The criminal courts in Spain have sole jurisdiction to prosecute criminal corporate conduct. The investigation and prosecution of criminal offences, therefore, falls to the examining magistrates' courts, which are responsible for conducting the preliminary investigation stage in criminal proceedings. In this role they are assisted by the state law enforcement bodies.

The examining magistrates' courts conduct preliminary enquiries that are primarily aimed at gathering information and documentation that may serve as evidence (searches, interception of communications, etc.). In these enquiries they may take precautionary measures to ensure that the proceedings are conducted effectively (preventive or provisional detention, bonds or attachments).

Judges are required to investigate any indication of a crime and are not restricted as to what may be found, having broad powers for the purpose. They have a duty to ascertain the facts and circumstances that allow the conduct in question to be regarded as criminal, and then to (1) investigate the accused (identification and gathering of personal details), (2) determine the damage caused and (3) identify the person responsible.

Any investigative measures that violate fundamental rights (the interception of personal communications, searches of and dawn raids on private premises, etc.) may only be agreed to in exceptional circumstances and are subject to authorisation by the court. In addition, it is necessary to ascertain what criminal act is being investigated, and whether the use of that measure of investigation is justified within the context of the investigation. The court must oversee the organisation and implementation of the measure.

Occasionally, officials of the Public Prosecutor's Office, within the scope of their duties, may carry out investigations that result in the referral of the case in question to the relevant court authority, so that the necessary proceedings may be conducted or so that it may be ruled that there is no case to answer when it is found that there are insufficient grounds for bringing any action.

Additionally, given that the role of the Public Prosecutor's Office includes the actual filing of criminal actions, the public prosecutor may appear in the criminal proceedings and lead public prosecution, and may also appear at preliminary investigation stages.

Other government agencies (such as the tax authorities, the National Securities Market Commission, the employment authorities or the Bank of Spain) may bring proceedings against individuals or companies in relation to other corporate conduct, adjudge them responsible for offences provided for by law, and impose penalties. These agencies are able to require the production of documents and to question individuals, as long as there is no violation of the subject's fundamental rights.

During any administrative proceedings conducted by the aforementioned government agencies, if it is suspected that the activity constitutes a criminal offence, proceedings will be stayed and the case immediately referred to the Public Prosecutor's Office.

The government's criminal policy unquestionably has an impact on the prosecutorial role. This policy is influenced not only by national needs or priorities but by the international obligations that must be fulfilled by the government; however, the effects of the policy do not extend beyond the day-to-day work of the courts and investigations.

Finally, a company under investigation is not required to cooperate with authorities, but doing so is a mitigating circumstance of its criminal liability that can be applied under Article 31 quater b of the Spanish Criminal Code.


i Self-reporting

Act 5/2010 of 22 June 2010 entered into force in December 2010, amending Act 10/1995 of 23 November 1995 on the Criminal Code. One of the main developments of this new legislation was the inclusion for the first time of the criminal liability of legal entities.

Accordingly, under Article 31 bis of Act 5/2010, a legal entity could be held criminally liable, 'in the cases provided for in this Code',2 for:

    1. offences committed on its behalf or for its benefit by its legal representatives and de facto or de jure directors; and
    2. offences committed on its behalf and for its benefit by persons who, in the fulfilment of their duties and subject to the authority of the aforementioned individuals, would have performed the criminal acts as a result of a lack of due control over them.

Notwithstanding the foregoing, the latest reform introduced by Act 1/2015 of 30 March amending the Penal Code, which entered into force on 1 July 2015, modified the above-mentioned Article 31 bis, making corporate entities liable as follows. In the cases provided for in this Code,3 these entities will be criminally liable for:

    1. offences committed for and on behalf of them and to their direct or indirect benefit, by their legal representatives or by those persons who, acting individually or as members of a body of the legal entity, are authorised to take decisions on behalf of the legal entity or have organisational or management powers therein; and
    2. offences committed in the performance of corporate duties and for and on behalf of them and to their direct or indirect benefit, by those persons who, being subject to the authority of the persons referred to in the foregoing paragraph, have been able to carry out the offences as a result of the failure by the latter to fulfil their duties of supervision, monitoring and control of the activity of the former, bearing in mind the specific circumstances of the case.

