The events occurring in the last months have certainly generated a series of impediments to the performance of the economic operators’ activities, both private and state-owned companies, while the most affected being those from the first category.
For a significant number of companies and small and medium-sized businesses in the private environment, maintaining the economic activities proved to be a real challenge during the emergency state and, further, during the state of alert recently established by the Romanian authorities. Economic operators of larger scale, which possess a more developed fixed capital and human resources, have likewise encountered difficulties.
By far, most of the negative effects were felt by the operators whose activity essentially involves services provided to the public (such as those in HoReCa) and who, during the times of absolute restrictions, were forced to suspend those services. Many of them, however, even after the – however partial – lifting of the imposed restrictions, have temporarily suspended their activity or even closed it due to the lack of cash flow necessary for its reopening/maintenance.
It is more than known that the COVID-19 pandemic has brought along multiple measures and obligations imposed by the authorities with a view to avoid and, as the case may be, to diminish the action of spreading of the „novel” coronavirus.
Compliance and internal prevention. Apart from the implications, intensely debated lately in the mass-media and in the business environment, which the restrictions in the COVID-19 pandemic have had over the national economy, an issue both relevant and important, which should trigger the attention, especially of the companies, is that of compliance and internal prevention.
Compliance and prevention within companies are not something new for the legal and business environment in Romania, starting to be approached as a matter of discussion in recent years, but still the two concepts fail to shape up a standard of conduct and/or internal organization for the Romanian companies, as they have rather remained at the stage of a point of interest to the latter, most of the companies having not yet implemented such internal systems.
Apparently, compliance and internal prevention are most often linked with multinationals or with very large companies and, in any case, with the jurisdictions of other states where there is a true culture of compliance and internal prevention – as it is, for example, in the USA, where, among others, The Foreign Practices Act requires the corporations to conceive and maintain an appropriate system of internal controls on their accountancy, so as to ensure a continuous monitoring of the transactions which the corporation is involved in and which could raise suspicions of corruption.
A similar approach exists in the United Kingdom, the main regulation in this respect being The Bribery Act, which sets forth that the companies (both foreign and domestic ones) expose themselves to an almost inevitable risk of criminal liability in case they have not adopted internal policies against bribery or adequate control systems in this regard.
From this very start, we draw the attention that the two concepts are not nevertheless designed for the large companies or multinationals only and nor do they exclusively refer to policies and corporate control systems in matters of fighting and mitigating corruption risks, in reality having a broader meaning.
Therefore, compliance and prevention at companies’ level entail, in essence, a set of policies and uniform procedures meant to protect and, respectively, to minimise the exposure of the companies, including of the management or of other persons from the companies to risks of various categories, both in terms of civil, tax, contraventional or criminal issues for the entity and from the standpoint of irregularities or abuses committed by its employees.
This system is based on the monitoring of the way in which the regulations from various fields – both internal and external regulations with general applicability at jurisdiction level – are applied and complied with within the companies.
If, as far as foreign companies operating in Romania are concerned, it can be argued that they already posses an organizational culture of compliance and internal prevention, their organizational charts containing specialized departments in this respect, in what regards domestic companies and especially small and medium ones, to date such culture has not yet been developed. This may be due to the fact that in Romania there is currently no legal framework for the compliance system, but rather sectoral systems in more developed areas of activity, such as, for example, the sector in banking and finance, competition or money laundering sector.
Undoubtedly, developing such organizational culture and implementation of compliance policies and of an effective control thereof will generate a series of advantages on short, medium and long term for companies as it allows an identification of potential or concrete risks on several levels of the company’s activity, being able to have a substantial contribution towards their prevention or elimination.
Additional risks of noncompliance. Amid the current circumstances arising from the COVID-19 pandemic, the most exposed to risks of noncompliance were the companies that continued their activity during the restrictions, in which case we refer both to those that operated during the state of emergency and to those that resumed their activity during the state of alert, which is still in force, these being subject to additional obligations and measures imposed by the Romanian authorities.
The context created by the pandemic has predisposed, for various reasons, companies/economic operators not only to economic and human resources blockages, but also to difficulties with regard to the manner and very short deadlines for implementing the measures and obligations set by the authorities so as to resume or continue, where the case may be, the performance of the activity in parameters that will ensure with priority the prevention of the spread of the SARS-CoV-2 virus and the health of the staff. Inherently, on this occasion, various practical problems and/or irregularities in the application of the additional measures imposed by the authorities or of the existing ones have already been found.
