Last updated: 03.02.2025
The meaning of compliance
Compliance is a term used mainly in the context of an organization or its employees adhering to laws, legal requirements, industry standards, and internal policies. These regulations may result from directives, laws, regulations, orders/recommendations of supervisory authorities, e.g. the Polish Financial Supervision Authority, as well as industry codes of conduct, good practices, and internal compliance programmes implemented within the company.
The meaning of criminal compliance
Criminal compliance is a set of activities, procedures, and systems and preventive tools implemented in an organization (most often in companies) to prevent criminal offenses by the company, its employees, or persons acting on its behalf.
The aim of criminal compliance is to reduce the risk of both individual or natural persons’ potential criminal liability, such as that of board members or employees, and the corporate criminal liability of the entire legal entity.
In Poland, this is primarily governed by the Collective Entities Act, which allows for sanctions to be imposed on companies for specific criminal offences committed in their interest.
This applies primarily to the prevention of corruption, money laundering, fraud, influence peddling, violations of environmental, labor, and information security regulations, the prevention of the misuse of confidential information, the prevention of conflicts of interest, and other economic crimes.
Irregularities that may occur in the course of business activities may result in individual liability of persons who, while working within a given organization, commit acts prohibited under the Criminal Code, the Fiscal Penal Code, the Tax Ordinance, and other specific laws related to the specific nature of a particular business.
However, under specific conditions, entire companies as legal persons can also face corporate liability, leading to criminal sanctions, including financial penalties, restrictions on public procurement, or exclusion from state aid.
What are the goals of criminal compliance?
We can distinguish four basic goals of criminal compliance:
- Preventing, deterring, and detecting abuse (crimes) committed within the company by dishonest representatives, employees, or associates These are proactive preventive measures designed to mitigate legal risks before they escalate into criminal investigation.
- Minimizing risk – means actions aimed at protecting the company from criminal liability, including through employee training, the creation of internal policies and procedures for dealing with irregularities,
- Reputation protection – companies that implement compliance programs build trust among customers, business partners, and investors and are better equipped to avoid reputational damage,
- Increased risk management effectiveness – through ongoing monitoring, compliance structures contribute to limiting losses caused by illegal activity and help avoid severe legal consequences, such as bans on public procurement or exclusion from public funding.
In summary, criminal compliance leads to a reduction in the risk of crime within an organization and, when it does occur, allows for the disclosure of irregularities and an appropriate response.
What are the elements of an effective criminal compliance system
An effective criminal compliance program should incorporate several key elements to ensure regulatory compliance, protect against civil liability, and prevent the organization from being held criminally liable under applicable Polish law or EU directives.
- Risk identification: identifying areas of the company’s operations where there is a risk of criminal law violations.
- Policies and procedures: The organization should develop and implement clear guidelines to employees and management alike. These policies should be tailored to the specific nature of the company’s business and applicable laws (e.g., anti-corruption policy, whistleblowing, protocols for internal investigations).
- Employee training: Regular training on criminal compliance is essential to ensure that employees are aware of applicable criminal laws and ethical standards and know how to respond in risky situations. It helps embed a strong corporate culture of accountability. It also ensures that staff across all legal teams understand their obligations.
- Internal control systems: Implementatiing of control mechanismsallows for ongoing monitoring and ensures program’s effectiveness in practice.
- Channels for reporting irregularities: Employees should be able to report irregularities, allowing for early detection and elimination of potential threats.
- Regular audits: Frequent evaluations help companies respond to significant changes in Polish law, international standards, or proposed amendments introduced by the European Commission or regulators in an EU member state.
- Response to violations: Take prompt action when irregularities are detected. Companies that act quickly and transparently may avoid more severe potential consequences or reduce their exposure should authorities impose sanctions for certain offences.
What crimes can an internal criminal compliance system prevent
A well-structured criminal compliance program can help prevent a range of criminal offenses, including those that may result in criminal liability for both natural persons and legal entities under Polish law or EU regulations. Early detection and due diligence are vital for preventing violations and ensuring sanctions compliance.
Acting to the detriment of the company – what it may involve
The offense of acting to the detriment of a company, otherwise known as breach of trust, is regulated in Article 296 of the Criminal Code, according to which a member of the management board who causes significant financial damage (PLN 200,000) to a company by abusing their powers or failing to fulfill their duties is subject to imprisonment for a term of between 3 months and 5 years.
In turn, a member of the management board who causes a direct threat of significant financial damage to the company through abuse of authority or failure to fulfill their duties is subject to imprisonment for up to 3 years.
In practice, acting to the detriment of the company may include, among other things:
- undertaking unprofitable investments or selling the company’s assets at an undervalued price,
- concluding unreasonable contracts or contracts on non-market terms, e.g. for sponsorship, consulting or media services,
- hiring employees for fictitious positions,
- remuneration of management staff that is disproportionate to their performance.
Tender collusion and obstruction of tenders – what it may involve
The crime of disrupting a public tender is regulated in Article 305 of the Criminal Code, according to which obstructing or thwarting a tender or public procurement procedure is punishable by up to 3 years’ imprisonment.
In turn, anyone who, in order to unlawfully influence the outcome of an ongoing or planned tender or public procurement procedure, enters into an agreement with another person, transmits or disseminates information or conceals relevant circumstances, acting to the detriment of the owner of the property, the person or institution for whom the tender is or is to be conducted or which conducts or is to conduct the proceedings, or to the detriment of the public interest, shall be subject to imprisonment for a term of between three months and five years.
