Lawyers Compliance Spain. LETRADOX

Lawyers Compliance Spain. LETRADOX


Jorge Juan St. 141. 3ºA. Madrid

Tlfs. 912980061 / 645958948





Compliance, in general, means conforming to a rule, such as a specification, standard or law. Regulatory compliance describes the goal that organizations aspire to achieve in their efforts to ensure that they are aware of and follow the necessary steps to comply with relevant laws, policies and regulations. Little by little more organizations are adopting the use of harmonized and standardized sets of compliance controls.

Regulatory compliance varies by industry and by location. In the USA the definitions of what makes an effective compliance has been elusive. It continues to cite the guidelines for Sentencing organizations provided by the United States Sentencing Commision.

In terms of art “organization” means “a person other than an individual”. This term includes corporations, partnerships, associations, joint-stock companies, unions, trusts, pension funds, unincorporated organizations, governments and political subdivisions thereof, and nonprofit organizations.




To have an effective compliance and ethics program an organization shall exercise due diligence to prevent and detect criminal conduct; and promote an organizational culture that encourages ethical conduct and commitment to compliance with the law. Those two require minimally the following (Chapter Eight of the Federal Sentencing Guidelines):

-Compliance standards and procedures reasonably capable of reducing the prospect of criminal activity.

– oversight by high-level personnel of the effective compliance and ethics program of the organization and specific individuals shall eb assigned overall responsibility for the compliance and ethics program. The chief compliance officer (hereinafter CCO) of a company is the officer primarily responsible for overseeing and managing regulatory compliance issues within an organization. CCO reports to the chief executive officer or the chief legal officer.

-Due care in delegating substantional discretionary authority.

-effective communication of its standards and procedures to the members of the governing authority, high-level personnel, substantial authority personnel, the organization`s employees and the organization’s agents.

-Reasonable steps of achieve compliance, which includes systems for monitoring, auditing, and reporting suspected wrongdoing without fear of reprisal

-Consistent enforcement of compliance standards including disciplinary mechanisms to prevent or detect criminal conduct.

-Reasonable steps to respond to and prevent further similar offenses upon detection of a violation.

Each of the seven keys need to be met by an organization; however, there are some factor to consider to meet those requirements:

-Applicable Governmental Regulation and Industry Practice: The organization needs to incorporate and follow the applicable industry practice or standards of art, if not the compliance and ethics program effectiveness is going to fail.

-Size of the organization: the formality and scope of actions depends on the size of it. Both large organizations and small ones need to demonstrate the same degree of commitment to ethical conduct and compliance with the law, but the first ones may meet the requirements with more formal operations and greater resources than the small ones. The Large organizations should be a model to encourage small organizations.

-Similar misconduct: recurrence of similar misconduct creates doubt regarding whether the organization took reasonable steps to meet the requirements of this guidelines.


This chapter applies to the sentencing of all organizations for felony and Class A misdemeanor offenses.


The are some international standards to handle regulatory compliance in business, which provide a reminder of how compliance and risk should operate together, sharing a framework with some nuances. International Organization for Standardization (hereinafter ISO) and its ISO 37301:2021, which deprecates ISO 19600:2014 is one of the primary international standards address these issues. The ISO procedures international standards to help organizations meet regulatory compliance with their security management and assurance best practices.

American Society of Mechanical Engineers (hereinafter ASME) also develop standards and regulation codes. They provide a wide range of guidelines to ensure compliance of the products to safety, security or design standards.




Every board needs to be satisfied that the company has a program to asses and monitor compliance. It is condition sine qua non that the board is responsible for risk oversight. In fact, risk oversight is one of the board’s most critical roles. Whether and how a board executes that oversight responsibility can have profound impacts on the company and on the board and its members.

In June 2019, the Delaware Supreme Court issued an opinion in Marchand v. Barnhill, allowing a lawsuit to proceed challenging the director’s alleged failure to oversee properly a company’s compliance program and related efforts. Marchand involved an ice cream company that suffered a listeria outbreak -causing three deaths-, causing the company to recall all of its products, shut down production at all of its plants, and lay off over a third of its workforce.

The only matter addressed by the court was whether the lawsuit could proceed; accordingly, the opinion has based solely upon the allegations in the complaint, and not stablished facts. However, while the ultimate responsibility of the board has yet to be determined, the opinion makes it clear that the board has oversight responsibility for food safety that it may have executed improperly, if at all.

When a company experiences compliance weakness or breakdowns may require more oversight than a company with a clean and long-term record of compliance. The compliance oversight is not a “set of it and forget it” matter; the boards need to remain vigilant when it comes the monitoring compliance. This does not mean that the topic must be addressed at every meeting or that the board’s other responsibilities can be ignored.

