Italian corporations are subject to criminal liability arising from legislative decree 231 of 2001: more on the topic can be found here.
“231 crimes” triggering such liability are already a vast and varied list of crimes. They are not limited to corruption crimes, but range from manslaughter due to breach of safety on the workplace provisions to corporate crimes and tax crimes.
Nonetheless, the list of “231 crimes” continues to grow.
Effective on July 30, 2020 new crimes will be added, as law 75 of 2020 will come into force. The new crimes are mostly further nuances of the tax crimes, as well as new crimes (fraud in public supplies, fraud in agriculture and smuggling, misappropriation and abuse of office).
It’s time for companies to update their organizational models again! (Perhaps enjoy your well deserved summer vacation first: it has been quite a year).
As a result of the so called “PIF Directive”, starting from July 2019 criminal corporate liability under Italian law 231 may be triggered by tax crimes, too.
(If you are not overly familiar with the principles of Italian 231 legislation on criminal liability of corporate entities, perhaps you may start here.)
Under Italian 231 law, corporations are subject to criminal (rather, quasi-criminal) liability when certain specific crimes are committed in their interest or to their advantage. So far, such crimes have never included tax crimes, although the issue had been widely debated and several court decisions had attempted to combine other types of crimes with tax crimes (the Supreme Court had always disagreed, though).
Now, the PIF Directive, which Member States must implement by July 6, 2019, “establishes minimum rules concerning the definition of criminal offences and sanctions with regard to combatting fraud and other illegal activities affecting the Union’s financial interests, with a view to strengthening protection against criminal offences which affect those financial interests.” Liability of legal entities must be foreseen by national legislation and serious offenses against the common VAT system must be punished.
The Italian legislator will thus need to introduce such serious VAT crimes (i.e., having a value in excess of 10 million euros) in the list of crimes triggering corporate liability. This, in fact, may open the door to other tax crimes as a basis of 231 liability of corporate entities.
Starting from November 19, 2017 and following an amendment of the Anti-Mafia Code, additional criminal conducts will trigger corporate criminal liability pursuant to Legislative Decree no. 231 of 2001. (If you are not yet familiar with “231”, i.e., the Italian law setting forth criminal corporate liability, you may refer to our previous blog post for an overview of such legislation).
Section 25-duodecies of Legislative Decree no. 231 of 2001 has been amended by the introduction of three new paragraphs (1-bis, 1-ter and 1-quater) relating to the following crimes in the area of illegal immigration:
• Procured illegal entry into the State; and
• Favoring illegal permanence into the State.
The full list of crimes and sanctions can be found here.
The idea is to punish companies who take advantage of illegal immigration, as well as to provide an incentive to companies to organize their activities in order to prevent such corporate crimes (in fact, companies are exempt from liability if they set up and actively pursue organizational models aimed at preventing corporate crimes). It is, however, unclear if continuously increasing the list of crimes that companies must prevent is an efficient way to do that.
On May 19, 2015 the Italian Senate passed bill no. 1345-B, introducing new environmental crimes. The law will become effective the day after its publication on the Official Gazette, following promulgation by the President of the Republic. The law introduces the following environmental crimes in the form of delitti (i.e. the most serious form of crimes), punishable with imprisonment and fines. It is important to note that such crimes are included among the crimes that give rise to criminal corporate liability pursuant to Legislative Decree 231/2001 (“Decree”). As a result, companies who have already set up an organizational and control model aimed at exempting it from criminal corporate liability must update it in order to take into account prevention of the newly introduced criminal conducts. The new crimes can be described as follows:
- Polluting. Anyone who unlawfully damages or jeopardizes in a significant and measurable way waters, air, the surface or the underground, as well as ecosystems, plants or animals, is punishable with imprisonment between 2 and 6 years plus a fine between Euro 10,000.00 and 100,000.00. Sanctions may be higher in case of pollution of protected areas (such as historical sites) or protected plants or animal species. Also, imprisonment can reach as far as 20 years in case of death or injury as a consequence of pollution. As far as companies are concerned, commission of such crime leads to the imposition of monetary sanction between 250 and 600 quotas as per the Decree. Blacklisting sanctions set forth in the Decree may also apply.
- Environmental disaster. This crime punishes, alternatively, the irreversible alteration of an ecosystem’s equilibrium, the alteration of an ecosystem’s equilibrium the restoring of which is particularly burdensome or can be achieved only by extraordinary measures, or the offense to public safety in light of its effects or the number of people affected. The mentioned conducts are punishable with imprisonment between 5 and 15 years. Also in this case, if protected areas or species are damaged, imprisonment can be increased by one third. The commission of such crime by a company leads to the imposition of monetary sanctions between 400 and 800 quotas, as per the Decree. Also in this case, blacklisting sanctions may apply.
