GESETZESDEKRET 231/01 ORGANISATIONSMODELL UND VERWALTUNGSHAFTUNG DER KÖRPER
Until the introduction of Legislative Decree 231/01, companies could not be investigated, charged or even criminally convicted (in accordance with the principle that societas delinquere non potest).
In the event of an offence committed in order to facilitate the company (for example, the classic case of corruption in order to win a contract), the perpetrator and/or the company's legal representative were personally liable, depending on whether or not they were aware of the offence.
Since 2001, with the introduction of the administrative responsibility for companies (which is actually criminal liability), that principle is no longer relevant.
The change took a long time reach the relevant aspect it has now.
The liability of the companies was initially envisaged for a few predicate offences, i.e. those offences which, if committed a) in the interest or b) to the advantage of the company, would have led to the company being charged as well as the author of the offence. The perpetrator of the offence may be a senior person of the Company or in any case a person subject to the management of the senior person.
The sentence is inflicted in terms of quotas (which have an economic countervalue) in relation to the seriousness of the offence committed and may be accompanied by interdictory measures against the exercise of business activity, including precautionary measures.
Over time, the regulation has been extended to an increasing number of offences until, from 2019, implementing European directives, it will include most tax offences. Before that, crimes related to safety and accidents at work (the Thyssen or Viareggio cases are well known, in which the regulation was applied).
However, the regulation provides a way out for "virtuous" companies, i.e., the possibility of not being sanctioned or of being sanctioned in a mitigated manner and of not being subject to interdiction measures if the company has adopted an organizational model for risk management.
The adoption of this organizational model (which can be likened to a certification and which consists of a general part and a special part that specifically analyses the company's areas of activity, the relative level of risk of offences being committed and the procedures in place, as well as those that should be adopted where necessary), if considered effective with an ex ante evaluation, can constitute a justification that saves the company from disqualification and conviction.
In order to be considered effective, the perpetrator of the offence must have circumvented the procedures and controls put in place by the Company to prevent the commission of the offence.
In fact, today, with the procedures that have been studied and implemented, committing such an offence in the presence of the model becomes really complicated.
To supervise the application of the model there is the Supervisory Board (ODV), usually collegial and composed by two external professionals and one internal, autonomous, that meet periodically for the audit and verify the correct course.