As a result of these provisions, legal entities may be held to be criminally liable and must, therefore, ensure that they have suitable corporate compliance programmes in place that provide for the possibility of investigation of any internal wrongdoing, but there is no obligation to report the conduct discovered by the company. Under new Article 31 quater, the criminal liability of a legal entity may, however, be mitigated in the following circumstances:

    1. disclosure of the offence to the authorities prior to learning that proceedings have been brought;
    2. cooperation by providing evidence to the investigation that is new and decisive for shedding light on the criminal liability;
    3. reparation or mitigation of any damage caused by the offence prior to the criminal trial; or
    4. prior to the trial, taking effective measures to prevent and detect any possible offences that could be committed in the future using the resources of the legal entity.

This would be reflected by a reduction in the penalty imposed in accordance with the rules set out by Article 66 of the Criminal Code, which is proportionate to the extent of the cooperation provided but will not totally exempt the company from liability.

In conclusion, although no obligation of self-reporting is established, it could have very positive results for the legal entity and must be decided on a case-by-case basis.

ii Internal investigations

As already indicated, as a result of the entry into force of Act 5/2010 and the introduction of the criminal liability of legal entities, an increasing number of companies are implementing corporate compliance programmes that set out suitable monitoring and control measures for preventing criminal conduct on the part of their directors, legal representatives or employees.

A very important part of a corporate compliance programme, which allows a business to ascertain whether sufficient controls are in place, is, without doubt, the internal investigation of any irregular conduct that becomes known within the company.

In other words, corporate compliance programmes must include specific measures for the prevention and detection of possible criminal offences. It should be stressed that the latest reform introduced by Act 1/2015 expressly sets the requirements for an effectual corporate compliance programme, including reporting channels facilitating the detection of possible risks and infringements to the authority entrusted with monitoring the operation and observance of the prevention model.

For these purposes, it is becoming increasingly common for businesses to establish direct communication or reporting channels with their employees so that the latter have a means of reporting any conduct that they deem could constitute misconduct or illegal activity, or a breach or violation of laws or regulations (internal regulations of the company or legal regulations), and that has had or could have a negative impact on the business, without being afraid that disciplinary or discriminatory measures or any other actions of retaliation will be taken as a result of having reported the conduct.

In this regard, the business must establish clear and accessible communication channels that enable information to be received correctly and promptly by the relevant persons. Various different information sources may be used for warning of possible irregular conduct, for example, work carried out by the internal audit department, reporting channels, exit interviews, rumours and employee satisfaction surveys.

Once possible irregular conduct is known, the company will investigate it in accordance with the rules set out in its guidelines on internal investigations.

Corporate investigations can be conducted by both internal and external counsels. The assistance of an outside counsel will be determined according to the nature of the facts reported, the positions the wrongdoers hold and the expertise required for conducting the investigation, among others.

When there is suspicion of the commission of a crime, it is always advisable to retain an outside counsel to assure independence during the course of the investigation, to guarantee the authorities the objectivity of the results achieved, as well as to preserve professional secrecy in the exchange of documentation and information.

Only outside counsel communications will be protected by professional secrecy in Spain. In-house counsels are bound to the company (the client) by means of an employment relationship and, therefore, are not considered independent. Thus, their communications with the entity might not be protected under legal privilege.

Professional secrecy should be maintained at all times in any documents (including communications) produced during an internal investigation, even though its scope under Spanish law is more limited than under English law. The professional secrecy of lawyers is enshrined in the right to personal privacy4 and the right to a fair defence,5 and releases them from the obligation to report events of which they are aware as a result of the explanations of their clients,6 and to testify regarding those events that the accused has disclosed in confidence to his or her lawyer as the person entrusted with his or her defence.7 This exemption applies to the production of documents in criminal proceedings at the request of the court, and to any other measure of investigation authorised by the court for the purposes of seizure of the requested documents.

During the internal investigation process, the interviewing of the persons involved, the gathering of information, the inspection – if possible, by independent third parties – of the company's computers and servers, and the request of documentation, including any documents in the possession of third parties, etc., is fundamental.

