
Corporate vs. Individual Criminal Liability Defence Lawyers
Dual defense strategy when the company (Art. 31 bis CP) and the director or officer (Art. 31 CP) are simultaneously imputed.
Last updated:
The Dual Imputation Model in Spain
Since the 2010 reform (LO 5/2010), Spanish law recognizes criminal liability of the legal person in parallel with that of the individuals acting on its behalf. This is the dual imputation model: the same act can generate two criminal proceedings, one against the company (Art. 31 bis CP) and another against the director, officer or employee who materially executed it (Art. 31 CP). Simultaneous defense of both is one of the technically most complex areas of economic criminal law, because interests may align or collide frontally.
Company-Director Conflict of Interest
When the offense benefits the company but the director claims having acted ultra vires (outside their functions, without governing body authorization), a structural conflict of interest arises. The company has an incentive to "sacrifice" the officer and prove that the act was fraudulent circumvention of an effective compliance program. The officer, conversely, has an incentive to demonstrate they acted with knowledge and consent of senior management. In this scenario, Art. 119 LECrim mandates the appointment of a special representative of the legal person other than the imputed officer.
Coordinated vs. Separate Defense
Coordinated defense (same firm representing company and officer) is only viable when interests converge —for example, when both contend that the act is not an offense or that it has prescribed. When interests diverge, separate defense with informational coordination must be chosen. The lead firm must design the group's defense architecture: who represents whom, what information is shared, what is reserved, and how to prevent a strategic plea from harming the individual client.
The Art. 31 bis CP Exemption
The legal person can be fully exempt from liability under Art. 31 bis 2 CP when it proves four cumulative requirements: that the governing body adopted and effectively implemented an organisation and management model (compliance program) suitable to prevent offences of that nature before the act; that supervision of the model was entrusted to a body with autonomous powers of initiative and control; that the individual perpetrators committed the offence by fraudulently circumventing the model; and that there was no omission or insufficient exercise of supervisory functions. Where the requirements are only partially met, the same facts operate as a mitigating factor that reduces the penalty.
Cross Plea Agreements
Because the two liabilities are autonomous (Art. 31 ter CP), a plea bargain by one party does not automatically bind the other. This opens room for cross plea strategies: an early conformidad by the legal entity —acknowledging organisational failings and committing to remediation— can secure a substantial reduction for the company without, if properly drafted, implying any admission against the individual. Conversely, the director's cooperation may attract the mitigating factors of confession (Art. 21.4 CP) or reparation (Art. 21.5 CP). The key is a no-harm protocol that coordinates the acknowledgment of facts while preserving each party's presumption of innocence.
Requirements of an effective compliance model (Art. 31 bis 5 of the Criminal Code)
Having a compliance document is not enough. For the model to trigger its exempting or mitigating effect, it must have been adopted and effectively implemented before the offence and must meet the six requirements listed in Art. 31 bis 5 of the Spanish Criminal Code. The first is a serious risk map that identifies the activities in which the offences in the closed statutory catalogue could be committed, tailored to the specific company by reference to its sector, size and actual operations, rather than a generic template copied from another organisation.
The remaining requirements are cumulative: protocols and procedures setting out how the company forms its corporate will and how decisions are taken and executed in the risk areas; financial resource management models suitable to prevent the commission of offences; an obligation to report potential risks and breaches to the body charged with monitoring the model (the reporting channel); a disciplinary system that adequately sanctions non-compliance with the measures; and periodic verification of the model, with amendment whenever significant breaches come to light or the organisation, the control structure or the activity change.
The practical key is suitability and effectiveness, not mere formal existence. A paper model that nobody applies, with no traceability of its execution, no documented training and no evidence that the channel and the disciplinary regime actually work, tends to be treated as cosmetic and does not protect the company. We design, review and test the model so that it withstands that suitability scrutiny, leaving a documentary trail of every element (risk map, control matrices, evidence of execution) which is precisely what is later argued in the proceedings.
The autonomous oversight body and the burden of proving the exemption
Art. 31 bis 2 of the Criminal Code requires that oversight of the operation of and compliance with the model be entrusted to a body of the legal person with autonomous powers of initiative and control (the compliance function or compliance officer). Autonomy means functional independence, sufficient resources, direct access to information and to the management body, and a genuine ability to investigate and propose measures without being neutralised by management itself. In small legal persons, Art. 31 bis 3 of the Criminal Code allows the management body to assume those functions directly.
The exemption does not operate automatically by exhibiting a model: the party invoking its suitability and effectiveness must prove them in the proceedings. The defence of the legal person is therefore built on evidence: model documentation, evidence of its effective implementation, minutes and reports of the compliance body, channel records, disciplinary files and periodic verifications. Where the offence is committed by directors or representatives, Art. 31 bis 2 additionally requires that the model was fraudulently circumvented; where it is committed by a subordinate, what matters is whether there was a serious breach of the duties of supervision, monitoring and control.
Compliance must therefore be designed with its evidentiary function in mind. A nominal compliance body with no minutes, no budget and no periodic reporting to the board is of little use. We help the company ensure that the oversight body has a real charter, real autonomy and real traceability, so that, should it become necessary, the suitability of the model can be demonstrated with documents contemporaneous to the facts rather than reconstructed after the event, which is when the exemption is hardest to sustain.
The company as an investigated party: procedural status, defence and the company's own plea agreement
When proceedings are directed against the company, it acquires the status of an investigated party with its own rights: to be informed of the facts, to appoint a lawyer and court representative, to remain silent, not to testify against itself and not to confess guilt. The legal person appears through a representative specially designated for that purpose, and the law provides solutions for the frequent conflicts of interest where that representative coincides with the natural person also investigated for the same facts, a situation that requires separating the two defences from the outset.
