Confianz

Etiqueta: actualidad jurídica

  • This is how the new Organic Law on equal representation will affect boards of directors

    The new Organic Law 2/2024 of 1 August on equal representation and balanced presence of women and men requires public and private companies to ensure a minimum representation of 40% of the under-represented sex on governing bodies.

    The aim of this regulation is to promote gender equality, social justice and business competitiveness. To this end, it aims to achieve material gender equality in the governing bodies of companies.

    This new Organic Law transposes Directive (EU) 2022/2381 of the European Parliament and of the Council of 23 November 2022 on a better gender balance among directors of listed companies. And we must be vigilant because it amends, among others, the Capital Companies Act and the Securities Markets and Investment Services Act.

    Which companies have to comply with the Organic Law on Joint Representation

    The new rules will be mandatory for:

    • All listed companies
    • Public interest entities that meet the following conditions:

    a) More than 250 employees;

    b) Annual net turnover of more than EUR 50 million or total assets of more than EUR 43 million.

    Mandatory requirements 

    Organic Law 2/2024, of 1 August, imposes a series of requirements on the companies concerned. Some of the most relevant are:

    • Gender quota on boards of directors. The sex less represented on these governing bodies must account for at least 40% of the total. However, the law stipulates that this rule does not have to be applied, although it does have to be justified, when the percentage of women exceeds 60%. Another exception is for public interest companies that are directly or indirectly controlled by a family. In these cases, executive and proprietary directors could be excluded from the calculations, at the company’s discretion.
    • Mandatory annual reporting. Every year, companies must report on gender representation on their boards of directors, and on the measures taken to achieve this goal. Both the annual sustainability report and the company’s website must include information on required gender balance measures and possible sanctions.
    • Sanctions. The Organic Law foresees sanctions for companies that do not comply with the objectives.
    • Incentives: Companies that meet the objectives of the standard will benefit from incentives that could translate into competitive advantages.

    Deadlines for implementation

    The regulation establishes different deadlines for compliance with these quotas, depending on the profile of the obliged company.

    • Listed companies:
      • The 35 companies with the largest market capitalisation have until 30 June 2026 to reach 40% equal representation on their boards.
      • All other listed companies will have a deadline of 30 June 2027.
    • Public interest entities:
      • They shall have reached 33% of the majority of the workforce by 30 June 2026.
      • They have until 30 June 2029 to achieve a 40 per cent representation.

    Conclusion

    Facing this new law of equal representation and balanced presence of women and men will be a challenge for many companies. At Confianz we know this and we are prepared to help them meet all the requirements so that they not only guarantee compliance with current regulations but also increase the diversity and competitiveness of the company.

  • How the new due diligence directive affects SMEs working with large companies

    The European Corporate Sustainability Due Diligence Directive entered into force on 26 August. Although implementation will begin for large companies from 2026, it is not only large companies that will have to adapt to the new legal requirements. Indirectly, SMEs that do business with them will also be strongly affected.

    The chain of activities

    The key is the concept of the «activity chain». According to the text of the Directive, large companies will also have to carry out at least annual assessments of their subsidiaries and value chains in a comprehensive manner, both upstream and downstream. That is:

    • Upstream, business partners engaged in the production of goods or the provision of services. This includes activities such as the design, extraction, sourcing, manufacture, transport, storage and supply of raw materials, products or parts of products and product or service development.
    • Downstream, trading partners who carry out activities related to the distribution, transport and storage of the product.

    The Directive requires all large companies to take responsibility for ensuring sustainability in each of these links. It is not enough to verify practices within the company itself. Rigorous monitoring of the entire network of business relationships, both direct suppliers and indirect suppliers who, while not interacting directly with the company, contribute critical inputs or services, is also mandatory.

    Which business partners are not affected by the Sustainability Due Diligence Directive

    Which business partners are not affected by the Sustainability Due Diligence Directive

    On the other hand, the following are exempted from the concept of a chain of activities: trading partners engaged in the disposal of the product and in the distribution, transport, storage and disposal of a product subject to a Member State’s export control or export control on arms, munitions or war material.

    Obligations of SMEs in the activity chain

    In general, the new Directive applies directly to companies with more than 500 employees and a worldwide net turnover of more than EUR 150 million. In certain high-risk sectors the limits are reduced to 250 employees and €40 million.

