The 8th June 2001 legislative Decree no. 231, (“Decree”),
introduced the “Administrative liability of legal entities,
companies and associations including those without legal status
according to art. 11 of the 29th September 2000 Law, no. 300”.
The issue is quite innovative for the Italian legal system
because for the first time the liability arises not only on the
head of the individual and actual perpetrator of the offence,
but for legal entities as well.
Before the enforcement of the Decree, entities could be held
liable only under the civil ground and not the criminal one,
according to arts. 196 and 197 of the Criminal Code, and
chargeable to pay fines in the event of the perpetrator
insolvency.
On Art. 6 the Decree, sets forth a sort of liability “exemption”
in favour of the entities able to prove “to have adopted and
effectively implemented the appropriate organizational,
management and control models in order to prevent offences as
the one occurred”.
The control system, as set forth by the norm, is optional and
not compulsory. However, it is evident that in the event of an
adverse sentence under the criminal code the entity could be
punished with sanctions as provided for by the Decree, while, on
the other hand, shareholders could take action against the
company’s directors for negligence in the prior arrangement of
the organization, management and control model in order to take
advantage of the “exemption” clause.
The Decree’s Art. 6 provides that the representative
associations of an entity may draw up a behaviour Code on the
grounds of which each organization, management and control Model
will be formulated and then transmitted to the Ministry of
Justice in order to receive remarks, within 30 days, on the
Model’s potential power to prevent the offences’ perpetration.
The Decree’s provisions may be applied to the following (art. 1
Paragraph 2): “legal entities, companies and associations
including those without legal status”. The same does not apply
to “The State, territorial public entities and entities with
constitutional relevance functions” (i.e.: political parties or
labour unions).
With reference to the so called “Company offences”, according to
the Legislative Decree no. 61 of 2002 (cf. par. 2), the new
normative is applicable only to the business enterprise.
The Decree introduced a new, additional liability for bodies
into the Italian system, with regard to certain offences
committed by directors, representatives or employees in the
interest or to the advantage of the body in question.
The offences regulated by the Decree are as follows:
1.
offences against the public administration;
2.
corporate offences;
3.
offences regarding the forgery of money, public credit
cards and revenue stamps;
4.
terrorism-related crimes or crimes aimed at disrupting
democratic order;
5.
offences against individuals;
6.
offences involving the abuse of privileged information
and rigging of the market;
7.
culpable homicide or accidental severe injuries arising
from infringements of Labour Security;
8.
Money Laundering;
9.
ICT offences.
Entity’s responsibility arises only for offences committed to
its own advantage by “individuals who are representatives,
directors or managers of the company or of one of its
organizational units that has financial and functional
independence, or by individuals who are responsible for managing
or controlling the company” (individuals in top positions;
article 5, paragraph 1, letter a) of Decree); by individuals who
are managed or supervised by an individual in a top position
(individuals under the command of others; article 5, paragraph
1, letter b) of Decree).
With reference to the so called “Company offences”, Decree’s
art. 25-ter, it’s enough to detect a company interest in
committing the offence regardless of the profit.
However, the company in question is not liable for the offence
committed by persons employed within the company if it can
demonstrate the adoption and implementation, prior to committal
of the offence in question, of management, organisation and
auditing models suitable for preventing offences similar to the
one committed. With regard to the first three categories of
offences, the Company has to take steps to comply with the
guidelines set down by law in order to benefit from the
exemption from administrative liability provided for in the
Decree, by implementing:
-
an Organisation Model (“Model/s”);
-
an Ethical Code of Conduct (“Code of Ethics”);
-
a Supervisory Body with independent powers of initiative
and control;
-
an efficient internal auditing system;
-
a specific regulatory system aimed at applying penalties
for failure to comply with the measures provided for in the
model.
The Decree’s Art. 6, paragraph 2 indicates the two main phases
to set up a suitable system such that qualifies for the
exemption:
-
Risks’ Identification: represent the system’s preparation
phase, when the company’s context has to be analyzed (area by
area, sector by sector) in order to highlight the likelihood of
the offences’ perpetration.
-
The actual watch structure Planning: it begins with the
existing control instruments analysis and then considers the
needs and modalities of their adjustment to the Decree’s
provisions.
It is advisable to perform both the operations periodically,
especially in case of significant changes inside the company.
Purpose and basic principles of the Model
The purpose of the Model is to construct a structured and
organic system of procedures and control activities to be
performed also on a preventive basis (ex ante control), with the
aim of preventing the various types of crimes envisaged in the
Decree.
The Model, among other things, identifies the main "risk
activity areas", in other words operations/activities that by
their very nature represent an area in which the envisaged
offences may be committed, even if the legislative decree refers
to the whole company and all company structures.
In particular, in identifying and mapping the “risky activity
areas”, this document sets itself the following objectives:
-
bring about, in all persons who operate in Company’s name
and behalf in “risky activities areas” awareness of the
possibility of being charged, in the event of transgression of
the provisions it contains, for an offence subject to penalties
in both the penal and administrative sphere applicable not only
to them as individuals but also to the Company;
-
stress that such forms of unlawful behaviour are
condemned by the Company because (even in the event that the
Company might apparently be able to benefit from them) they are
in any case contrary not only to the provisions of the law but
also to the ethical and social principles observed by the Group
in the performance of its corporate mission;
-
enable the Company, thanks to continuous monitoring
action on the “risky activities areas”, to intervene promptly in
order to prevent or combat the commission of such offences.
