Compliance

We help clients operate in accordance with the law

See also Regulatory

The growing number of regulations can make it hard for businesses to maintain compliance with the law. A lack of compliance may result in injury to the company’s image, a loss of trust among shareholders and customers, a decline in the company’s share price, significant financial penalties, civil liability, liability for criminal or tax offences (on the part of the corporate entity as well as individual managers), an obligation to repay state aid, tax arrears, liability in damages, and a risk of invalidation of existing contracts.

The solution can be to implement a business and legal compliance programme to help avoid risks arising out of non-compliance with regulations, internal rules and best practice.

Business compliance is particularly vital when the client’s activity is subject to special industry regulations at the European and national level.

To operate in line with business compliance principles, companies should:

  • Identify areas of threat
  • Establish internal procedures and operating rules and systematically verify that they are followed
  • Develop crisis procedures
  • Train their staff.

We advise clients at all stages of developing compliance programmes:

  • We assist in implementing regulations in clients’ internal organisation.
  • We review internal regulations for consistency and completeness.
  • We identify areas of activity most exposed to risk, and develop and help implement the appropriate procedures.
  • We provide support if a high-risk situation arises.
  • Advice on all corporate and regulatory aspects of activity
  • Identification of areas of risk
  • Verifying that internal regulations are consistent and comply with the legal regulations
  • Advice on:
  • Products offered to consumers and institutional clients
  • Electronic services, data protection, and money-laundering regulations
  • Selling products directly and through intermediaries, as well as advertising and marketing.
  • Advice on organisation of clinical trials of medicinal products and medical devices, in particular
  • Procedures for obtaining informed consent to participate in trials
  • Data protection
  • Medical documentation
  • Insurance against risks
  • Avoidance of crisis situations and necessary procedures if a crisis does occur
  • Advice on how to ensure required production standards (best practice) in manufacturing of drugs, dietary supplements and medical devices, so that the products are fully compliant with their registration or notification and are not at risk of withdrawal from the market for even minor departures from the applicable manufacturing standards
  • Advice on informational requirements for consumers and patients (in the case of medicinal products and medical devices), including how to provide information in unit packaging, collective packaging or instructions, to avoid exposure to inspections by the competent authorities and the need to withdraw products from the market or modify the labelling of existing products
  • Distinguishing between information and advertising (with respect to medicinal products, medical devices, dietary supplements, foods and cosmetics) and between honest and dishonest advertising of various products, from ad copy to commercial spots.
  • Advice on selection and monitoring of appropriate stages in the supply chain to ensure that food products are completely safe and fit for human consumption and their actual ingredients and properties are consistent with the characteristics declared on the packaging
  • Assistance in preparing plans for proceeding in crisis situations connected with the risk of release of an unsafe or altered product onto the market (the need to provide notice of an unsafe product, including in response to a demand by state authorities)
  • Advice on how to arrange economic relations with suppliers and subcontractors to fairly allocate the risk of product liability
  • Indication of legal requirements for specific goods and services and permissible methods for introducing goods and services onto the market
  • Advice on mandatory and recommended systems for certification of goods and services.
  • Advising businesses, managers and boards on identification and minimisation of risks under both civil law and criminal law (e.g. private corruption, abuse of trust by managers, misappropriation of corporate assets, and computer crimes)
  • Preparing confidential reports for the management board on actual or potential irregularities
  • Appearing for businesses and their representatives before courts and prosecutors in connection with the risk of criminal or civil liability
  • Drafting and reviewing internal procedures for action and organisation, and updating them to comply with changing legal requirements and practices
  • If irregularities occur or are suspected, conducting internal investigations and advising on remedial measures, assisting in limiting the business consequences of irregularities, and taking the necessary legal steps
  • Conducting training on compliance procedures, ethical codes and compliance management systems, as well as risks of criminal responsibility of board members and other individuals occupying managerial and supervisory positions in the company.
  • Assistance in minimising antitrust risk arising out of vertical agreements, abuse of a dominant position, or participation in industry groups
  • Advice on permissible exchange of information between competitors
  • Legal audit of enterprises for compliance with competition regulations
  • Drafting, reviewing and implementing internal documents and procedures for compliance with competition law
  • Drafting and implementing competition compliance programmes, including analysis of existing contracts, development of a competition compliance policy, and training of staff on competition compliance issues
  • Legal support for enterprises when the competition authorities demand information and documents, including support in the event of an unannounced antitrust inspection (“dawn raid”).
  • Drafting procedures for limiting liability for fiscal offences of individuals responsible for payment of taxes and other public charges of the enterprise
  • Appearing for taxpayers and remitters and their representatives before courts and prosecutors in connection with potential fiscal criminal liability
  • Support in the event of tax audits and fiscal inspections (preparing for the audit or inspection, representing the client during the procedure and in subsequent proceedings)
  • Assistance in calculating tax obligations (CIT, PIT, VAT, civil transaction tax) and social insurance and public health insurance premiums
  • Preparing procedures for calculation of tax obligations (including withholding) and social insurance and public health insurance premiums
  • Conducting tax reviews of data affecting the determination of obligations of taxpayers and remitters and social insurance and public health insurance premiums.
  • Verifying that state aid is used in compliance with the conditions for awarding the aid, with particular attention to the specific procedures (e.g. under the Public Procurement Law)
  • Developing the structure for ventures and transactions to ensure compliance with state aid regulations
  • Support at the national and European level on notification of projects to the European Commission
  • Participating in negotiations and proceedings commenced by implementing institutions, including in connection with audits of state aid
  • Support in seeking review of decisions by the European Commission, including representation of enterprises in proceedings before EU courts.
  • Reviewing the company’s existing internal regulations (such as the by-laws of the management board and supervisory board) for compliance with legal regulations and for internal consistency
  • Assisting companies operating in Poland within national and international capital groups in adapting their corporate documentation and internal procedures to comply with Polish regulations governing the functioning of holding structures
  • Conducting corporate legal audits to determine whether the activity of the corporate authorities and other representatives is consistent with applicable provisions of law
  • Examining the correctness of the conduct of shareholder meetings and appointment of corporate authorities and the compliance of actions by the corporate authorities with the law, the articles of association, and the requirement to act in the best interest of the company
  • Advising on proper conduct of corporate restructuring measures.