    In theory, therefore, SMEs are excluded from this direct obligation. In practice, all companies that are part of the activity chain of a large company will have to face indirect obligations. For example, they have to have environmental and human rights plans and to carry out audits and reports. Regardless of whether they are SMEs or not. The reason is that large companies affected by the Directive will require them to comply with certain standards so that they do not themselves violate the requirements imposed.

    Financial assistance

    Adapting to these new requirements will undoubtedly cost SMEs time and money. SMEs serving large companies will need to invest in new technology, training and consultancy services to comply with the requirements of the Sustainability Due Diligence Directive. The good news is that the EU and national governments will be able to offer support programmes and funding to mitigate some of the costs.

    In addition, complying with sustainability standards can improve competitiveness and open up new business opportunities for SMEs, as it will make them more attractive to large companies that need to comply with the Directive. At Confianz we can help your SME to meet these requirements.

  • NIS2 Cybersecurity Directive: how it affects businesses

    The European Union’s Network and Information Systems Security Directive NIS2 creates a new standard for corporate cybersecurity. That is, on cybersecurity measures to ensure that companies’ networks and information systems remain protected against cyber threats.

    Which companies are affected

    The new NIS2 Directive affects all medium-sized and large companies in the following sectors classified as essential or important: energy; transport; banking; financial market infrastructures; healthcare; drinking water; waste water; digital infrastructure; ICT service management; space; postal and courier services; waste management; manufacture, production and distribution of chemical substances and mixtures; production, processing and distribution of food; digital service providers; research; and manufacture of medical devices, IT, electronic and optical products, electrical equipment, machinery, motor vehicles and transport equipment.

    Aims of the NIS2 Cybersecurity Directive

    The NIS2 Cybersecurity Directive builds on the previous NIS1 Directive adopted in 2016. Its ultimate goal is to strengthen the capabilities of organisations operating in the EU that perform critical functions for society and the economy. To this end, it has been proposed:

    • Reduce inconsistencies in addressing cyber security threats;
    • Raise awareness of cybersecurity;
    • Improve the ability of organisations to respond to incidents.

    People, processes and technology

    When the NIS2 Directive comes into force, thousands of companies will have to proactively implement a range of measures including: information systems security policies and risk analysis, incident management, backup management, crisis management, supply chain security, maintenance of network and information systems, cyber hygiene, cyber security training, access control policies, etc.

    Compliance with the NIS2 Directive does not only involve the ICT department or the CISO (Chief Information Security Officer). Nor is it enough to acquire new technologies to deal with cyber-attacks. To comply with NIS2, it is necessary to build a security culture that affects the entire organisation. In other words, it is a question of companies having better cybersecurity practices and a general culture that reaches each and every member of the organisation.

    This is why each requirement of the NIS2 Directive is divided into three categories: people, processes and technology.

    Persons

    Providing all staff with cyber security training as soon as they join the company ensures that cyber security is always a priority. But this requirement should not be limited to members of the organisation. Partners must also meet these requirements.

    Processes

    Cybersecurity processes must constantly evolve to stay ahead of cybercriminals.

    Technology

    The company must ensure that it has the right technology to defend itself against any threat. Therefore, the necessary infrastructure must grow at the same pace as the business. For their expansion creates new risks, and more elements to protect.

    Timetable for implementation

    EU member states have until 17 October 2024 to transpose the NIS2 regulations into national law. Thousands of companies will therefore have to adopt measures this year to increase their resilience and capacity to respond to cybersecurity incidents.

    Compliance with the new regulation can be challenging. However, companies that prioritise cyber security now will be much better prepared to defend against current and emerging security threats and accelerate their growth. On the other hand, the costs of non-compliance with the Directive could include fines, reputational damage and loss of customers.

    Compliance with the NIS2 Directive requires full coordination between the IT, cybersecurity, risk management and legal departments. For this reason, we recommend that you trust Confianz to advise you on the implementation of this complex regulation that could be key for the future of your company.

  • The new Green Claims Directive will oblige companies to justify any environmental claims

    The new Green Claims Directive will oblige companies to back up their corporate commitment to the environment with data. It will also sanction misleading practices by companies regarding their products and activities. The aim is to crack down on greenwashing. That is, the practice of some companies and brands claiming to be greener and more sustainable than they really are.

