The International Investigations Review: Greece
Criminal investigations into corporate conduct are always initiated by the public prosecutors' offices connected with the first instance courts (throughout the country). A criminal investigation may be initiated by the public prosecutor or it may follow an investigation by a regulatory authority (e.g., the Hellenic Capital Market Commission, the National Transparency Authority or the Hellenic Competition Commission). The regulatory authorities perform audits and investigations within the scope of their powers to ensure corporations' compliance with regulations. Most regulatory authorities are entitled to investigate corporate conduct, but they are not entitled to prosecute criminal acts. The power to prosecute is only awarded to the public prosecutor. In practice, it is usual to have combined investigations (regulatory and criminal), whereby the prosecutor ultimately receives all the evidence and evaluates how to proceed further with the criminal investigation or with a prosecution.
Apart from the public prosecutors' offices connected with the courts, a separate body, the Financial Prosecutor's Office, has power to prosecute acts of corruption and serious financial and economic crimes. This new institution is the result of a merger of the former Anti-Corruption Prosecutor's Office and the former Financial Crime Prosecutor's Office and, depending on the type of offence or the capacity of the individuals involved, corporate conduct may be investigated by this special investigative authority.
The Financial Prosecutor's Office is vested with extensive powers to gain access to privileged information, such as tax records and bank records, and all information that could be required in the course of its investigation. It may request assistance from other enforcement agencies or the police for the purposes of its investigations and may use resources from other enforcement agencies or regulatory bodies.
Apart from direct access to information, the Financial Prosecutor's Office has the power to seize property and assets related to the acts under investigation, even in the earliest stages of an investigation. Special judicial authorisation is always needed to obtain the content of confidential correspondence.
Certain enforcement agencies and regulatory bodies are entitled to obtain information and conduct separate investigations or audits for the purposes of compliance and regulation within administrative or related proceedings. Depending on the proceedings, these regulatory bodies or enforcement agencies may also obtain tax records and bank account information and they are entitled, or obliged on some occasions, to share this information with the prosecuting authorities.
A company is obliged in principle to cooperate with the authorities, at least in terms of providing requested information and documentation and providing clarification regarding transactions, specific business conduct, etc. In the majority of cases, the authorities will send a written request to a company to forward certain information or documents. Failure to comply with such a request usually has no direct consequences (unless otherwise provided for by law) but may lead to an unfavourable report by the authorities or an on-site search and seizure to obtain the requested material. An on-site search and seizure (dawn raid) may be conducted even without prior notice to hand over documents and information if it is suspected by the prosecuting authorities that evidence may be endangered or that valuable information may be lost if immediate action is not taken.
In all cases, a company may object to handing over certain documents or material (e.g., privileged commercial information or correspondence) and refer to the prosecutor to resolve the issue. In practice, when an on-site search is in progress, the company does not have the power to refuse to hand over any material but may raise objections about the nature of the material taken (e.g., privileged information) when signing the confiscation documents, in which case the material is sealed and taken by the agency pending resolution of the issue by the judicial authorities.
On some occasions (depending on the scope and nature of investigation), the company may be requested to submit its views in respect of the issues under investigation or to offer evidence in its defence (of any type: witnesses, bank records, correspondence, etc.) contesting the views of the investigating authority (usually included in a draft report).
Under Greek Law, there is no basic set of rules regarding cooperation of an entity within the context of a criminal investigation. There are special sets of rules for specific offences (e.g., competition offences, tax offences) under specific regulatory procedures but no general provisions for cooperation and leniency within the context of a criminal procedure.
There is no general rule or obligation for self-reporting. A series of legislative measures have been passed to enable enforcement agencies to detect misconduct with or without a company's cooperation ((e.g., by gathering information from third parties that are subject to a separate legal obligation to disclose or report specific information, as is the case with accounting officers, who are obliged to report any type of suspicious activity related to tax evasion, money laundering, etc., and banking institutions for the purposes of compliance with anti-money laundering regulations).
There are, however, special provisions in numerous laws and regulations that stipulate self-reporting of internal wrongdoing and cover many aspects of business activity. In some fields or industries, provisions for self-reporting are more stringent (e.g., banking and financial services), while in others there is no explicit provision for self-reporting (most commercial activities in the private sector); however, rules for reporting criminal acts to the authorities may apply (as a general legal obligation) and this might, to some extent, lead to a kind of 'self-reporting'.
There are specific industries or fields in which self-reporting is a prerequisite to benefiting from leniency measures or for immunity provisions to apply. These provisions apply in cases of violations of competition law, market manipulation, exposure of corrupt practices of public officials, organised crime and terrorism. In any of these instances, the authorities can choose to impose lesser penalties or grant complete immunity. These provisions may apply to corporate entities only, to individuals only, or to both. Considering that in the majority of cases involving serious corporate misconduct the authorities may impose administrative penalties and measures affecting the company's ability to continue and develop its activities, participation in a leniency programme is, as a rule, considered the better option for a company and implicated individuals.
