- Law
The provisions governing the subject sector are laid down by Legislative Decree no.231 of 2001 (“Decree”).
This was originally enacted in order to implement in the Italian legislative system the EU norms regarding the fight against bribery of EU or Member States officers, as well as those provided by the Paris Convention dated 17December 1977 of the Organisation for Economic Cooperation and Development (OECD) against the bribery of foreign Governmental officers in international business transactions.
Subsequently, however, the scope of the Decree has been considerably increased, due to the repeated extensions made in the following years of the list of criminal offences on which the corporate liability under review is based, so as to include also several crimes not related to the sectors mentioned above, like for instance: terrorism, enslavement, breach of the rules on accident prevention, health and safety at work.
As a prerequisite for the responsibility under review, the offence has to be put into being in the interest or for the advantage of the company involved.
2. Offenders
Corporate responsibility may arise from offences committed not only by officers or employees of the company, but possibly, more in general, also by any of its business parties (which the principle no.6 of the OECD Guidance identifies in the “agents and other intermediaries, consultants, representatives, distributors, contractors, suppliers, consortia and joint venture parties”).
- Prosecution and sanctions
Given the criminal nature of the offences being considered, the institution in charge of
implementing the Decree is the Public Prosecutor; the relative proceedings follow the ordinary rules of criminal procedure and end with the judgement of a criminal Court, which may determine the sanctions applicable to the offender as well as to the company involved.
There is a line to be drawn, however, between the positions of the former and latter: indeed, in principle the primary target of the criminal action is and remains the offender and although if the trial ends with a conviction the company may be heavily affected, strictly speaking it is not the directly prosecuted party.
This is because, as a matter of fact, in the Italian legal system only individuals can be criminally prosecuted (in simple words, one can put in jail a person, not a company): therefore, to overcome this problem the relevant sanctions applicable to companies have been qualified by the legislator as being of an administrative – rather than criminal – nature.
However, the above-mentioned nature of the subject penalties should not let one believe that, as a result, they are “light”: on the contrary, their impact can be rather severe. As a matter of fact, they can consist of fines (whose amount in the most serious cases can be as high as 1,500,000.00 euros), confiscation of the profits obtained by the company from the offence, interdictive sanctions that among other matters can mean the prohibition to stipulate contracts with Governmental Bodies, the suspension or cancellation of the licences required for the continuation of the business, or even the prohibition to continue the business altogether.
In conclusion, the field being examined gives somehow rise to a junction of different sectors of law (criminal, corporate and administrative), rather interesting from a professional view point.
- Protection of the company
What a company can do in order to be exempted from sanctions is naturally to separate its own position from that of the offender, proving that although the offence was committed in the interest or for the advantage of the company, this has taken no part whatsoever in it, even indirectly.
The concept is easy to be understood, but requires a strong, constantly oiled mechanism to be put in practice.
In essence, this consists of (i) the enactment by the company Board of Directors of two sets of rules respectively known as Code of Ethics and Organisation and Management Model (collectively “Rules”), objectively apt to prevent the commission of the offences listed in the Decree, (ii) the information to and acknowledgement by all officers, employees and business partners of the company about the Rules, by which all interested parties shall abide under penalty of disciplinary sanctions, (iii) the creation within the company of a Supervisory Board (“Organismo di Vigilanza”) having an adequate degree of autonomy – also from a financial view point – entrusted with the control of the actual compliance with the Rules, and required to report on at least an annual basis to the Board, also in order to suggest such possible changes and additions to the Rules as may appear to be appropriate on the basis of the experience made and of the possible further increase in the crimes covered by the Decree.
In particular, the creation and updating of the Model has clearly to be based on a risk assessment activity aimed in particular at highlighting the areas where the risk that crimes be committed is greater and on the ensuing enactment within the company of procedures to be followed to avoid such risk.
In a nut shell, in order to be exempted from the penalties applicable as a result of a crime committed by any of its officers, employees or business partners, a company has to satisfy the Criminal Court that such crime was put into being in violation of the Rules and not with standing the adequate supervision actually carried out to ensure their correct implementation.
Despite the additional costs that the foregoing implies, it should be pointed out that given the extent of the risks involved the majority of Italian companies, particularly of middle or large size, have taken the steps mentioned above.
As a final comment, it may be worth noting that the activity carried out by the Supervisory Board is somewhat coordinated with that of the Statutory Auditor(s) – a peculiar institution of Italian corporate law not to be confused with the ordinary auditing firms -, who has the very broad and general task of checking the compliance with the law and By-laws, the correct management of the company, as well as the adequacy of the organisational, administrative and accounting systems and their actual functioning.