As regards the interviewing of employees and the possibility of being accompanied by a lawyer, this will depend on the policy existing at the company regarding internal investigations. In any event, it is customary, especially at the beginning of the investigation, for employees to be informed in detail of the reason for the interview, but not to retain their own lawyers. The most widespread practice is guided by the provisions of employment law, consulting with the compliance officer regarding the specific case in question to ensure that the investigation is appropriate and proportionate, and respects the rights of all parties involved.

iii Whistle-blowers

From a criminal standpoint, the figure of the whistle-blower is fairly new in our system since the criminal liability of legal entities did not apply until 2010 and was not clearly regulated until the reform of 2015, when the impact that full implementation of compliance programmes will have on the liability of companies was specified in more detail.

For this reason, it is still too early to tell what position whistle-blowers will take regarding the reporting of illegal conduct to government authorities.

Note that there are no incentive programmes for whistle-blowers for reporting wrongdoings to the authorities. Nevertheless, if the whistle-blower is a wrongdoer and becomes an accused party to the criminal proceedings, his or her penalty might be mitigated by the court for reporting the illegal acts to the authorities, according to Article 21.5 of the Criminal Code (confess the illegal act to authorities).

Lastly, there are no specific protections in place for whistle-blowers, any more than it is guaranteed that their reports will be confidential. It is still not fully clear whether whistle-blowers can preserve anonymity or not.


i Corporate liability

As has been already explained, since the entry into force of Act 5/2010, Spanish law has provided for the criminal liability of a corporate entity in certain cases (see Section II.i).

Liability of a company for a crime may exist alongside that of an individual, and the company may also be held liable when (1) no specific individual perpetrator of the offence has been found, or (2) no proceedings may be brought against the individual (for example, because of lapse of liability by death or by application of the statute of limitation). This means that any mitigating and aggravating circumstances of either the company or the individual will not be affected by the other's situation. This being the case, the joint representation and defence of the individual and the company may not be compatible, since it is highly likely that conflicts of interest will arise. Thus, in most cases, it may not be advisable to have a joint representation and defence in the criminal proceedings.

In addition to criminal liability, it should be remembered that there are certain civil obligations that arise as a result of criminal offences, so the ex delicto civil liability of companies exists directly and jointly and severally with that of the individuals8 and vicariously.9

ii Penalties

Under Article 33.7 of the Criminal Code, the penalties that may be imposed on businesses are as follows:

    1. quota-based or proportional fines;
    2. winding up of the company;
    3. suspension of the company's activities for up to five years;
    4. closure of the company's premises and facilities for up to five years;
    5. barring from those activities through which the offence was committed, aided or concealed;
    6. disqualification from public subsidies and assistance; and
    7. court intervention.

Article 66 bis of the Criminal Code requires that, when applying any of the aforementioned penalties (except for fines), the judge or court will consider (1) the need for the penalty to prevent the continuation of the criminal activity or its effects, (2) the economic or social consequences, especially for employees, and (3) the position within the company of the individual who failed to exercise due control.

The Criminal Code seeks to make fines the penalty generally applicable to businesses. The process for determining the fine, in the event of a quota system, entails the court determining the applicable fine period on the basis of the circumstances indicated in the foregoing paragraph, as well as the applicable quota for each daily fine, taking into consideration the financial circumstances of the defendant. In the case of businesses, the daily quota would range from €30 to €5,000.

Article 3 ter 1, introduced with Act 1/2015, provides that when both parties (legal person and individual) are sentenced to a fine in the same case on the same charges, the size of the fine each must pay is scaled so that the resulting amount is not disproportionate to the severity of the charges.

Finally, note that the range of potential sanctions will not vary based on the authority bringing the action.

iii Compliance programmes

It has already been noted that Act 1/2015 of 30 March amending the Penal Code entered into force in July 2015.

This amendment expressly acknowledges that a legal person may be exempted from criminal liability if it has a corporate compliance programme for the prevention of crime. This acknowledgement puts an end to all discussion on the matter, and for the first time establishes the requirements that must be met by what the law terms 'an organisation and management model for the prevention of crime'.

