On 11.01.2019, a government draft law on the responsibility of collective entities for criminal acts was submitted to the Sejm. The draft is at the consultation stage. Therefore, this is a good time to already prepare for the new Law, because it will not be easy and pleasant.
# Who does the Act apply to?
All entrepreneurs who are "collective entities", i.e. all commercial companies (Ltd., S.A. sp.j., sp.p., sp.k., SKA), JST, ST unions, associations and cooperatives. The size of the entity does not matter, although several obligations do not include micro-entrepreneurs, and moreover, a compliance officer does not have to be appointed by micro and small entrepreneurs. It is estimated that the new Law applies to about 550,000 entities in Poland.
# The law and the factoring industry?
The law also applies to factoring companies. Banks are in a better position, due to the fact that they are previously subject to numerous compliance-type obligations arising from, among other things, the requirements of the FSA, the requirements of the WSE, or even the requirements of the majority shareholder. It will be easier for them to comply with the Act due to their existing structures, departments, divisions of responsibilities and clearly defined rules of accountability, as well as having lawyers responsible for compliance on their team. The long road ahead, on the other hand, awaits non-bank factoring and lending companies - in their case in fact will need to carry out the process of compliance with the Act most often from scratch. The Act also generates some factoring risk for customer financing / capping of recipients - a risk that is actualized when it becomes known that such an entity is under scrutiny for compliance with the Act.
# What can the company be responsible for?
- for failing to create and implement a compliance system, i.e., solutions to counteract significant risks leading to the commission of a criminal act;
- For not appointing a Compliance Officer;
- for a criminal act committed by members of bodies, employees, hired, subcontracted, or even undetermined persons (anonymous guilt) in connection with the company's business, consisting of an intentional act or omission, as well as such a criminal act that occurred by failing to exercise the care required under the circumstances;
- For failing to provide training on the aforementioned rules;
It will not be necessary to obtain a conviction of an individual in order to impose a penalty on a collective entity - it will be sufficient to show that a criminal act has been committed. This is the biggest novelty in the bill and a significant risk. We have some doubts about the constitutionality of such a solution.
# What in particular will be paid attention to when inspecting a collective entity?
- accepting and giving gifts, gifts, benefits to its contractors and associates, and the rules (regulations) in force in this regard, as well as the register of benefits;
- Providing discounts to customers, and the discount policy, its rules and regulations;
- Participation in public procurement and tenders;
- the organization of the company's compliance system, including adopted and implemented policies, employee training, knowledge within the company;
- the anti-corruption code adopted and applied by the company, and the provisions used by the company in its contracts with contractors;
- trips organized for contractors, clients and colleagues;
- Preventing the creation of so-called bribery funds.
# Sanctions for violations of the Law
- fines of up to PLN 30 million, and in strictly defined cases up to PLN 60 million;
- The possibility of dissolution (liquidation) of the collective entity;
- the possibility of restricting the company's operations already during the audit through a series of preventive measures, including, among others, a ban on bidding for public contracts, a ban on promotion and advertising, a ban on carrying out certain activities, and the introduction of a receivership for the duration of the investigation;
The law introduces some sanctions not previously known to Polish law. The authority can financially restrict both the company itself and its owners and managers, as well as seize it, liquidate it, or freeze its operational activities. The prosecutor and the CBA, among others, are conducting the proceedings.
# Changing the burden of proof
If a criminal act is committed at a company, then in liability proceedings such a company will have to prove that it has implemented effective measures to prevent the commission of crimes. Moreover, it is obliged to ensure that investigations are carried out when a criminal act is found to have occurred, and that related irregularities or violations are rectified. The lack of adequate mechanisms and related procedures will prevent companies from effectively defending themselves against heavy financial sanctions and other measures of a criminal nature.
# How to adapt
Each of the entities covered by the Act has an obligation to comply with it. By failing to do so it risks the consequences that have been signaled above. Every regulated company should conduct a compliance audit consisting of identifying risks, and designing, implementing and adopting the necessary procedures, and training employees. In particular, it is necessary to:
- Appointment of a compliance officer - a person who will be responsible for bringing the company into compliance with the requirements of the Act;
- Identifying areas of risk;
- To organize the company's structure and clearly establish the principles of responsibility in the company for individual cells/departments/units;
- Adopting a procedure for so-called whistleblowing, i.e., creating a system that allows any employee to report abuse anonymously, and providing such a person with protection;
- Adopt internal regulations, depending on the identified risks (e.g., anti-corruption code, register of personal benefits and gifts, gift regulations, procedure for verification of contractors);
- The actual implementation of the aforementioned changes and their application;
- Risk monitoring and periodic risk audits;
- Employee training.
# Concluding remarks
The bill is in the consultation phase. In our opinion, if enacted in its current form - it will significantly affect the insurance market and the way managers are hired. On the one hand, corporations should seek to reduce the risk of liability for the actions of managers (especially some arbitrariness). Therefore, we should expect changes in the models of managerial contracts, and above all, an increase in the importance of compliance-type procedures in corporations - protecting them from direct liability for the actions of employees. On the other hand - managers may be afraid to take risks for fear of possible recourse from the corporation that will bear responsibility. It seems that this gap will be filled by the rise of Directors and Officers (D&O) management insurance.