In a notable judgment pronounced on 9 May 2017 (case no.: 1 StR 265/17), the Federal Court of Justice ruled that the efficiency of a company’s compliance management system is to be taken into account when calculating a fine pursuant to section 30 Administrative Offences Act.
The case
According to the findings of Munich I Regional Court, which was the court of first instance, the defendant was a managerial employee of and holder of a general commercial power of attorney for the other party involved, a German defence company. By way of an agreement dated 5 July 2001, the other party involved sold 24 self-propelled howitzers to Greece for around EUR 188 million. To do this, it engaged the services of two sales agents, whose activities were coordinated by the defendant.
Sales agent B. was established especially for this arms deal and was supposed to receive a success-based fee of 3%. According to the Regional Court’s findings, the arms deal was based on a bribery agreement between the company and the Greek minister of defence. The shareholders of sales agent B. had personal access to this minister. Sales agent B. was not involved in the actual negotiations. The commission agreement was concluded to provide the funds required to honour the bribery agreement.
On 4 August 2002, sales agent B. issued an invoice for an amount of EUR 1.85 million in commission. The defendant, together with his superior, approved the invoice for payment. The accounting department of the other party involved paid the invoice and the payment was entered into the accounts of this party as ordinary business expenses for 2002. The defendant left the company in 2004. After his departure, further payments were made to the sales agents and were treated as business expenses for tax purposes.
The other party involved also employed another sales agent, namely P. in Greece, a personal friend of the defendant, for the arms deal; this sales agent forwarded bribery payments from commission payments to the deputy armament director in Greece. In addition, between 2002 and 2004 the defendant received kick-back payments in excess of EUR 657,000 – paid into his Swiss bank account - from this sales agent in connection with the arms deal. The defendant concealed these payments from the German tax authorities.
Although it could not be established that the defendant definitely knew that the sales agent P. was involved in bribery, P. did however start to tell the defendant that the deputy armament director in Greece was demanding part of P.’s commission. The defendant “stopped” P. in mid-sentence, however, by saying that he didn’t want to hear about it and that it only concerned P.
Decision of the Federal Court of Justice
Munich I Regional Court had sentenced the defendant to a total of eleven months in prison for having aided and abetted multiple instances of tax evasion. Any acts of corruption committed by the defendant had already become statute-barred. The Regional Court imposed a fine of EUR 175,000 on the other party involved pursuant to section 30 Administrative Offences Act.
The defendant, the other party involved and the public prosecutor’s office filed appeals on points of law against the Regional Court’s judgment. Further to the appeal lodged by the public prosecutor’s office, the Federal Court of Justice set aside the fine imposed on the other party involved, among other things. Its grounds for doing so are worth noting:
Munich I Regional Court calculated the fine based only on the guilt of the defendant, without taking the more serious tax evasion perpetrated by the management into account. The Federal Court of Justice also points out that pursuant to section 17(4) Administrative Offences Act, the fine must exceed the financial benefit obtained from committing the regulatory offence.
While this statement is not surprising as such, what is new is that the Federal Court of Justice very clearly states that the quality and efficiency of a compliance management system is to be taken into account as a mitigating factor when calculating the fine. In the grounds for its decision, it argues: “When calculating the fine, it is important to what extent the other party involved fulfilled its obligation to prevent violations of the law within the company’s sphere and set up an efficient compliance management system, which must be geared towards avoiding violations.”
In the Federal Court of Justice’s view, what can also play a role is whether the other party involved optimised the relevant rules and regulations following the proceedings in question and structured its internal processes in such a way that it would be much harder to commit such violations in future, at any rate.
Practical consequences for compliance
In our experience, the authorities have already in the past generally considered the efficiency of the implemented compliance management system and the company’s efforts to optimise this and remedy existing shortcomings in the aftermath of a compliance violation as mitigating factors when calculating the fine. It has often been the case that the authorities have taken the costs incurred in connection with optimising the system into account when setting the amount of the fine.
Nevertheless, the Federal Court of Justice’s decision has long been anticipated by compliance practitioners since there is at present no statutory provision in Germany that states that compliance management systems must be taken into account when fines are calculated. To date, the discussions surrounding this issue have not been converted into relevant legislation.
The fact that the Federal Court of Justice has now ruled that compliance management systems should be taken into account when setting fines is therefore seen as a step in the right direction. With this, the legal situation in Germany is drawing ever closer to that in, say, Great Britain or the US.
