Could 2014 become the "Year of Compliance" for SMEs?

The year 2014 could become the "Year of Compliance" for German SMEs (Mittelstand). "Compliance", i.e. the compliance with laws, regulations and internal standards, should actually be something that is taken for granted. The reality does, however, look rather different. While large businesses like Siemens, MAN, Thyssen-Krupp or Glaxo have implemented compliance systems and control mechanisms at vast expense and with an army of external advisers (and even this has not always had the desired effect), the topic is often still unheard of among SMEs.

This could change during the course of this year. The reason is the suggestion by those German states governed by the SPD (Germany's Social Democratic Party) to introduce a criminal code for juristic entities. The starting point is the determination that, specifically among SMEs, there exists a substantial "prevention deficit". According to the authors of the draft law, while compliance structures may have been introduced by large companies, they are generally lacking across the board when it comes to SMEs. If the proposal becomes law, then not only persons, but also businesses / juristic entities would be subject to criminal prosecution in Germany in future, if employees in managerial positions infringe criminal laws applicable to juristic entities through an act or omission, or if such offences are committed by employees of the entity and management is unable to show that an adequate compliance system is in place to prevent this. Ignorance of the employees' actions would then no longer be an excuse. Adequate organisational or personnel measures would have to be taken to prevent compliance infringements.

For purposes of compliance, not only slush funds, corruption, antitrust infringements and tax offences are relevant, but also a multitude of other actions such as breaches of the law on export controls, data protection law, product safety, health and safety regulations, etc.

The proposed law is intended to apply to juristic entities, being the AG (stock corporation), GmbH (limited liability company), GmbH & Co. KG (limited partnership having a GmbH as a general partner), KG (limited partnership) and OHG (general partnership). It would not, however, apply to individual traders. The catalogue of planned sanctions includes the issuing of warnings, public disclosure, exclusion from public tenders and subsidies, the imposition of fines of 10% of the (group) turnover, and, in case of repeated illegal business dealings, the dissolution of the entity. In the case of minor offences or if and when loss or damage is appropriately compensated, sanctions could exceptionally not be applied, provided that the concerned entity implements a compliance system.

The fact that the criminal code for juristic entities is currently only a proposal should not lead SMEs to believe that there is no need to implement compliance measures at present already: It can be expected that the very discussion of the draft law will lead to stricter scrutiny of companies and to a more consistent application of existing sanctions. This is because under German law the possibility to "penalise" companies already exists in certain instances, such as in relation to antitrust infringements. In terms of capital markets law, fines may also currently already be imposed on entities, with the new EU Market Abuse Directive envisaging significant increases in these fines. And under § 130 of the German Law on Regulatory Offences (OWiG; Ordnungswidrigkeitengesetz), an offence is committed by anyone who, "as the owner of a business or enterprise, intentionally or negligently fails to take such supervisory measures as are required to prevent infringements of obligations within the business or enterprise, the breach of which is subject to a penalty or fine", if an infringement is committed that could have been prevented or made substantially more difficult to commit, had proper supervision been exercised. Although fines of up to EUR 10,000,000 may be imposed under this provision today already, it is largely unknown among SMEs due to the fact that § 130 OWiG is, amongst other things, only applied in 5-8% of all cases in which the conditions for its application are satisfied. This should change by the mere fact of the further discussion of the proposed new criminal code.

Note should also be taken of the decision of the Regional Court of Munich of 10 December 2013 (5 HKO 1387/10). In terms of this decision, a first in German history, the court held former advisory board member (Vorstand) Mr. Heinz-Joachim Neubürger of German company Siemens liable to pay damages in the amount of EUR 15,000,000 to his previous employer (Siemens), on account of him having failed to ensure that a functional compliance system was implemented at Siemens. As a consequence of this failure, bribes could and were paid to certain persons to secure lucrative orders for Siemens. Although this happened without the knowledge of Mr. Neubürger, he lost the case - simply on account of his failure to implement a compliance system which would have prevented the unlawful conduct.  

There is accordingly more than one reason for SMEs to eliminate any prevailing "prevention deficits" as quickly as possible, and to implement a functioning compliance system. The consequences of a failure to do so are simply too harsh - whether for the individuals involved, and / or for the concerned entity.

Gerhard Manz, Barbara Mayer

1:1. This is how we work together. You decide upon a competent partner; he/she will then remain your point of contact. > more