International corruption: the curse of cross-border liability  



When introduced, Italy’s Legislative Decree no. 231 of 8 June 2001 (the ‘Legislative Decree’) did not anticipate international corruption as one of the criminal violations capable of placing an administrative responsibility on entities for activities performed by their top managers.

The new crime was added to the lengthy list of criminal violations included in the Legislative Decree on 17 October 2012, as a deterrent against activities undertaken by national companies with cross-border operations. The Legislative Decree identifies the type of criminal violations which may trigger an administrative responsibility for entities. It also provides potential scope for avoiding liability if the company has adopted an organisational model, such as robust internal procedures, capable of preventing the execution of such crimes or the violation of criminal law. Sanctions may include fines, suspension of activities or restrictions on participating in future public tenders.

The issue has been highlighted following a recent case of suspected international corruption involving officers of Finmeccanica, which took part in a public tender in India for the award of military helicopters. At the time of writing, the Indian government has suspended and withdrawn the award in view of clarifying the case, which is still pending before a criminal court in Italy. The case brings to light the new liability of companies residing in Italy for criminal activities performed by managers acting abroad.

The Legislative Decree represents a significant revolution in the Italian legal system, compared to the traditional Roman principle of ‘societas delinquere non potest’, under which no criminal responsibility may be borne by legal entities. The Legislative Decree generates an objective link between personal violation by an entity’s managers and administrative responsibility of the company overall. The principles which have inspired this novel introduction of international corruption as a criminal offence, subject to the Legislative Decree, stem from the Convention on the fight against corruption involving officials of the European Communities or officials of the Member States of the European Union, drawn by the Council on 26 May 1997, along with the OECD Convention of 17 November 1997 on Combating Bribery of Foreign Public Officials in International Business Transactions.

Yet the Legislative Decree is more ambitious. It aims to hold entities objectively responsible for crimes committed in their interest or to their advantage by individuals who represent, administer or manage such entities, as well as employees who may have taken action because of a specific request by managers or who report directly to top managers, under Article 7 of the law. The Decree encourages the adoption of an organisational, management and audit model – which is not defined or explained in the Decree – designed to prevent the specific crimes listed in the Decree. In other words, the Decree identifies the type of criminal violations which may trigger the administrative responsibility of entities, yet allows for the possible avoidance of liability if the company adopts an organisational model capable of avoiding the execution of such crimes. In addition, the Decree enhances the development and enforcement of corporate governance systems, encouraging the adoption of a check and balance measure between corporate bodies under which “companies may be directed, managed and controlled” to reduce the possibility of violating criminal law and also to ensure sound and accurate financial reporting to deter fraud.

The provisions of the Legislative Decree expand to a series of different types of possible crimes (labour safety regulation, financial corruption, privacy, sexual labour discrimination, etc.) and apply to a vast and multifaceted type of corporate entities, both possessing or not possessing a legal personality, and are also applicable to associations without legal investiture. Entities retaining head offices in Italy may be held responsible for crimes committed abroad, provided that the State where the violation occurred has not filed a criminal proceeding against the entity (which appears not to have happened in the Finmeccanica case). In this regard, on 1 December 2010 the Supreme Court (Decision no.42701) outlined the principle of the possible application of interdictory and provisional measures to entities involved in crimes of international corruption. This decision, stemming from a case of corruption involving Nigerian officials for drilling concessions in Nigeria, stated the application of Article no.25 par.5 of the Decree in relation to basic assumptions of corruption (crime pursued under paragraphs 2 and 3 of the Decree), if in accordance with subjective elements identified under paragraph 4 of the Decree.

With regard to foreign companies acting in Italy, in 2004 the Court of Milan convicted Siemens AG for crimes committed by its top management and applied the interdictory sanction set out by article no.9, paragraph no.2 of the Decree, prohibiting the company from contracting with the public administration for one year, even though Siemens AG did not at the time retain a head office in Italy, operating instead by means of a temporary business association with Italian companies. The Court of Milan stated that foreign companies operating in Italy may be held liable under the Decree for crimes committed in the territory, under the principle that foreign companies must act in Italy under full compliance with the Italian legal system, regardless of the circumstance under which their State of origin may eventually regulate the same matter.

The court’s decision states a general binding principle of applying the Decree’s principles for any deliberate conduct performed in Italy. Whatever the location of a company’s corporate headquarters, the objective responsibility stems from the Italian operations of the company. It is worth noting that the decision of the Court of Milan seems to comply with the principles of OECD Convention of 17 November 1997 on Combating Bribery of Foreign Public Officials in International Business Transactions, ratified and implemented in Italy with Law no. 300 of 2000, which undoubtedly has inspired the new general provisions of the Decree. Article no.4, par. 1 of the OECD Convention requires a Member State to take necessary steps to establish in its jurisdiction measures capable of discouraging bribery of foreign public officials, also taking into account where the offence is committed, if in whole or in part within a territory subject to the jurisdiction of an OECD Member.

With regard to protective measures, the Court of Cassation stated that a company’s adoption of an organisational model is in itself not a sufficient condition to avoid administrative liability, for the simple reason that an organisational model must be adopted and effectively implemented before the crime occurred. As in a 2009 Court of Milan case, it is possible for a court to decide that a model is effectively implemented ante factum (Impregilo Case), yet the chairman of the board and the chief executive be convicted for relevant crimes (in the specific case, insider trading, violation of Article 2337 of civil code).

Although the adoption of an organisational model is not mandatory, it may present an opportunity for an entity to avoid severe liability for the crimes envisaged in the Decree and, eventually, to develop an efficient internal control system, which, at the end of the day, is the specific aim of the new law.


Fabrizio Cugia Di Sant’Orsola is partner at Cugia Cuomo & Associati. He can be contacted on +39 06 960 38 103 or by email:

© Financier Worldwide


Fabrizio Cugia Di Sant’Orsola

Cugia Cuomo & Associati

©2001-2016 Financier Worldwide Ltd. All rights reserved.