Internal investigations and public enforcement actions often pose legal issues involving multiple practice areas and jurisdictions.
In Italy, internal investigations may concern criminal, corporate, contract, data protection and labor law issues.
In the past, internal investigations in Italy tended to be mainly “reactive,” responding to public enforcement activities. The challenge in these investigations was balancing complying with disclosure obligations in relation to public enforcement authorities with volunteering confidential or disproportionate information.
Recently, internal investigations in Italy have been “proactive” as well, aiming to detect possible offenses and to structure an early defense.
As discussed in our recent dedicated post, the newly approved Law No. 179/2017 offers enhanced protection to whistleblowers with a view to encouraging internal reporting and ensuring early detection of possible misconduct.
The relevance of data protection issues will increase from May 25, 2018, when the new EU General Data Protection Regulation will apply. For example, there will be increased fines for non-compliance with data protection rules.
Finally, internal investigations are the main way in which to detect potential flaws in compliance models and trigger the adoption of adequate remedial measures. Remedial measures are critical in relation to corporate quasi-criminal liability under Legislative Decree No. 231/2001 (the “231 Law”) to the extent that the implementation of an effective compliance model may mitigate or exclude corporate liability of the company under the 231 Law.
We have considered these issues in an article in The In-house Lawyer.