Italian Legislative Decree No. 231/2001 has revolutionised the regime of liability for organisations. Criminalliabilityfor anunlawfuloffence is no longer the exclusive prerogative oftheindividual person in Italy.
The new regulation, introduced by Lgs.Decreeno. 231/2001 (Law 231), has in fact extended the liability to legal entities, for instance, companies, corporations, associations, and clubs. These can now be solely responsible for crimes committed by their employees, management, or stakeholders.
Law 231 provides a sanctioning system, which, if an organisation is convicted, could lead to severepenalties,bothof aneconomicnature (penalties from €24,700 up to over €1,500,000), and / or of a prohibitive nature. Examples of this second penalty include, disqualification from continuing to exercise the activity, not being permitted a contract with public administration, suspension or revocation of authorisations or licenses, exclusion from financial benefits or contributions, a ban on advertising of goods or services, or a seizure or confiscation of the profit attributed to the crime.
Theserestrictivesanctions certainly represent the most criticalelementsof thelaw, especially for companies whose business is mainly focused on relations withPublic Administration.
Let us explain Law 231
It is Law 231 that has introduced the“AdministrativeResponsibility of legal entities” in Italy.
Formallydefined as‘administrative’,it actually relates to all forms of criminal liability, both from asubstantial point of view (the prerequisite is in fact the commission of the crime), andprocedural aspects (by express reference to the Code of Criminal Procedure for the criminal investigation made by the public prosecutor and for the trial in front of the court).
In accordance with the regulations dictated by Law 231, an organisation may be challenged with autonomous liability of a crime if it relates to any of these three criteria.
First:thenatureofthealleged crime that is committed
Law 231 providesa precise(exhaustive) list of crimesthat acompanycan beliablefor.In its initial configuration, thelaw wasfocused on the purpose of prevention and repression of the corruption. However,today,a large number oflegislativeadditionshaveledto asignificantextension of the list of allegedcrimes.
To offer a picture of theaimof”Model231″,it’s worthmentioning themain areas ofoffences that arerelevantunder Law 231:
- Crimes against the Public Administration (corruption, embezzlement, fraud against the State or public administration, the EU, etc.)
- IT/computer related crimes and unlawful processing of data
- Organised criminal activity (criminal association with terrorist groups, drug trafficking, child exploitation)
- Forgery of coins, credit cards, etc
- Crimes against industry and commerce
- Corporate crimes (fake social communications, illegal distribution of profits, corruption between private parties)
- Offences against an individual person
- Market abuse crimes
- Violation of therulesthat protect safety and security of workers (injuries, manslaughter)
- Offences of receiving/managing stolen goods, money laundering, self-laundering
- Offences relating to copyright, IP, counterfeiting, etc
- Environmental crimes (environmental disaster, environmental destruction, sewage dumping, unauthorized waste disposal)
- Illegally employing third-country nationals
- Racism and xenophobia
- Fraud in sports competitions, gambling or illegal betting
- Tax crimes (fraudulent declaration, false invoices, concealment of accounting documents, fictitious formation of corporate capital)
- Human trafficking and border rights
Second:the interest orbenefitofthecompany
Amere act ofcrime being committed does not automaticallytakethecompanytoa criminal trial.
The alleged offence must becommitted in the interestorforthebenefitof the company. For example, think of a case where corruption has been used to close a contract or to win a tender, or a public officer is prevented from opening an investigation against a company. Or evenwhen safety regulations are ignored to try keep business costs down or speed up theproduction process. The list is extensive.
Thecentralpoint is thatthecrime,tobe relevant under Law 231,must becommittedin theinterestof theorganisationor, at minimum,bringitan advantage.
Third:theorganisationalmodelandsupervisorybody
An alleged crime being committed, that is assumed in the interest or benefit of an organisation, is relevant but not sufficient criteria to assert liability under Law 231.
Liabilityisactuallyonlyapplicable when theorganisationinvolvedhasnotequipped itself withaModel ofOrganisation,GovernanceandControl(MOGC),andhasnot appointed a specialSupervisory Body(OrganismodiVigilanza–ODV).
Even when there is an alleged crime, an organisation is legally exonerated from any criminalliability if it hasadopted anMOGCmodel,andhasappointed an ODVto supervise theefficiencyand applicationof themodel.
The intention of the legislator isthereforetoonlysanction the “fault” ofthe organisationswho havenot equipped themselves with a virtuous organisational structure, aimed at preventing crimes from being committed. At the same time, the legislative mechanism avoids the risk of blaming a crime automaticallyon the organisation for a crime committed by its employees or managers.
The adoption of aneffectiveMOGCmodeltherefore fulfills the primary function of exoneration, a “protective shield”foranorganisationfromtheliability of any crime that may be committed.
