For centuries a principle has ruled in the Penal Code which, expressed in Latin, states: ‘societas delinquere non potest’ according to which only natural persons are able to commit crimes; thus legal entities such as companies, businesses and legal persons are incapable of committing crimes.

In 2010 the Penal Code was modified in order to accommodate the possibility of attributing criminal liability and imposing legal sanctions to legal entities. Interestingly, the possibility that legal entities can commit crimes was not established, which allows the maxim that companies cannot commit crimes to remain true. In other words, although legal entities continue to be incapable of committing crimes, now the Penal Code provides that legal entities may be held liable for crimes committed by natural persons who act in their name, on their behalf or for their benefit.

Recently, a new change in the Penal Code has been published in the Official State Bulletin, which furthers the 2010 reform and, among other aspects, regulates the way in which businesses will be able to elude criminal liability for the conduct of their executives or employees. Thus, from the 1st July 2015, when the reform will be put into effect, it will be more than advisable that legal entities have Criminal Risk Prevention Programmes implemented, which fulfill the requirements that the Code itself states.

Legal entities cannot be held criminally liable for all crimes delineated in the Penal Code. The Code categorizes a list of nearly 30 crimes (such as bribery, influence trafficking, financing terrorism, money laundering, punishable insolvency, crimes against the Inland Revenue and social security etc) for which the legal entity may be held criminally liable in the following cases:

  • When the crime in question is committed by the administrative body, the voluntary representatives or the executives, in the name of or on behalf of the company, and to its benefit.
  • When the crime is committed, in the course of social activities, on behalf of and to the benefit of the company, by any employee or, in general, by someone who is submitted to the authority of the administrative body or of the executives.

The penalties that legal persons can face are:

  • Fines
  • Dissolution
  • Suspension of activities for a period of up to five years
  • Prohibition of carrying out future activities related to the crime committed.
  • Closure of premises or establishments for a period of up to five years.
  • Disqualification from obtaining subsidies or public grants, and prohibition from with contracting the public sector.
  • Judicial action.

However the big change in the reform, which will take effect from the 1st of July 2015, is found in the exemptions established by the reform in the Code. In effect, legal entities will not have to answer criminal charges if, before the crime has been committed, they have adopted and effectively carried out organization and management programs which include vigilance measures and suitable monitoring to prevent crimes of the same nature or to reduce the risk of them being committed significantly.

In short, a legal entity can minimize its risk of criminal liability and penalties previously stated– for certain crimes that its employees or executives or even directive body can commit, by taking the following steps:

  • Adopt a Crime Risk Prevention programme of organization and management.
  • Adopt this programme prior to the crime being committed. It should be a preventative system, in order that, if an issue of criminal liability arises and litigation ensues, the judge will call upon the legal entity as a defendant and will inspect to see if there is a programme already established and if it fulfills the legal requirements.
  • Carry out the programme with efficacy. It is clear that, once the crime has been committed, it is always possible to say that the programme has not been effective, because it has not prevented a punishable deed. However the law does not demand responsibility as a result, but action: that the model is sufficiently effective in ‘significantly reducing the risk’ of crime.
  • The programme must include suitable methods of vigilance and control to prevent crime.
  • The running of the programme must be supervised by a body of the legal entity. This means to say that, notwithstanding optional external support and advice, the company must have an internal body to supervise the efficacy of the controls set forth by the programme.
  • This internal supervisory body must have autonomy within the company and must be provided with sufficient financial resources to manage it and to guarantee this autonomy.

This programme, as stated above, does not attempt to guarantee completely the impossibility of a crime being committed. It simply tries to ensure that the company is in the right condition to demonstrate that it has done all possible to monitor and prevent criminal conduct of its employees, executives, or directive body and that, if despite everything, a crime has been committed, it has not been due to an omission or insufficient practice in the supervision, vigilance and control, but that the individual perpetrator has fraudulently eluded the implemented programme of organization and intervention.

Here exists the advantage of implementing this type of prevention programme, since from the 1st July any company who does not have one, will not be seen free from criminal liability for certain crimes committed within their organizational body.

by Ramón Gutierrez del Alamo, Partner, Head of Litigation Department @ Adarve Abogados