Twenty years ago, back in 2001, Legislative Decree 231 made its debut on the Italian legislative scene with the intention of bringing a revolution in the cardinal principles of our legal system: for the first time, in fact, the well-known Latin proverb "societas delinquere non potest" (company cannot commit crimes) was challenged.

Like all revolutions, the spark started by Legislative Decree 231/2001 initially involved a limited area, including only specific intentional crime. Over time, however, the types of offence included in the scope of application of the legislation, i.e. those capable of generating company liability for a crime committed in the interest or to the advantage of the company by its employees or senior management, have gradually been extended, with the consequent extension of the list of predicate offences, which now includes numerous cases (the list of predicate offences now includes environmental offences, corporate offences, computer offences, offences against the public administration, industrial accidents, market abuse and, most recently, the long-awaited introduction of tax offences). Particularly significant in the history of the administrative liability of companies was the imprint left by the implementation of Legislative Decree 81/2008 which, under the aegis of Legislative Decree 231/2001, introduced a special focus on the health and safety of workers in the workplace.

If, therefore, it is true that reforms of principles, as indeed 231 was, are useful because they force us to find a new (and often better) order, twenty years after its introduction it is now possible to look back and draw up a balance sheet of the consequences that the entry into force of this Decree has produced.

The most obvious effect, probably also because it is the most prominent, is undoubtedly that of having initiated a sort of “modernizing turn” in the organizational structure of companies. The entry into force of Legislative Decree 231/2001 gave companies an incentive to adopt and implement an internal compliance system that was (also externally) serious and effective, a circumstance that led to a general process of corporate modernization, which proved to be particularly useful for the prevention of offences committed by their senior management and employees.

Although the modernizing turn is certainly the main merit of 231, what is far more important is the fact that it was the companies themselves that realized the usefulness of implementing an Organizational Model: this is what emerges from the survey conducted by Confindustria in 2017, according to which all the large companies (i.e. with more than 250 employees or a turnover of more than 250 million euro) surveyed had adopted a 231 Model and only 12% of the companies surveyed considered the adoption of a Model to be of little use in preventing the commission of offences.

Although some companies (particularly the niche market of large companies) have shown that they have understood the usefulness of compliance, there is still a lot of work to be done. In fact, since the application of the “231 model” is still optional, many entities refuse (or, very often, ignore the possibility of) compliance. In order to intervene in this segment of the market, bonus mechanisms have been assessed for those companies that have decided to adopt an Organizational Model and have assumed the relevant costs (a circumstance which, among other things, also constitutes a suitable counterbalance to the punitive face of the law, which, it should be remembered, establishes heavy penalties for the company that has not adopted an Organizational Model in the event of a predicate offence committed by employees or senior management).

In the wake of these evaluations, some regional legislations have provided, among the prerequisites for access in specific sectors, for the application of the regulations dictated by 231. This has been done both by the Antitrust Authority, which identifies the presence of the “231 Model” among the elements of evaluation for the purposes of the score for the attribution of the legality rating, and by the new Code of Tenders, in which compliance with the 231 requirements is characterized as an autonomous reputational requirement for the purposes of the attribution of the rating of the most reliable company for the public purchaser.

If, on the one hand, therefore, with the entry into force of Legislative Decree 231/2001, an undeniable virtuous circle was created between the legislation and the persons to whom it was addressed, on the other hand, it cannot be denied that the aspirations of the 2001 legislature, especially in terms of the concrete application of the decree, were much higher.

In fact, in spite of all the signs of encouragement towards a rosy future for the world of compliance outlined above, we cannot ignore the fact that we are faced with a lack of attention to legislation on the part of the courts.

Data collected in 2017 by the Public Prosecutor's Office at the Court of Milan shows that there were only 29 registrations of entities (-37% compared to 2016 and -23.7% compared to 2015). An interpretation of this figure is provided by the Social Responsibility Report of the Milan Public Prosecutor's Office of 2016, in which the underlying reason is identified as the fact that the registration of the legal person is still considered a discretionary assessment, “the reasoning that has been used up to now does not appear to be congruous, since, in order to carry out the registration, the Public Prosecutor must first verify the interest or usefulness of the entity, this assessment having to follow and not precede the registration (also to allow the entity to defend itself).

Regardless of the above, it is undeniable that, with the passage of time, more and more companies are adapting to the dictates of the Decree, adopting a correct application of 231, often also obtaining indirect benefits, such as the improvement and efficiency of business procedures under examination by the Supervisory Body.

And this is precisely the main stimulus that must be leveraged to convey the need to comply with the dictates of 231. The last twenty years have shown us that the fear of sanctions (which are often perceived as distant and applicable only to third parties) is not in itself sufficient to induce market operators to put in place the necessary safeguards for their own protection. It is different, however, if such measures also prove to be a company check-up tool, useful for improving procedures and likely, for cutting costs, tracing operations and regulating processes. This is the only way in which Legislative Decree 231/2001 will show that it is ready to face the second 20 years of its existence: renewing itself without betraying its spirit.