Where leniency or immunity measures are provided for (e.g., cartel offences, corrupt practices or money laundering), the extent to which they apply depends on the type of information provided to the authorities. As a rule, effective and complete exposure of illegal practices may lead to lesser penalties or immunity from criminal prosecution or administrative sanctions. Immunity is usually provided for when the reporting of illegal practices is of such significance that it contributes substantially to the exposure of illegal activity or perpetrators.
ii Internal investigations
Subject to any restrictions provided by law, a business may conduct its own internal investigation on any occasion. Whether the results should be shared with the authorities depends on the results and the nature of the case, as there is no general rule for self-reporting (with the exception of certain aspects of business activities, usually related to regulatory rather than criminal provisions). There is no general obligation of sharing results or findings of an internal investigation with the authorities, although the authorities have been pushing for the findings and supporting documentation to be disclosed.
If there is evidence of serious wrongdoing, the company may be left with no choice but to refer all gathered information to the authorities. It is important to keep in mind on all occasions that any report made to the authorities by the company, especially in relation to its employees or clients, should be done carefully to avoid any possibility of being held liable for filing false accusations. It is not expected, of course, that a case presented to the authorities be proven beyond any doubt, but care should be taken to forward information that indicates with some certainty that serious misconduct has taken place.
There is no set of rules specifically governing internal investigations so one has to be aware of various restrictions in respect of personal data protection, privileged information, etc. When conducting an internal investigation, a company typically examines documents and may conduct interviews with employees. If there are serious signs of misconduct, the employee is usually notified in case he or she wishes to have counsel present, and it is for the employee to decide upon the presence of counsel. It is also quite common to retrieve and evaluate records (e.g., electronic evidence, financial transactions and payment schemes) and whatever else may be useful for establishing the facts of a case.
Attorney–client privilege may be asserted at any time. It is not always easy, however, to determine what falls under this protection. Apart from the obvious privileged information (e.g., correspondence between the attorney and client), there are other forms of communication (e.g., memos, drafts of letters or other documented material) that may contain privileged information. In these cases, the company should indicate to the authorities that this is indeed privileged information. The company is not expected to waive its rights or privileges (especially the attorney–client privilege) as part of its cooperation with the authorities. The company may, however, choose to waive its rights in whole or in part with respect to these privileges if it becomes necessary for the purposes of its defence in regulatory or criminal procedures. For documents and material protected by special legislation (e.g., patents), the company is entitled to deny access, to give limited access or to request that the material be handled by the competent authorities in accordance with special legal provisions.
In investigations that come to the attention of authorities vested with certain powers by law (e.g., the Financial Prosecutor's Office), withholding information may not be possible because of special legal provisions.
Most regulatory or enforcement agencies have in place some type of communication platform that can be used to report illegal conduct. Unfortunately, there are no statistics covering all enforcement agencies on the number of reports, tips or information given by employees of businesses as opposed to information given by third parties. Based on experience, it seems though that reporting by employees to the company (regarding internal control, compliance or other matters) is more common than employees reporting directly to the authorities. The company has a number of options available when dealing with employees reporting suspicions of illegal activity directly, and it usually handles these matters in accordance with its compliance procedures. In these cases, it is important for the company to acquire as much information as possible and, in doing so, to endeavour to avoid exposing the source of information. This is also good practice when trying to establish that the employee's reported suspicions are substantiated and not the result of other motives.
The company may decide to deal with the matter through its own internal controls or make ad hoc internal enquiries to decide whether the employee's report is substantiated; if so, it must then decide whether what has been reported should be looked into further or referred to the authorities. During this process, the company may decide not to involve the reporting employee, especially if it can corroborate his or her information through other sources or documentation; this is usually the case when the reporting employee is not involved in the illegal activity. However, if the employee is involved, the company faces further challenges in deciding how to use the information provided because, on the one hand, it needs the information to assess the seriousness of the situation but, on the other hand, it has to evaluate the effects of the employee's conduct to date.
If an employee reports his or her suspicions directly to the authorities (without giving prior notice to the company's compliance department), the company's options are limited and will necessarily be determined by the conduct of the authorities; nevertheless, the company should try to acquire all necessary information with respect to the employee's involvement in the reported activity. Whether the reporting employee should or could remain with the company is something to be decided after reviewing all the available information and depends a great deal on the particulars of each case.
Whistle-blowers may be considered as witnesses in the public interest, which results in complete protection from criminal prosecution with respect to offences such as disclosure of privileged information or filing a false complaint relating to the information the whistle-blower provides to the authorities.
