20 August 2018

Chamber Two of the Spanish Supreme Court recently handed down Ruling 316/2018 of 28 June, wherein it highlighted the importance of implementing regulatory compliance programmes in trading companies to prevent criminal activity, particularly misappropriation and management fraud.

The full ruling (in Spanish) can be downloaded by clicking on the link at the foot of this article.

The Ruling in question sees the High Court convicting the former manager of the company Carbuastur as the perpetrator of a reiterated offence of misappropriation and management fraud, sentencing him to 4 years in custody for embezzling the company's cash without his Italian partner's consent and making transfers to his own personal account without justification, as well as carrying out other irregular management activity, leading to losses of €2 million for the company under his management, which worked in the business of importing coal to Ukraine.

The Supreme Court imposed the aforesaid sentence to 4 years in custody upon him on the basis that both offences (misappropriation and management fraud) involved criminal reiteration, as opposed to punishing each offence individually as determined by Section 3 of the Provincial Court of Oviedo, which had sentenced the defendant to a total of 5 years and 9 months' custody. The High Court upheld all other pronouncements made by the Provincial Court, which included a 10-month fine at a daily rate of €20 and payment of over €2 million by way of civil liability.

Point 8 of the Legal Grounds of the Ruling in question insisted on the need to implement regulatory compliance programmes within the company to minimize the risk of perpetration of criminal offences.

The High Court firstly made mention to the “Código Olivenza” (Olivenza Code) of 1997, which set out the good management protocols and action parameters to be applied by trading company managers, before going on to say that: “Together with this Olivenza Code, another crucial element in good corporate governance is for companies to introduce compliance programmes to avoid cases such as this, given that internal control in companies using the Anglo-Saxon compliance programme method can be applied as a series of internal standards established by the company at the behest of the management with a view to implementing an efficient and suitable organisational and management model enabling it to mitigate the risk of offences and to exonerate the company and the management board, where applicable, from any criminal liability linked to the offences perpetrated by its managers and employees.”

The Court went on to state that: “Had there been a suitable regulatory compliance programme in place, cases such as this would be considerably less likely to occur, given that in most circumstances activities such as those declared proven here involving embezzlement of funds and abuse of management would not have occurred and there would be no need to wait, as in this case, for the Tax Agency to become involved so as to detect the tax fraud that was taking place with the imported coal and eventually discover the misappropriation being carried out by the appellant, as proven by the evidence examined against the appellant's opposition; hence, the importance of trading companies implementing these regulatory compliance programmes.”

The Ruling then goes on to admit that the implementation of these regulatory compliance programmes is not only important to prevent the company from being held criminally liable in cases of offences perpetrated by managers or employees (referred to by the High Court as “ad extra” criminal infringements), consequently causing harm to third parties and/or creditors who may be involved as passive subjects in offences such as fraud, fraudulent conveyance, etc.; but it is also essential to hamper the perpetration of offences of misappropriation and management fraud, such as those perpetrated in the case at hand, which the Court has referred to as “ad intra” criminal infringements.

More specifically, the Supreme Court stated that: “Although the latter do not entail criminal liability for the company […] they would hamper the perpetration of offences such as those carried out in this case by managers who fail to report their dealings to their partners or joint administrators and who perpetrate irregularities which, in certain cases such as this, constitute criminal offences.”

This statement explains the reason why in the case at hand the criminal conviction only falls upon the natural person who perpetrated the offence (the former manager of the company) and not upon the company itself, despite the fact that the company did not have a compliance programme in place, given that, in line with that established by the High Court, we consider that the misappropriation and management fraud (“ad intra” offences) perpetrated by the former manager were detrimental to his former partner and to the company, with it therefore not being logical to impose criminal liability upon said company. Nonetheless, we consider that it would be a different matter if the former manager were to have perpetrated similar offences such as fraud or conveyance (offences “ad extra”) proving detrimental to third parties (creditors), in which case the company would have been held criminally liable (as it did not have a compliance programme in place) and the sentence would probably have been imposed also on the company.

The Court concludes that “good corporate practice involves implementing these regulatory compliance programmes to guarantee that events of this kind are not perpetrated or to hinder reiterated actions of diversion of funds or abuse of powers, which a good regulatory compliance programme would have detected immediately.”

Furthermore, the Ruling underlines the fact that criminal infringements such as those perpetrated in this case could give rise to civil liability, which, if the case involves ad extra events - i.e. actions perpetrated against third parties as opposed to against the company's assets -, would give rise to civil liability being imposed upon the company by virtue of article 120.4 of the Spanish Criminal Code, which could be covered by the company's civil liability insurance policies that usually cover this type of circumstances. Additionally, the insurers could demand the establishment of regulatory compliance programmes to its clients, so as to minimise or reduce the risk of the insurance company being required to pay compensation as a result of this civil liability policy.

The Supreme Court's conclusion was that the compliance programme ensures that a company manager who is planning this sort of behaviour knows that there is a monitoring mechanism, that did not exist in the case at hand, which is what led to the misappropriation and management fraud that have been declared proven.

In short, in the Ruling in question, the judges of the Supreme Court underlined the importance of implementing this type of regulatory compliance programmes in trading companies as this would prevent such ad intra offences from being perpetrated and would, thus, avoid company delinquency and the harm it causes internally.

We should emphasise the fact that on previous occasions the Supreme Court had already stressed the need for companies to adopt preventative measures and monitoring tools to prevent crime and, more specifically, to avoid criminal liability falling upon the corporate body. For instance, mention could be made of other significant rulings such as Ruling of the Supreme Court no. 154/2016, of 29 February 2016, wherein the Court justified the conviction of the corporate body on the basis of: “the absence of any such monitoring tools, thus imposing full criminal liability upon the corporate body.”

Other Rulings in which the Supreme Court rested its decision on these arguments are SCR (Supreme Court Ruling) 221/2016 of 16 March, SCR 516/2016 of 13 June, SCR 742/2016 of 6 October, SCR 827/2016 of 3 November 2016 and SCR 31/2017 of 26 January.

In most of its Rulings, the High Court upholds that the absence of preventative measures and monitoring tools and any structural defects in the company's management, surveillance and supervision models are grounds for liability for the corporate offence, with which it intends to warn companies of the importance of implementing a compliance programme in their business.

Similarly, in line with the arguments wielded by the Supreme Court in the Ruling in question and in the other Rulings mentioned, complementary case law can be found in the various Provincial Courts, which also highlight the importance of implementing compliance programmes in trading companies.  For example, ruling 141/2017 of 20 November of the Provincial Court of Huesca convicted two companies as co-perpetrators of an offence of fraud on the basis that they lacked monitoring or prevention measures to avoid the perpetration of the crime.

Lastly, reference should be made to Ruling 38/2017 of 30 June handed down by the Provincial Court of Pontevedra, wherein a company was convicted of tax crime and sentenced to a fine of €200,000 and prohibition from receiving public subsidies or signing contracts with Public Administrations for two years. This Ruling also expressed that the company could have avoided that sentence where it to have implemented a compliance programme, which would have proven that “due control” had been applied.

Copyright © 2024 SÁNCHEZ-CERVERA ABOGADOS, S.L. CIF: B87461513 Telf.: (+34) 91 411 48 78 / Fax: (+34) 91 411 50 23. E-mail: info@sanchez-cervera.com

Office: C/ General Oráa, 26 (Madrid - 28006).

Recorded in the Madrid Companies Register in volume 34.303, of the 8th Section, sheet 131, page number M-617104.