Criminal Compliance in Corporate Crime Prevention

In the current business environment, the adoption of Criminal Compliance Systems has become an essential practice for entities seeking not only to comply with current legal regulations, but also to prevent the commission of crimes within them. The term “Compliance” refers to regulatory compliance, and in the criminal field, it focuses on avoiding the criminal liability of legal entities, in accordance with the reform of the Criminal Code introduced by Organic Law 5/2010.

Compliance programs refer to “organization and management models” according to the Criminal Code. These programs, also known as criminal risk prevention plans, are systems implemented in legal entities to prevent and manage potential criminal risks, adapted to the specific needs of each entity.

It is important to distinguish between the criminal risk prevention plan per se and the corporate compliance program. The second includes the first and goes further, covering general principles, the entity’s policies on criminal risks, the scope and those responsible for their application, as well as control and supervision activities to ensure their correct implementation.

Under current Criminal Code regulations, having a crime prevention program in place may exempt or mitigate the criminal liability of the legal entity in question.

Requirements for organizational and management models

The organization and management models must meet the following minimum conditions legally provided for in art. 31 bis 5 PC:

  1. Identify activities where crimes to be prevented could occur.
  2. Establish protocols or procedures that specify how the entity makes decisions and executes them with respect to such activities.
  3. To have adequate financial management models to avoid the commission of crimes that must be prevented.
  4. Require the obligation to report possible risks and non-compliance to the body in charge of supervising compliance with the prevention model.
  5. Implement a disciplinary system that appropriately sanctions non-compliance with the measures established in the model.
  6. Perform periodic verification of the model and adjust it if there are significant violations or changes in the organization, control structure or activity that require it.

In other words, Criminal Compliance Systems seek to regulate the activities of an entity to ensure compliance with the law and, therefore, comply with the legal requirements of Article 31 bis of the Criminal Code. This is done to avoid potential criminal liability for the entity, which could arise from the commission of certain crimes in its operations.

This publication does not constitute legal advice. 


How can we help you from LAW4DIGITAL? 

At LAW4DIGITAL we are lawyers specialized in digital businesses. We provide comprehensive legal advice to digital companies. We help you with online legal advice. 

We will keep you updated on digital business. In any case, you can contact us by mail addressed to hola@law4digital.comby calling (+34) 931 444 820 or by filling out our form at 

We are waiting for you in the next post! 


Law4Digital team. 

Subscribe to our Newsletter!