Although there is still no complete set of rules in place for whistle-blowers, numerous legal amendments have been made to protect whistle-blowers who may face false prosecutions, discrimination or unfair treatment for disclosing serious corporate misconduct. These provisions are found in various laws and usually do not offer comprehensive protection. However, further steps are being taken to introduce a more robust set of rules, particularly in view of the recent EU Whistleblowing Directive.2
i Corporate liability
A company 'acts' through individuals that have been vested with the appropriate power and authority. Typically, these individuals are either the managing director, the chief executive officer or the manager (depending on the company and its infrastructure). Some laws provide specifically for the persons who may be held responsible ex officio for a company's actions (e.g., under tax law and regulations, and in environmental offences) or the conditions under which a company may be held liable for the actions of its employees (e.g., money laundering laws and regulations, and corruption practices).
An entity (a company) is not criminally liable under Greek Law, which provides that only an individual may be liable for a criminal act. However, constant harmonisation with international corporate standards, and the need to adjust internal legislation to align with European and international instruments, has led to provisions for liability of entities in the form of administrative measures and fines, etc.
Because of this differentiation, an entity may not be prosecuted and is also not eligible for leniency measures in criminal proceedings (except special situations provided for by special legislation). Prosecution and leniency measures are applicable to individuals. An entity may, however, face a number of sanctions as a result of its directors' or employees' criminal misconduct.
Joint representation by counsel is not prohibited, in principle, but it may be incompatible with other provisions in respect of regulations for a lawyer's conduct or the handling of privileged information.
Corporate conduct may be punishable in certain cases. In most provisions (e.g., anti-corruption, anti-money laundering, anti-cartel legislation), company conduct is punishable when linked with positive gains or advantages in relation to this conduct. In other words, the company is liable as an entity – notwithstanding individual liability of employees – when there is some type of profit, gain or advantage to the company. The severity of punishment in these cases (in the form of administrative penalties or fines) usually depends on the type of profit or gain, as well as the annual turnover of the company.
The types of sanctions that may be imposed against a business depend on the activity of the company, the industry it belongs to, its size, any prior misconduct, the type and seriousness of the act, etc. Sanctions against businesses are provided for in a variety of laws in respect of negligent or deliberate misconduct and may be roughly classified in the following categories:
- fines, which are of fixed amounts (for certain types of misconduct) or calculated in relation to the severity of the act and the size of the company;
- suspension of the company's ability to participate in public tenders or to request public funding – repeated misconduct may lead to a permanent ban;
- suspension of the company's activity for a set period, depending on the severity of the act; and
- revocation of a company's licence (usually for repeated offences).
Sanctions related to criminal proceedings are imposed by the Financial and Economic Crime Unit, SDOE (following the latest legislative amendments). Other sanctions related to independent regulatory proceedings may also be imposed by other competent authorities (depending on the company's purpose and industry), including the Revenue Service, the Hellenic Capital Market Commission (for companies in the capital market), the Hellenic Competition Commission and the National Organization for Medicines.
Sanctions can sometimes be imposed cumulatively (e.g., a fine and suspension of activity or a ban from public tenders or public funding). It is also not unusual for further sanctions to be imposed under the provisions of other applicable laws or regulations, especially for financial or economic offences (e.g., a tax offence may be related or combined with violations of anti-money laundering regulations). It is usual for sanctions to be stricter in heavily regulated sectors (e.g., pharmaceuticals, and financial and banking services).
iii Compliance programmes
The existence of a compliance programme is necessary in some industries, in the sense that there are minimum legal requirements in certain types of activities that form a compliance programme. These activities are mainly banking, finance and development through public funding. Apart from the fields or industries in which a compliance programme is a necessity (e.g., banks), most upper- or high-level businesses have developed compliance programmes to enable them to detect and handle misconduct within the company. Having a compliance programme in force is, in principle, helpful to a company to prove that it complies with the minimum requirements of internal control and is also interested in promoting good corporate practice and business ethics. Having a compliance programme in force enables a company to respond efficiently to requests by the authorities and to show that there is real interest in resolving issues.
iv Prosecution of individuals
The company's conduct in cases of individual liability very much depends on the type of misconduct (negligent or deliberate), the seriousness of the actions, the position of the individual, among other things. It is customary for a company to coordinate with the individual's counsel when his or her action occurred as a result of his or her position in the company (e.g., administrative proceedings or criminal proceedings against a managing director for an environmental offence). Termination of an employee's contract is something that the company has to decide after reviewing the whole case and the consequences for the entity. In cases where the employee has acted against the company's best interests and the actions are the reason the government seeks his or her liability, the company may have no option but to terminate the contract to protect its interests, privileged information, etc. In the end, it is a strategic decision for the company to make, unless, of course, the particulars of the case are such that there is no option other than to dismiss the employee. This is especially the case when an employee is involved in large-scale and serious violations of his or her duties, has deliberately acted against the company's interests or engaged in fraudulent activity against the company itself, its clients or the general public.
i Extraterritorial jurisdiction
The Greek state, as a matter of practice, applies its laws to companies for conduct within the country or for acts that have effects within the country. It is in this respect that the Greek authorities seek to impose the law on companies either registered in Greece or active in the Greek economy (e.g., companies with registered offices in other countries that have agencies or subsidiaries in Greece).