When a crime is committed by de facto or de jure directors or legal representatives10 of a legal person, the new Article 31 bis 2 of the Penal Code makes the following conditions necessary in order for the enterprise to be exempted from criminal liability:

    1. the crime prevention model must have been adopted and effectively executed prior to the commission of the crime, including monitoring and control measures fit for preventing crimes of the sort in question or for significantly reducing the risk of such crimes;
    2. the crime prevention model must have been supervised by an authority that has autonomous powers of initiative and control within the legal person (a compliance officer), although when the legal person is 'small',11 supervisory functions may be assigned directly to the governing body of the legal person;
    3. the individuals who have perpetrated the crime must have fraudulently evaded the organisation and prevention models; and
    4. the authority entrusted with supervising and running the prevention model must not have failed to exercise, or insufficiently exercised its supervision, monitoring and control functions.

Article 31 bis 4 establishes that, when the crime is committed by employees (or other persons under the authority of the de facto or de jure directors and legal representatives),12 the legal person is exempted from liability if, before the crime was committed, it did, in fact, adopt and effectively execute an organisation and management model that was adequate to prevent crimes of the sort committed or to reduce significantly the risk of the commission of such crimes.

The Article goes on to say that partial accreditation of the criminal liability exemption requirements set in preceding Articles will be regarded as an attenuating circumstance.

Article 31 bis 5 of the Penal Code sets out the requirements for an effectual corporate compliance programme (one which is fit to qualify the legal person for exemption from criminal liability in future). Qualifying organisation and management models must:

    1. identify the activities in which the target crimes might be committed. In other words, before an 'organisation and management model for the prevention of crime' can be created, an analysis must be run that includes an in-depth examination of the company's business, its facilities, the legislation applicable to it and to its business, etc. This analysis is what the Anglo-Saxon world calls 'risk assessment'. The goal is to correctly identify and evaluate the company's risk in connection with the sorts of crimes that its directors, legal representatives and employees might reasonably engage in. In short, the idea is to map out the firm's risks;
    2. establish the exact protocols or procedures for forming the legal person's wishes, making its decisions and executing its decisions in connection with its wishes. Thus, the legal person is equipped with policies, clauses, protocols and, of course, a good internal investigation manual, so that it can detect potential criminal acts;
    3. set up financial resource management models suitable for averting the target crimes. The governing body's commitment to and engagement with the corporate compliance programme must be reflected in the yearly allocation of resources so that the compliance officer can effectively carry out his or her supervision, monitoring and control functions;
    4. make it compulsory to report possible risks and infringements to the authority entrusted with monitoring the operation and observance of the prevention model. Reporting channels facilitating the detection of crimes in the company must, therefore, be implemented and all company employees must have access to the reporting channels;
    5. establish a disciplinary system that properly penalises infringement of the measures established by the model. This condition must be seen in relation to the functions of the compliance officer and the human resources department, and it must necessarily include a reaction plan or protocol for action when a crime is committed, and the system of rules penalising crime; and
    6. run regular verifications of the model, and modifications of the model, when evidence of major violations of the model is found or when there are changes in the organisation, the control structure or the company's business that make modifications necessary. Not only must a corporate compliance programme be introduced, but follow-up reports must also be given regularly to evaluate the design of the model and the effectiveness of the controls the company has implemented.

iv Prosecution of individuals

The action of the company would vary depending on whether the offences were committed before or after 24 December 2010, in other words, depending on whether the provisions on the criminal liability of legal entities are applicable. If Article 31 bis is not applicable, the coordination of all the defences is certainly possible (and in fact, recommended) since the defence of the individual is also the defence of the company. Likewise, the payment of the employees' legal fees is possible as the actions have been carried out by the individuals in the performance of their corporate duties. If, however, Article 31 bis is applicable, the positions of the company defence may be incompatible and the specific case must be assessed in order to determine whether the company may coordinate with the individual's counsel and afford their legal fees.