    With the new Green Claims Directive it will no longer be enough to appear environmentally friendly, it will also be necessary to prove it. The Green Claims Directive aims to promote corporate transparency of companies through the reporting of environmental, social and sustainability claims that are reliable, comparable and verifiable across the EU. The aim is twofold: not to mislead consumers or stakeholders and to avoid unfair competition practices suffered by companies that do comply with sustainability standards.

    More than 50% of environmental claims are vague, misleading or unfounded

    The inclusion of green claims in advertising, corporate communication and product packaging is widespread in the EU. According to a study by the European Commission, 80% of websites, online shops or advertisements include some kind of environmental claim. According to research by the Observatory of Local Production and Sustainable Consumption, these claims positively influence the purchases of 72% of Spaniards.

    According to the study prior to the proposed directive, more than 50% of environmental claims are vague, misleading or unfounded; almost 40% have no evidence to back them up; and, in the case of the more than 230 green seals that exist at EU level, almost 50% have no verification whatsoever.

    Green Claims: advertising based on carbon offsetting schemes to be banned

    Now, with the Green Claims Directive, green or sustainable claims must be based on a comprehensive study, supported by a full life cycle analysis, considering environmental impacts from the beginning to the end of the products’ life cycle, including impacts on biodiversity, climate, soil and water.

    Member States will appoint verifiers to pre-approve the use of claims such as «biodegradable», «less polluting», «uses less water»… This is to protect purchasers from misleading and ambiguous advertising. Claims, together with supporting evidence, must be examined within 30 days. Member States must ensure that the cost of verification and certification takes into account the complexity of the claim and the size of the companies requesting verification and certification.

    Advertising based exclusively on carbon offset programmes shall be prohibited. Any mention of programmes related to carbon credits must be certified, such as those established under the EU certification framework for carbon offsets.

    The next round of negotiations on this Directive will start after the new EU Parliament is constituted following the elections in June 2024.

    Spanish legislation: over 100,000 euros fine

    The Ministry of Social Rights, Consumption and Agenda 2030, already started in March the processing of a Sustainable Consumption Law. One of its main aims is to firmly fight against greenwashing. Moving forward, the Ministry of Consumer Affairs has already published a Sustainable Communication Guide for businesses entitled: «How to include environmental information in your strategies and campaigns». It provides detailed information on how to identify greenwashing and the relevant legislation. For example: if a company makes unverifiable environmental claims this could be considered an unfair practice in breach of Article 47.1.m of the Royal Legislative Decree 1/2007 and lead to penalties of up to 100,000 euros. Penalties could exceed these amounts, up to four to six times the unlawful benefit obtained by the unfair practice.

    If your company needs advice to ensure compliance with these new regulations, Confianz can help you.

  • Directive on corporate sustainability due diligence is now adopted

    Following the recent approval of the CSDR Directive on corporate sustainability reporting, the EU has just approved on 24 April the new and ambitious Directive on Corporate Sustainability Due Diligence (also known as CSDDD). This regulation aims to make companies increase their corporate responsibility from the point of view of human rights and the environment. To this end, it is estimated that more than 5,000 companies, not only in the European Union, will have to comply with new obligations and requirements.

    Which companies will be affected by CSDDD?

    The implementation of the CSDDD will affect:

    • Large European Union (EU) companies with more than 1,000 employees and more than 450 million annual turnover worldwide. However, implementation will be gradual:
      • 2027: companies with more than 5,000 employees and a turnover of more than 1.5 billion euros.
      • 2028: companies with more than 3,000 employees and a turnover of more than 900 million euros.
      • 2029: companies with more than 1,000 employees and a turnover of more than 450 million euros.
    • Non-EU companies with activities in the EU with a turnover of more than €450 million in the territory of the EU. Implementation will also be gradual:
      • 2027: companies with a turnover of more than EUR 1.5 billion.
      • 2028: companies with a turnover of more than 900 million euros.
      • 2029: companies with a turnover of more than EUR 450 million.

