Protecting Companies in a Challenging Environment: Compliance Programs Under Italian Law—the New 2014 Guidelines of Confindustria
In July 2014 the Italian Ministry of Justice approved a revised version of the guidelines on the adoption and implementation of compliance programs, issued by the Italian Confindustria
Under Italian Legislative Decree No. 231 of 2001 on corporate liability (hereinafter the “Law 231”), a corporation shall be considered liable for the commission of crimes listed in Law 231 by one of its managers or employees, if prior to the commission of the crime it did not adopt and efficiently implement an adequate compliance program (the so-called Law 231 model) to prevent the execution of those crimes.
The further element required for there to have been a breach of Law 231 is that such potential crime was committed for the benefit for the company potentially deriving from the criminal behaviour, but regardless to its material exploitation.
Corporate compliance programs have been increasing in importance, because Law 231 exempts a company from liability if it can be demonstrated that the compliance model in question was correctly adopted and implemented.
Following the entry into force of Law 231, the knowledge of the matters and of how these affect the company’s operating on a domestic or a transnational level, has undergone major developments. Judges, prosecutors, and legal experts have worked to bring the significant elements of the revised guidelines to wider attention.
Since the principles of Law 231 do not include a fixed applicable program for all companies, but make specific reference to the industries model approved by the Ministry of Justice, the 2014 Guidelines give operators a useful instrument to achieve compliance with the law and therefore the conditions for exemption from liabilities under Law 231.
I. The 2014 Guidelines: The Main New Features
The 2014 Guidelines highlight the importance of a clear and consistent system of delegation of functions
The 2014 Guidelines also describe in detail the new crimes that have been introduced in Law 231 following the previous version of the guidelines (which dated back in March 2008) including computer crimes, transactional organized crimes, environmental crimes and the exploitation of illegal immigrants.
Finally, in accordance with the Italian Courts, which ruled that the program has a self-normative value on the basis of which it is possible to weight the company’s liability,
The 2014 Guidelines are extremely innovative in introducing a specific section regarding the corporate liability and the compliance programs of groups of companies, which have been totally revised in light of the recent positions assumed by Italian and international Courts and doctrine.
II. Groups of Companies and Compliance Programs
A number of Law 231 cases have regarded groups of companies. Where more than one company of the group are involved, Italian case law considered relevant the parties in whose interest the crime was committed, in order to identify which company (of the group) was liable pursuant to Law 231.
The new Guidelines ratify Italian case law and stress that in connection with corporate liability the main issue is to identify the conditions under which each corporation of the group (including holding companies and subsidiaries) may be considered liable under Law 231, and then give recommendations regarding the characteristic of the compliance programs to be implemented by each company of the group.
The 2014 Guidelines underline that a holding company is not always responsible for the crimes committed by its subsidiary, and it can be considered liable for a crime committed by an individual of its subsidiary, only if the holding company itself has received a direct or indirect benefit.
The conditions under which a holding company may be considered liable under Law 231 are as follows:
A crime listed in Law 231 has been committed by a top individual/employee of a subsidiary in the interest or to the advantage of its holding company; and
Individuals connected to a holding company took part in the commission of the crime, for example when: (i) the crime is the consequence of the illegal instructions issued by the top individuals of the holding company, or (ii) the top individuals of the holding company and of the subsidiary are the same people (so-called “interlocking directorates”).
The 2014 Guidelines recommend that a group of companies adopt compliance programs balancing the independence of each entity of the group with the opportunity to implement a common ethical style and shared standards of compliance.
In accordance with such framework, each company of the group, being an independent entity and therefore a subject of Law 231’s requirements, should be required to implement a specific organizational model, as well as to appoint its own supervisory body.
On the other hand, a holding company could implement general compliance guidelines applying to the group, but without limiting the power of each subsidiary to implement its tailored organizational model. In addition, such holding company could lay down the structure of the code of ethics, the general principles for the disciplinary system and the protocols to be applied and implemented by each company of the group.
Moreover, the organizational model of the holding company should take into consideration the procedures implemented by its subsidiaries as well as the activities that are carried out on a shared level. On the basis of the specific characteristic of the group, it could be useful to implement certain policies and protocols at the group level (e.g. in the field of cash pooling).
The 2014 Guidelines recommend that the supervisory bodies of the companies of a group develop a system that enables them to share promptly key information (e.g. the activities planned, the actions concretely implemented, any issue which has emerged, etc.), through, for example, periodic reports or meetings.
III. International Groups of Companies
The 2014 Guidelines highlight that international groups present a specific Law 231 risk profile, due to the geographic dispersion of their business, the decentralization of the decisions, the complexity of the operations involved, the possibility that the crimes involve farther-reaching areas, and greater difficulties in pursuing claims.
In particular, the new Guidelines specify that in such international contexts:
The code of ethics should include ethical standards that take into consideration the characteristics of the business;
The top individuals and the employees who have contacts with foreign countries in conducting their corporate duties should receive effective training that covers the relevant applicable law of foreign countries; and
The protocols should take into considerations the specific international profiles of the group.
Transnational groups should implement compliance programs in compliance with all national and international laws applicable to the business of the group.
The 2014 Guidelines represent a key instrument for corporations conducting their business in Italy, because they contain an important set of recommendations which aim to tailor best practice 231 compliance programs to all companies.
Group companies are required to implement both policies of general principles at a group level and specific policies of practical protocols at the level of each company of the group.
International groups have a specific Law 231 risk exposure and are strongly required to include in their compliance programs a reference to the foreign laws that are applicable to their international business.
As illustrated in this article, a compliance program is a strategic tool that a company could adopt to prevent crime as well as to avoid being pursued under Law 231, and the 2014 Guidelines supply corporations with flexible instruments capable of being quickly and efficiently adopted by all companies.
If the offences are committed by employees, corporations are liable if such offences were committed due to a non-compliance with management and control obligations.
The corporation can be exonerated from liability even where the individual offenders acted solely in their own interest or on behalf of third parties and not in the interest of the corporation.
Paul Hastings LLP
StayCurrent is published solely for the interests of friends and clients of Paul Hastings LLP and should in no way be relied upon or construed as legal advice. The views expressed in this publication reflect those of the authors and not necessarily the views of Paul Hastings. For specific information on recent developments or particular factual situations, the opinion of legal counsel should be sought. These materials may be considered ATTORNEY ADVERTISING in some jurisdictions. Paul Hastings is a limited liability partnership. Copyright © 2014 Paul Hastings LLP.