Corporate compliance in Spain: is it indeed required? – Pérez-Llorca

The purpose of compliance is to help prevent the risks for a company that can arise as a result of the infringement of an applicable law, by putting in place internal control procedures and measures.


The growing interest of companies in matters relating to compliance has increased as a result of the recent amendment of the Spanish Penal Code, which entered into force in December 2010.  Among its most notable innovations is the criminal liability of legal persons.  The greater risk of sanctions, which now go further than an administrative fine, has led companies to look for ways of establishing action plans that allow them to prevent crime and avoid criminal implications for the company.


1. Definition of the duties and rank of the Compliance officer

One of the topics of particular interest was in relation to the extent of the duties that should be taken on by the compliance officer as well as his place within the structure of the management of the company. We have attached a link to a report from the North American Ethics Resource Center which deals with this particular matter: ( ( .

This is an interesting report given that it deals with these and other questions relating to the role of the compliance officer.  This report was prepared as a result of the publication by Forbes magazine of a very controversial article entitled “Chief Ethics Officers: Who Needs Them?” (

2. The effectiveness of Corporate Compliance programmes in preventing criminal liability for companies.

Within the debate particular stress was made of the need to make use of not only appropriate criminal liability assessment and prevention systems, but also of the processes that ensure their effective application in all areas of the company.  For this reason, the importance of certain procedures were highlighted, such as:

(i) the periodic circulation of guidelines for which acknowledgement of receipt is required,

(ii) the establishment of inspection, auditing and control systems,

(iii) the creation of a disciplinary system with effective sanctions in the event of non-compliance

(iv) the creation of internal or whistleblowing systems,

(v) incentives with regard to compliance such as the “Compliance Day” or variable remuneration,

(i) employee training programmes.

3. Internal or whistleblowing systems

The debate also touched on the limits which the internal whistleblowing systems should have within Spanish law (anonymous complaints vs. confidential complaints, the kinds of irregularities that can be reported etc.).  In this regard, we have attached the Report of the Law Department of the Spanish Agency for Data Protection (1) and Report 1/2006 of the Working Group of the European Union created by article 29 of Directive 95/46/CE (2), both referring to the matter in question

4. Compliance with regard to public and private anti-corruption

Trends in policies and measures for combating corruption were discussed.  We have attached a “Guide to good practice in internal controls, ethics, and compliance with regulations adopted by the Board of the OECD on the 18 February 2010 (the Spanish and English versions, (3) and (4)) which contain recommendations for firms with regard to this topic.

A link to the web page of the United Nations Global Compact is also included,  one of whose 10 principles is the fight against corruption in business.  This webpage contains interesting information such as the guidance material guide for companies establishing anticorruption compliance systems and it even has a free e-learning tool that can be downloaded for use in employee training:

An article by Adriana de Buerba on the new crime of corruption between private individuals is also included.(5).


5.  Problems with the transnational application of compliance

There was also discussion of the problems facing enterprises which carry out activities in other countries whose standards, regulations and policies in this area are not equal to those of Spain. This topic was tackled by the OECD in their OECD Guidelines for Multinational Enterprises which are attached  in the 2008 Spanish and English versions (6) and (7).

6.  Applying compliance systems to directors and managers of the company

With regard to this question, in order to try to overcome, at least in part, the conflicts of interest that can occur if the directors and the companies are both accused in the same criminal proceedings, in the US the D&O insurance was created, which covers the legal costs and the civil liability of managers and directors.  In Spain, insurances have started to appear with these characteristics, although they do not all meet the necessary requirements for the adequate cover of the risks arising from criminal charges.

Procedural reform project

To conclude, we have included a link to the reform project established in order to adapt the regulations of criminal proceedings to the criminal liability of enterprises (8).

Information to download:

(1) Report 2007-0128 Whistleblowing Data Protection Agency
(2) EU report on whistleblowing
(3)OECD Guidelines 2010
(4) Guía Buenas Prácticas OCDE 2010 – Spanish version
(5)The crime of corruption between private individuals Adriana de Buerba
(6) OECD Guidelines for Multinational Enterprieses
(7) Líneas directices OCDE Empresas Multinacionels – Spanish version
(8) Procedural reform project

Adriana de Buerba Pando is a Partner with Pérez-Llorca in Madrid. She can be reached via

Click here to read the article in Spanish