Boards can or should engage outside advisers to assist them in monitoring compliance risks, including assessing whether existing compliance procedures and practices are appropriate or, how they might be enhanced.




It is a way of addressing and possibly remedying an information deficit of society, of law enforcement by criminal or other government agencies as well as of companies themselves in relation to some manner of misconduct.

Whistleblowing has rightly been described as a key element of compliance. Since whistleblowing often has a very negative consequences for the whistleblower, the core regulatory problem is to encourage whistleblowing through incentives, but without losing sight of the interests of the people and companies affected by whistleblowing and without creating a climate of denunciation.

The incentives can consist of protecting the whistleblower through anonymity, guarantees of confidentiality, and financial and other reward systems. Particularly controversial are financial incentive schemes based on the US system of bounties.

A difficult problem with demarcation is how to handle evidence that is false, carelessly inaccurate, or simply not proven. In economic terms, it is therefore a question of minimizing costs in the implementation and enforcement of the law.

From an empirical standpoint, despite various inquiries, the overall benefit of whistleblowing—in terms of information gain, costs, positive and negative effects on the company and the people involved, etc. – remains uncertain.

Only the immediate effect, the increased discovery of legal violations and misconduct, is guaranteed.

The latter is particularly evident for leniency programs in antitrust law, but it holds true also for the US incentive systems in securities regulation.



First of all, it is necessary to explain who is whistleblower: someone who leaks information about a business or government agency that violated the law in some way. A whistleblower can be, although is not limited to: an employee of a federal or state agency, an employee of a company or anyone who sees wrongdoing.

Whistleblower can report violations of company policy, specific lawbreakers, who fail to follow state, local or federal regulations, who are a threat to national security or who engage in fraud or corruption. Whistle protection laws have been created to protect whistleblowers from retaliation by companies or agencies involved since it is known employers have retaliated against employees who “blow the whistle” on them. Employers may retaliate including firing or laying off the whistleblowers, blacklisting, demoting, disciplining, denying benefits, overtime or promotions, intimidation, reducing pay or hours, and so on.

 Some of the regulations are:

-The original Whistleblower Protection Act (hereinafter WPA)  (1986) and the more recent Whistleblower Protection Enhancement Act (hereinafter WPEA) (2012) protect federal employees against retaliation by agencies they work for. The WPEA clarifies the scope of protected disclosures and establishes that the disclousure does not lose protection because:

– disclosure was made to someone, including a supervisor, who participated in the wrongdoing disclosed;

-the wrongdoing being reported has previously been disclosed;

-of the employee’s motive for reporting the wrongdoing;

-the disclosure was made while the employee was off duty;

– disclosure was made during the employee’s normal course of duty, if the employee can show that the personnel action was taken in reprisal for the disclosure; or

-the amount of time which has passed since the occurrence of the events described in the disclosure.

– WPEA protects disclosures that an employee reasonably believes are evidence of censorship related to research, analysis, or technical information that causes, or will cause, a gross government waste or gross mismanagement, an abuse of authority, a substantial and specific danger to public health or safety, or any violation of law.  It expands the penalties imposed for violating whistleblower protections and establishes the position of Whistleblower Protection Ombudsman.

-Whistleblower Ombudsman: WPEA’s wise, the Consumer Product safety commission (CPSC) established a Whistleblower Ombudsman to educate agency employees about prohibitions on retaliation for whistleblowing, as well as employee’s rights and remedies if subjected to retaliation for making a protected disclosure.

-Enhancement of Contractor Protection from Reprisal (NDAA), enacted a pilot program making illegal for an employee of a Federal contractor, subcontractor, grantee or subgrantee to be discharged, demoted or discriminated against fro making a protected whistleblower disclosure.

Moreover, all states of USA have whistleblower protection laws, but they vary from state to state with their own nuances.




It is important to note that complaints and whistleblower actions are different. Ergo, filing a whistleblower complaint is not the same thing as filing a complaint against an employer for violations of the law. It will describe with example since it is the easiest way:

If an employee feels that their company is engaging in Insafe work practices, they can anonymously file a safety and health complaint against Occupational Health and Safety Administration (OSHA). Another employee complaints against employers relate to pay, discrimination and other workplace violations, they can file a complaint with a state or local employment agency or the U.S. Department of Labor. In the case that the employee feels they have been retaliated against by the employer for their complaint, that is when can file a whistleblower protection claim.

Lawyers Compliance Spain. LETRADOX


Jorge Juan St. 141. 3ºA. Madrid

Tlfs. 912980061 / 645958948