Since the inception of corporate criminal liability in Mexico in 2016, federal and state prosecutors have been increasingly active in pursuing both national and foreign-owned businesses for crimes as varied as money laundering, tax evasion and bribery. The legislation that was initially vague and challenging to interpret has, in the hands of regulators and by means of substantial legislative reforms, become a relatively sophisticated set of standards. At this stage in the maturity of the system, companies must take seriously the need to evaluate and adapt their compliance programmes to the expectations of Mexican enforcement authorities. In addition to avoiding criminal and other types of liability, adhering to these standards increases the value of companies in the market by making them more attractive both as business partners and as investment opportunities.
Overview of corporate criminal liability in Mexico
Until a few years ago, the Mexican legal system contemplated criminal liability only for individuals. Legal entities could not commit crimes because only individuals could have the intention of making decisions that violate criminal legislation. However, as of 2016, national legislation establishes a criminal liability regime directly applicable to companies, independent of the individual liability that can be attributed to their employees, shareholders, managers or representatives.
As a general rule, not all crimes can be attributed to a legal entity. The corporate crimes that can be criminally charged to a company are exclusively those committed in its name, for its benefit or in its representation, as well as those committed using any of its resources, regardless of their nature (eg, computers, money, facilities). From a practical standpoint, the crimes commonly related to this legal regime are bribery, tax evasion, money laundering, fraud, environmental pollution and financial crimes.
To prosecute a legal entity, the criminal authorities must prove that the criminal act occurred due to a lack of control within the organisation, ie, the company failed to prevent
the corporate crimes related to its operation through the implementation of internal measures and controls of criminal compliance.
External implications for companies doing business in Mexico
As a consequence of implementing this new legal standard of criminal liability, companies find themselves more frequently under scrutiny by Mexican prosecutors and criminal judges. For some criminal authorities, this offers the possibility of reducing the levels of impunity for the commission of corporate crimes through the application of corporate sanctions as examples to the broader corporate community. This presents a heightened risk for companies because the sanctions established by Mexican legislation, whether federal or local, can in some cases be draconian and disproportionate.
Additionally, this new approach to criminal prosecution has become an effective mechanism to encourage compliance programmes in other regulatory areas of company operations in Mexico. For example, in recent years, the Ministry of Finance has adopted a policy of criminal prosecution against tax evasion, while negotiating multi-million dollar settlements to avoid the application of criminal sanctions for certain companies and members of their boards of directors.
The corporate criminal liability regime has also prompted Mexican authorities to enforce legal provisions to prevent and punish money laundering. Under this model, the Mexican government’s financial crime department has enforced the criminal statutes by including companies in its blocked persons lists and blocking the bank accounts of these blocked persons.
Although beyond the scope of this article, US enforcement of the Foreign Corrupt Practices Act may also be triggered by Mexican criminal prosecution as it relates to bribery and related crimes.
Corporate integrity culture to prevent prosecution of corporate crimes
To address the risk created by this paradigm shift in legal practice, companies must build a culture of integrity to prevent and mitigate criminal contingencies, as well as reduce their liability in the event of an investigation.
Mexican law provides guidance on the components that constitute a corporate culture of crime prevention or the standard of ‘due control’ for crime prevention. Although they are evolving rapidly, the following are essential measures that companies can adopt to prevent criminal risks or enhance their legal defense related to corporate criminal charges:
- Criminal risk assessment. As a starting point to evaluate potential criminal liability, management must identify the activities that expose them to the commission of a corporate crime, evaluate the level of risk involved for each and determine if they are within the range of risk appetite for their operation in Mexico.
- Implementation of internal controls. Management must then implement appropriate policies and controls to reduce the criminal risks to which they are exposed, as well as to mitigate potential corporate criminal liability. Although each company must evaluate its own needs, most companies require controls in finance (including tax and AML compliance), labour and employment, government relations/interactions, third-party vendor evaluation and procurement, as a starting point.
- Corporate governance. Company leadership must also designate a standing internal body responsible for preventing risk of criminal liability.
- Third-party due diligence. Legal entities must implement controls to avoid third-party risks that could imply criminal liability for the companies that hire them and in whose name or benefit they could commit a corporate crime.
These corporate compliance measures are a fundamental part of the criminal compliance programmes provided for in national and international compliance standards, and are in turn an important part of a broader legal-regulatory compliance programme. These measures are essential for the detection and deterrence of corporate crimes, as well as for the legal defence of companies and senior management in the event of an investigation.
Conclusions
The corporate criminal liability regime in Mexico has given rise to a new standard of compliance that should be included in the list of priorities for business decision-making in any legal entity: the prevention of corporate crimes.
Regardless of their size, sector or context, companies can incorporate into their business models corporate crime prevention practices to substantially reduce the risk of criminal liability that may reduce their value in economic, social and reputational terms.
Under the parameters of corporate criminal liability, the real challenge for companies doing business in Mexico is to build an internal crime prevention culture that is known, accepted and promoted permanently inside and outside the organisation. As with all compliance initiatives, corporate integrity is key.