As a general principle, a person is not obliged to incriminate himself or herself. Hence, no duty exists for a party to report its own criminal offences. However, one may choose to report an offence voluntarily to obtain leniency or a settlement (see below). Nor is there a general duty to report criminal offences committed by third parties, with the exception of crimes against public safety or against the life or property of an individual. The latter category of crimes should be reported to the public prosecutor. Failure to do so is criminally sanctioned.
Similarly, a person who is the subject of a regulatory investigation that can lead to the imposition of a financial penalty or fine has a right to silence and a right not to self-incriminate. The regulators have already acknowledged these rights in the context of replying to the written questions asked in the framework of a regulatory investigation. The same right applies in case of an interrogation.
These rights may also be violated if the regulator uses constraints to obtain evidence. A constraint may be to impose a penalty or fine if the entity concerned fails to hand over evidence that the regulator requests. However, constraints may be lawful if their aim is to obtain evidence that exists independently of the will of the entity concerned. In addition, the right to silence cannot be invoked to prevent handing over documents to the regulators if the entity concerned has a statutory duty to keep the documents as records.
Belgian regulators have no duty to caution (i.e., to inform the entity under investigation at the beginning of the interrogation about its right to silence), but as a result of case law, when the regulators remind an undertaking of its right to silence, it prevents any future objection relating to the right not to self-incriminate.
Leniency in competition law matters
Undertakings are not obliged to self-report when they discover an internal wrongdoing that could constitute a competition law infringement. They may, however, voluntarily opt to do so in competition cases to benefit from the leniency programme.
Under EU competition law, the conditions and benefits of leniency applications are enumerated in the Commission Notice on Immunity from fines and reduction of fines in cartel cases (Commission Leniency Notice). Undertakings that are part of a cartel can apply for leniency. By contrast, abuses of dominant position, vertical agreements and horizontal agreements that are not cartels within the meaning of the Commission Leniency Notice cannot benefit from the leniency programme.
Leniency is granted on a first-come, first-served basis. If an undertaking or association of undertakings wants to obtain full immunity from fines, it must be the first to submit information and evidence enabling the European Commission to carry out a targeted inspection or to establish an infringement. A company that does not qualify for full immunity can apply for a reduction of the fine if it provides evidence that represents significant added value to the evidence already in the possession of the European Commission.
In all cases, the leniency applicant must also end its involvement in the alleged cartel (except when the European Commission decides otherwise in order to preserve the integrity of inspections), cooperate fully and expeditiously with the European Commission throughout its investigation, and provide all evidence in its possession. The applicant may not destroy, falsify or conceal any evidence relating to the alleged cartel, either prior to the submission of the application or during the investigation.
The regime of leniency under Belgian competition law follows closely the European regime. The rules regarding leniency are contained in Book IV of the Belgian Code of Economic Law and the Leniency Guidelines of 22 April 2016. Thus, an undertaking can apply at Belgian level for full or partial immunity of fines, provided it offers sufficient evidence, collaborates fully and ends its involvement in the cartel. However, a few notable differences exist with the EU system. First, leniency under Belgian competition law also applies to ‘hub-and-spoke’ conspiracies. Second, Belgian competition law provides for administrative sanctions for individuals involved in certain serious violations of competition law (in essence hardcore cartels). For these individuals, the Leniency Guidelines provide a regime of immunity of fines, for which the individuals can apply separately or with the undertakings employing them. If granted, the individuals will be fully immune.
In assessing whether the conditions for leniency are satisfied, both the European Commission and the Belgian Competition Authority (BCA) enjoy a margin of discretion. A company cannot be certain whether the competition authorities will consider the information provided to be sufficient to qualify for immunity or fine reduction. Also, leniency applications, both under European and Belgian competition law, provide no protection against private law claims for damages from customers or competitors.
Under the Antitrust Damages Directive, soon to be implemented in Belgian law, final decisions by the competition authorities (e.g., the BCA in Belgium) will constitute irrefutable proof of fault in private damage claims. The Antitrust Damages Directive will also facilitate disclosure of evidence. However, leniency statements at both the EU and Belgian levels are shielded from requests from disclosure. Other documents in the investigation file may be disclosed, albeit that the court must balance the interests of the victims with the interest of effective public enforcement of competition law (i.e., keeping the leniency programme attractive for undertakings).
