Following fundamental reforms carried out in 2010 and 2015, the Spanish Penal Code now attaches criminal liability to companies and other ‘legal persons’ for certain crimes committed either by it’s representatives or it’s employees.
By this it is meant that, in such cases the company can be investigated , subject to precautionary measures (such as temporary closure , payment of a bail bond, etc.), tried and , if appropriate, found guilty, in addition to physical individuals in the company being found responsible . The judgment may order the total dissolution of the company or impose heavy fines , suspension of activities, judicial intervention … In any case, the most severe penalty is the damage to the reputation of the business.
Different Crimes Covered
The crimes covered by the new Criminal Code are varied. A computer crime may be committed if a manager or employee obtains secrets or proprietary information relating to an individual when there are of a personal nature .
Or perhaps liability for a corruption offence might be attributed to a company if an officer, employee or partner of the company requests or accepts payment of any kind for unduly favouring another in the course of doing business.
Should an employee or officer try to bribe a public official, the new Penal Code may attach liability to the company. Additionally a crime against the Public Treasury may be committed by a company if an attempt is made to evade payment or withholding of taxes or improperly obtains tax rebates in an amount exceeding €120,000.
The required amount is reduced to 4,000 € if the company defrauds the Tax Office specifically or if the funds were obtained from the European Union. The new Penal Code details a further thirty crimes whereupon liability may be affixed to a corporate body.
Criminal Compliance Model
Under the law, not only representatives and directors of the corporation may implicate the company by their behaviour but also their employees and even mere collaborators, if managers have not adequately controlled their activity.
However, as occurs in the UK or in the USA, legal entities may be exempted from criminal liability , even though someone connected to them commits a crime – as long as they can prove that they have been careful. For this to be demonstrated, they must have implemented a model of organization and control over the activity of the company to prevent the commission of offences. This is known as ‘Criminal Compliance’.
This model of organisation and control or system of ‘Criminal Compliance’ must be adapted to the structure , volume, activity and characteristics of the company ( e.g. is it a subsidiary of a multinational conglomerate or a family business etc… ), and implemented in all critical areas of business risk, such as data protection, CCTV surveillance, foreign trade, money laundering, document management, decision-making, disciplinary system , complaints’ processes, etc
In addition to potentially exempting a company from criminal liability, the implementation of Criminal Compliance allows for a better understanding of the rules to which the company is subject as well as an improved level of risk management and of decision making processes and controls.
It also prevents the risk of administrative penalties and an improvement in competitiveness: large companies already operating with these models already require or will require their implementation by third parties with whom they do business. Also it improves the qualification and positioning of the company to contract with the Spanish government.
The implementation of a system of Penal Compliance should not only be welcomed by those law firms (such as our own) who are able to offer such a service, but should also be welcomed by those companies who wish to improve the legal certainty with which they develop their businesses.