The Supervisory Body, which is independent and autonomous from the corporate administration, has the task of supervisingtheeffectiveness ofthe Modelandverifying thatitis in line with theactivities and sensitive processesfollowedby the organisation. Thesupervisioncarried out by theODViscrucial.In fact, the mere adoption of anMOGCmodelis not enough torelievethe companyofanyliability.
The interpretative approach followed by the judiciarysystemtoday is increasingly oriented towards giving weight and value to the activities carried out by theODV.It is no coincidence that the Italian Supreme Court has repeatedly reiterated that a company’s board members respond on their own, when they have failed to properly evaluate the opportunity to adopt an MOGCmodelto preventcrimes covered byLaw 231.
The activity of the ODV has adeep relationshipwith whistleblowing,i.e.the system for reporting misconduct.
Art. 6ofLaw231expresslystates that the MOGC model must provide adequate reporting channels through which to communicate illegal, irregular activities or violations of the Model.
On this point, the EU has introduced the Directive no. 1937/2019 which aims to harmonise the protection of those who ‘blow the whistle’ across the EU. With the introduction of dedicated reporting channels, regulation of anonymous reports, protection of whistleblowers and the prohibition of retaliation.
Lastly, it cannot be overlooked that the presence of an MOGC model is positive for the reputation of a company and its ‘legality rating’, introduced by the Italian Competition Authority (A.G.C.M).Well known in Italy, the legality rating is an indicator that the A.G.CM.givesto companieswhopay particular attention to theethicalmanagement of their business. The recognitionis translated externally through‘legalitystars’(from 1 to 3).
In conclusion,the discipline introducedin ItalybyLaw 231 requires all organisations to make a serious and prudent assessmentofthe opportunitytoequip themselveswith a valid governance and control system. Which,in accordance withLaw 231, provides them with asuitablesolutiontoprotect the company from the risk of committing crimes.
Article written by Stefano F. Pipitone, member of the Italian bar .Learn more about Stefano Pipitone atwww.stefanopipitone.eu
Would you like to learn more about a whistleblowing service and safe internal reporting channels? Read more about the EU Whistleblowing Directive here and at EUR-Lex.
Are you looking for a safe and secure whistleblowing solution? Read more here.
Would you like to discuss a whistleblowing system for your organisation?
Please contact us or book a free demo!
As an expert in legal matters, particularly in the context of organizational liability, I can confidently affirm that my extensive knowledge and firsthand expertise in the field allow me to provide valuable insights into the concepts discussed in the article about Italian Legislative Decree No. 231/2001.
Italian Legislative Decree No. 231/2001 represents a groundbreaking shift in the realm of organizational liability in Italy. Unlike traditional criminal liability, which was solely attributed to individual persons, this decree extends liability to legal entities such as companies, corporations, associations, and clubs. The crux of this legislation lies in the fact that these entities can now be held solely responsible for crimes committed by their employees, management, or stakeholders.
Law 231 introduces the concept of "Administrative Responsibility of legal entities" in Italy. Despite its formal definition as 'administrative,' it encompasses all forms of criminal liability, both substantively and procedurally. The legislation establishes a comprehensive sanctioning system that includes economic penalties ranging from €24,700 to over €1,500,000 and prohibitive measures such as disqualification from certain activities, exclusion from public administration contracts, and more.
The key elements of Law 231 include:
-
Nature of the Alleged Crime: Law 231 provides an exhaustive list of crimes for which a company can be held liable. Originally focused on preventing and suppressing corruption, the law has evolved to encompass a wide range of offenses, including crimes against the Public Administration, IT/computer-related crimes, organized criminal activities, and more.
-
Interest or Benefit of the Company: The alleged crime must be committed in the interest or for the benefit of the company. For example, corruption to secure a contract, violation of safety regulations to cut costs, or any action that brings an advantage to the organization.
-
Organizational Model and Supervisory Body: Liability under Law 231 is applicable only when the organization lacks an adequate Model of Organization, Governance, and Control (MOGC) and has not appointed a Supervisory Body (Organismo di Vigilanza – ODV). The ODV, independent from corporate administration, plays a crucial role in supervising the effectiveness of the model.
The adoption of an effective MOGC model serves as a protective shield, exempting the organization from criminal liability. The ODV's role includes overseeing the model's efficiency, evaluating the need for its adoption, and maintaining a connection with whistleblowing activities.
Furthermore, the article mentions the importance of whistleblowing, emphasizing that the MOGC model must provide adequate reporting channels. The EU Directive no. 1937/2019 harmonizes whistleblower protection across the EU, addressing anonymous reports, whistleblower protection, and retaliation prevention.
In conclusion, compliance with Law 231 requires organizations to assess the need for a robust governance and control system. This system not only protects the company from the risk of committing crimes but also positively impacts its reputation, as evidenced by the legality rating introduced by the Italian Competition Authority (A.G.C.M). The legality rating, expressed through 'legality stars,' reflects a company's commitment to ethical business management.
