Companies in the Renewable Energy Sector and Legislative Decree 231 - an essential synergy

Given this constant growing trend, it is worth highlighting the situation of companies operating in the sector and the daily challenges they face.

From a regulatory perspective, Directive (EU) 2017/1371—commonly referred to as the PIF Directive and implemented in Italy through Legislative Decree No. 75 of 14 July 2020—introduced provisions aimed at “combating fraud affecting the financial interests of the Union by means of criminal law.” This Directive has significantly broadened the range of predicate offences, particularly to counter fraud relating to incentives in the areas of renewable energy and energy efficiency.

The goal of this legislative measure, part of a broader initiative to harmonize the protection of the EU’s financial interests, is to extend the liability of legal entities for criminal offences, specifically those related to tax fraud that harm the Union’s financial interests.

Consequently, companies must now adopt measures to protect themselves in connection with the granting of incentives, tax benefits, and public funding which—if mismanaged—could expose them to criminal liability and, as a result, to the administrative liability of the entity under Italian Legislative Decree 231/2001.

To prevent such risks, companies operating in the so-called “energy” sector require the assistance of professionals to assess sensitive areas—effectively mapping the corporate structure and management processes—in order to identify the concrete risk level for each area. This assessment is essential for implementing an effective organisational, management, and control model, or, where already in place, for integrating and strengthening existing internal controls over relevant business processes.

Typically, in companies operating in this sector, risk areas are those potentially linked to crimes against public administration, corporate crimes (including corruption and incitement to corruption between private parties), offences relating to health and safety, crimes involving inducement not to testify or to provide false statements to judicial authorities, tax crimes, and finally, environmental crimes and offences against individual personality.

These predicate offences carry severe sanctions, including the potential seizure and confiscation of company assets and facilities.

As clarified by the Italian Supreme Court in judgment no. 34293/2018, concerning the unlawful receipt of public funds, Italian Legislative Decree 231/2001 provides a complex system for punishing offences committed by entities. This system is based on the administrative sanctions set forth in Article 9 of the Decree, which are applied following the conviction of the entity.

However, as the conclusion of legal proceedings may take time, the legislature has provided for the possibility of applying precautionary measures during the investigative phase or during the trial itself. These measures serve a dual purpose: to preserve civil obligations arising from the offence and to “freeze” or limit the entity’s operations where the continuation of its activities could exacerbate or prolong the effects of the offence, or facilitate the commission of additional crimes.

The precautionary system includes both disqualification sanctions and precautionary seizure (either preventive or protective). These are particularly invasive tools that may paralyse company operations even before guilt is formally established in court.

In this context, the adoption of an effective, regularly updated model—capable of addressing the concrete and evolving needs of the company—is the only way for a company to adequately defend itself in court and avoid precautionary financial measures.

However, it would be a mistake to assume that simply adopting an Organisational and Management Model (MOG) is sufficient. The development of such a model must be based on a thorough analysis of the company’s structure. Reliance on standard templates easily found online is insufficient.

Recent case law has emphasised the importance of adopting a so-called “tailor-made” Model 231. As stated in Italian Supreme Court judgments No. 49306/2023 (12 December 2023) and No. 27148/2023 (17 May 2023), the mere adoption of a model does not automatically trigger mitigating effects. In fact, the law explicitly requires that the model be "operational" and "capable" of preventing the type of offence committed. There is no automatic link between the existence of a model and the granting of mitigating factors; instead, such a determination is based on a factual evaluation.

In addition to identifying risk areas, special attention must be given to the potential liability for participation in a crime, not only of the company directly involved but also of other companies within the same group.

The corporate structure of renewable energy groups makes it essential to design models that consider the complex network of intercompany relationships and contracts—whether involving project companies, asset management entities, or external service providers and key contractual partners.

Therefore, in adopting and updating the Model, it is critical to assess the entire network of relationships, including intragroup and external partnerships. This involves not only ensuring mutual compliance with the principles set forth in the company’s Code of Ethics but also establishing significant consequences in the event of major breaches by affiliated companies or third parties, such as the inclusion of express termination clauses or penalties proportionate to the seriousness of the breach.

The pillars of effective crime prevention under Italian Legislative Decree 231/2001 are: