Directive (EU) 2026/1021 Enters into Force: A New European Boost in the Fight Against Corruption
On 31 May 2026, Directive (EU) 2026/1021 of the European Parliament and of the Council of 29 April 2026 on combating corruption (hereinafter, Directive 2026/1021 or the Directive) came into force. This legislation is intended to strengthen the European Union’s (hereinafter, EU) response to one of the phenomena that has the greatest impact on the rule of law, trust in institutions, and the proper functioning of markets.
As expressly acknowledged in its recitals, corruption continues to pose a threat to European societies. It is a transnational phenomenon that transcends the borders of Member States, and its prevention and prosecution require coordinated and harmonized action at the European level.
It is within this context that the adoption of Directive (EU) 2026/1021 must be framed. Below, we will analyze the main implications of this legislation from the perspective of corporate criminal liability and its impact on Compliance Systems.
Objective and purpose
Alongside the establishment of common minimum rules regarding the definition of corruption offences and applicable sanctions, the Directive aims to strengthen the European integrity model through the adoption of preventive measures and anti-corruption strategies.
Corporate criminal liability under the Directive
The new European text establishes legal entities as potentially liable for most of the offences described therein, with the exception of those offences which, by their nature, can only be committed by natural persons, such as conduct related to the unlawful exercise of public functions (art. 7 of the Directive).
In this regard, Member States must ensure corporate liability when corruption offences are committed for the benefit of the entity by persons with powers of representation, management, or control, or when they result from a lack of proper supervision or control.
From the perspective of Spanish law, it is worth noting that the model of liability set out in the Directive is fully compatible with the regime established in Art. 31 bis of the Spanish Criminal Code.
Another significant innovation introduced by the Directive lies in the sanctions regime applicable to legal entities.
Unlike the model currently established in the Spanish Criminal Code, the European legislation incorporates a system for determining fines linked to the global turnover of the offending entity. This legislative technique is not new to EU law and was previously employed, among other regulations, by Directive (EU) 2024/1226 of the European Parliament and of the Council of 24 April 2024, relating to the definition of offences and penalties for breaches of EU restrictive measures.
In this regard, the Directive differentiates between various corruption offences for sanctioning purposes. Thus, for bribery, embezzlement, and misappropriation offences, higher fines are required than for other offences set out in the legislation. Accordingly, the severity of the sanction depends less on an individual assessment of the seriousness of the conduct and more on the criminal category in which it is classified.
Furthermore, the Directive consolidates a growing trend in European regulatory practice, which links the amount of fines to the actual economic capacity of organizations, thereby reinforcing their preventive impact and avoiding that fines are merely regarded as a business cost.
In addition to pecuniary sanctions, the Directive allows Member States to adopt other complementary sanctions applicable to legal entities. Although many of these measures are already reflected in the catalogue of penalties provided in art. 33.7 of the Spanish Criminal Code, the European legislation introduces new clarifications.
Notably, it includes the possibility for competent authorities to cancel or terminate contracts in the execution of which the offence was committed (art. 8.2.e of the Directive), a measure particularly burdensome for organizations operating in the public sector, as the economic impact resulting from the loss of existing contracts may, in certain cases, be even greater than the inability to access future tenders.
The Directive strengthens the role of Compliance Systems
In particular, art. 16 of Directive 2026/1021 provides that Member States shall take into account, for the purposes of mitigating liability, the existence of a compliance program implemented before or after the commission of the offense, as well as the prompt and voluntary reporting of the facts and the adoption of remedial measures once the violation has been detected.
The explicit inclusion of compliance programs as a factor capable of mitigating corporate liability constitutes further evidence of the growing importance attributed by the EU to Compliance Systems as tools for the prevention and detection of corruption.
This provision is especially relevant for organizations, as it reinforces the advisability of implementing and maintaining effective Compliance Systems not only as a risk prevention mechanism but also as an element likely to be positively assessed by the competent authorities in case of non-compliance.
This approach aligns with art. 31 bis of the Spanish Criminal Code, which recognizes the legal relevance of effectively implemented compliance programs aimed at preventing offences, thereby confirming a trend already consolidated in Spanish law.
Increased requirements for certain organizations
The Directive also allows Member States to consider it an aggravating circumstance if
the offence was committed by an obliged entity within the meaning of Directive (EU) 2015/849 of 20 May 2015, or by persons exercising functions of representation, management, or control within such organizations.
This provision reflects the heightened expectation of integrity that the European legislator projects onto organizations that, due to the nature of their activities, are already subject to specific prevention and control obligations.
Spain advances in the direction set by Europe
From the Spanish perspective, the innovations introduced by the Directive do not represent a break with the current model. By contrast, many of its provisions are already reflected in national legislation and in recent initiatives, including the State Anti-Corruption Plan and the approval of the draft Organic Law on Public Integrity.
All of this allows us to affirm that Spain has been making significant progress toward a model increasingly aligned with European standards of prevention, transparency, and Compliance.
Nevertheless, the upcoming transposition of the Directive, whose deadline expires on 1 June 2028, will constitute a new opportunity to consolidate the progress already achieved and to strengthen areas where there is still room for improvement.