Criminal Compliance, what is it? Compliance Keys #23

The term Compliance can be defined as regulatory compliance, or compliance with that which must be complied with. The scope of the regulatory compliance that a given entity must ensure can be very broad, as well as the totality of rules and regulations applicable to its specific activity.

However, the term Criminal Compliance is often used to refer to those compliance structures that entities adopt to prevent the commission of crimes within them, under the term “Criminal Compliance Systems”. That is, the main objective of Compliance is based on crime prevention.

Criminal Compliance Systems, also called “Crime or Criminal Risk Prevention Programs or Models”, have their origin, mainly, in the reform of the Criminal Code produced by the Organic Law 5/2010, of June 22nd.

This reform of the Criminal Code introduced, for the first time in Spain, the criminal liability of legal entities. In short, this means that, in certain cases, when a crime is committed in a given entity, both the individual who commits the crime and the entity to which he/she belongs or represents may be criminally liable.

Since the Criminal Compliance Systems have their origin in this reform of the Criminal Code, in general, they are designed to comply with the requirements that article 31 bis of the Criminal Code demands to avoid the criminal liability of legal entities. That is:

  1. Adopting and effectively implementing the Criminal Compliance System prior to the commission of the crime;
  2. Designate a Compliance body;
  3. Identify activities that may pose a criminal risk;
  4. Adopt protocols and procedures to avoid such risks;
  5. Manage financial resources appropriately to prevent such risks;
  6. Establish mechanisms for reporting potential risks and non-compliance;
  7. Adequately sanction non-compliance with the Criminal Compliance System;
  8. Review and update the Criminal Compliance

In this way, the Criminal Compliance Systems seek to regulate the social activities of the entity to ensure regulatory compliance and, by extension, to comply with the requirements of article 31 bis of the Criminal Code in order to avoid the possible criminal liability for the legal entity that could result from the commission of certain crimes in its activities (for example, crimes of fraud; misleading advertising; tax fraud; crimes against natural resources and the environment; bribery; etc.).

However, limiting the Compliance System to strictly criminal compliance can lead to a serious problem of prevention, detection and correction of non-compliance and undesired conduct. In this sense, a Criminal Compliance System entails significantly delaying the lines of defense of the legal entity, resulting in a much smaller margin for reaction and correction.

On the other hand, transversal or general Compliance Systems have a much broader scope than strictly Criminal Compliance Systems. The objective of these systems is to manage regulatory compliance in order to prevent all types of non-compliance which, of course, also include non-compliance with criminal regulations, thus allowing better management of the risks of regulatory non-compliance and anticipating, at an earlier stage, the materialization of crimes within an entity.

Department of Compliance in Molins Defensa Penal.

Update cookies preferences