On our previous blog post we provided the general outline and background behind Mexico’s National Anticorruption System. On this post, we will go further into the weeds of both the 2016 amendments to the Federal Criminal Code and the compliance provisions of the General Law of Administrative Responsibility as these laws apply to legal entities. Although these amendments are generally discussed separately, we believe that these laws, as amended, complement each other and the provision of one can help understand the other. This bifurcated enforcement is in some ways similar to how the FCPA is enforced by the DOJ and the SEC in the U.S. (i.e. through separate but complementary criminal and civil/administrative actions).

With this in mind, we turn our attention to how these laws impact legal entities.

Prohibited Conduct

Corporate criminal liability has been around in Mexico, in some form or another, for over a decade. After the 2016 amendments, Title X, Chapter 2 of the National Code of Criminal Procedure established the basis for criminal liability of legal entities. Under this chapter, legal entities are criminally liable for certain enumerated crimes listed under article 11bis of the Federal Criminal Code and only after a finding that the company failed to comply with its own internal controls. The crimes listed include: public health and financial crimes, money laundering, terrorism, human trafficking, influence peddling, domestic corruption, and transnational corruption, among others.

Like the criminal code, the General Law of Administrative Responsibility prohibits influence peddling and corruption, but broadens the scope of liability on legal entities to include violations in the public procurement process by adding the following serious offenses: (i) unlawful participation in public procurement, (ii) using false information, and (iii) collusion. The law applies both to conduct occurring in Mexico and to transactions conducted outside of Mexico where Mexican individuals or entities are directly or indirectly involved.

Even though the language used in each of these laws is slightly different, to be subject to liability under either, a legal entity’s representative or agent must commit the crime or offense using corporate means, and must act on behalf of the legal entity or for its benefit.

Sanctions and Penalties

Under the National Code of Criminal Procedure, legal entities found guilty may be subject to one or more of the following penalties: (i) fines, (ii) forfeiture, (iii) publication of the criminal sentence, and (iv) dissolution. At sentencing, courts must consider several factors to determine the applicable penalty, including the degree of liability, the magnitude of non-compliance with internal policies, the damages caused, the entity’s annual revenue, etc. To order the dissolution of the company, judges must further consider if such measure is necessary to protect national interests or public safety, or if it is necessary to avoid risks to the national economy or public health.

The new Federal Criminal Code’s article 11 echoes this provision but further establishes suspension – not only dissolution – as a penalty where necessary for national security purposes. Article 11bis sets the limits to suspension from 6 months to 6 years, debarment for up to 6 years, and a judicial monitor for up to 6 years. The Federal Criminal Code does allow courts to reduce the applicable penalties by up to 25 percent where: (1) prior to the commission of the crime the legal entity had a permanent control body in charge of compliance and (2) the company mitigated the damages caused by the criminal conduct either before or after the crime was committed.

Surprisingly, the penalties for legal entities in the General Law of Administrative Responsibility are, in some way, harsher than those found in the Federal Criminal Code. Companies found to have committed a serious administrative offense are subject to: (i) disgorgement of twice the benefits obtained, (ii) debarment of up to 10 years, (iii) suspension of activities for up to three years, (iv) dissolution, and/or (v) restitution. It is worth reiterating that a company may be found liable of a serious administrative offense only if the individuals who committed the underlying conduct act on its behalf and for its benefit.

The role a compliance program plays in determining liability differs under these criminal and the administrative laws. Under the Federal Criminal Code and National Code of Criminal Procedures, a company’s failure to comply with its internal controls is an element of the crime while, under the General Law of Administrative Responsibility, a company’s “integrity policy” is a mitigating factor to be taken into account when imposing sanctions on legal entities. We will have to wait and see how courts enforce these laws in practice to gauge the relevance of the distinction.