Internal Corporate Investigations

External, independent direction of internal corporate investigations with a guarantor protocol and shielding of attorney-client privilege.

call91 078 65 74

Last updated: 13 June 2026

Defense Keys: Internal Corporate Investigations

External, independent direction of internal corporate investigations with a guarantor protocol, shielding of attorney-client privilege and respect for the rights of the investigated employee.
Activation: Internal channel complaint, audit alert, due diligence finding or public authority requirement.
Guarantor protocol: Appointment of an external investigator, investigation plan, digital evidence custody, interviews with legal assistance and right against self-incrimination.
Attorney-client privilege: Communications, drafts and conclusions of the firm directing the investigation are covered by professional secrecy if strict formal requirements are met.
Cooperation with the Prosecutor: Selective delivery of findings as a highly qualified mitigating factor (Art. 31 quater CP) that can become a partial exemption.

The internal corporate investigation is the procedure by which the company clarifies, before or during a criminal process, potentially criminal acts committed within it. It is a central piece of modern criminal compliance and, well executed, the queen of evidence for the exemption under Art. 31 bis 2 CP. Poorly executed, however, it can become the best evidence against the company and its officers.

When an Internal Investigation Is Activated

The protocol is triggered by a whistleblowing-channel report, an audit or internal-control alert, a finding during due diligence (typically in an acquisition) or a requirement from a public authority. Article 31 bis 5 CP requires the compliance model to impose an obligation to report and investigate irregularities, so failing to act when there are reasonable indications of an offence directly compromises the company's criminal exemption. The decision to open the investigation, and its precise scope, must be documented from the very first moment.

Structure of the Guarantor Protocol

A guarantor protocol requires: (1) appointment of an external investigator independent —ideally a criminal law firm—, with written mandate defining scope, deadlines and duty to report to the Compliance Committee; (2) investigation plan identifying hypotheses, documentary sources and witnesses; (3) digital evidence custody (e-discovery) with impeccable forensic chain of custody; (4) formal interviews with prior information to the employee about their status, the subject matter and their right to legal assistance and not to self-incriminate; (5) final report with findings, legal assessment and recommendations for internal measures and, where appropriate, external reporting.

Attorney-Client Privilege

Professional secrecy is the backbone of internal investigation. Communications between the company and the firm directing it, as well as drafts, notes and conclusions, are protected by professional secrecy and are unseizable even through judicial search, provided that: (a) there is prior written mandate, (b) the firm acts as lawyer and not as mere auditor, (c) documents are identified as subject to privilege, and (d) chain of custody is observed. STS 79/2012 and subsequent rulings have confirmed this shielding, aligned with European doctrine (AKZO Nobel case).

Rights of the Investigated Employee

An investigation that tramples the employee's rights is worthless —or counterproductive— as evidence. The worker must be informed of their status and of the subject matter, may be assisted by a lawyer and cannot be compelled to self-incriminate. Access to corporate devices and accounts is only lawful where there are clear prior policies, a legitimate purpose and strict proportionality: STC 119/2022 and the European Court of Human Rights doctrine (Bărbulescu) set firm limits on monitoring personal communications. Any disciplinary measure, including dismissal, requires proven cause and respect for these guarantees; a premature dismissal can generate labour nullity and undermine the credibility of the whole investigation.

Delivery to the Prosecutor and Penalty Mitigation

The findings are not necessarily handed over in full: a selective and well-timed delivery, accompanied by the internal measures adopted, operates as a highly qualified mitigating factor under Art. 31 quater CP and can yield one or two degrees of penalty reduction for the legal entity, occasionally approaching a partial exemption. Material evidence (emails, contracts, accounting) remains judicially seizable if reached through independent channels, but the firm's privileged work product stays protected. Deciding what to communicate, when and in what format —ideally within a prior cooperation framework agreed with the Prosecutor— is the most delicate strategic call of the entire process.

balance

Penalty Chart

Type / Scenario	Criminal Penalty
Highly qualified mitigation (Art. 31 quater CP)	Confession, cooperation, reparation and measures implementation may yield 1 or 2 degrees of penalty reduction for the legal entity.
Effective compliance exemption (Art. 31 bis 2 CP)	The internal investigation is key evidence to establish the real functioning of the program and the fraudulent circumvention by the author.
Risk of additional imputation	A poorly documented investigation or one violating rights may be used as evidence against the investigating officers.

* Penalties shown are indicative. The actual penalty depends on case circumstances, applicable mitigating and aggravating factors.

shield_lock

Our Defense Strategy

gavel01

Triple Defensive Layer

Criminal lawyer mandate (privilege) + technical forensic support (e-discovery) + legal assistance to the employee. Solid in any trial.

gavel02

Internal Report / Prosecutor Report Bifurcation

Two reports with different detail levels: a complete one for the client, a refined one for delivery to the Prosecutor.

gavel03

Cooperation Framework Agreement

Prior negotiation with the Prosecutor of cooperation scope in exchange for guarantees on penalty treatment (cooperation agreement).