In practice, illegal interference with a tender may consist, among other things, in:
- setting tender conditions for one of the bidders,
- passing on confidential information concerning the content of competing bids,
- delaying or accelerating deadlines in a manner that gives an advantage to a specific contractor,
- manipulating the evaluation of bids, ignoring non-compliance with the terms of the tender or underestimating the evaluation of competing bids.
Financial or tax fraud – what it may involve
The crime of financial fraud is regulated in Article 297 of the Criminal Code, according to which anyone who, for the purpose of obtaining for themselves or for another person, from a bank or an organizational unit conducting similar economic activity on the basis of a statute or from an authority or institution disposing of public funds – a credit, cash loan, surety, guarantee, letter of credit, subsidy, confirmation by a bank of an obligation arising from a surety or guarantee or similar monetary benefit for a specific economic purpose, payment instrument or public procurement, submits a forged, altered, untrue or unreliable document or an unreliable written statement concerning circumstances of significant importance for obtaining the aforementioned financial support, payment instrument or contract, shall be subject to imprisonment for a term of between 3 months and 5 years.
As a consequence, criminal liability for financial fraud may be incurred, inter alia, for:
- obtaining financing for fictitious scientific projects, training,
- overstating the costs of project implementation and allocating the surplus for purposes inconsistent with the purpose of the funding,
- granting funding to entities related to entities making decisions on funding.
Corruption – what it may involve
We can distinguish between official corruption and managerial corruption.
- Granting or promising to grant financial or personal benefits to a person performing a public function in connection with the performance of that function (active official corruption, Article 229 § 1 of the Criminal Code) or doing so in exchange for mediation in the settlement of a matter in a specific entity, consisting in unlawfully influencing the decision, action or omission of a person performing a public function in connection with the performance of that function (active paid protection, Article 230a § 1 of the Criminal Code)
- Granting or promising to grant a financial or personal advantage to a person holding a managerial position in an economic entity in exchange for the abuse of the powers granted to him or the failure to fulfill his obligations, which may cause financial damage to that entity or constitute an act of unfair competition or an unacceptable preferential treatment for the purchaser or recipient of goods, services or benefits (managerial corruption, Article 296a § 1 of the Criminal Code)
Giving gifts of gratitude or making informal attempts to settle matters in public offices may constitute the offense of official corruption.
Accepting or giving valuable gifts to management or hiring employees solely on the basis of personal connections may constitute the offense of managerial corruption.
Criminal compliance procedures – what are they and which ones are worth implementing in the company?
The development of specific procedures may depend on the specific circumstances and risk analysis in a given company and on the specific nature and profile of the entity’s activities. For effective implementation, these procedures should be tailored to the business model and regularly reviewed.
The most common procedures are as follows:
- anti-corruption procedure,
- anti-money laundering and counter-terrorist financing procedure,
- whistleblower protection procedure,
- contractor verification procedure,
- tax transparency procedure,
- procedure for handling confidential information and personal data.
Anti-corruption procedure
The purpose of the anti-corruption procedure is to prevent corruption in the organization. As part of this procedure, it is worth defining the types of corruption and the rules for preventing it, creating a catalog of behaviors that may constitute corruption, and a procedure for reporting and investigating instances of corruption. The procedure may also specify what gifts should not be accepted or given in a given organization.
Anti-money laundering and counter-terrorist financing (AML) procedure
The purpose of the anti-money laundering and counter-terrorist financing (AML) procedure is to ensure that the company’s activities comply with applicable laws on anti-money laundering and counter-terrorist financing (AML/CFT), to prevent the organization from being used for criminal activities, and to protect its reputation. As part of this procedure, it is essential to introduce customer identification and verification mechanisms (KYC – Know Your Customer), assess the risks associated with the customer, product, service, distribution channel and location, establish a transaction monitoring procedure, and provide AML training for the organization’s employees.
Whistleblower protection procedure
The purpose of the whistleblower protection procedure is to establish transparent rules for reporting violations of the law, ethics, or internal regulations of the organization and to ensure effective protection for whistleblowers against retaliation.
The obligation to implement a whistleblower protection procedure stems, among other things, from the provisions of EU Directive 2019/1937.
The obligation to implement a whistleblower protection procedure applies to private companies – mandatory: all companies employing at least 50 employees (regardless of industry) and regardless of the number of employees – the obligation may apply to companies operating in specific high-risk sectors, e.g., institutions subject to the AML Act (e.g., banks, accounting offices), companies in the financial, energy, IT, transport, and chemical sectors.
Tax transparency procedure
The purpose of the tax transparency procedure is primarily to prevent tax evasion and ensure the correct reporting of tax schemes.
Importantly, each procedure should be reviewed at least once a year or after changes in the regulations.
How we can help with criminal compliance?
- we effectively identify criminal risks in your organization,
- we develop appropriate internal procedures and regulations tailored to Polish legal regulations, such as anti-corruption policy, AML procedures, and contractor verification procedures for business entities from various sectors of the economy,
- we support the creation of corporate documents specifying the areas of responsibility of bodies, employees, and persons authorized to act on behalf of or in the interest of the entrepreneur,
- we support the creation of procedures for dealing with law enforcement authorities,
- we advise on the protection of whistleblowers,
- we conduct criminal compliance training,
- we defend clients in criminal proceedings involving allegations of economic crimes or AML,
- we provide legal assistance in cases where both traditional and crypto asset accounts have been frozen,
- we represent clients during company searches and seizures of documentation and data carriers.
