Compliance, Agency Contracts, and Privacy Management: A Growing Complexity
The law firm De Luca & Partners and HR Capital have recently highlighted significant issues in strategic areas such as contract management, regulatory compliance, and data protection. These areas, critical for Italian companies, are confronted with evolving regulations that demand increasing attention to avoid economic and reputational consequences.
Agency Contracts for Influencers: New Economic and Regulatory Implications
A recent ruling by the Court of Rome reclassified the commercial collaboration agreements between a company and certain influencers—entrusted with promoting the company’s products through social media channels—as agency contracts. As a result, the company was ordered to pay the omitted contributions to Enasarco following the reclassification.
The reclassification of commercial contracts as agency contracts may also entail a significant economic impact for companies, including the obligation to pay the influencer/agent an end-of-contract indemnity, typically calculated based on the average annual compensation earned by the influencer/agent over the past five years. In light of this, companies would be well-advised to update their financial statements with targeted provisions and properly classify existing contracts to address any irregularities.
However, according to the firm’s name partners, Vincenzo De Luca and Vittorio De Luca, many companies have yet to grasp the urgency of adequately regulating contractual relationships.
Subcontracting and Genuineness Requirements: Criminal Risks for Irregularities
Compliance with the genuineness requirements for subcontracting agreements is now under close scrutiny by authorities. The legislator has recently tightened the consequences for both clients and contractors in cases of “non-genuine” subcontracting, where irregular labor provision occurs, introducing criminal penalties as well.
To be deemed compliant, a subcontract must meet three key criteria:
- Assumption of business risk by the contractor,
- Organization of the necessary resources by the contractor, and
- Autonomous management of personnel by the contractor, including effective direction of the workers involved.
The reintroduction of criminal penalties in March 2024 adds further pressure on companies to ensure the transparency and independence of subcontracting relationships.
Compliance and the New “Credit License”: A Requirement for Companies and Self-Employed Workers
As of October 1, 2024, the new “Credit License” system has come into force, requiring a series of formalities for those operating on construction sites or significant engineering projects within Italy. This certification, which includes documents such as the DURC (certification of compliance with social security contributions) and the DURF (tax compliance certification), is essential for compliance with workplace health and safety regulations.
Foreign companies operating in Italy must also meet these requirements unless they hold an equivalent certification issued by their home country. Lawyer Vittorio De Luca explains that the “Credit License” applies to foreign companies involved in real estate and infrastructure projects or in data center installations.
Privacy and Data Protection: The Severe Consequences of Violations
Privacy and personal data management have become critical focal points for Italian companies, particularly given the stringent penalties for GDPR violations, which can reach up to 4% of the global annual turnover.
Dr. Martina De Angeli notes that recent investigations by the Milan Public Prosecutor’s Office have revealed that weak IT security systems can lead to unauthorized intrusions with severe consequences. In addition to reporting any data breach within 72 hours—a very short timeframe from an operational perspective—companies must constantly monitor their systems, train staff, and implement continuous control and monitoring processes.
Continue reading the full version published on Global Legal Chronicle Italia