Economic Criminal Law in Spain: Tax Fraud, Money Laundering and Corporate Crimes

Economic criminal law encompasses the most severe financial penalties in the Spanish Criminal Code. Tax fraud over €120,000 (Art. 305 CP), money laundering (Art. 301 CP), and corporate crimes (Art. 290-297 CP) are complex offenses where defense requires a combination of criminal law expertise and deep accounting/financial knowledge.

Penalty Comparison: Economic Offenses

Offense	Threshold	Penalty
Tax Fraud (Art. 305)	>€120,000	1 – 5 years + fine x6
Aggravated Tax Fraud	>€600,000	2 – 6 years
Money Laundering (Art. 301)	Any amount	6 months – 6 years
Aggravated Laundering	Organized/financial system	Up to 9 years
Corporate Crime (Art. 290)	Balance sheet falsification	1 – 3 years
Punishable Insolvency (Art. 259)	Fraudulent bankruptcy	1 – 4 years

Key Defense Strategies

Tax Regularization Defense (Art. 305.4 CP)

Pay the full tax debt before charges are formally filed and the crime is extinguished. This is the most powerful complete defense in tax fraud cases.

Challenge the €120K Threshold

The tax authority's calculation method is often contestable. Independent forensic accounting can challenge the assessed figure below the criminal threshold.

Money Laundering 'Self-laundering' Issues

Spanish courts have debated whether the primary offender can also be convicted of laundering their own proceeds. Challenge the double jeopardy implications.

Corporate Crime: Harm to Company vs. Shareholders

Art. 295 corporate crimes require actual financial harm to the company or its members. Demonstrate that any loss was speculative or absent.

gavel

Why Choose Us?

Need a criminal defense lawyer for this type of offense? Here's how we work:

check

Shielded Initial MandateDesign the written engagement activating privilege and delimiting the defensive scope of the investigation.

check

Forensic E-DiscoveryCollection, preservation and analysis of digital evidence with chain of custody admissible at criminal trial.

check

Delivery Strategy to the ProsecutorDecide what findings to communicate, when and in what format to maximize penalty mitigation.

workspace_premium

+15 Years of ExperienceTeam dedicated exclusively to criminal law before Spanish courts and tribunals.

support_agent

Direct AttentionYour case is handled directly by a senior lawyer of the firm.

Consult My Casearrow_forward

quiz

FAQs

Is the company obligated to investigate internally?expand_more

Art. 31 bis 5 CP requires the compliance model to impose the obligation to report and investigate irregularities. Not doing so when there are reasonable indications compromises the criminal exemption.

Can I deliver findings to the Prosecutor without harming the company?expand_more

Yes, with a designed strategy. Selective, timely delivery accompanied by internal measures operates as a highly qualified mitigating factor (Art. 31 quater CP).

Can the company access the employee's personal email?expand_more

Only with clear prior policies, legitimate purpose and proportionality. STC 119/2022 and ECHR doctrine (Bărbulescu) set strict limits.

Are the investigation's conclusions confidential at trial?expand_more

Documents protected by professional secrecy, yes. Material findings (emails, contracts, accounts) are judicially seizable if accessed through independent channels.

Can I dismiss the investigated employee?expand_more

Yes, with proven disciplinary cause and respect of their rights during the investigation. Premature dismissal or without guarantees may generate labor nullity and undermine criminal credibility.

We also serve

Madrid Alicante Marbella Seville Málaga Bilbao Zaragoza

View all locations →

listTable of Contents

shieldClaves de la Defensa: Internal Corporate Investigations

External, independent direction of internal corporate investigations with a guarantor protocol, shielding of attorney-client privilege and respect for the rights of the investigated employee.
Activation: Internal channel complaint, audit alert, due diligence finding or public authority requirement.
Guarantor protocol: Appointment of an external investigator, investigation plan, digital evidence custody, interviews with legal assistance and right against self-incrimination.
Attorney-client privilege: Communications, drafts and conclusions of the firm directing the investigation are covered by professional secrecy if strict formal requirements are met.
Cooperation with the Prosecutor: Selective delivery of findings as a highly qualified mitigating factor (Art. 31 quater CP) that can become a partial exemption.

gavelElements of the Crime

check_circleReal Investigative NeedReasonable indication of offense justifying the protocol's activation and the employee's rights affectation.
check_circleProportionality of MeasuresEvidence and interviews must be suitable, necessary and proportional to the investigated act.
check_circleDocumentary Coverage of PrivilegeWritten mandate, identification of privileged documents and functional separation from non-privileged auditors.

gavelPenal Consequences

Highly qualified mitigation (Art. 31 quater CP)

Confession, cooperation, reparation and measures implementation may yield 1 or 2 degrees of penalty reduction for the legal entity.

Effective compliance exemption (Art. 31 bis 2 CP)

The internal investigation is key evidence to establish the real functioning of the program and the fraudulent circumvention by the author.

Risk of additional imputation

A poorly documented investigation or one violating rights may be used as evidence against the investigating officers.

articleRelated Articles

linkRelated Services

account_treeCompliance & Corporate

Explore all practice areasarrow_forward

Do you need specialised legal assistance?

The judicial system is complex. We have the criminal-law specialisation and technical resources required to take on the defence.

Contact Alonso Sala

Call: +34 91 078 65 74