Before deciding to file a leniency application, companies should, therefore, make a careful assessment of all relevant elements, including the likelihood of an investigation or a fine, the risk of a leniency application by another cartel member, the potential impact of a leniency application on the risk of investigations in other countries, the risk of private damage claims from third parties, and the potential effect on relationships with other industry players and with customers.
ii Internal investigations
An undertaking may conduct its own internal investigations. There are several ways to do so, such as interviewing the relevant employees and auditing their paper and electronic files. An undertaking’s internal investigation must comply with rules regarding privacy and employee protection, arising from various provisions from employment, telecommunication and privacy law.
An undertaking will often need to conduct an internal investigation when preparing a leniency application (to provide full cooperation) or answer a request for information from the Competition Authority, the financial services regulators and banking supervisors, and criminal authorities. While certain legislation provides, under penalty of sanctions (e.g., fines) in the case of refusal, for an obligation on the undertaking to provide complete and correct information to the authorities, this obligation cannot trump the right for the undertaking concerned not to incriminate itself and to invoke this right by refusing to hand over certain documents. However, as soon as a document or a piece of information is voluntarily provided to the authorities, the undertaking cannot claim any attorney–client or other legal privilege on it.
Among others, in competition law matters, Book IV of the Belgian Code of Economic Law now introduces administrative fines for individuals (as mentioned above, employees may now also apply for individual leniency in relation to hardcore infringements). In other areas (e.g., market abuse), certain conduct might even be criminally sanctioned. Employees might, therefore, seek the assistance of their own counsel in the event of an internal investigation by their employer.
iii Whistle-blowersEU financial services and banking
At the EU level, various legislation in the areas of financial services generally and banking specifically contains rules on the establishment of mechanisms for the reporting of infringements, commonly known as whistle-blowing. These mechanisms typically have an internal dimension (i.e., procedures for the reporting of possible infringements by employees to their employer) and an external dimension (i.e., procedures with the regulators for the reporting of possible infringements to the regulators by employees or other persons that deal with financial services firms or banks).
Thus, for instance, Article 32 of the EU Market Abuse Regulation requires Member States to ensure that the respective national administrative authority that is competent for market abuse infringements establishes effective mechanisms to enable reporting of actual or potential infringements of this Regulation. These mechanisms must include at least:
- specific procedures for the receipt of reports of infringements and their follow-up, including the establishment of secure communication channels for such reports;
- within their employment, appropriate protection for persons working under a contract of employment, who report infringements or are accused of infringements, against retaliation, discrimination or other types of unfair treatment as a minimum; and
- protection of personal data both of the person who reports the infringement and the natural person who allegedly committed the infringement, including protection in relation to preserving the confidentiality of their identity, at all stages of the procedure without prejudice to disclosure of information being required by national law in the context of investigations or subsequent judicial proceedings.
The Market Abuse Regulation also obliges Member States to require employers who carry out regulated activities to have in place appropriate internal procedures for their employees to report infringements of this Regulation.
Finally, the Market Abuse Regulation allows Member States to provide for financial incentives to persons who offer relevant information about potential infringements of this Regulation to be granted in accordance with national law if those persons do not have other pre-existing legal or contractual duties to report such information. The conditions for the provision of incentives are that (1) the information is new, and (2) it results in the imposition of an administrative or criminal sanction, or the taking of another administrative measure, for an infringement of this Regulation.
A similar requirement to establish internal and external whistle-blowing mechanisms is also provided for in other EU legislation, such as in relation to MiFID II, undertakings for collective investment in transferable securities (UCITS), insurance distribution, and packaged retail and insurance-based investment products (PRIIPs).
Finally, this requirement also exists in relation to the activities and supervision of credit institutions. The details of this requirement are laid down in Article 71 of the 2013 EU Banking Directive. The whistle-blowing mechanism to be established thereunder is to encourage the reporting of potential or actual breaches of both the national provisions implementing the 2013 EU Banking Directive and the 2013 EU Banking Regulation.
