Buying a property in mallorca: a passionate experience with us

Corporate Criminal Liability in Spain: Corporate Crime Prevention Programs

Corporate Criminal Liability in Spain: Corporate Crime Prevention Programs

18/12/2018

Introduction

An effective and appropriate corporate defense program can avoid criminal responsibility if the corporate entity can prove proper control over the actions of its directors, managers and employees.

The regulation lists the minimum requirements of a corporate criminal compliance program, which include a criminal risk analysis, a whistleblowing channel and a disciplinary system in case of infringement of a program’s preventive measures.

The requirements may vary depending on the specific structure of the individual entity. For small legal entities, the governing body may directly assume the supervision functions. For the purposes of the SCC small legal entities are those, which are authorized to submit an abbreviated income statement.

The SCC refers to “legal entities” but it does not refer to corporate groups or branches, nor does it address the situation of the subsidiaries of multinational companies, which already have compliance programs.

A criminal risk prevention program specifically focused on anti-corruption issues which is already implemented abroad by a multinational company may be a good starting point, but it will not be enough as it has to fulfill and be adapted to the specific Spanish legal requirements.

In view of the criminal offenses that may affect the Spanish legal entity, conducting a risk analysis of the business activity in Spain is unavoidable. The importance of the “risk map” and the preventive policies for criminal risk is the starting point for every criminal compliance system.

The assessment must focus on actions that may constitute some of the key corporate offences implying criminal liability, but it can be extended to other offences, where defective prevention could lead to the direct criminal liability of directors or other managers.

We have identified at least 38 criminal offences for which corporate entities may be directly liable together with some more that can be committed within the company. If a company commits any of such criminal offences, the possible consequences range from a fine to, in the most serious cases, a ban on receiving public subsidies, public funds or entering into contracts with the public administrations, judicial intervention or EVEN WINDING-UP AND LIQUIDATION.

Companies may mitigate or completely eliminate their exposure to criminal liability if, when they have detected a criminal offence, they collaborate in seeking evidence or take steps to repair the damage caused. Companies are also encouraged to implement adequate measures to prevent criminal offences from being committed and to detect any that may be committed in the future.

In order to avert offences, companies are encouraged to establish a clear organizational culture, to have a clear knowledge of the risks linked to their directors, managers and employees at all levels and explain the conducts that the company will not tolerate.

If there is evidence that the company has implemented the monitoring and supervision mechanisms necessary to prevent directors, managers and employees, from committing offences, those mechanisms will help the company to avoid or minimize its exposure to criminal liability.

 

2.- General rule on criminal liability of legal entities

According to article 31 bis. 1 of the SCC legal entities shall be criminally liable:

  1. a) For offences committed in the name and on behalf thereof, and for their direct or indirect benefit, by their legal representatives or by those who, acting individually or as members of a body of the legal entity, are authorized to make decisions in the name of the legal entity or hold organizational and management powers within it.
  2. b) For offences committed in the pursuit of corporate activities, on behalf and for the direct or indirect benefit thereof, by those who, being subject to the authority of the natural persons referred to in the above paragraph, have been able to perform such acts because of a serious breach by the former of their duties of supervision, oversight and control of their activity in accordance with the specific circumstances of the case.
  3. Exemption or attenuation of criminal liability

 

Article 31 bis. 2 of the SCC: If the offence is committed by the persons indicated in article 31 bis.1 (a) the legal entity shall be exempt from liability if the following conditions are met:

  1. The management body adopted and effectively executed, prior to the commission of the offence, organizational and administrative models, including suitable measures of oversight and control to prevent offences of the same nature, or significantly reduce the risk of the commission thereof;
  2. Supervision of the functioning of and compliance with the prevention model implemented was entrusted to a body of the legal entity which has independent powers of initiative and control, or is legally entrusted with the function of supervising the efficacy of the internal controls of the legal entity;
  3. The individual perpetrators committed the offence by fraudulently evading the organization and prevention models; and
  4. There was no omission or inadequate exercise of functions of supervision, oversight and control by the body referred to in condition 2.

In those cases, in which the above circumstances can be only partially accredited, this circumstance shall be taken into consideration in attenuation of the penalty.

 

Article 31 bis. 4 of the SCC:

  1. If the offence is committed by the persons indicated in article 31 bis.1 (b), the legal entity shall be exempt from liability if, prior to the commission of the offence, it adopted and effectively executed an organizational and administrative model which would be appropriate in order to prevent offences of the nature of that committed, or significantly reduce the risk of the commission thereof.
  2. In this case if the above can be only partially accredited, this circumstance shall be taken into consideration in attenuation of the penalty too.
  3. Requirements of the organizational and administrative models

(Corporate Defense Programs)

Article 31 bis. 5 of the SCC: For organizational and administrative models (corporate defense programs) to be valid and effective, they must fulfill the following requirements:

  1. Identify the activities within the scope of which the offences that they aim to prevent may be committed;
  2. Establish protocols or procedures that describe and establish the corporate entity’s decision-making process and how those decisions are to be executed in respect thereof;
  3. Include financial resources management models suitable for averting the offences that they are aiming to prevent;
  4. Impose an obligation to report potential risks and breaches to the body responsible for supervising the functioning and observance of the prevention model;
  5. Establish a disciplinary system to suitably punish any breach of the measures established in the model; and
  6. Be verified periodically and modified when significant breaches emerge or when changes are made to the organization, to the control structure or to the activities performed that make such changes necessary.
  7. Compliance Officer / Supervisory body.

The SCC does not expressly mention the compliance officer.