    Obligations of companies

    Companies affected by the CSDD must comply with these standards for human rights and environmental due diligence:

    • Develop a due diligence policy containing a description of the company’s approach, a code of conduct and a description of the processes in place to implement it. Companies should also monitor the effectiveness of their strategy and the measures taken.
    • Determine the actual or potential negative effects of its activity, that of its subsidiaries and that of its chain of activities on human rights and the environment. Prevent and mitigate them through the application of the due diligence policy.
    • Establish and maintain a complaints procedure.
    • Communicate publicly on an annual basis on due diligence.
    • Adopt and implement a climate transition plan in line with the Paris Agreement, with the objective of mitigating climate change and limiting global warming to a maximum of 1.5°C.

    In order to comply with all these regulations, companies will have to collect qualitative and quantitative information through independent reports.

    How the Sustainability Diligence Directive affects the value chain

    In addition, large companies will also have to carry out at least annual assessments of their subsidiaries and value chains. The regulation adopts the term «chain of activities», which covers both upstream and, in part, downstream business partners. That is:

    • The activities of upstream business partners related to the production of goods or the provision of services. This includes the design, extraction, procurement, manufacture, transport, storage and supply of raw materials, products or parts of products and the development of the product or service.
    • The activities of the company’s downstream business partners related to distribution, transport and storage of the product.

    Significant financial penalties

    Non-compliance with the CSDD will lead to both administrative and civil sanctions. Supervisory authorities will be in charge of monitoring compliance and will be able to impose fines of up to 5% of the worldwide net turnover of companies that violate the rules.

    In conclusion, the new Corporate Sustainability Due Diligence Directive (CSDDD) significantly increases due diligence obligations. Confianz’s legal team can help companies to ensure proper compliance.

  • BEFIT Directive: European Commission proposes new corporate tax base

    On 12 September, the European Commission published the «Proposal for a council directive on Business in Europe: Framework for Income Taxation» (BEFIT). Its two main objectives are ambitious: to reduce tax compliance costs for large cross-border companies in the EU and to harmonise transfer pricing rules within the EU.

    Objectives 

    There are currently 27 different corporate tax regimes in the EU for groups of companies with an annual consolidated income of more than EUR 750 million. This forces multinational companies to face high complexity and costs in their operations. In addition, it gives rise to problems such as profit shifting, tax avoidance, litigation, double taxation cases…

    Now, the proposed BEFIT Directive seeks to introduce a common framework for corporate taxation across the EU. The objectives are:

    • Simplify the practice and management of corporate taxation in the internal market.
    • Create a level playing field.
    • Strengthening legal certainty.
    • Reduce tax compliance costs for large companies operating in more than one Member State by up to 65%.
    • Encourage companies to operate on a cross-border basis.
    • Stimulate investment and business growth in the Union.
    • Facilitate the national tax authorities’ assessment of taxes due to them.

    What the BEFIT Directive proposes

    The proposed BEFIT Directive foresees that its rules will be mandatory for groups operating in the EU with combined annual revenues of EUR 750 million or more, and where the ultimate parent entity owns at least 75% of the ownership rights or rights giving entitlement to benefits.

    In these cases, companies that are part of the same group:

    • They shall calculate their tax base on the basis of a common set of tax adjustments.
    • They will aggregate their tax bases into a single aggregated tax base. Cross-border loss relief will thus apply, as losses will be automatically offset against cross-border profits.
    • They will be entitled to a percentage of the aggregate tax base calculated on the basis of the average of the taxable results of the three previous tax years.

    The proposal builds on the OECD/G-20 international tax agreement on a global minimum level of taxation and the Pillar Two Directive adopted at the end of 2022.

    What the BEFIT Directive is NOT

    The Proposal for a BEFIT Directive does not entail a change or harmonisation of tax rates. It simply proposes a system of common computation of the tax base of groups of companies so that, subsequently, each Member State applies the corresponding rate.

    When will the BEFIT Directive enter into force

    The BEFIT Proposal for a Directive replaces two previous Commission proposals, which are withdrawn. These are BICIS (Common Consolidated Corporate Tax Base) and CCCTB (Common Consolidated Corporate Tax Base).

    At Confianz we always recommend companies to anticipate tax changes. So now you need to know that, if the BEFIT Directive is approved as currently proposed, EU member states will have to transpose it by 1 January 2028 at the latest. Thus, the new rules will apply from 1 July 2028.