Imposition of civil or administrative sanctions by the government is mostly done through agencies with jurisdiction over the company because it is located in Greece or has some type of registered presence in the country.
ii International cooperation
Cooperation with other countries' law enforcement or prosecutorial authorities has become common practice in large-scale investigations. Special law enforcement agencies such as the SDOE have entered into agreements with similar agencies from other countries, which has enabled a more efficient and fast exchange of information. Agreements between agencies usually follow framework agreements or treaties between countries. In the case of Greece, most aspects of international cooperation are treaty-based.
In recent years, there has been a studied increase in the cooperation of special prosecuting and investigating task forces with the corresponding authorities in other countries (especially in Germany and Switzerland) by adopting more flexible and quick procedures.
There are two sets of rules applicable to this prosecutorial cooperation. One applies to cooperation with EU Member States (in these cases all procedures and functions are simplified and faster). In all other cases, provisions for mutual assistance apply (for investigating acts or requests for information).
Extradition of a person to another jurisdiction is possible and not uncommon. In typical extradition proceedings, there is a minimum set of requirements that the Greek state examines to accept or reject these requests; rejection of extradition requests is not very common. Examination of the extradition requirements is carried out by a court. Any individual whose extradition is requested may object to his or her extradition and is represented by a lawyer. A decision in favour of extraditing the individual is appealable. As a general rule, Greek citizens are not extradited to other countries.
Extradition proceedings between EU Member States are quicker and more simplified because of the provisions of the European arrest warrant (EAW). The requested individual may still raise objections to his or her surrender to the requesting party, but the review is generally speedier and mainly relates to the typical requirements of an EAW issuance. A decision in favour of the surrender is appealable; Greek citizens may be surrendered to other EU countries following an EAW procedure, unless they are being prosecuted in Greece.
iii Local law considerations
When multiple jurisdictions are implicated, an international instrument or treaty is applicable in the first instance. If the relevant jurisdictions are all EU countries, EU law is applied; this is very similar to Greek law on the basic elements of procedure. If a bilateral or international treaty is in force (in relation to other countries), the provisions of the treaty are primarily applied. Treaties usually have specific provisions on how to handle privileged information or private data, but in some cases Greece reserves the right to refuse to forward requested information if it is against Greek law, or may reserve the right to forward it subject to approval from the competent authority (e.g., dealing with the protection of private data).
In large-scale investigations involving several jurisdictions, all investigations are usually carried out locally in accordance with Greek law and regulations. Exceptions may apply in cases involving national security or relating to Greece's diplomatic relations, in which case different rules may be applicable (as set out in international or bilateral treaties).
Year in review
There have been no major investigations started in the past year, mainly because of the impact of the pandemic, which restricted investigations and inquiries to a minimum (mainly cases of urgency). Many regulatory, investigative and audit procedures were suspended or delayed for months. The delays affected only on-site investigations and audits, not monitoring or data collection, which in many cases is carried out by electronic means through requests to public services (e.g., tax authorities) and financial or banking institutions.
Conclusions and outlook
Because of the impact of the pandemic, there has been little feedback about newly introduced procedures such as plea bargaining. It is also too early to evaluate the new Financial Prosecutor's Office (following the merger of the Anti-Corruption Prosecutor's Office and the Financial Crime Prosecutor's Office).
One thing that still needs to be considered is the inclusion of immunity and leniency provisions in respect of entities. Most leniency or immunity procedures focus on the individual, not the corporate entity, which cannot be held criminally liable under Greek law. This difference between individual liability and corporate liability (always in the form of administrative penalties and fines) directly affects an entity's willingness to proceed with self-reporting when internal wrongdoing is detected.
An entity may face severe sanctions if criminal acts (e.g., corruption or money laundering) committed by individuals result in monetary gain or benefits for the same. While the individuals may be eligible for lesser sentences or even immunity when cooperating with the authorities, if exposing certain criminal acts, the entity is not, in principle, eligible for a lenient treatment or immunity.
In addition, the entity may face consequences not only in respect to a criminal case but also in respect to regulatory, administrative or civil proceedings, which may be initiated by the authorities. In the current legal framework, in principle, an entity may not be able to settle all parallel procedures by means of a compliance programme or effective cooperation with the authorities.