It is to be hoped that the decision of the Federal Court of Justice is applicable beyond anti-corruption-/tax-related circumstances, including antitrust. The reasoning of the Federal Court of Justice reads more general: wherever compliance management systems serve to prevent breaches of the law, the implementation of such a system shall be taken into account in the setting of the fine.
It remains unclear what requirements must a compliance management system – notwithstanding isolated deficiencies –meet in order to be regarded as efficient and therefore justify a reduction in the fine?
Other legal systems are already much clearer on this issue. For example, the Sentencing Guidelines in the US lay down extensive requirements to be met by a compliance program in order for it to be regarded as an “effective compliance and ethics program”. We have already reported that the US Department of Justice (DOJ) also published instructive guidelines for the assessment of corporate compliance programs on 8 February 2017 (see issue 2/2017, p. 2 et seq.). German compliance practitioners will continue to look to these standards, among other things, for guidance in future. It should however be borne in mind that the assessment of a compliance management system’s efficiency depends to a large extent on the company’s individual risk profile. Further assistance can be obtained from international standards (e.g. ISO 19600 Compliance, ISO 31000 Risk Management, ISO 37001 Anti-Bribery Management Systems), although these are likely to be insufficient to satisfy the requirements of German law. It is also worth noting that the Federal Court of Justice has not only recognised the existence of an effective compliance management system at the time of the violation as a mitigating factor when calculating the fine, but also the company’s efforts to optimise an existing system after a violation has been exposed. Once a violation has been uncovered within a company, be it through internal efforts or an investigation by the authorities, the management has a fundamental duty under corporate law to carry out an in-depth internal investigation, to analyse the causes of the violation and to adjust the compliance management system accordingly so that similar violations can be avoided in future. Should the members of the management fail to take these measures, they may be held personally liable. Moreover, such self-cleaning measures are important in terms of procurement law and could prevent a company from being excluded from participation in public procurement contracts as a consequence of a criminal offence (section 125 Act against Restraints of Competition). The Federal Court of Justice’s decision now means that these reactive measures are also relevant when it comes to calculating the fine and moreover make it possible to reduce the fine. It is therefore all the more essential that violations in companies be dealt with immediately and meticulously and that their causes be analysed and eliminated. It is only by doing so that the negative consequences for the company can be mitigated to some extent and the members of the management can avoid being held personally liable for such violations.
Other legal systems are already much clearer on this issue. For example, the Sentencing Guidelines in the US lay down extensive requirements to be met by a compliance program in order for it to be regarded as an “effective compliance and ethics program”. We have already reported that the US Department of Justice (DOJ) also published instructive guidelines for the assessment of corporate compliance programs on 8 February 2017 (see issue 2/2017, p. 2 et seq.). German compliance practitioners will continue to look to these standards, among other things, for guidance in future. It should however be borne in mind that the assessment of a compliance management system’s efficiency depends to a large extent on the company’s individual risk profile. Further assistance can be obtained from international standards (e.g. ISO 19600 Compliance, ISO 31000 Risk Management, ISO 37001 Anti-Bribery Management Systems), although these are likely to be insufficient to satisfy the requirements of German law. It is also worth noting that the Federal Court of Justice has not only recognised the existence of an effective compliance management system at the time of the violation as a mitigating factor when calculating the fine, but also the company’s efforts to optimise an existing system after a violation has been exposed. Once a violation has been uncovered within a company, be it through internal efforts or an investigation by the authorities, the management has a fundamental duty under corporate law to carry out an in-depth internal investigation, to analyse the causes of the violation and to adjust the compliance management system accordingly so that similar violations can be avoided in future. Should the members of the management fail to take these measures, they may be held personally liable. Moreover, such self-cleaning measures are important in terms of procurement law and could prevent a company from being excluded from participation in public procurement contracts as a consequence of a criminal offence (section 125 Act against Restraints of Competition). The Federal Court of Justice’s decision now means that these reactive measures are also relevant when it comes to calculating the fine and moreover make it possible to reduce the fine. It is therefore all the more essential that violations in companies be dealt with immediately and meticulously and that their causes be analysed and eliminated. It is only by doing so that the negative consequences for the company can be mitigated to some extent and the members of the management can avoid being held personally liable for such violations.