That separation is strategic. The interests of the company and of the natural person may not coincide: the company has an interest in proving that it had a suitable model and that the offence was committed by circumventing it or despite diligent supervision, while the natural person mounts a separate defence. Coordinating both lines without one prejudicing the other, and deciding whether the legal person should enter a plea agreement (available and autonomous from that of the natural person), lies at the core of the strategy and must be planned in advance.
We defend the legal person on the basis of its own procedural status: proper designation of the representative, safeguarding of the company's right of defence, a compliance expert report proving the suitability of the model and, where appropriate, negotiation of a plea agreement that modulates the penalties. Because the company may be liable autonomously, we approach its defence as a case in its own right and not as a mere appendix to the directors' liability.
Reporting channel (Law 2/2023), internal investigations, succession in M&A and the penalties of Art. 33.7
The internal reporting channel, required as an element of the model by Art. 31 bis 5 of the Criminal Code, now connects with Law 2/2023 on the protection of persons who report breaches: it obliges many entities to maintain an internal reporting system with guarantees of confidentiality, the possibility of anonymous use, response deadlines and, above all, protection of the good-faith reporter against retaliation. A well-designed channel not only complies with that law but also feeds the periodic verification of the model and evidences that the company detects and reacts to its risks.
Internal investigations are the tool for responding to an alert, but they must be conducted while respecting the rights of the investigated employees (information, the privilege against self-incrimination, privacy, data protection and proportionality in accessing corporate devices and communications). The lawfulness of internally obtained evidence is decisive: an investigation that infringes fundamental rights can taint the material and undermine the evidentiary value of the compliance effort, so the internal investigation protocol must be legally robust from the very first step.
The criminal liability of the legal person is not extinguished by its transformation, merger, absorption or spin-off: Art. 130.2 of the Criminal Code transfers liability to the resulting entity, which makes criminal due diligence an essential part of any corporate transaction. Finally, the penalties of Art. 33.7 of the Criminal Code go well beyond the fine: they include dissolution, suspension of activities, closure of premises, a ban on carrying out activities, disqualification from obtaining subsidies and public aid, from contracting with the public sector or from enjoying tax benefits, and judicial intervention. Art. 31 ter 2 of the Criminal Code further requires the fines of the natural and the legal person to be modulated when both are imposed for the same facts so as to avoid a disproportionate result, and Art. 31 quater of the Criminal Code sets out the mitigating factors specific to the legal person.
Penalties & Consequences: Corporate vs. Individual Criminal Liability Defence Lawyers
| Type / Scenario | Criminal Penalty |
|---|---|
| Proportional fine for legal entity (Art. 33.7 CP) | Day-fine, fine proportional to benefit, dissolution, suspension, closure, prohibition to contract with the Administration. |
| Disqualification for grants and public contracts | Up to 15 years. Especially critical for companies dependent on the public sector. |
| Judicial intervention of the company | Up to 5 years. Appointment of a judicial administrator assuming functions of the corporate body. |
* Penalties shown are indicative. The actual penalty depends on case circumstances, applicable mitigating and aggravating factors.
Defense Strategy: Corporate vs. Individual Criminal Liability Defence Lawyers
Coordinated Bifurcated Defense
Two separate legal teams with an information protocol that respects professional secrecy while aligning overall strategy.
Forensic Compliance
Post-event audit of the compliance program to reconstruct its effectiveness and oppose it as evidence at trial.
Differentiated Plea
Propose a plea for the legal entity that does not imply acknowledgment against the individual, preserving personal presumption of innocence.
Economic Criminal Law in Spain: Tax Fraud, Money Laundering and Corporate Crimes
Economic criminal law encompasses the most severe financial penalties in the Spanish Criminal Code. Tax fraud over €120,000 (Art. 305 CP), money laundering (Art. 301 CP), and corporate crimes (Art. 290-297 CP) are complex offenses where defense requires a combination of criminal law expertise and deep accounting/financial knowledge.
Penalty Comparison: Economic Offenses
| Offense | Threshold | Penalty |
|---|---|---|
| Tax Fraud (Art. 305) | >€120,000 | 1 – 5 years + fine x6 |
| Aggravated Tax Fraud | >€600,000 | 2 – 6 years |
| Money Laundering (Art. 301) | Any amount | 6 months – 6 years |
| Aggravated Laundering | Organized/financial system | Up to 9 years |
| Corporate Crime (Art. 290) | Balance sheet falsification | 1 – 3 years |
| Punishable Insolvency (Art. 259) | Fraudulent bankruptcy | 1 – 4 years |
Key Defense Strategies
Tax Regularization Defense (Art. 305.4 CP)
Pay the full tax debt before charges are formally filed and the crime is extinguished. This is the most powerful complete defense in tax fraud cases.
Challenge the €120K Threshold
The tax authority's calculation method is often contestable. Independent forensic accounting can challenge the assessed figure below the criminal threshold.
Money Laundering 'Self-laundering' Issues
Spanish courts have debated whether the primary offender can also be convicted of laundering their own proceeds. Challenge the double jeopardy implications.
Corporate Crime: Harm to Company vs. Shareholders
Art. 295 corporate crimes require actual financial harm to the company or its members. Demonstrate that any loss was speculative or absent.
Why Choose Us?
Need a criminal defense lawyer for this type of offense? Here's how we work:
Do you need specialised legal assistance?
The judicial system is complex. We have the criminal-law specialisation and technical resources required to take on the defence.