The liability of legal entity for offences committed in their organizational context and for their benefit is a reality in a growing number of countries. In fact, most European states have internal regulations in this area that adapt the various existing EU Directives.
However, the domestic law of each State means that there are some variations from one legal system to another. For example, in certain countries (for example, in Portugal) there is no provision for exemption from criminal liability for legal entities, while in others (as in the case of Spain) it is foreseen; this exemption is constituted by the Compliance Systems. In fact, sometimes the internal legislator goes further and not only foresees this, but even obliges companies to have a set of measures that contribute to preventing the commission of certain offences.
Such is the case, for example, of France. As we informed in Circular 28/17, the law commonly known as "Sapin II" requires companies with a French parent company that have more than 500 employees or that bill more than 100 million Euros to implement measures to avoid the commission of offences related to corruption, both public and private, and fraud. These measures include the establishment of a Code of Conduct, an Internal Complaints Channel, a Risk Map, various evaluation procedures (of clients, suppliers and intermediaries), a sanctioning system and an internal system for evaluating the measures adopted. As can be seen, these are the same elements that, in accordance with the UNE 19601 norm and article 31 bis of the Criminal Code, make up a Compliance System according to Spanish Law.
Another example can be found in the United Kingdom. In this case, the recent Criminal Finances Act 2017 introduces, among other novelties, a new criminal type consisting in the lack of prevention by the legal entity that one of its members favors the tax evasion of a third party, both at the national and international level. In other words, it rises to the category of crime the fact of not having a Compliance System that includes measures to prevent this criminal type. This legislative amendment responds to the logic of facilitating the imputation to companies in the context of which criminal acts of this kind are committed, which with the new regulation consist in the tax evasion itself by a third party, be it a natural person or legal entity, or in the facilitation of such tax evasion by a subject acting on behalf of the legal entity; in addition, the organization must have failed to prevent the participation of its members in the criminal conduct carried out by the third party, and this because they have not implemented reasonable procedures for their avoidance.
In conclusion, in a growing number of European countries it is compulsory to implement the Compliance Systems, and consequently both their parent companies and their subsidiaries must have a Compliance System implemented; in the latter case, it should be stressed that, if these subsidiaries are in a different State than their parent company, the Compliance Systems must be adapted to the international legislation that results from the application.