Companies are acknowledged to be distinct legal persons that bear liability both for organizational failures and misconduct of their agents. Civil liability has long been imposed on companies and organizations. Corporate criminal liability has rapidly been expanded in recent years. Following the common law jurisdictions, in which notions of corporate criminal liability were introduced already in the early twentieth century, many civil law countries also recognize the possibility of holding companies criminally liable. However, distinctions in the use and theoretical underpinning of organizational liability remain across countries.
KeywordsPenal Code Legal Person Criminal Liability Corporate Body Corporate Liability
Corporate Liability Around the World
Laws that render corporations liable have been strengthened after several high-profile corporate scandals, such as accounting crimes and financial fraud scandals (Enron, WorldCom, Tyco, Parmalat), the bribery of foreign officials (Siemens, Samsung), and gross negligence that caused the explosion of the oil rig (British Petroleum). Corporations can be held liable for wrongdoings, being subject to civil sanctions and criminal charges. Corporate criminal liability is currently applied in all common law countries (inter alia, the USA, the UK, Ireland, Canada, and Australia) and in many civil law countries, including the Member States of the European Union; China; some Middle East countries, including Jordan, Syria, and Lebanon; and some post-Soviet countries, such as Baltic states, Moldova, Ukraine, Georgia, and Kazakhstan).
Common Law Countries
Until the early 1900s, corporations could not be held criminally liable for mens rea crimes. To constitute a mens rea crime, a guilty act (actus reus) has to be accompanied by a guilty state of mind or mens rea (Fischel and Sykes 1996, p. 320). Since corporations lack souls that are able to form a culpable intent and bodies to be punished, criminal liability was not imposed on corporations initially (Coffee 1981). But it has long become a common practice to attribute individuals’ intents to corporations and make corporations criminally liable (Laufer 2006; Khanna 1996; Stessens 1994). Corporate liability is theoretically based on the legal fiction that corporations are persons distinct from their shareholders, directors, and employees (DiMento and Geis 2005, p. 160; Laufer 2006). Corporations can incur liability based on different grounds.
The common law doctrine of respondeat superior, initially originated in tort law, forms a basis for vicarious liability, which implies that companies are strictly liable for the negligent actions of their agents acting within the scope of employment or authority and with intent to benefit the corporation (Wilkinson 2003; Laufer 1999).
From the perspective of deterrence, vicarious liability is expected to be most effective when a company can successfully monitor and control its agents (Sykes 2012, p. 2164). One of the reasons that justifies vicarious liability is that it mitigates the judgment proof problem. This problem implies that individual defenders have limited wealth and therefore may be unable to fully compensate damages. Compared to individuals, companies possess larger assets (“deep pockets”) which can be used for paying sanctions and plaintiff compensation. Another justification of vicarious liability is that it prevents companies from inefficient excessive expansion of their activities (Sykes 1984, p. 1246).
Vicarious liability is applied, among others, in the Foreign Corrupt Practices Act (FCPA), enacted in 1977, and in the Alien Tort Statute (ATS), enacted in 1789. These acts are applicable to both domestic and foreign corporations.
According to the theory of enterprise liability, advanced by Fleming James and Friedrich Kessler in the 1940–1950s, companies should internalize the costs associated with their activities, including the direct and indirect costs of injuries from corporate activities (Witt 2003, p. 39; Keating 2001). Enterprise liability is justified by the presumption that companies are in the best position to control safety and that they can best spread (financially diversify) the costs of injuries caused by defective products or services (Witt 2003, pp. 2, 39; Priest 1985, p. 492). Enterprise liability (firm-level liability) is widely applied in product liability and in ultrahazardous industries.
Organizational criminal liability can be imposed based on the duty-based rules (fault-based or negligence rules). The duty-based liability rules foresee a mitigation of liability if corporate compliance programs, aimed at the prevention of wrongdoing, have properly been adopted (Arlen and Kraakman 1997). According to the law and economics literature, negligence liability is generally less efficient than strict liability because under the former tortfeasors do not fully internalize the harm inflicted by wrongdoings. This leads to a too high activity level of tortfeasors, which results in too many wrongdoings (Shavell 1980; Fischel and Sykes 1996, p. 328). The elements of duty-based liability are, however, increasingly applied by means of the compliance-based approach (Moot 2008). For example, the Federal Sentencing Guidelines take into account corporate compliance programs in imposing liability on companies (Krawiec 2005). The promulgation of the compliance-based approach denotes a shift from respondeat superior liability to duty-based liability of corporate entities (Laufer 1999; Krawiec 2005). The enforcement of effective corporate compliance programs aims at the early prevention of misconduct in organizations, higher compliance efforts, and the creation of a positive law-abiding corporate ethos.
