The duties of legal compliance applicable to Spanish companies have increased exponentially following the introduction of the new principle of corporate criminal liability. Backed by the threat of severe sanctions, the Criminal Code requires companies to ensure that their legal representatives, directors, managers, and employees do not engage in criminal activities for the direct or indirect benefit of the company. In order to avoid liability, they are thus required to set up mechanisms of ‘due oversight’, i.e. a system of criminal prevention.
The strengthening of the system of legal compliance that this entails seeks above all to constitute a ‘criminal-liability shield’, given that it has the following aims:
- The avoidance of the commission of criminal offences at the company.
- Ensuring that the company is not charged, accused, or convicted.
- The establishment of good criminal-defence instruments in the event charges are laid, with swift traceability (documents) and response from the prevention system.
- Ensuring that the directors and other managers are not charged, accused, or convicted.
But it also represents an opportunity for the company to:
- Strengthen its corporate social responsibility.
- Reaffirm its values and promote the integration of its employees, which is reinforced by the feeling that they belong to an ethical organization, as may be seen from the experience of countries within the Anglo-Saxon tradition.
- Improve its avoidance of the ever-more severe administrative penalties.
- Avoid the reputational cost associated with being charged with, accused of, or convicted of criminal offences, which will for ethical reasons and as a result of its image among consumers and users have the effect of reducing the company’s market, and in the case of subsidiary companies, may tarnish the brand and the whole group.
- Avoid the commercial and financial losses associated with being charged with, accused of, or convicted of criminal offences, given that increasing numbers of public finance bodies close their doors to companies involved in corruption scandals.
- Avoid decisions being taken with a risk level higher than that allowed on the basis of incomplete information as a result of failures in the control of criminal risks.
- Enter into contracts with the Public Sector, given that this is only open to corporate bodies that have not been convicted of criminal offences. The ban on contracting also applies to corporate bodies whose directors or representatives have been convicted of criminal offences committed in the name of or for the benefit of the company.
What constitutes a system of criminal prevention?
It is a system of internal rules and protocols that clearly define what constitutes irregular behaviour within the framework of the company’s activities, and what controls and mechanisms are in place to prevent them.
This system is based on a basic set of rules, an Ethical Code, which should then be developed into specific rules and protocols, and it should be presided by the basic values and principles which are to govern the company’s activities.
The behavioural rules must be binding and this requires control mechanisms, as follows:
- Specific mechanisms.
- General mechanisms through a system of internal complaints procedures, investigations, and sanctions.
The creation of security rules and controls and the encouragement of their development and application requires a compliance body to investigate situations which are at risk of being irregular, to create a culture of prevention at the company, to promote rules and controls, to receive complaints and ensure that they are investigated, and to guarantee traceability and that the system is up to date.