corporate compliance > Process

In accordance with our work philosophy, the process to prepare a Criminal Risk Prevention Programme is structured in three clearly differentiated phases that are intended to ensure an in-depth knowledge of the organisation.

(i) The first phase consists in analysing the criminal risks to which the organisation may be exposed and that are susceptible of generating criminal liability.
To do this, the potential risks that may arise from the processes or activities carried out by the organisation shall be identified through a system based on the exhaustive knowledge of the sphere in which it acts and its decision-making organisation chart.

In this first phase, the commissioned professionals, together with the person appointed by the organisation, will establish the processes to be reviewed, as well as the methodology to be followed. To do this, the best possible combination of analytical rigour, efficacy in the methodology and minimum interference in the day-to-day of the organisation shall be sought.

“Field work: analysing the organisation’s documentation and conducting interviews. They are the basis for effectively ascertaining the processes and activities of the organisation and, consequently, their risks.”

The final objective pursued in the first phase is to prepare the criminal risks map of the organisation and diagram its processes.


(ii) Once the map of risks and the process diagrams have been drawn up, we move on to the second phase or field of work, where the lawyers specialised in criminal law and compliance shall write up a technical report, identifying and presenting in detail the risks detected alongside the corrective measures proposed for implementation to minimise the risk. The above is carried out based on the likelihood-impact binomial or, in other words, the likelihood of materialisation of the risk and the impact said materialisation would have on the organisation.

The technical report will detail the impact of criminal action on the procedures and activities of the organisations, defining the critical conduct.

“It is essential that the organisation understands its risks and how they affect its activity based on a reasoned explanation. The Programme shall only be accepted and, consequently, effective, with a real understanding of the situation”.


(iii) The third -and final- phase or field begins after the risk report has been developed. In this last phase, the professionals in charge will work closely with the person appointed by the organisation to design the proposed measures to be implemented -always following the control and efficiency relation- towards minimising the likelihood of there being conducts generating criminal risks within the organisation. To do this, and being aware of the risks of implementing controls that affect a business, such controls shall be defined and agreed upon expressly for the organisation in question, with the intention of establishing a Prevention Programme that affects the efficiency of the processes as little as possible, fleeing from standardisation.

When designing the measures of prevention and control, any measures already implemented in the organisation shall be taken into special account, thereby preventing frequent and undesirable duplicities in this type of procedures that usually lead to a loss of effectiveness and efficiency.

“If measures of surveillance and control are mechanisms that reduce the lawful efficacy and efficiency of the organisation, the Programme will be destined to be rejected, and thus, fail.”

Copyright © 2017 Molins&Parés S.L.P. All rights reserved. Legal. Credits.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.