The Model’s key points, in addition to the principles already
mentioned, are as follows:
-
sensitisation and diffusion activities – extending to all
levels of the company – concerning the foreseen behavioural
rules and procedures;
-
mapping the company’s “risky activities areas”;
-
assignment to the Supervisory Body of specific vigilance
tasks to ensure the effective and correct operation of the
Model;
-
verification and documentation of risky operations, with
connected recording of the relative procedures currently in
existence and verification of the latter’s completeness and
manner of formalisation;
-
observance of the principle of separation of functions;
-
definition of authorisation powers consistent with the
responsibilities assigned;
-
verification of modes of behaviour in the company,
together with that of the operation of the Model with consequent
periodical updating (ex post control);
-
updating of company functions and procedures following
any changes in the current rules and regulations;
-
foreseeing an adequate disciplinary system.
It also must:
-
provide for specific protocols oriented to plan the
formation and implementation of the entity’s decisions made in
connection with the preventable offences.
-
provide for information’s duties towards the Supervisory
Body appointed to control its observance and introduce a
suitable disciplinary system.
-
identify ways of financial resources management fit to
prevent the offences perpetration.
The Code of Ethics outlines conduct guidelines which we must all
follow in daily activities, when managing relations both inside
and outside the company, which draw on the ethical and social
values of correctness, transparency, honesty and integrity.
More specifically, the Code of Ethics establishes guidelines for
Directors, all Company’s staff, and anyone who operates
permanently or temporarily on behalf of Group companies.
In line with the action framework drawn up by the European
Union, each Company is keen to develop and apply all the
necessary initiatives to promote Corporate Social Responsibility
(CSR). This has led the Company to extend its commitment to
social responsibility to its Code of Ethics.
Aware of the fact that a Company's ethics are important in
creating value and ensuring the success of the business, and
that principles such as honesty, moral integrity, transparency,
reliability and a sense of responsibility represent the
foundation stones for all the activities included in its
mission, each Company has to draw up guidelines for the conduct
of both internal and external relations.
The ethical principles contained in the Code are of great
importance, helping to enhance the Company's reputation in the
social and business environments in which it operates, and
translating appreciation for the values underpinning the
Company's approach to doing business into a competitive
advantage.
The Board of Directors of the Company has also to appoint a
Supervisory Body which takes the form of a board comprising
external members with documented experience and knowledge, the
main requirements for Supervisory Body are:
-
Autonomy and independence.
-
High professionalism.
-
Continuity of action.
Functions and powers of the Supervisory Body (“SB”)
The SB is entrusted, from a general standpoint, with the
following tasks:
A.
supervising the observance of the provisions contained in
the Model on the part of those to whom they are addressed, as
specifically identified in the individual Special Parts in
relation to the various types of crimes envisaged in the Decree;
B.
ascertaining the real effectiveness and actual ability of
this Model, in relation to the company’s structure, to prevent
the crimes indicated in the Decree;
C.
assessing, in collaboration with the company functions
concerned, the need to propose any updating of the Model to the
competent organs (Board of Directors or CEO), with particular
reference to the evolution of and/or changes in the Company’s
organisational and/or operative structure and/or pertinent
legislation and regulations;
D.
supporting the competent company structures called upon
by the Managing Director to implement/update the “Risk Areas
Map”, which identifies the potentially risky areas of activity
in which it is possible that offences foreseen in the Decree
could be committed, together with the company processes and
structures connected with the main Risky Activities Areas
specified in the Model; proposing additions to the said main
“risky activities areas” on the basis of the work carried out;
E.
supervision of the delegations system, for the purpose of
assuring the effectiveness of the Model.
In addition, the following tasks are entrusted to the SB:
·
formulating and implementing a programme of checks to
verify the effective application of the company’s control
procedures in the risky activities areas and their
effectiveness, bearing in mind that a primary control
responsibility for these activities, including those relative to
the risky activities areas, is in any case held by the Company’s
operative management and constitutes an integral part of the
Company process;
·
collecting, processing and keeping the information
relative to observance of the Model, and where necessary,
updating the list of the information that must be compulsorily
sent to the SB or kept at its disposal;
·
coordinating with the other company functions, also by
means of ad-hoc meetings, to ensure the best possible monitoring
of the activities in the areas at risk. To this end, the SB is
kept constantly informed of developments in activities in the
said risk areas, and has free access to all the relevant Company
documentation, in compliance with the current regulations. The
SB must in addition be informed by the management of any
situations in the Company’s activities that could expose it to
the risk of criminal offences;
·
conducting the internal investigations for the
ascertainment of suspected violations of the rules foreseen in
the Model;
·
ascertaining that the features foreseen in the individual
Special Parts of the Model to prevent the various types of
crimes (adoption of standard clauses, following procedures,
etc.) are in any case adequate and meet the requirements for
compliance with the provisions of the Decree, and if not,
proposing an update of the said features;
·
coordinating with the High Management and with the
persons responsible for the various Company functions, with
regard to the aspects pertaining to the implementation of the
Model, such as promotion of suitable initiatives to spread
knowledge and understanding of the Model, personnel training,
disciplinary measures, etc.;
·
coordinating with the persons in charge of the individual
Company functions to assure the preparation of the internal
organisational documentation containing the instructions,
explanations or updates necessary for the correct operation of
the Model itself.
The Supervisory Body, in few words, has the task to monitor the
adequacy of the Model with regard to a Company’s operations and
its effectiveness in preventing offences from occurring. The
Company’s operations are addressed in a dynamic way since they
involve legislative amendments, change of activities, employment
of new personnel, transformations etc..
The drafting of compliance programs requires multidisciplinary
skills and, often, the internal structures of the corporations
lack the necessary competencies. For this reason, it is
advisable to have an independent and professional evaluation of
the program and of its adoption process.
The new normative framework for the professional role is to
underscore the advantages of adopting the so-called
organizational Models on the one side and on the other to assist
companies in drafting the Models and setting up the SB and later
on in adjusting the Models to keep up with their business
evolution. |
|
