Czech Republic: Corporate Compliance Programs
Business corporations have been criminally liable in the Czech Republic since January 2012. A December 2016 amendment introduced the possibility to exculpate oneself from criminal liability if the company has applied all efforts that could be reasonably expected from it to avert an offence. In practice, this means establishing a suitable compliance management system (CMS). The Czech General Prosecutor’s Office released a second methodology in August 2018 addressing what an effective CMS should encompass.
CMS Framework Requirements
According to the methodology, a properly established CMS must be “proportionate to the size of the company, to the regulatory requirements, to the internationality and to the line of business, as well as to the company’s risk profile or market environment.” Importantly, these measures must actually function to prevent violations—having them merely documented is insufficient.
The methodology identifies three fundamental pillars of any CMS:
Prevention
Prevention begins with establishing codes of ethics or behavioral rules. However, simply publishing these on websites or including them in employment contracts proves inadequate. Employee awareness must be cultivated through repeated communication.
Prevention also encompasses due diligence processes for business partners (know-your-third-party procedures) and employee screening to mitigate conflicts of interest. Regular training sessions—whether online or in-person—are essential, tailored to company size, risk profile, and participant sophistication.
Detection
Detection mechanisms determine whether compliance violations occur. These include internal and external audits and controls. Establishing anonymous reporting channels—such as ethics hotlines or ombudsman services—enables employees to report suspicions. Companies should conduct internal investigations of potential violations, identify consequences, and correct system weaknesses while monitoring CMS implementation across all business units.
Response
Response involves establishing clear consequences for CMS violations and enforcing them consistently. Typical response measures include labor law consequences such as warnings, dismissals, or transfers, and potentially recovering damages or reporting violations to authorities.
Thoughts
Exempting a legal entity from criminal liability requires genuine implementation—not merely formal documentation—combined with active promotion and compliance monitoring.