What is expressly mentioned (art. 31 bis. 2. 2) is the need to rely on “a body of the legal entity with autonomous powers of initiative and control” to which the supervision of the prevention program of criminal acts committed by managers, directors and employees is entrusted. In small entities, the supervision of the program can be left to the board of directors.

Compliance officer must always be an in-house role. Further complications arise in the case of subsidiaries of multinational corporations, which rely on a global or regional compliance officer.

Depending on the actual functions of this global/regional supervisory body to monitor the criminal compliance program of the subsidiary and to effectively propose measures for improvement, it will be assessed whether or not is necessary to create a new supervisory board within the Spanish subsidiary, with real autonomy and initiative, to monitor the criminal compliance of managers, directors and employees.

Spanish Criminal Code amendment which came into force July 1, 2015 goes into detail about the criminal liability of companies and managers as well as about the monitoring and control obligations.

 

6.- A potential corporate crime list

We have identified at least 38 criminal offences for which corporate entities may be directly liable together with some more that can be committed within the company. If a company commits any of such criminal offences, the possible consequences range from a fine to, in the most serious cases, a ban on receiving public subsidies, public funds or entering into contracts with the public administrations, judicial intervention or EVEN WINDING-UP AND LIQUIDATION.

Criminal willful misconduct shall be presumed if “Crime Prevention Manuals” are not created. 

7.- ILLESLEX Services on crime law compliance and corporate defense

Upon the Spanish Criminal Code last amendment which came into force on July 1, 2015, deeply affects corporate and directors’ criminal liability, companies operating in Spain shall ask themselves the following questions:

Are directors aware of the criminal liabilities they may face as a result of this amendment?

Are companies, their directors, executives and employees prepared to assume the criminal liability risk?

Do companies and their managers know the ways of exemption from criminal responsibility and the controls and duties to prevent crime?

Our firm ILLESLEX provides a tailor-made criminal liability prevention plan for each client. This plan takes into account the company’s activities and features and the amendment of the Criminal Code, which came into force on 1st July 2015.

  • We conduct a “due diligence” that deeply analyzes the different crimes that might be committed within the company under the Spanish Criminal Code.
  • We draft and implement the mandatory “Crime Prevention Manuals”, meaning one manual for each crime in order to comply with the current legislation and to try to exempt the company and its directors from criminal liability arising out of crimes committed within the company.
  • We provide legal advice to the company and its governing bodies in crime prevention issues and in the drafting of documents affected by the Criminal Code amendment, such as the minutes of the Board of Directors or directors’ contracts.
  • We represent the company and its directors’ before criminal courts when they are involved in criminal proceedings, either as plaintiffs or defendants.

 

8.- Our Crime Prevention Model Proposal for multinational subsidiaries

All corporate entities operating in Spain −including subsidiaries of multinational companies− need an adequate program to prevent, detect and correct all those risky actions that could result in the criminal prosecution/conviction of a corporate entity.

Even though a company has already a crime prevention model worldwide, current Spanish legislation will require specific adaptation and implementation of a tailored model that establishes controls and procedures against criminal risk actions and activities carried out within its Spanish subsidiaries. Therefore, a mandatory exercise is to find out which of the policies and manuals that the company already has at a global scale, could be used for this tailored CCPP for the company in Spain

A criminal risk prevention program specifically focused on anti-corruption issues which is already implemented abroad by a multinational company may be a good starting point, but it will not be enough as it has to fulfill and be adapted to the specific Spanish legal requirements. We will coordinate this tailored model with the policies and manuals that company may have at a global scale.

 

Our work surpasses the mere compliance by advising the client on the corporate defense strategy. Therefore, our work on producing the Crime Prevention Model Document will include:

  • To conduct a “due diligence” that deeply analyses the different crimes that might be committed within the company under the Spanish Criminal Code by drafting a matrix where all crimes and each risk activities that can lead to the commission of each crime are treated along with protocols and procedures to mitigate risk activities and to prevent crimes.
  • To draft the mandatory “Crime Prevention Manuals” in order to comply with the current legislation and to try to exempt the company and its directors from criminal liability arising out of crimes committed within the company.
  • To adapt the whistleblowing channel to the Spanish Criminal Code requirements.
  • To draft the disciplinary system appropriate to prevent those crimes.
  • To design the Internal Specific Body functions, responsibilities, competences, and composition, following Spanish criminal code specifications.
  • To draft the periodic verification protocols for the Crime Prevention Model.

If there is evidence that the company has implemented the monitoring and supervision mechanisms necessary to prevent directors, managers and employees, from committing offences, those mechanisms will help the company to avoid or minimize its exposure to criminal liability.

“In case companies do not fulfill these obligations and a crime takes place, courts will accuse the company as well as the individuals (employees and/or directors).”

ILLESLEX itself takes good care on producing corporate Crime Prevention Programs by following some basic rules of engagement, among other:

  • All the information disclosed to our firm by the Client or other on behalf of the Client in order to perform the engagement or in connection with it shall be considered confidential information. Except as authorized in writing by the Client, our firm shall not disclose any confidential information or use it for any purpose other than the performance of the engagement.
  • All work products in the performance of the engagement, including without limitation, analyses, reports, documents and other information, shall be considered confidential information.
  • We will strictly follow all applicable conflict rules. We will not act adversely to the company in any instance where, as the result of our work to it, we have obtained sensitive, proprietary or other confidential information of a non-public nature that could be used to its disadvantage.
  • In accordance with the provisions of Organic Law 15/1999 of 13th December concerning Personal Data Protection, ILLES LEX informs the Client of the existence of a personal data file created with the information obtained from the Client.

 

< Back

The website you are visiting uses both own and third party cookies to improve navigation and to obtain statistical data. For more information Policy. Read our CookieX Close

E-mail