According to Article 13.6 of the Code of Conduct of Spanish Legal Practitioners, lawyers should 'refrain from managing the affairs of a group of clients affected by the same situation, when a conflict of interest arises between them, as there is a risk of violation of professional secrecy or their freedom or independence may be affected'. This provision is consistent with the fundamental right of persons to be defended and assisted by a lawyer enshrined in Article 24 of the Constitution.

As regards measures that may be taken against employees, an effective corporate compliance programme must include a disciplinary system that suitably penalises the breach of measures established in the model. As described above, a disciplinary system is expressly provided for in Act 1/2015.


i Extraterritorial jurisdiction

Act 5/2010 and Act 1/2015 do not explicitly set out provisions regarding the extraterritorial jurisdiction of the Spanish courts in the event of the application of Article 31 bis of the Criminal Code. Thus, any reference to perpetrators of an offence – Spanish and foreign – contained in the rules on extraterritorial jurisdiction set out in Article 23 of the Spanish Act on the Judiciary must be extended to legal entities.

Accordingly, under criminal law, the courts have jurisdiction to hear any actions for indictable and summary offences committed in Spanish territory (principle of territoriality), notwithstanding the provisions of those international treaties to which Spain is a party. The courts may, however, also hear offences regarded under criminal law as criminal offences even though they have been committed outside the national territory, provided that those persons criminally liable are Spanish persons or foreign persons who have acquired Spanish nationality (active personality principle) after the commission of the offence and the following requirements are met:

    1. the offence is punishable in the place of enforcement;
    2. the injured party or the Public Prosecutor's Office files a complaint or criminal complaint before the Spanish courts; and
    3. the offender has not been acquitted, pardoned or convicted abroad, or in the latter case, has not served a sentence.

Spanish criminal law also applies on an exceptional basis to offences committed outside the national territory, when committed by either a national or a foreign person, provided that they affect the basic interests of the state (known as the absolute principle or principle of protection of interests) or they are offences that violate the dignity of persons, transnational offences or offences committed in areas not subject to the sovereignty of any state (principle of universal justice).

In this regard, Spanish Act 1/2014 of 13 March on universal justice amended Spanish Act 6/1985 of 1 July on the judiciary, specifically the wording of Article 23.4. This amendment introduced the possibility of the Spanish courts hearing and prosecuting offences of corruption between individuals13 and offences of corruption in international business transactions,14 even though committed by Spanish or foreign persons outside the national territory, provided that one of the following circumstances arises:

    1. the proceedings are brought against a Spanish person;
    2. the proceedings are brought against a foreign citizen that normally resides in Spain;
    3. the offence has been committed by an officer, director, employee or service provider of a commercial undertaking or of a society, association, foundation or organisation that has its permanent address or registered place of business in Spain; or
    4. the offence has been committed by a legal entity, undertaking, organisation, groups or any other kind of entity or group of persons that has its permanent address or registered place of business in Spain.

ii International cooperation

Spain cooperates with other countries in law enforcement and in prosecutorial functions not only on the basis of international treaties but also following the 'principle of reciprocity' enshrined in Article 13 of the Constitution.

The following European legal mechanisms for international legal assistance apply in Spain:

    1. the Convention on Mutual Assistance in Criminal Matters of 20 April 1959, as amended by the Schengen Agreement, and the European Convention on Judicial Assistance of 29 May 2000; and
    2. the European Arrest Warrant regulated in the EU Council Framework Decision of 13 June 2002 and in the Spanish European Arrest Warrant Act 3/2003 (the National Court has a 24-hour service to process European arrest warrants).

In addition to the foregoing international legal cooperation (coordinated through the Spanish Ministry of Justice), the International Cooperation Unit of the Spanish Public Prosecutor's Office is responsible for the supervision and enforcement, where applicable, of the letters rogatory addressed to or issued by the Public Prosecutor's Office.

Likewise, this unit deals with any matter relating to the European Judicial Network, the Ibero-American Network for International Legal Cooperation (IberRED), Eurojust and the International Cooperation Prosecutors Network.

As regards extradition, note that Spain only grants extradition in compliance with a treaty or the law, in accordance with the principle of reciprocity. In addition, the requirement of dual criminality must be met, in other words, the offences for which extradition is requested must be regarded as a criminal offence under the criminal laws of both states, and the sentence for the offence must be at least one year's imprisonment. The Spanish authorities do not grant extradition for political offences.