Long before the adoption of the guidelines, corporate compliance programs have been essential in the enforcement of antitrust law, securities law, and environmental law. Ethics codes and voluntary reporting of corporate misconduct, as part of compliance efforts, have also been promoted in the organizations of the defense industry (Walsh and Pyrich 1995).
Two high-profile statutes are specifically related to corporate liability in the UK – the Corporate Manslaughter and Corporate Homicide Act of 2007 (CMCH Act) and the Bribery Act of 2010. The Bribery Act foresees corporate liability for bribery. It can be imposed both on domestic and foreign companies, which conduct at least part of their business in the UK. The entity can defend itself by proving that it took adequate precautions and implemented adequate procedures to prevent misconduct.
The CMCH Act imposes homicide criminal liability on a corporate body for a gross breach of a duty of care, which caused a work-related death. Thereby the CMCH Act places an emphasis on the organizational and management failures, and it removed the identification doctrine, which was an obstacle for imposing criminal liability for manslaughter on a corporate body. According to the identification doctrine (the alter ego principle), a guilty individual (a “directing mind”) who occupies a senior position within a corporation has to be determined to attribute liability to the corporation. Unlike vicarious liability, the identification doctrine presumes that certain managers and employees act as the company itself, rather than on its behalf (Wells 1999, p. 120).
Civil Law Countries
Corporate criminal sanctions are applied in most civil law jurisdictions. Starting from 1990s many countries, which had only corporate civil liability before, actively adopted corporate criminal liability (Norway in 1991, Iceland in 1993, France in 1994, Finland and Slovenia in 1995, Belgium in 1999, Estonia and Hungary in 2001, Malta in 2002, Switzerland, Croatia, Poland and Lithuania in 2003, Slovakia and Romania in 2004, Austria 2006, Luxembourg and Spain in 2010, Czech Republic in 2011; the legislative initiative on corporate criminal liability has been introduced in Russia in 2015). Italy, Sweden, and Bulgaria have quasi-criminal corporate liability (Engelhart 2014, p. 56).
German law recognizes corporate liability imposed for wrongdoings of company representatives or employees. The German Penal Code (Strafgesetzbuch or StGB) follows the Roman rule societas delinquere non potest, according to which a legal entity cannot commit a crime. Criminal liability is applicable only to natural persons. Financial sanctions can nevertheless be imposed on legal entities for wrongdoings committed by corporate representatives or employees on behalf of the company (Weigend 2008; Böse 2011). These sanctions ensure that companies do not derive any benefits from the committed offenses, and they can be imposed irrespective of any criminal sanctions applied to natural persons with regard to the same offense. Corporate sanctions are justified by the standpoint that the failure to provide proper organization and supervision of corporate representatives and employees constitutes corporate guilt (Böse 2011, p. 231). The important role of organizational negligence in German law contrasts with both the no-fault enterprise liability approach, in which fault is irrelevant, and the doctrine of vicarious liability, according to which individual negligence is automatically attributed to a corporate entity (Kyriakakis 2009, p. 344).
In the German Civil Code (Bürgerliches Gesetzbuch or BGB), organizational negligence is interpreted in the principal-agent context. The BGB (§823) specifies that a principal (“a person who uses another person to perform a task”) “is liable to make compensation for the damage that the other unlawfully inflicts on a third party when carrying out the task.”
Similar to Germany, the principle of societas delinquere non potest guided for a long time the approach toward corporate liability in France. Only the Penal Code (Code pénal) of 1992 (effective since 1994) introduced corporate criminal liability into the French law, which marked a significant shift from the idea that corporations cannot be criminally liable, which traces back to the Napoleonic Code (Coffee 1999, p. 23). Initially limited to a number of specific offenses, corporate criminal liability has been extended to all offenses and all legal persons, except from the state and local public authorities (Tricot 2014). To impose criminal liability on a legal entity, an offense has to be committed by the entity’s organs or representatives on behalf of the entity (Arts. 121–122 Penal Code).
Similar to Germany and France, the principle of societas delinquere non potest was dominant in the Italian law for a long time. Article 27(1) of the Italian Constitution states that criminal liability is personal, which implies that criminal law applies only to natural persons. Some European and OECD conventions, however, require the states which comply with these conventions to enact corporate liability. This fact induced Italy to enact Decree no. 231 (Decreto Legistativo no. 231) in 2001, which introduced administrative liability of corporate entities for crimes committed by their employees.