- Trafficking and disposal of highly radioactive materials. Unlawful sale, purchase, receipt, transportation, importation, exportation, supply, detention, transfer and disposal of highly radioactive materials are punished with imprisonment between 2 and 6 years, plus a fine between Euro 10,000.00 and 50,000.00. Sanctions may be increased in case of danger of damage or deterioration of waters, air, the surface or the underground, as well as ecosystems, plants or animals. Also, if any of the conducts jeopardizes the life or safety of individuals, sanctions may be increased by one half. Companies may be punished with monetary sanctions between 250 and 600 quotas in accordance with the Decree.
- Hindered control. Hindrance of vigilance and control activities on environment, hygiene and safety on the workplace is punished with imprisonment between 6 months and 3 years.
If the above crimes are committed in the form of organized crime, sanctions already set forth against organized crime are increased by one third, and, if companies are involved, they may face sanctions between 300 and 1000 quotas as per the Decree. Sanctions are increased by one third to one half in case any public official or person in charge of a public service carrying out environmental-related offices partakes in the criminal organization. Not only the law provides for new crimes, but it also incentivizes remedial actions. Sanctions are in fact diminished by one half to two thirds in case remedial actions are taken to prevent occurrence of further consequences or to restore the status quo ante. Also, whistle-blowing is incentivized by reducing sanctions by one third to one half. Quite interestingly, the law prevents the statute of limitations from running in case of stay of proceedings ordered to allow remedial actions to be taken. Lastly, failure to take remedial actions, if ordered by a judge or by the law, is punished with imprisonment between one and four years plus a fine between Euro 20,000.00 to 80,000.00.
Are Companies Criminally Liable under Italian Law? Yes!
Legislative Decree no. 231/2001 (the “231 Decree”) has introduced in Italy the principle that companies are responsible for crimes committed by:
- Individuals vested with powers of company’s representation, control, direction, or management;
- Individuals subject to the authority or control by the above-mentioned individuals, including employees, consultants, non subordinate employees and whoever acts on behalf of the company.
- As a result, a company may now be considered liable for crimes committed by individuals in the interest or to the benefit of the company (while crimes committed by individuals in their exclusive interest or in the exclusive interest of third parties do not trigger company’s liability). The company’s liability is separate and distinct from the liability of the individual who committed the crime.
Which Crimes Trigger Liability? Several (not just corruption!).
The 231 Decree lists a number of crimes for which companies may be liable, which include:
- Corporate crimes;
- Crimes against public administrations;
- Crimes against the dignity of individuals;
- Conspiracies and terrorism;
- Crimes arising out of breach of laws protecting the environment and health and safety at work;
- Crimes related to criminal associations;
- Money laundering.
Which Sanctions Apply? Monetary and blacklisting sanctions.
If a company is found liable, the following sanctions may apply:
- monetary sanctions up to a maximum amount of Euro 1,549,370.69 (and precautionary seizure of the price or profit arising from the crime),
- blacklisting sanctions (applicable also as a precautionary measure), with duration between 3 to 24 months, which can consist of, inter alia, the prohibition to conduct the Business’ commercial activity, the prohibition to contract with the public administration, the prohibition to advertise goods or services, seizure, or the publication of the court’s decision (if a blacklisting sanction is applied).
Are There any Grounds of Exemption from Criminal Corporate Liability? Yes!
A company is not liable pursuant to the 231 Decree if it proves that:
- The management has adopted and effectively implemented a so-called ‘Organizational Model’ in order to prevent the commission of the criminal offences listed in the 231 Decree by subjects acting on behalf of the company;
- The company has established an internal body (‘Compliance Committee’) entrusted with the task of supervising the proper functioning and update of the Organizational Model, as well as the actual compliance by all those who must abide by it;
- Crimes were committed by individuals vested with management powers who have fraudulently avoided compliance with the Organizational Model;
- The Compliance Committee has not omitted to perform, or negligently performed its supervision duties.
- This explains why companies operating in Italy typically devote substantial resources in the setting up of an Organizational Model.
How to Set up an Organizational Model? Risk assessment, gap analysis, preventive measures.
In order to prepare an Organizational Model the following process is usually followed:
- Examination of areas of risk: on the basis of the company’s Organizational Model and relevant job descriptions, the risk of commission of each crime set forth in the 231 Decree is assessed.
- Analysis of existing procedures: all existing procedures and ethical principles are reviewed in order to identify procedures that may reduce the risk of commission of the crimes.
- Possible implementation of new measures: should the analysis of existing procedures lead to conclude that some of the risks are not properly reduced, new procedures should be implemented.
The Organizational Model must be Effective. A compliance program on paper will not help!
Once a company has adopted an Organizational Model by means of a resolution of the Board of Directors, the company must ensure that it is effectively implemented, that employees and other individuals acting on behalf of the company are duly trained on the model and that any breach of the Model is sanctioned.
In particular, the appointed Compliance Committee must actively supervise the effective functioning and adequacy of the Model on an ongoing basis and in independent fashion. The Compliance Committee is generally in charge of:
- Monitoring the activity carried out within the company and the areas considered at risk;
- Assessment of the actual implementation of, and compliance with the Organizational Model;
- Cooperation and consultation with the management as regards the application of disciplinary sanctions to employees in the event of breach of the internal procedures provided by the Organizational Model.