What is compliance?

Compliance consists in establishing adequate and sufficient policies and procedures to ensure that a company, including its directors, employees and associated agents comply with the applicable regulatory framework.

In addition to legal rules such as laws and regulations, this regulatory framework must be deemed to include internal policies, commitments with customers, suppliers and third parties, and especially the internal codes that the company has undertaken to respect, as numerous cases exist in which an action may be considered legal, but not ethical.

What is the scope of compliance?

  • Privacy
  • Competition law
  • Crime prevention (prevention of corruption, money laundering)
  • Protection of consumers and users
  • Environmental legislation
  • Tax compliance
  • Regulatory compliance
  • Compliance with employment regulations

The compliance system will be introduced in proportion to the size and resources of each organisation.

Criminal liability of legal persons

The 2010 reform of the Spanish Criminal Code introduced the principle of criminal liability of legal persons. Legal persons thus became criminally responsible for crimes committed in their name or on their behalf by their legal representatives and administrators, but also by those who, while under their authority, may have committed a crime as a result of failure by the legal person to exercise due control over them.

Any criminal action committed within the company or by third parties (customers, suppliers and contracted external services) with whom it is related by virtue of its activity will result in criminal and, therefore, civil liability. 

How can it be avoided?

With the introduction of compliance:

  • If it can be established that compliance with the crime prevention plan was being introduced prior to commission of the offence, this may be considered as exempting the company from criminal liability.
  • If compliance with the crime prevention plan was being introduced at the time the offence is committed or was introduced subsequently, this may be considered a mitigating factor.
  • Compliance is the exercise of the legal requirement concerning the monitoring, surveillance and control of the business activity.
  • Compliance is an activity aimed at preventing criminal acts and entails the introduction and subsequent monitoring of preventive and corrective, measures together with actions in the implementation of staff training and company operating systems.

With this reform, compliance becomes compulsory in order to avoid any criminal liability that may occur 

How is compliance applied?

  • Tone of the top: Commitment and support from top management
  • Definition of a Code of Ethics in the organisation
  • Definition of the objectives of compliance
  • Carrying out of a risk assessment (of legal and criminal compliance)
  • Compliance monitoring
  • Compliance reporting
  • Action and follow-up plans
  • Documentation of the model
  • Certification or audit of the model