Spain is a signatory party the European Convention on Extradition and to a large number of bilateral treaties on extradition.

iii Local law considerations

Provisions exist that may restrict investigations involving multiple jurisdictions. The most relevant law in this regard is probably the Personal Data Protection Act.

In certain cases, however, this Act warrants and authorises the processing or transfer to third parties of personal data without the consent of the owner. In this regard, Article 11, relating to the disclosure of data to third parties, provides that the consent of the owner of the data is not necessary, inter alia, 'when the disclosure that must be made is to the Ombudsman, the Public Prosecutor's Office or judges or courts or the Court of Auditors, in exercise of the functions conferred thereon'.

As regards banking secrecy, this is not regarded under law as an asset or property that merits protection in itself or by itself, but as something that is merely instrumental in protecting the real legal interests that merit protection, such as privacy, free competition, business secrets or the security of the state. As a result, in recent rulings, the courts have established that the lawfulness of any information protected by secrecy, either under privacy protection or the protection of a business secret, is a fundamental factor. They have also ruled that, in any event, there are greater interests that warrant the transfer of information to certain public persons (in addition to the interested parties) who are legally authorised to know that information, such as the government authorities responsible for tax fraud and – specifically – the Public Prosecutor's Office and the courts in the investigation and prosecution of criminal offences.


There are no new developments in sight for the coming year, notwithstanding that internal investigations are gradually making inroads in Spain as legal entities are taking more seriously the full and correct implementation of their compliance programmes to avoid or mitigate future penalties as a consequence of internal wrongdoings.

To date there have been 12 judgments by the Supreme Court regarding the criminal liability of legal persons. None of the companies had a compliance programme implemented, or compliance officers, code of ethics and the like.

On 29 February 2016, the pioneering Supreme Court sentence confirming the criminal liability of a corporation was delivered (STS 154/2016). The ruling provided guidelines for legal entities to comply with the law and norms through the implementation of models of prevention and control according to Article 31 bis of the Criminal Code so as to avoid penalties.

Two judgments from the Supreme Court about the criminal liability of legal persons – on 16 March 2016 (STS 221/2016) for property embezzlement and on 13 June 2016 (STS 516/2016) for crimes against environment – ruled that the legal person could not be criminally responsible because the illegal acts took place before the reform of the Criminal Code.

Rulings STS 154/2016 and 221/2016 of the Supreme Court warned about the future conflicts of interest that may arise between the accused natural person (that represents the legal person) and legal persons who are represented in court by the same counsel, which may cause a breach of the right to defence of the legal entity.

Without prejudice to the court affirming that there is no general answer for this question, some possible formulas used in other systems are offered in case conflicts of the kind arise; for example, the judicial appointment of a 'legal/public defender' of the company, or the assignment of the company's defence to the compliance officer.

Another matter analysed in these rulings is the possibility of the trial being annulled when the right to defence of the legal entity is breached for being represented by the natural person who is also accused individually in the same criminal proceeding.

The following rulings by the Supreme Court did not shed light on interpreting the criminal liability of legal persons: STS 740/2016 of 6 October; STS 4728/2016 of 3 November; STS 31/2017 of 26 January, in which the company could not be held responsible and was just declared vicariously civil liable; and STS 121/2017 of 23 February, which acquitted the company of a crime against workers' rights as the conviction of a legal person for such an offence is not possible according to the Penal Code.

One remarkable ruling of the Supreme Court was STS 583/2017 of 19 July, which upheld the criminal liability of six companies for money laundering offences (and against public health), but lowering the penalties imposed by the lower court (Audiencia Nacional). This sentence confirmed previous Supreme Court case law and definitively established the criteria to follow for charging legal persons with a crime. The resolution also provided guidelines on the interpretation of penalties set forth in Article 66 bis of the Penal Code, stating that judges shall apply the proportionality principle when a legal person is convicted.


As has already been discussed, the criminal liability of legal entities is quite new in Spanish legislation and there is little case law in this regard.