We advise on:

  • Risk management (due diligence, forensic audits, investigations with criminal elements in the case of suspected irregularities by staff)
  • Internal policies and codes, such as work rules, pay rules, ethical codes, antidiscrimination policies, employee monitoring and privacy policies, use of the employer’s property, and liability for the employer’s assets
  • Implementation of whistleblowing procedures for employees to notify the employer of irregularities
  • Monitoring of employees and protection of employees’ privacy (recording, access to staff e-mail, social media)
  • On-the-job accidents (post-accident procedure, risk management, and employee claims)
  • Occupational health and safety issues, including compliance issues in cooperation with specialists in this area.

We advise on:

  • Protection of privacy and personal data when implementing new business processes, products and services, or in the occurrence of incidental events
  • Registration with the Polish data protection authority of data protection officers and filing systems containing personal data, and maintenance of database registers
  • Requirements for cross-border protection of personal data.
  • Determination of whether insolvency has occurred requiring the debtor’s representatives to file a bankruptcy petition
  • Advice for management boards on what to do if a bankruptcy petition has not been filed on time
  • Drafting standstill agreements
  • Assistance in applying the EU’s Insolvency Regulation (1346/2000), including determination of the debtor’s centre of main interests and the possibility of opening pre-insolvency or insolvency proceedings abroad
  • Determining whether there is a violation of corporate governance principles, rules for functioning of corporate authorities, or exertion of influence over the debtor’s representatives
  • Advice on how to restructure the assets of the enterprise or group (holding company structure)
  • Advice on what preventive measures to take when insolvency is looming
  • Preparing the enterprise for entry into force of the new restructuring regulations—determining which procedure to select if restructuring is necessary, depending on whether the firm is already insolvent or there is only a risk of insolvency.

Doradzamy w zakresie prawnych możliwości podniesienia poziomu cyberbezpieczeństwa i pomagamy zapobiec jego naruszeniom:

  • identyfikujemy zagrożenia i obszary działalności najbardziej narażone na zagrożenia (obszary kluczowe dla działalności danego podmiotu objęte tajemnicą przedsiębiorstwa, dane osobowe itp.),
  • doradzamy przy tworzeniu i udoskonalaniu polityk bezpieczeństwa systemów informacyjnych we współpracy z najlepszymi specjalistami z zakresu informatyki i bezpieczeństwa,
  • doradzamy przy tworzeniu mechanizmów zapobiegania zagrożeniom, kontroli przestrzegania polityk bezpieczeństwa informatycznego oraz procedur reagowania na nieprawidłowości.

Reagujemy na incydenty naruszenia cyberbezpieczeństwa, cyberataki, cyberterroryzm, stosowanie szkodliwego oprogramowania, szpiegostwo, kradzież lub wyłudzanie danych i inne rodzaje naruszeń i przestępstw:

  • doradzamy podmiotom pokrzywdzonym cyberatakami oraz innymi bezprawnymi działaniami w sieci, w tym:
    • prowadzimy postępowania wewnętrzne w celu ustalenia przebiegu zdarzeń oraz zabezpieczenia dowodów (we współpracy ze specjalistami z zakresu informatyki śledczej),
    • ustalamy strategię postępowania „na zewnątrz” w związku z wykrytymi incydentami,
  • reprezentujemy klientów w postępowaniach karnych, administracyjnych oraz cywilnych służących usunięciu zagrożeń, naprawieniu szkód oraz pociągnięciu do odpowiedzialności sprawców przestępstw komputerowych bądź popełnionych przy wykorzystaniu infrastruktury teleinformatycznej lub szkodliwego oprogramowania, a także osób winnych zaniedbań.