Liability of undertakings

What are the risk and compliance management obligations of members of governing bodies and senior management of undertakings?

Greek law for an SA (Law No. 2190/1920) foresees, as mentioned above, a broad set of competences for the board of directors and for non-members exercising management duties delegated by the board. In a nutshell, the board is responsible for deciding upon any corporate issue regarding the management of corporate affairs, the company’s assets and of course the representation of the company. In that sense, a key obligation of the board is to abide by the duty of loyalty and to always act for the benefit of the company, ensuring that there is no conflict of interests.

Specifically for listed companies, according to Law No. 3016/2002, board members are responsible for aiming at the long-term improvement of the company’s value and also for the safeguarding of the general corporate interest. In that sense, the pursuance of personal interests contradicting the ones of the company is not allowed according to the said legislation. The internal audit committee is responsible for monitoring the above issues and non-compliance causes the imposing of administrative sanctions against the board.

Moreover, with regards to public interest entities, mainly listed companies, credit and insurance undertakings, subject to Law No. 4449/2017, the audit committee in place is entrusted with monitoring the quality of the internal audit systems and the risk management systems, subject to the obligations of the board. That said, the board members are subject to administrative sanctions in cases of improper establishment and functioning of the said committee along with the members.

Do undertakings face civil liability for risk and compliance management deficiencies?

Yes, third parties have the right to file a claim for damages against an undertaking according to the laws for civil liability (specifically the provisions for wrongful acts pursuant to the provisions of the Greek Civil Code), in cases where non-compliance of the said undertaking with the applicable legislation has caused damages to the party concerned.

Do undertakings face administrative or regulatory consequences for risk and compliance management deficiencies?

In the case of sector-regulated enterprises, namely credit institutions and insurance companies, the special legislation applicable, as discussed above, provides for specific administrative and regulatory sanctions for the undertakings’ non-adherence to risk and compliance obligations. That said, for credit institutions, non-operation of a corporate governance system, containing efficient risk management among others, results in a series of severe administrative and regulatory measures and fines imposed by the Bank of Greece (inter alia, dismissal of responsible persons, revocation of the institution’s licence, financial fines of up to 10 per cent of the annual finance revenues, etc). Moreover, legislation for insurance institutions (namely, article 256 of Law No. 4364/2016) foresees a reprimand or fine of up to €2 million placed upon the undertaking, the members of the management and any other person responsible for non-compliance with it. Lastly, the Hellenic Capital Market Commission and the Bank of Greece are responsible for imposing administrative sanctions on companies active in the financial markets sector.

As far as listed companies are concerned, deficiencies regarding risk and compliance management are not punishable by an administrative sanction, and other regulatory consequences affecting the undertaking as such do not apply. However, board members do face administrative consequences in some areas of corporate governance covered by the above-mentioned legislation (see question 15).

Do undertakings face criminal liability for risk and compliance management deficiencies?

No, there is no such provision for criminal liability of legal persons in Greek law. Instead, natural persons are subject to criminal liability (see question 16).

Liability of governing bodies and senior management

Do members of governing bodies and senior management face civil liability for breach of risk and compliance management obligations?

Members of the board of directors of an SA are liable against the company for any fault that occurred during the exercise of their competences as managers of the corporate affairs (article 22a of Law No. 2190/1920). However, proving that they have acted as a prudent business person would have excludes the above liability. Additionally, the law was amended in recent years to include cases of non-compliance with board obligations regarding the drafting and disclosure of annual economic statements, the management report and the corporate governance report (in cases that are applicable), according to the applicable laws.

Thus, the company has a right to claim for damages towards the members of the board in cases where their decisions and actions have caused the said damages. With regard to the board’s liability against the company creditors, the former are held liable for the damages they have caused by fault to the latter, according to the civil legislation for wrongful acts, as provisions of Law No. 2190/1920 serve the purpose of safeguarding the creditors’ interests and thus, non-compliance with them during the exercise of their duties, forms a wrongful act. Lastly, it is of importance to mention that the legal entity of the company is jointly and severally liable along with the board members against its creditors.

Do members of governing bodies and senior management face administrative or regulatory consequences for breach of risk and compliance management obligations?

As discussed in question 10, board members of listed companies face administrative sanctions for non-compliance with the corporate governance obligations of Law No. 3016/2002 and Law No. 4449/2017. The Hellenic Capital Market Commission is responsible for imposing a reprimand or fine ranging from €3,000 to €1 million on the persons performing the duties of board members (members of the audit committee might also be sanctioned according to Law No. 4449/2007), except for credit and insurance companies, for which the Bank of Greece is the supervisory authority (see question 12).

Do members of governing bodies and senior management face criminal liability for breach of risk and compliance management obligations?

According to the Greek legal system, the persons faced with civil liability are those entrusted with the representation of the company as well as with the management of its corporate affairs. Therefore, members of the board of directors of an SA face criminal liability for breach of their legal obligations, according to articles 54-seq of Law No. 2190/1920 (inter alia, submission of false statements regarding the payment of corporate capital and the issuing of shares, omission of the annual balance sheet completion), as well as being accused of committing the crimes of articles 375 (embezzlement) and 390 (infidelity) of the Penal Code. Criminal liability of the responsible persons is also incurred for the breach of tax and social insurance law obligations, as well as for non-compliance with competition law.

With regard to credit institutions, the relevant legislation (article 59 of Law No. 4261/2014) foresees the criminal liability of the board members, the president, the auditors and the responsible directors and employees of the credit institution whose actions have caused (among other things): the omission or forgery of the appropriate listing of an important transaction; the submission of false or inaccurate reports or data to the Bank of Greece; or the obstruction of the company practices review by the Bank of Greece.