Criminal Liability for Company Managers
Can a compliance officer be prosecuted where the organisation that employs him or her has committed a regulatory offence? What about a health and safety manager where the organisation has breached health and safety law – can he or she be prosecuted? In this briefing, Sinéad Reilly explores the answer to these questions, with reference to a recent Supreme Court decision– DPP v TN.
Criminal Liability for Company Managers
Can a compliance officer be prosecuted where the organisation that employs him or her has committed a regulatory offence? What about a health and safety manager where the organisation has breached health and safety law – can he or she be prosecuted?
I’m Sinéad Reilly and I am the Professional Support Lawyer in the Litigation, Dispute Resolution and Investigations Department here at Arthur Cox.
In this briefing, we will explore the answer to these questions, with reference to a recent Supreme Court decision– DPP v TN. The decision itself is 80-pages and certainly a very interesting read from a legal perspective, but for our purposes, I will highlight the key practical points arising from the decision and the key issues to be aware of in your organisations.
Let’s start with the legal context
Across the Irish statute book, there are many examples of statutes that impose criminal liability on directors, secretaries, managers or other similar officers where an offence has been committed by a body corporate and is proved to have been committed with their consent or connivance, or to be attributable to any neglect on their part.
The purpose of this type of penal provision is clear – it is to impose personal liability on directors, secretaries, managers, officers – i.e. actual human beings – where an act or omission on their part has been directly influential in the commission of an offence by the company.
You can find provisions like this right across the statute book – in the Companies Act, the Corruption Act, health and safety legislation, the Competition Act, the Data Protection Act, the list goes on.
And depending on the legislation in question, a director, secretary or manager convicted of an offence could face a custodial sentence.
So we said this type of provision typically imposes criminal liability on directors, secretaries, managers or other similar officers.
Directors and secretaries are statutory positions with statutory functions. So when we talk about imposing liability on a director or a secretary in this context, we are referring to someone holding one of those positions as defined in the Companies Act 2014.
But there is no statutory definition of a manager. So who is a manager for the purpose of this type of offence?
Are we talking only about the CEO of an organisation or can it include someone at a lower level but who has specific responsibility for a particular area.
What about a regulatory compliance officer, a finance director, HR director, a data protection officer, a health and safety officer – are they “managers” for the purpose of this type of offence?
In the DPP v TN case, the accused was responsible for waste management at a waste management facility. The DPP alleged that the companies that operated the facility had disposed of waste in a manner that caused environmental pollution and it prosecuted the accused under the Waste Management Act 1996, claiming that he was liable in his capacity as a “manager”. The question before the Court was whether he was in fact a “manager” and so liable to prosecution.
Is the term “manager” in this context directed at top level management only?
No, the Supreme Court was emphatic on this point.
This was the argument put forward on behalf of the accused in the DPP v TN case. His legal team argued that a “manager” in this context is someone who holds a managerial role at the highest level of the company and who has responsibility for overseeing the affairs of the company as a whole. In support of this argument, they relied on a number of older English authorities, the first of which was from 1875.
But the Supreme Court noted that company structures have changed significantly since the 1870s and it is no longer true to say, in the case of many organisations, that decision-making responsibility rests only with those at the very top of the management hierarchy. In modern corporate governance structures, different elements of management responsibility are typically delegated to different managers. A person who is not the controlling mind of the company, as such, may nevertheless have real responsibility and decision-making authority over a certain aspect of its activities.
The Court noted that the complexity of many modern organisations requires that there be various persons often possessing specialised expertise and a particular skillset each with responsibility for discrete aspects of the organisation’s operation and structure. For example, a compliance manager may not have power to influence the whole direction of the company, but may very well be the person responsible for designing and signing off on the company’s compliance policies.
In the context of the case as hand, the Court commented that it would be a most bizarre situation if a manager with overall responsibility for waste management could not be held liable under the Waste Management Act merely because he/she was not in charge of the overall running of the company.
So, the Court was very clear that a “manager” in this context is not confined to those at the top of the pyramid. But who then is a “manager”?
The Supreme Court said it would be foolish and impossible to set out a precise definition of a “manager” given that companies can differ greatly in their formation, their set-up and how they operate or function, from a two-person entity right up to an international and transcontinental giant. The Court also said that it should not be assumed that the term “manager” has a uniform definition across all statutes, and that indeed that a broader definition may be more appropriate where no criminal responsibility is imposed.
But the Court did set out a list of factors that might indicate a person is a “manager” for the purposes of this type of offence:
- Function and role: a person’s formal job title may be relevant – perhaps highly relevant – but it is not decisive, what will be decisive is their function and role within the organisation;
- Level of authority and responsibility: it is not necessary that the person manage the whole affairs of the organisation, but they must have real authority and responsibility for the area in question. While an express delegation of responsibility on the person may be relevant, it is not necessary if it is clear that in practice the person was responsible for the particular area.
- Decision-making power: look to see whether the person has responsibility to make relevant decisions and to devise and implement policies and procedures, and whether they have the final word in respect of these.
- Nature and size of the organisation and the organisational structure: the more senior the person is, the more likely they are to be a “manager” for this purpose.
The Court was clear that a “manager” does not include everyone who manages subordinates. If the person has no true authority and simply oversees staff in implementing policies that were devised higher up the chain and reports to a superior, this would tend to suggest that they do not have the level of responsibility required .
So to answer the questions we started with…
Can a compliance officer be prosecuted if the organisation breaches regulatory law? Can a health and safety officer be prosecuted where the organisation breaches health and safety legislation?
The answer, as you will by now have gathered, is yes, potentially. It will depend on the facts of the case and the role the person in question had in the organisation and their level of authority and responsibility for compliance matters and health and safety, as the case may be. It will be for the prosecution to prove on the basis of the facts that the person was in fact a manager and so liable to prosecution.
I should also add at this point that this type of offence is not the only route to individual prosecution for corporate or regulatory offences. An individual might be prosecuted, in appropriate circumstances, as the principal offender, or for aiding and abetting an offence.
And so to finish, here are my 3 key takeaways
- Under certain legislation, a manager may be guilty of an offence where an offence is committed by a body corporate and is proved to have been committed with the consent of, connivance of, or to be attributable to neglect on the part of the manager.
- A manager for this purpose is not confined to someone in a top-level position. It may include someone at a lower level who has real authority and responsibility for the area in question. Each case will depend on its own facts and the actual role the person played in the organisation and their level of authority and responsibility will be key.
- Companies should consider, as part of a compliance review or otherwise, who within their organisations might be considered a “manager” and so liable to prosecution where the company commits an offence, and should ensure that receive adequate training (from compliance perspective) and support.
If you would like to learn more about this decision and how it might impact your organisation, please feel free to contact me or your usual Arthur Cox contact.
Thanks for listening and goodbye.