As regards credit institutions in the eurozone, the European Central Bank (ECB) obviously has an essential supervisory role to play, being at the helm of the single supervisory mechanism (SSM). As ‘competent authority’ in the meaning of the aforementioned Article 71, the ECB has set up a breach-reporting mechanism. The rules and procedures governing this mechanism are laid down in Articles 36 to 38 of the SSM Framework Regulation. They set forth that any person may, in good faith, submit a report directly to the ECB if that person has reasonable grounds for believing that the report will show breaches of the relevant EU law by the institutions supervised by the ECB or by the supervisors themselves (both the ECB and the national competent authorities for banking supervision, such as the National Bank of Belgium (NBB), i.e., the Belgian central bank and banking supervisor). If a breach relates to other areas of activities of a bank that do not fall under the ECB’s supervisory competences (e.g., consumer protection or the implementation of anti-money laundering rules), it is outside the ECB’s mandate to follow up on the breach. Instead, the breach should be reported to the national authorities that are competent for these areas (e.g., the Economic Inspection for consumer protection, including when it applies to the activities and conduct of credit institutions). All personal data concerning both the person who reports a breach and the person who is allegedly responsible for a breach shall be protected in compliance with the EU data protection framework. Also, the ECB shall not reveal the identity of a person who has made a report without first obtaining that person’s explicit consent, unless disclosure is required by a court order in the context of further investigations or subsequent judicial proceedings.
With regard to significant supervised entities, that is, those entities that are directly supervised by the ECB, the ECB itself assesses the report. By contrast, with regard to less significant supervised entities, the ECB only assesses a report for breaches of ECB regulations or decisions. The ECB forwards reports concerning less significant supervised entities to the relevant national competent authority (e.g., the NBB in Belgium), without communicating the identity of the person who made the report, unless that person provides his or her explicit consent.
While everybody that has knowledge of a potential breach may report it to the ECB, the ECB has indicated that compliance officers, auditors and other employees of a bank are the groups that are most likely to have knowledge of possible wrongdoing. The breaches that are most commonly reported to the ECB concern the inadequate calculation of own funds and capital requirements, and governance issues within credit institutions.
National law on whistle-blowing in EU Member States: the example of Belgium
Belgian law does not contain general rules on whistle-blowing. However, particularly in relation to financial services and banking, either Belgian law has already implemented the relevant EU legislation or this legislation is in the process of being implemented.
Thus, Article 21, Section 1, No. 8 of the Belgian Banking Law contains a specific requirement that Belgian credit institutions must have an appropriate internal whistle-blowing system in place for the reporting of breaches of rules and codes of conducts. The external side of the whistle-blowing system is laid down in Article 36/7/1 of the Belgian Law of 22 February 1998 on the National Bank of Belgium. It governs, among others, the good faith reporting to the NBB of an actual or potential infringement of the rules governing the status and supervision of credit institutions by an employee of the institution. We refer to what is mentioned above on the division of tasks within the SSM between the ECB and national supervisors, such as the NBB, and hence the circumstances in which Belgian law’s whistle-blowing system comes into play.
As at June 2017, draft legislation was being finalised for adoption by the Belgian Parliament. This will implement in Belgian law the whistle-blowing mechanism that EU Member States are required to establish under EU legislation in areas such as market abuse, MiFID II, UCITS and PRIIPs. This legislation will modify the Belgian Law of 2 August 2002 on the supervision of the financial sector and the financial services. The rules governing the ‘external’ dimension of such mechanisms will be addressed in a new Article 69 bis of this law – with the Belgian Financial Services and Markets Authority (FSMA) functioning as the authority to whom the reporting will need to be done – while the ‘internal dimension’ is laid out in a new Article 69 ter.
Importantly, these new provisions will not be limited to implementing into Belgian law the requirements of the EU legislation, but will go beyond the areas covered by this legislation. Thus, they will introduce both the external and internal dimensions of the whistle-blowing mechanism in a so-called ‘transversal’ manner (i.e., for the reporting of infringements of any of the rules for which the FSMA has supervisory powers). These rules are enumerated in Article 45 of the Law of 2 August 2002. They concern a wide variety of financial and related services and the institutions providing them. These new whistle-blowing provisions will address topics such as the duty of secrecy of the FSMA as regards the identity of the reporting person, the protection of this person against claims and sanctions, the protection of this person and of the person affected by the reporting (i.e., the author of the possible infringement) against retaliatory, discriminatory and other forms of unjust treatment, and the financial and other remedies that these persons benefit from in case of such treatment by their employer. Of course, this protection does not affect the possibility of, for example, the employer taking the appropriate measures and actions that are open under statutory law or the contract with regard to a person who has effectively committed an infringement, including when this infringement came to light as a result of reporting by the whistle-blower.
As indicated above, in competition law, the introduction of administrative fines for individuals goes hand in hand with the right for individuals to seek immunity on their own account, besides or alongside a leniency application from the company. That is the first time that whistle-blowing will be rewarded under Belgian competition law.