Feb 08 2023

Sanctions for failure to implement a Compliance Program

With numerous laws coming into force every day, companies are increasingly exposed to the risk of non-compliance, which could lead to compliance sanctions by the competent authorities and, in the most serious cases, even to the dissolution of the company itself.

What is a Compliance Program?

A regulatory compliance program is a model or guide of action implemented by a legal entity with the aim of preventing and/or managing criminal risks, mainly, that may arise within the company.

The main objective of this type of program is to develop a corporate culture within the company committed to business ethics and compliance with current legislation, as well as to inform employees that the company has zero tolerance towards the commission of criminal conduct.

In this sense, this program must be known and mandatory for all employees of the company.

What happens if the company does not have a Compliance Program?

Taking into account that the liability for the commission of a crime by an employee of the company may also extend to the company itself, by direct action or omission, of the duty to prevent these cases, the fact of having a compliance program adopted and effectively implemented for the prevention of crimes or the significant reduction of the risk of their commission may imply the exemption of the criminal liability of the company.

Otherwise, the consequences of the assessment of criminal liability for legal persons are those stipulated in Article 33.7 of the Criminal Code and listed below:

Dissolution of the company;
Suspension of the company’s activity for a term of up to five (5) years;
Closure of establishments and premises for a term of up to five (5) years;
Fines that may amount up to ten (10) times the company’s profit;
Temporary prohibition, for up to fifteen (15) years, or definitive prohibition to carry out the activity of the company in the future;
Disqualification to obtain subsidies and/or public aid, to contract with the public sector and to obtain tax or Social Security benefits;
Judicial intervention for a period of up to fifteen (15) years.

In addition, and in the event that a company is convicted, it may face numerous collateral damages such as: economic and reputational damages, the impossibility of obtaining financing, loss of prestige in the commercial sphere and the consequent loss of confidence of customers and suppliers.

Legal requirements for organization and management

Usually, the function of supervision and compliance of compliance programs implemented in companies corresponds to a body within the company with sufficient autonomous powers to exercise control. This body is called Compliance Officer and such work may be carried out by the company’s management body itself.

What should a Regulatory Compliance Program contain?

Any regulatory compliance program must start with the creation of a compliance team to analyze the criminal risks that may occur within the organization in order to manage the consequent risks.

Once the risks have been identified, protocols and procedures will be defined for decision making within the organization, a Code of Ethics will be drafted and implemented that must be complied with by the members of the organization, and an internal complaints channel and disciplinary system will be established.

In addition, the company will design a model of response to the risk of the commission of a crime, will provide training and awareness programs for employees and may establish a program of audits and periodic verification of the compliance program.