Compliance programs
In a few days time, we will mark the 6th anniversary of the publication of Organic Law 5/10, of June 22, 2010, which introduced the criminal liability of legal entities into Spanish law and was based on the concept of ‘proper control’ within companies in order to prevent this kind of liability arising.
Since then, many of our fellow legal practitioners have been working to raise awareness among clients about the importance of adopting systems and programs to manage risk (“compliance”), as an ideal means of avoiding criminal convictions being handed down against companies.
In the early years following the reform (2010 through 2014), we registered very little interest in this kind of prevention system and the market had scant belief in the utility of and need for such systems (in fact, major corporations were the only ones to take active steps to establish them). However, since last year, with the publication of the reform of the Criminal Code ushered in by Organic Law 1/2015, of March 22, 2015, business awareness of the need to manage criminal risks has grown exponentially.
In our view, there are various reasons for this:
(i) The media coverage of the 2015 reform itself and of the need to set up compliance programs.
(ii) Circular 1/16 of the Prosecutor General’s Office, which recognizes these control mechanisms as a ground for exemption from liability;
(iii) The publication of the first wave of judgments of the Supreme Court on the criminal liability of legal entities (some of which include extremely harsh sentences);
(iv) The ever increasing frequency with which investigations are initiated into legal entities, such as banking corporations, car manufacturers and football clubs.
What’s clear is that the criminal liability of legal entities and the need for compliance programs, far from being a passing fad, “are here to stay” and will require companies to get up to speed once and for all on the need to establish these measures of control.
Accordingly, it seems sensible to insist that companies have to adopt control systems in order to avoid criminal liability. Only then will they be able to give an appropriate reply to the question which investigating judges usually start with when examining companies (as parties under investigation):
“So, let’s see, did the company have any control mechanisms in place to prevent the alleged offense?”