To attribute a criminal offense to a corporation, the offense should be committed in the interest or to the advantage of the corporation (Sant’Orsola and Giampaolo 2011). Article 6 of Decree no. 231 sets out the possibility for organizational defense, allowing a company to avoid liability if it “adopted and effectively implemented appropriate organisational and management models.”
Already in 1950, the Dutch law acknowledged that economic offenses can be committed not only by individuals but also by corporate bodies (the Economic Offences Act, Wet op de economische delicten). In 1976 criminal liability of public and private corporate bodies was introduced in the Dutch Penal Code (Wetboek van Strafrecht), Art. 51. Criminal liability can be imposed on a corporate body if a wrongful act or omission was committed by a corporate employee or agent within the normal course of business, given that a company benefited from the wrongful conduct and accepted such conduct or failed to take adequate precautions to prevent it (Keulen and Gritter 2011). Thus corporate liability is based on the negligence standard. To attribute liability to the corporation, it is sufficient to prove that management or multiple individuals within the corporation possessed knowledge about the criminal activity or the risks thereof, but adequate measures toward crime prevention were not taken. Collective knowledge (the mens rea of different individuals) can be aggregated to establish organizational fault (Coffee 1999, p. 10; Stessens 1994, p. 512). This is a distinctive feature compared to the British identification theory (Coffee 1999, p. 22).
Criminal Liability Imposed by International Conventions
Apart from national laws, corporate liability is also envisaged by international conventions. For example, the OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions (1997), which came into effect in 1999, prescribes the imposition of criminal liability on legal persons for bribery and corrupt business practices across borders. The signatories of the Convention are obliged to enact domestic legislation conforming to the Convention’s standards.
Some other international conventions, such as the International Convention for the Suppression of the Financing of Terrorism (1999), the UN Convention Against Transnational Organized Crime (2000), and UN Convention Against Corruption (2003), also foresee corporate liability. Moreover, International Standards on Combating Money Laundering and the Financing of Terrorism and Proliferation are an important soft law instrument that contains provisions on corporate criminal liability.
- Arlen J, Kraakman R (1997) Controlling corporate misconduct: an analysis of corporate liability regimes. N Y Univ Law Rev 72:687–779Google Scholar
- Coffee JC Jr (1999) Corporate criminal liability: an introduction and comparative survey. In: Eser A, Heine G, Huber B (eds) Criminal responsibility of legal and collective entities. Edition iuscrim, Freiburg im Breisgau, pp 9–37Google Scholar
- DiMento JFC, Geis G (2005) Corporate criminal liability in the United States. In: Tully S (ed) Research handbook on corporate legal responsibility. Edward Elgar Publishing, Northampton, pp 159–176Google Scholar
- Engelhart M (2014) Corporate criminal liability from a comparative perspective. In: Brodowski D, Espinoza de los Monteros de la Parra M, Tiedemann K, Vogel J (eds) Regulating corporate criminal liability. Springer, London, pp 53–76Google Scholar
- Keating GC (2001) The theory of enterprise liability and common law strict liability. Vanderbilt Law Rev 54:1285–1335Google Scholar
- Krawiec KD (2005) Organizational misconduct: beyond the principal-agent model. Fla State Univ Law Rev 32:571–615Google Scholar
- Laufer WS (1999) Corporate liability, risk shifting, and the paradox of compliance. Vanderbilt Law Rev 52:1343–1420Google Scholar
- Moot JS (2008) Compliance programs, penalty mitigation and the FERC. Energy Law J 29:547–575Google Scholar
- Sant’Orsola FC, Giampaolo S (2011) Liability of entities in Italy: was it not societas delinquere non potest? New J Eur Crim Law 2:59–74Google Scholar
- Sykes AO (2012) Corporate liability for extraterritorial torts under the Alien Tort Statute and beyond: an economic analysis. The Georgetown Law J 100:2161–2209Google Scholar
- Walsh CJ, Pyrich A (1995) Corporate compliance programs as a defense to criminal liability: can a corporation save its soul? Rutgers Law Rev 47:605–691Google Scholar
- Wells C (1999) A new offence of corporate killing – the English Law Commission’s proposals. In: Eser A, Heine G, Huber B (eds) Criminal responsibility of legal and collective entities. Edition iuscrim, Freiburg im Breisgau, pp 119–128Google Scholar
- Wilkinson M (2003) Corporate criminal liability – the move towards recognizing genuine corporate fault. Canterbury Law Rev 9:142–178Google Scholar