Here is the converted article in markdown format:
Compliance Failures: Who’s Responsible?
A recent surge in corporate governance and compliance failures has left many wondering who is responsible for ensuring that companies adhere to the law. While it may seem surprising, inadequacy in compliance measures often rests with the prosecutor or court, rather than the defendant company.
However, as the saying goes, “the buck stops here.” Companies are still expected to demonstrate that they have implemented all necessary and adequate compliance measures to avoid criminal liability. To do this, companies must submit evidence regarding:
- Their compliance policy
- Good governance
- Overall compliance management system
- Procedures
- Measurement of effectiveness
- Regular reporting to senior management
- Continual improvement
Compliance in Competition Law Cases
In competition law cases, the Swiss Competition Commission (COMCO) takes into account a company’s compliance management when determining sanctions. In fact, the burden of proof rests with the company to demonstrate its compliance measures.
Recent Cases
A slew of recent cases has highlighted the importance of effective risk and compliance management. For example:
- Criminal proceedings were opened against two former officials at 1MDB and unknown persons for suspected bribery, money laundering, and criminal mismanagement in August 2015.
- Brazilian company Odebrecht SA was convicted of organisational failure to prevent bribery and money laundering. The company was fined CHF 4.5 million and ordered to disgorge profits of over CHF 200 million.
Government Obligations
But what about government agencies and state-owned enterprises? Are they not also responsible for effective risk and compliance management?
The answer is yes. Swiss state-owned companies, such as cantonal banks and hospitals, must employ best practice risk and compliance management to meet their obligations and avoid criminal liability.
Digital Transformation
As the world becomes increasingly digital, it’s more important than ever that organisations keep pace with changing regulations and laws. The key statutory and regulatory differences between public sector and private sector risk and compliance management obligations are largely a matter of purpose – public sector organisations must prioritize the smooth running of government and citizens’ trust, while private companies must protect employees, shareholders, and creditors.
Update and Trends
Corporate Switzerland is facing a series of crises due to increasing regulation and tighter controls. A number of first-tier companies have recently been confronted with governance and compliance failures. International cooperation has also stepped up in 2017, with investigations into Swiss and foreign companies across various sectors.
In short, while the prosecutor or court may bear some responsibility for ensuring adequate compliance measures, companies must still take proactive steps to demonstrate their commitment to effective risk and compliance management. The stakes are high – failure to comply can result in significant fines, disgorgement of profits, and damage to reputation.