Corporate Compliance

The GTA Law Firm, making use of the extensive case studies developed in the context of the Compliance of the 231 Models, provides anti-corruption consultancy and assistance to publicly owned companies and public bodies with regards to the aspects connected to the obligations required by the legislation on anti-corruption and on transparency.

This is an area in which the Firm boasts an in-depth case history dating back to the introduction of the rule into the Italian legislative system, having the lawyer Giovanni Tretti, reference professional for the 231 department of the Firm, contributed to the study group for the definition of the Guidelines of “Confindustria” and other sectoral associations of national importance.

In particular, the Firm provides:

• Support for the integration between the Organizational and Control Model pursuant to Legislative Decree no. 231/2001 and the Three-year Corruption Prevention and Transparency Plan;
• Support for the preparation of the Three-year Corruption Prevention and Transparency Plans (so-called “PTPCT”), the Annual Report of the so-called “RPCT” and for the identification and application of the specific and transversal measures aimed at preventing the risk of corruption, as well as for the preparation of the drafts of the related documents and deeds;
• Support to its Customers in taking care of the various obligations regarding transparency (“Transparent Administration / Transparent Company” section of the company website);
• Support for carrying out staff training interventions on corruption prevention and transparency.
• During the introduction of the 231 system in the company, for risk analysis, for the preparation of the Organizational Management and Control Model in compliance with the Guidelines of the reference employers’ association, for the identification of the disciplinary system and the Body most suitable for the specific company situation, for the preparation of texts ancillary to the introduction and dissemination of the Model, as well as for the training of recipients, according to customized projects defined with the individual company;
• During the updating of the Model, in relation to regulatory changes, changes to the company activity or in the presence of situations that need to be evaluated to maintain the effectiveness of the 231 Company Model over time;
• In the implementation phase of the Model, participating in the Supervisory Body with its own professionals or assisting the existing Supervisory Body;
• In the pathological phase, assisting companies in the event of legal proceedings for corporate liability 231, both by assuming the direct defense and by preparing “CTP” in support of the lawyers who assume their defence. The Firm has assisted in this matter companies from the most varied industrial sectors, services and public participation, of all size categories, including listed ones.

We are present in various Supervisory Bodies of companies in Northern Italy. The lawyer Giovanni Tretti is a member of the association of supervisory bodies AODV231 (www.aodv231.it).

With the entry into force of the GDPR (EU Regulation no. 2016/769), effective from 25 May 2018, common rules are introduced for all European companies, professionals and public bodies, which are required to correctly implement their protection system of Personal Data to protect, in addition to the rights of the interested parties, also the reputation of companies on the market, through an approach based on risk assessment and on the assumption of the need to document and demonstrate the choices taking into account the state of the art, costs, the nature, scope and context of the processing operations.

In this specific sector, the GTA Law Firm assists companies, including multinationals, public bodies and/or publicly owned entities, as well as professionals:

• During the regulatory compliance verification phase, by scheduling specific audits;
• During the updating of the Model for the Protection of Personal Data, in relation to regulatory changes, changes to the company activity or in the presence of situations that need to be evaluated to maintain the effectiveness of the Model over time;
• In the implementation phase of the Data Protection Model;
• In the training of the recipients of the GDPR, according to customized projects defined with the individual company;
• In the phase of identifying the treatments that present a high risk for the rights and freedoms of natural persons, as well as in the activity of impact assessment on data protection (DPIA);
• In the pathological phase, assisting companies in the course of investigative activities by the Italian Data Protection Authority, or, on its behalf, by the Finance Police (so-called “Guardia di Finanza”), and in the management of proceedings before the Italian Data Protection Authority or other competent Courts ;
• for companies which are subject to the related obligation pursuant to the Regulation, with the responsibilities of Data Protection Officer or Data Protection Officer.

The Firm maintains relationships with leading law firms all over the world specialized in the field of Personal Data protection, whose collaboration it also makes use of in order to evaluate the compliance of the treatments carried out by client companies, in addition to the GDPR and Italian legislation, also to the foreign regulations concerned from time to time.