07.09.2017 | KPMG Law Insights

Internal company investigations – Why it’s never too late for compliance

Why it’s never too late for compliance

In a new ruling (ruling dated May 9, 2017; Ref.: 1 StR 265/16), the Federal Court of Justice (BGH) recognized that compliance measures can have a mitigating effect on the fine to be imposed on a company – even if they are implemented only after the offense has been discovered and preliminary proceedings have been initiated.

The verdict

The defendant, a senior executive of a German defense company, had been convicted in the first instance by the Munich I Regional Court of various tax offenses. A fine was imposed on the defense company as an accessory. The background to the conviction was a 2001 arms deal between the company and the Greek state, which was based on a bribery agreement between the company’s management and the Greek defense minister. The defendant had released an invoice that served to conceal the bribe payment, as well as not paying tax on commission payments himself.

On appeal by the public prosecutor’s office, the Federal Court of Justice overturned, among other things, the fine imposed on the other party: The Regional Court had erroneously based its assessment of the fine exclusively on the culpability of the defendant, but had not also taken into account the wrongful acts committed by the shareholder-managing directors of the secondary parties involved when assessing the fine. This legal error was to the benefit of the secondary participants, so that the judgment had to be set aside. In this connection, the Federal Court of Justice pointed out for the new hearing that, when calculating the fine, it was also important “to what extent the secondary participant has fulfilled its duty to prevent infringements of the law from the sphere of the company and has installed an efficient compliance management system which must be designed to prevent infringements of the law” (loc. cit., para. 118). According to the Federal Court of Justice, actions taken by the secondary parties that were only implemented as a result of the state investigation, such as the optimization of the relevant regulations and the structuring of internal processes in such a way “that comparable breaches of the law are at least made significantly more difficult in the future” (loc. cit., para. 118), should also play a role in this context.

Practice Notes

With this ruling, the BGH has for the first time commented on the controversial question of whether and to what extent the establishment of a compliance management system (CMS) can be taken into account when calculating a fine pursuant to Section 30 OWiG – with a reduction in the fine. Unlike in some foreign jurisdictions (USA: FCPA; United Kingdom: UK Bribery Act), this possibility has not been legally standardized in Germany. Following a view already expressed in the literature, the Federal Court of Justice (BGH) has now come out in favor of taking this into account. It is interesting to note that this should apply not only to compliance measures implemented prior to the offense, but explicitly also to measures implemented only after the offense has been discovered and investigative proceedings have been initiated.

For companies, this means in concrete terms that with the discovery of a compliance incident, “the child has not already fallen into the well.” Against the backdrop of the ruling, companies have a large number of opportunities to influence the outcome of preliminary or main proceedings in their favor.

However, in order to be introduced to the process and to convince investigating authorities and courts, the subsequent implementation of compliance measures as well as the process leading to these measures must be documented completely and in a way that is comprehensible to third parties. Here we are happy to help you with the following services:

  • Internal investigations/compliance audits to fully establish the facts following a compliance incident.
  • Legal processing of possible findings
  • Communication with the public prosecutor’s office and other investigative authorities
  • Occasion-related as well as occasion-independent gap analyses to identify and evaluate gaps in the CMS (from a legal as well as benchmark perspective)
  • Compliance Risk Assessments to determine the individual risk landscape of your company
  • Risk-oriented implementation of compliance measures.

Contact us and benefit from our extensive experience!

Explore #more

27.05.2024 | KPMG Law Insights

Agreement on ecodesign regulation: products to become more sustainable

After lengthy negotiations, the Council and Parliament of the European Union reached a provisional agreement on the Ecodesign Regulation on the night of December 5,…

22.05.2024 | KPMG Law Insights

The AI Act is coming: EU wants to get a grip on AI risks

For many people, artificial intelligence (AI) is the great hope for business, healthcare and science. But there are also plenty of critics who fear the…

17.05.2024 | KPMG Law Insights

Podcast series “KPMG Law on air”: When the family business is to be sold

Around 38,000 family businesses are currently handed over each year. In most cases, the change of ownership takes place within the family. But more and…

03.05.2024 | KPMG Law Insights

Doubts about inability to work? What employers can do

The certificate of incapacity for work (AU certificate) serves as proof of incapacity for work due to illness. However, only if the certificate meets certain…

27.03.2024 | KPMG Law Insights

EU Buildings Directive: life cycle greenhouse potential becomes relevant

On March 12, 2024, the EU Parliament approved the amendment to the EU Buildings Directive. The directive obliges member states and, indirectly, building owners and…

19.03.2024 | Business Performance & Resilience, KPMG Law Insights

CSDDD: Provisional agreement on the EU Supply Chain Directive

The EU member states agreed on the CSDDD, the EU Supply Chain Directive, on March 15, 2024. Germany abstained from the vote. Negotiators from the…

21.02.2024 | KPMG Law Insights, KPMG Law Insights

The Digital Services Act – what does it mean for companies?

The Digital Services Act (DSA) is a key component of the EU’s digital strategy and came into force on November 16, 2022. As a regulation,…

15.02.2024 | KPMG Law Insights

Data compliance management: How to implement it in practice

Part 3 of the article series “Professional tips for data compliance management”   The third part of this series of articles deals with data compliance

14.02.2024 | Business Performance & Resilience, PR Publications

Guest article in ZURe: Monitoring the implementation of the LkSG

The current issue of ZURe (p. 20 ff.) contains a guest article by KPMG Law Partner Thomas Uhlig (Head of General Business and Commercial Law),…

09.02.2024 | KPMG Law Insights

Podcast series “KPMG Law on air”: The employment law function

In almost all German companies, the employment law function is located in the HR department and not in the legal department. One of the reasons…


Dr. Bernd Federmann

Stuttgart Site Manager
Head of Compliance & Corporate Criminal Law

Theodor-Heuss-Straße 5
70174 Stuttgart

tel: 0711 781923418

Anne-Kathrin Gillig

Frankfurt am Main Site Manager
Head of Compliance and Business Criminal Law

THE SQUAIRE Am Flughafen
60549 Frankfurt am Main

tel: +49 69 951195013

Philipp Glock, LL.M.

Solution Line Head Legal Corporate Services
Head of IT & Innovation

Heidestraße 58
10557 Berlin

tel: +49 341 22572529

Dr. Thomas Uhlig

Co-Head of General Business and Commercial Law

Galeriestraße 2
01067 Dresden

tel: +49 351 21294460

© 2024 KPMG Law Rechtsanwaltsgesellschaft mbH, associated with KPMG AG Wirtschaftsprüfungsgesellschaft, a public limited company under German law and a member of the global KPMG organisation of independent member firms affiliated with KPMG International Limited, a Private English Company Limited by Guarantee. All rights reserved. For more details on the structure of KPMG’s global organisation, please visit

 KPMG International does not provide services to clients. No member firm is authorised to bind or contract KPMG International or any other member firm to any third party, just as KPMG International is not authorised to bind or contract any other member firm.