C/ Enric Granados, 86-88, 5è 1ª – 5è 2ª, 08008 Barcelona · 93 268 87 40 info@ms-advocats.com

Failure in SMEs in compliance (regulatory compliance): 6 examples of habitual breaches

The majority of companies that fail to comply with their obligation to develop an internal policy on compliance.

Have they really internalized the importance of compliance? What are the most unfulfilled obligations by companies?
The truth is that today there are multiple regulations in force that are not complied with by many companies.

It is true that in recent years we have seen the publication and entry into force of a enormous battery of regulations and to this is added that the Spanish business fabric is mainly made up of SMEs (many micro-SMEs), many still focused on survival and guaranteeing their viability after the crisis caused by Covid-19, but this is no excuse for not complying with the provisions of the regulations.
Among the obligations that many companies fail to comply with (and without wishing to be exhaustive), are the following:

1.- Obligation to have the Equality Plan

Companies with 50 or more workers should have developed and implemented their Equality Plan (Specifically, on March 7, 2022, the last term expired according to the progressive calendar of the extension of the obligation to have the equality plan approved; art. 1 of the RD Law 6/2019, of March 1).
The Equality Plans, among other obligations, must be registered with the REGCON. Well, today there are few companies that have registered their plan. This means: imminent potential sanction risk.

What is the reason for this breach? There are several factors (among them, that many companies lack the most basic data to be able to comply with the first step of the Equality Plan, which is to prepare a diagnosis of the situation and that not all companies have a person responsible for People or HR, who is normally the person most aware of or trained in this matter) but in the case of smaller companies, the The main obstacle is the lack of workers’ representatives (works council).
The TS has ruled that there is no room for an ad hoc commission to negotiate the Equality Plan (STS 126/2017 of February 14). Therefore, the most representative unions must be summoned to be able to negotiate the plan and this generates immense rejection in many companies (which is no excuse for not complying with the norm).

2.- Obligation to sign the Distance Work Agreement (ATD) when the percentage of 30% telework is exceeded

Today it is difficult to defend being able to understand that the so-called “teleworking due to Covid19” is still feasible (although it is true that the norm does not set an end date for Disp. Third Transitory of Law 10/2021 on Remote Work, and it is likely that we will end up seeing sentences on this issue), since the restrictions due to Covid19 are reduced to their minimum expression and tending to disappear.
Therefore, if the percentage of 30% established in the regulations is exceeded (in a reference period of three months), it is mandatory to formalize the remote work agreement (ATD).
Well, it is an obligation still largely unfulfilled by many companies. And among those that do comply and have formalized (and communicated the ATD to SEPE), there are companies that do not comply with the minimum content that the agreement must have (for example, they do not set compensation for expenses, which is mandatory, they do not indicate a procedure that must be followed the worker in case of technical difficulties…). Therefore, risk of sanction.

3.- Obligation to prepare the Plan / Internal policy of digital disconnection

More than three and a half years after the entry into force of the Organic Law on Data Protection and Guarantee of Digital Rights, the overwhelming majority of companies that fail to comply with their obligation to develop an internal policy on digital disconnection (art. 88 of the LOPDGDD).
Specifically, the company must develop an internal policy aimed at workers, including those in managerial positions, in which they will define the modalities for exercising the right to disconnection and the training and awareness actions for the staff.
Well, not even in companies whose collective agreements expressly regulate this issue is this obligation generally fulfilled. In this sense, we already have many agreements regulating the right to digital disconnection, such as (and by way of example) the collective agreement of the department store sector, the collective agreement of the chemical industry or the collective agreement of the pasta industries.
Penalty risk.

4.- Remuneration registry and remuneration audit

All companies (regardless of their number of employees) are obliged to carry out the remuneration register, including senior positions and also including management personnel and (if applicable) personnel at the service of public administrations (art. 28.1 of the ET and art. 5 of RD 902/2020, of October 13, equal pay).
The remuneration record must include the average values of salaries, salary supplements and non-salary payments of the workforce disaggregated by sex.
In addition, additionally, companies required to have an Equality Plan must also carry out a remuneration audit, which will include a diagnostic report, an action plan to correct inequalities (with a schedule of specific actions and people responsible for their implementation and monitoring) (art. 7 of RD 902/2020).
Penalty risk.

5.- Harassment protocols

The harassment protocol is mandatory for all companies, regardless of the number of workers on the workforce.
Specifically, the regulations establish that companies must promote working conditions that prevent sexual harassment and harassment based on sex and arbitrate specific procedures for its prevention and to channel any complaints or claims that may exist (art. 48 of the Organic Law 3/2007, of March 22, for the effective equality of women and men).
Despite being a rule that has been in force for years, there are still many companies that lack measures against harassment.
Penalty risk.

6.- The management of psychosocial risks

The management of psychosocial risks continues to be another of the great pending issues in many companies, despite the fact that in recent years health problems related to the extensive use of ICT and teleworking have increased.
It is true that it would be desirable in this sense, a specific regulatory development that determines a defined action framework for the management of psychosocial risks in companies, but its obligation stems from the regulations of the LPRL (among others, art. 4.7d art. 15.1.d and art. 16).
In this sense, the INSS, to try to promote and facilitate compliance with this obligation, has published a guide on “Basic guidelines for the management of psychosocial risks. Year 2022”
The INSS recalls in this sense that “exposure to psychosocial risk factors causes stress, which contributes to the materialization of work accidents and, in the medium and long term, to the development of cardiovascular, cerebrovascular, immune, musculoskeletal, gastrointestinal, dermatological diseases. or mental.”
There are only six examples that show that at a general level in Spain we have a wide margin for improvement in terms of compliance. And regardless of the repercussions (complaints and/or sanctions that may entail breaking labor regulations, being excluded from certain grants or public tenders, negative impact on corporate reputation, bank financing, financial “raising” in start-ups, etc… ), from the point of view of Corporate Social Responsibility (CSR) policies, the first premise of any CSR or CSR plan should be strict compliance with regulations.
Together with the above, within the Sustainable Development Goals (SDG) of the 2030 Agenda, SDG 8 is related to “decent work” which implies, among other issues, eradicating practices that endanger labor rights and guaranteeing working conditions. worthy of employment.

In short, Spain has taken longer than expected to transpose many European directives on compliance matters, and therefore, there is much work to be done on this matter.

At MITJANS ADVOCATS, we can offer you 360º advice in the field of compliance, as well as guarantee and certify regulatory compliance in this matter and, apart from avoiding sanctions, seek safe, sustainable and legal security growth for your company.