Since the 2015 reform, as the provisions are clearer in terms of the implementation of compliance programmes, the role of compliance officers and of internal investigations, it is likely we will have more rulings from superior courts in such matters.

Although past rulings are enlightening for the interpretation of the law, we still have a long way to go and a lot of questions to answer, such as:

    1. the regime for whistle-blowers;
    2. attorney–client privileges that may apply during internal investigations;
    3. the impact of the collaboration with authorities;
    4. the personal liability of compliance officers for not fulfilling their duties;
    5. conflicts of interest between legal and natural persons; and
    6. the application, in practice, of mitigating and exonerating circumstances and the like.


1 Mar de Pedraza is the managing partner and Paula Martínez-Barros is a senior associate at De Pedraza Abogados.

2 At that time an entity could be held to be criminally liable only in the following cases: illegal trafficking of organs (Article 156 bis); trafficking of human beings (Article 177 bis); offences relating to prostitution and the corruption of minors (Title VII, Chapter V); the discovery and disclosure of secrets (Article 197.3); fraud (Title XIII, Chapter VI, Section 1); criminal insolvency (Title XIII, Chapter VII); intellectual and industrial property offences; market and consumer-related offences and the new offence of corruption between private parties (commercial bribery) provided for in Article 286 bis (all of which are included under Title XIII, Chapter XI); money laundering (Article 302); tax and social security offences (Title XIV); offences against the rights of foreign citizens and clandestine immigration (Title XV bis); offences relating to the development and use of land (Article 319); the cases described in Articles 325 and 326 in relation to offences against natural resources and the environment; offences relating to facilities for the storage or disposal of toxic waste (Article 328); the spillage or emission of materials or ionising radiations or the exposure of people to such materials or radiations (Article 343); the handling of materials, equipment or devices that could have devastating effects (Article 348.3); offences against public health involving the growing, manufacture or trafficking of drugs provided for in Articles 368 and 369; the forgery of credit cards, debit cards or cheques and documents in general (Article 399.1 bis); bribery (Title XIX, Chapter V); influence peddling (Title XIX, Chapter VI); offences of corruption in international trade transactions (Article 445); the possession, trafficking and storage of weapons, munitions or explosives; and terrorism offences (Title XXII, Chapter V).

3 Act 1/2015 of 30 March also adds to the catalogue of crimes that entail liability. Thus: (1) new Article 258 ter of the Penal Code states that legal persons may also hold criminal liability for the new crimes of frustration of enforcement; (2) Article 304 bis 5 also expressly states that legal entities are criminally liable for the new crime of illegal financing of political parties; (3) Article 288 provides that legal persons may also hold criminal liability for the new offence of corruption in business introduced in new Article 286 ter; (4) for its part, Article 366 of the Penal Code is amended to expand the range of crimes against public health to include the liability of legal persons (Penal Code, Articles 359 to 365); (5) Article 386 is amended so that Section 5 includes liability under Article 31 bis for crimes of counterfeiting; and (6) new Article 510 bis of the Penal Code introduces the liability of legal persons for crimes committed on the occasion of the exercise of fundamental rights and public freedoms guaranteed by the Constitution in relationship with provocation, hate or violence as defined in the new wording of Article 510 of the Penal Code.

4 Article 18.1 of the Spanish Constitution.

5 Article 24 of the Spanish Constitution.

6 Article 263 of the Criminal Procedure Act.

7 Articles 416.2 and 707 of the Criminal Procedure Act.

8 Article 116.3 of the Criminal Code.

9 Article 120 of the Criminal Code.

10 As seen above, the new Article 31 bis 1a changes the previous wording to 'legal representatives or those persons who, acting individually or as members of a body of the legal person, are authorised to take decisions in the name of the legal person or hold organisation and control faculties within the legal person'.

11 According to the rewording of Article 31 bis 3 of the Penal Code, 'small' legal persons are those that are authorised by law to submit profit and loss accounts.

12 The application of this Article in practice will enable us to ascertain the exact scope of this concept.

13 Article 286 bis of the Criminal Code.

14 Article 286 ter of the Criminal Code.