs are association decisions in the legal sense — and they are where the association's coordinating function is most visible to investigators.
The secretariat's role here is gatekeeping, not just administration. Every working group needs a written scope, approved before it begins work. The scope should define what the group can and cannot address. A competition review gate should sit between draft and publication. Dissent and rejected alternatives should be documented — not because it eliminates risk, but because it demonstrates that the association exercised judgment rather than simply ratifying whatever members wanted.
4 Informal channels
This is the blind spot that produces the most damaging evidence in investigations. The substantive conversations often happen after the formal meeting ends — in WhatsApp groups the secretariat created for logistical coordination, in email threads the secretariat is copied on, in channels where members continue the discussion that the agenda item opened.
The association's liability in these channels does not depend on whether the secretariat participated in the sensitive exchange. If the association created, hosted, or legitimised the channel, it is part of the association's operational footprint. Authorities treat it as such.
The policy needs to be explicit and enforced: no association-created or association-administered channel should be used for competitor-to-competitor discussion of commercially sensitive topics. Approved communications platforms, clear retention and monitoring rules, and a standing instruction to members that informal channels are subject to the same antitrust standards as formal meetings.
Compliance is not only a defensive investment
An association that has genuine controls in place — reviewed agendas, governed working groups, properly designed surveys, clear protocols for when discussions go wrong — is not just a less exposed association. It is a more trustworthy one.
Members join trade associations to access expertise, industry intelligence, and collective representation. They do that within a framework of rules. When that framework is robust and demonstrably enforced, members can participate with confidence: confident that the association will not inadvertently draw them into an investigation, confident that the information shared in its forums is handled with appropriate discipline, and confident that the association's outputs — guidelines, positions, benchmarks — have been through a process that is legally sound.
That confidence has real value. Associations with strong compliance governance attract serious member participation. They produce outputs that members and regulators take seriously. They are the associations that can credibly represent an industry, precisely because they have demonstrated they can govern one.
A compliance framework, in other words, is not a cost of running an association. It is part of what makes an association worth belonging to.
What a defensible compliance program looks like for the association as an institution
Most association "competition compliance" is a PDF and an annual training session for members. That addresses member behaviour. It does not address the association's own operations — which is where the association's own liability lives.
A program that is fit for purpose for the association as an institution has four components.
Governance that treats meetings as controlled processes. Define who can create a working group, who approves its mandate, and who has veto authority when a topic is risky. Legal counsel should be embedded in the process, not called in when something has already gone wrong.
Operational controls embedded in the secretariat's workflows. Controls that trigger every time the association does its core work: an agenda approval workflow, a minutes review and sign-off process, a survey intake control with defined prohibited fields, a document management system with retention policies, access controls, and an audit trail. These controls need to be executable by the secretariat as part of normal operations — not dependent on anyone remembering to ask legal.
Evidence that survives scrutiny. In a dawn raid or a formal information request, good intentions are not a defence. The association needs to be able to produce, quickly and completely, a record of repeatable discipline: agendas with review stamps, redlined minutes, rejected survey questions, escalation logs, training records for secretariat staff, and documented interventions when members crossed lines. If that evidence does not exist in retrievable form, the association cannot demonstrate that its program was real.
Incident readiness. Associations need a dawn raid protocol. They also need a meeting incident protocol: if a member starts sharing sensitive information in a session, who interrupts, who documents it, who decides whether to end the discussion, and who records the remediation? "We would figure it out" is not a protocol. It is a liability.
UNE 19603: the structured framework for associations in Spain
If your association is headquartered in Spain, or runs working groups with Spanish market impact, UNE 19603 is the relevant reference standard. It provides a management-system approach to competition compliance: risk analysis, controls, training, monitoring, and continuous improvement, with an emphasis on documented evidence rather than stated intent.
UNE 19603 does not immunise an association. But it forces the right questions systematically and produces the kind of structured record that holds up under regulatory scrutiny. For associations that have been operating on informal compliance arrangements, it is the most direct route to a defensible program.
The question to answer before a dawn raid comes
Competition authorities do not announce investigations in advance. When they arrive — unannounced, with full inspection powers — what your secretariat has produced, stored, and circulated becomes the record your association is judged by.
The lesson from Cartes Bancaires is not that associations need to stop governing themselves. It is that the way they govern themselves is the conduct under scrutiny. A plausible rationale, a legitimate institutional purpose — none of these determined the outcome in the cases that have gone to enforcement. The operative question was always: what did the association's processes produce, and whether they may restrict competition.
The question worth answering now is not "are our members behaving?" It is: what processes does our secretariat run that could be interpreted as a decision by an association of undertakings, and what evidence exists that we controlled them?
If you cannot answer that clearly, the time to build that answer is before the call, not after it.
At Naltilia, we help associations make these controls operational — turning compliance requirements into secretariat workflows with retrievable evidence built in. To discuss your association's specific exposure, talk to our experts.