It is already a year since the amendment of act No. 418/2011 Coll., on criminal liability of legal entities and their prosecution (hereinafter referred to as the “Legal Entity Criminal Liability Act”), published in the Collection of Laws under No. 183/2016, has entered into force. This significant amendment changed the scope and concept of criminal liability of legal entities, including inter alia the possibility for legal entities to exempt from criminal liability in a particular case by fulfilling certain legal conditions. This article shall focus mainly on one way how to achieve that, in particular through implementation of a properly prepared compliance programme. The case law has offered us some important guidelines in this matter during the past year (for example in relation to the ongoing AGROTEC case).
Role of the Compliance Programme
In order to be exempt from criminal liability under conditions set out in Section 8 paragraph 5 of the Legal Entity Criminal Liability Act, the legal entity shall prove that it has made all efforts that could have been reasonably required in order to prevent persons whose actions are attributable to the legal entity from committing an unlawful act. It is suggested that such efforts include also implementation of a functional compliance programme. Such programme usually consists of a set of internal regulations addressing organizational, personal, technical and security issues, the purpose of which is to effectively prevent natural persons from committing unlawful acts within the activities of the legal entity which could lead to criminal liability of the legal entity.
However, the High Court in Prague adjudicated in the "AGROTEC" case that the mere existence of the compliance programme was not sufficient and did not lead to the conclusion that a legal entity had made "all efforts that could have been reasonably required" in order to prevent commission of the criminal offense.
How to Make the Compliance Programme Functional?
The High Court in Prague adjudicated that, in order to make a conclusion that the legal entity had made "all efforts that could have been reasonably required," within the meaning described above, it was necessary to inspect the activities of the legal entity in detail and to understand its operation, management, internal controls as well as its ability to respond to the identified problems in an adequate manner.
Therefore, should the compliance programme fulfil the purpose of exempting the legal entity from criminal liability, it is necessary that:
- It would reflect honest and provable efforts of the legal entity to prevent commission of unlawful acts within the scope of its activities; and
- All adopted measures would be viable as well as fulfilled, required, supervised, enforced and revised by the legal entity.
A functional compliance programme should therefore typically include the following:
- interlinked internal regulations which would in global regulate organizational structure and competences of natural persons within the legal entity,
- check-ups on compliance of internal regulations with the legal framework and their regular updates,
- internal compliance control systems and records of such controls,
- records of detected breaches, their consequences and undertaken countermeasures,
- confidential internal reporting system of possible breaches, e.g. via anonymous compliance line, email, etc.
- trainings of persons involved in activities of the legal entity and testing of their knowledge,
- records of provided trainings, showing their frequency, content and intensity,
- regular effectiveness evaluation of the compliance programme and its innovations.
It is important to emphasize that the conditions for exclusion of the criminal liability shall be fulfilled at the time of commission of the criminal offence, which is attributed to the legal entity, not subsequently, at the time when the respective criminal law enforcement authorities initiated the relevant proceedings.
In order to minimize the risk of their criminal liability, all legal entities are advised to carry out a thorough (and periodically repeated, if necessary) reviews of its current internal regulations in order to ensure that their compliance programme is up-to-date, effective and at all times “tailored” to their needs.