  • Next Listing Act: EU to promote company flotations

    In the second half of 2023, Spain will take over the rotating presidency of the EU. And one of the important legislative developments planned for this mandate is the so-called Listing Act, the new European regulation to promote the flotation of companies on the stock exchange. To this end, it is proposed to reduce deadlines, lower fees and simplify procedures.

    Going public will be easier and faster with the Listing Act

    The new Listing Act dossier will promote IPOs with a number of measures:

    • Reduce deadlines for public offerings of shares (IPOs).
    • Simplify the cumbersome exit prospectuses, which would be reduced by half. Although it would still be a 300-page document, it will significantly reduce bureaucracy for companies. This means significant savings on consultants and professional services.

    The new Securities Market Act already simplifies bureaucratic obligations for listed companies 

    The recent stock market law that has just been passed in Congress is also intended to encourage the stock markets with the arrival of new companies. 

    On the one hand, it reduces issuing prospectuses for fixed-income securities such as corporate bonds. On the other hand, it incorporates the figure of SPACs (Special Purpose Acquisition Companies) into Spanish regulations. This is a formula originating in the United States that allows for a fast-track listing. The mechanism consists of listing an empty company on the stock exchange with the aim of merging it with a traditional company, which is automatically integrated into the stock exchange. Some Spanish companies are already taking advantage of this formula. For example, the Catalan company Wallbox is listed in New York thanks to a SPAC.

    The position of the National Securities Market Commission (CNMV)

    The National Securities Market Commission (CNMV) has also been working for some time to facilitate the IPO of Spanish companies. Such as the formula implemented two years ago that exempts listed companies from providing quarterly information.

    The supervisor is strongly committed to reducing bureaucratic burdens. It therefore seeks to limit the amount of information required from listed companies while preserving shareholders’ rights to know the details and performance of their investments.

    The CNMV has also proposed a reduction in the fees it charges companies for going public. The body accumulates a surplus of €12 million that goes to the Treasury and considers that this money would be more useful if it were used to reduce the burden on companies.

    And its chairman Rodrigo Buenaventura has even recently proposed that unlisted companies should also be required to report on aspects such as financial information on sustainability. The aim is to prevent unaccountability from giving them a significant competitive advantage over listed companies.

    The Spanish Securities and Exchange Commission (CNMV) estimates the investment needed to meet the challenge of the energy transition and digitalisation at 300 billion euros. However, banks are only in a position to provide 100 billion. To reach the rest of the financing, the entity points out that one of them must be the stock markets.

    The Debra directive proposal

    Finally, it should be noted that although its horizon is more long term, there is also a proposal for a European directive which aims to bring the tax burden of market transactions in line with that of interest on bank debt. It is known as the Debra directive.

  • Which companies are affected by the new Whistleblower Act?

    Just this week, the new Law 2/2023 of 20 February, which regulates the protection of whistleblowers and the fight against corruption, came into force. Known as the Whistleblower Protection Act, this new law transposes the so-called Whistleblower Directive and obliges, among others, all companies with more than 50 employees to have an internal system that allows employees to report breaches of the law in the professional sphere.

    These may be criminal offences or serious or very serious administrative offences, the latter including, in any case, those involving financial loss to the Treasury and to the Social Security.

    Structure of the Whistleblower information system

    The management body or governing body of each entity shall be responsible for the implementation of the internal information system, after consultation with the legal representation of the employees.

    The information system shall ensure impartiality, respect for data, privacy and confidentiality of communications. It shall consist of two elements:

    • The internal reporting channel itself, which should facilitate the submission of information by post, electronically, by telephone or even in person. Oral communications should be recorded by the whistleblower through a full recording or transcript. The system should ensure the confidentiality and privacy of the identity of the whistleblower and allow reports to be sent and processed anonymously. A private archive shall be kept of data received and internal studies conducted.
    • The person responsible for the internal information system, who may be an individual or a collegial body. It is authorised by the board or management panel but performs its tasks independently and autonomously.

    The principles governing the internal information system should be public. Management can be internal or external to the company.

    Deadlines for action

    Within seven calendar days the internal reporting system administrator shall acknowledge receipt of the communication to the reporter.