In relation to the segment of measures and obligations established by the public authorities in the context of the partial lifting of the social distance restrictions, at least part of them can be incorporated in the compliance system of the organization. Therefore, in the aforementioned context, it can be easily observed that a deficient system of internal control of compliance with these measures and obligations may be likely to incur the liability of the company, even when the person responsible for the irregularity would prove to be just one employee.
Given the specificity of the measures adopted to prevent the spread of the pandemic, currently, an important area of major interest for compliance and prevention is, in our opinion, that of the safety and health at work. In this area, given the tightening of criminal sanctions for the criminal offence of foiling disease prevention (Article 352 of the Criminal Code, as amended by GEO 28/2020), an internal mechanism of compliance and prevention might be extremely useful and, in in some cases, it could have been likely to avoid/could be likely to avoid the company's exposure to legal liability, including criminal liability.
In matters of safety and health at work, several regulations have been adopted, out of which the most recent concern the measures to be implemented by companies/employers during the state of alert for the prevention of SARS-CoV-2 coronavirus, but also the obligations that employees/staff must comply with to achieve this purpose.
In particular, the Order of the Ministry of Labor and Social Protection and the Ministry of Health no. 3577/831/2020 regarding the measures for the prevention of contamination with the novel coronavirus SARS-CoV-2 and for ensuring the activity at work in conditions of safety and health, during the state of alert, indicates the mandatory measures which, according to the order, must be implemented by public and private sector employers, the most relevant being the following: (•) retraining in the field of safety and health at work of all workers who stayed at home during the emergency state, technical unemployment, teleworking, remote working, etc.; the retraining must be adapted to the new risks posed by SARS-CoV-2 infection and will take place during the normal work schedule of the employees; (•) establishing the activities that can be further carried on and/or adapted, depending on their specifics and available resources, and implementing the necessary measures to resume and/or maintain the activity, provided that all the measures to prevent the spread of SARS-CoV-2 are observed, including the measures ensuring the performance of the activity by teleworking or remote working - which may remain a priority; (•) identifying the risks related to the conditions of epidemiological contamination and updating the risk assessment document for the safety and health of employees to the new conditions for the performance of the activity, in order to take the necessary measures to fight the spread of SARS-CoV-2; (•) ensuring that in the employer's headquarters the external suppliers, the external companies, the subcontractors, the persons entering the headquarters/the public/the beneficiaries of the provided services/the clients respect the protection measures established by the employer; (•) ensuring the observational triage of employees by checking their temperature at the beginning of the work schedule and whenever necessary during the schedule; (•) placing dispensers with disinfectant at the entrance in the unit, as well as in each sector of the workplace; (•) ordering the ventilation of the offices at least once a day; (•) limiting the travels outside the workplace only to situations in which they are strictly necessary to carry out the activity and ensuring that, when necessary, employees travel with the provision of minimum conditions of prevention; (•) review of the prevention and protection plan and of the own instructions for safety and health at work; and so on.
Given the importance of preventing the spread of the virus, but also the severity of the effects that could be generated in case of failure to implement these measures, a compliance mechanism can facilitate an overall monitoring of the way in which the company/employees apply the above measures.
On the other hand, the risks associated with the non-compliance with the new measures to prevent the spread of COVID-19 in the field of health and safety at work do not involve an assessment only as what regards, for example, the offence of foiling disease prevention, but can also be analyzed with respect to the incidence of other criminal offences, such as those of corruption in the private environment. For example, there are situations with potential risk regarding the incidence of corruption offences, when the company purchases medical protection equipment from other persons in terms of non-transparency and disadvantage in relation to other medical manufacturers or distributors.
The implementation of a compliance policy and of an effective control thereof, including through the so-called internal investigations for verification, could be, on the one hand, able to ensure the elimination of such risk and, on the other hand, to protect the company itself from any associated legal liability.
In the end, instead of conclusions, we hereby address a collective call that, including where there is no standardized policy of compliance and prevention within the companies, verifications/monitoring of the operation of the company’s activity should be carried out in order to check to what extent regulations as those mentioned in the above are being complied with and, respectively, if any potential shortcomings should be remedied.
Last but not least, apart from all the challenges brought by the COVID-19 pandemic, the current period may turn out to be a call to the companies to reflect with respect to compliance and internal prevention, as a mandatory element within the internal organization for the protection and development of the business, but also an opportunity to develop, if not as soon as possible, at least gradually, a compliance system within the activity that is being performed.
By Adrian Chirvase, Partner and Daniela Georgescu, Attorney at Law, Popescu & Asociatii