    The response to the investigation proceedings may not take more than 3 months from receipt. Only in cases of particular complexity may it be extended for a further 3 months. If the facts prove to be criminal offences, the information must be sent immediately to the Public Prosecutor’s Office or the European Public Prosecutor’s Office.

    Whistleblower protection measures

    The fundamental objective of the Whistleblower Protection Act is to safeguard whistleblowers against retaliation. It therefore grants them protection for a minimum of 24 months.

    Retaliation is defined as any act or omission involving unfavourable treatment that results in a disadvantage in the employment context solely because of their status as whistleblowers. Such acts or omissions shall be completely invalid and, where appropriate, may result in the payment of compensation.

    Support measures for whistleblowers, free public advice on available procedures and remedies, legal aid in cross-border criminal and civil proceedings or even financial assistance and psychological support are also envisaged.

    Fines of up to one million euros

    Infringements are punishable by fines of between €1,000 and €300,000 for natural persons and up to €1,000,000 for legal persons.

    What is the deadline for implementing Whistleblower in the company?

    Companies with 250 or more employees must implement the system by 13 June. Companies with up to 250 employees have an additional margin until 1 December.

    External reporting channels 

    The whistleblower may also choose to use the external reporting channel of the newly established Independent Whistleblower Protection Authority. The Authority will have to respond within three months: close the case, send it to the Public Prosecutor’s Office, transfer it to the appropriate authority or initiate sanction proceedings.

    Ultimately, after disclosure through internal and external channels and the expiry of the deadlines without appropriate action, the whistleblower may make a public disclosure of the breach if it poses an imminent danger to the public interest.

  • The judicial debt register is now more streamlined

    The General Council of Spanish Lawyers (CGAE) has just presented a pioneering functionality in its debtors’ file. The Registry of Judicial Unpaid Debtors (RIJ) has thus become the most guaranteeing in the notifications to the debtor.

    This new service will allow corporate lawyers to claim any debt free of charge. It does not matter if a final court decision has already recognised the debt. Nor does it matter whether the debt is in the process of being judicially settled or has already been settled. In the latter case, the only condition is that its existence or amount is not being disputed by the debtor in the judicial proceedings.

    Free order for payment and free notification 

    The Spanish Bar Association’s Registry of Judicial Unpaid Debts now offers a new way of publishing debts in the RIJ Credit Information System. With this new method, the prior payment request and the notification of inclusion can be made directly through the court. Thus, the creditor company has three options for doing so, free of charge:

    • In court proceedings.
    • Through demand.
    • In a subsequent procedural

    One of the main advantages is that, by claiming and notifying debts through the courts, the risk of suffering sanctions and compensation for violating the affected party’s right to honour is reduced.

    Faster and cheaper

    Until now, and since the launch of the RIJ in 2019, the registered letter or burofax has been the way to carry out notifications.

    In view of the general increase in delinquency, this new functionality optimises the service for the reduction and prevention of non-payments of the Spanish Lawyers’ Credit Information System (Sistema de Información Crediticia de la Abogacía Española). It speeds up the work of lawyers and maintains all the legal guarantees in the process of notifying the debtor. It also saves time and money.

    Thus, the aim is to avoid future risks of non-payment and to prevent default. Companies, the self-employed, individuals and financial institutions can consult the information published in the CGAE’s file of defaulters. This information is available through its strategic partner, Informa D&B, and the multinational Experian.

    A legal revolution for legal default

    The CGAE has just presented this new possibility at the 17th Legal Congress of the Legal Profession held on 27 and 28 October in Málaga. In her speech, the legal manager of the RIJ, Reyes Rodríguez Zarza, explained that «the Supreme Court has stated in numerous rulings that in order to presume the lawful processing of personal data in debtors’ files it is a requirement to have requested payment from the debtor with the express warning that if they do not pay they may be included in these files«. Although «neither the law nor case law establishes the means by which such a communication must be made, they do require that it be receptive (that the means used allows the delivery to be accredited)», warned Rodríguez Zarza.

    In conclusion, the head of the RIJ emphasised that «the possibility of notifying the debtor of the payment demand in a receptive manner, by means of a simple written document, represents a legal revolution and an unprecedented novelty in the form of communication required by the Supreme Court before the debtor is included in a default file, making the RIJ an essential working tool to reduce and prevent default, in a particularly complicated economic context».