ITALY Law and Practice Contributed by: Enrico Maria Mancuso, Federico Bracalente, Marco Accorroni and Marco Mariotti, Herbert Smith Freehills Kramer LLP
blockchain analysis tools to trace crypto-asset trans - actions and identify wallet holders, and court-author - ised malware for covert automated device surveil - lance. Personal data collected through these tools is subject to the General Data Protection Regulation (GDPR; EU Regulation No 2016/679) and Legislative Decree No 51/2018, while digital evidence must comply with the rules on admissibility and preservation set forth by the ICCP. No domestic statutory framework specifi - cally governs the use of AI or blockchain analysis in criminal investigations. 2.5 Internal Investigations and Co-Operation Role of Internal Investigations Internal investigations play an increasingly significant role in Italian financial crime practice. Companies that discover potential misconduct through internal audit, compliance reviews or whistle-blower reports will typically commission an internal investigation to assess exposure, contain the conduct and determine whether voluntary disclosure is appropriate. Findings are also central to the companies’ defence in criminal proceedings. Legal Privilege Italian law provides two layers of protection: • professional secrecy, entitling defence counsel to refuse to testify and to oppose the production of covered documents (to ensure effective legal repre - sentation); and • “guarantees of criminal defence freedom”, impos - ing specific procedural limits on inspections, searches, seizures and interceptions connected to defence activity, aimed at preserving the confi - dentiality of communications between counsel and client. In-house counsel benefit from neither protection, as they lack the requisite independence; communica - tions between a company and its in-house lawyers are therefore fully exposed to investigative powers. Data Protection and Employment Law Internal investigations involving employee data must comply with limits derived from constitutional and
statutory provisions, including the GDPR, Legisla - tive Decree No 196/2003 and Law No 300/1970 (the “Workers’ Statute”). Principal constraints include: • a prohibition on covert or remote employee moni - toring; • a requirement that disciplinary measures comply with procedural guarantees, including the employ - ee’s right to be heard; and • protection against compelled self-incrimination. Voluntary Disclosure and Co-Operation In criminal proceedings against individuals, active co- operation by the defendant may be the ground for sentence reductions, including mandatory ones. Under Decree 231, post-offence remediation, res - titution of profits and co-operation with the judicial authority are expressly listed as grounds for reduction of corporate sanctions. 2.6 Right to Not Co-Operate or Self- Incriminate Financial crime investigations regularly involve arrests and questioning of suspects. Suspects enjoy robust protections against self-incrimination: they are entitled to remain silent, and no adverse inference may be drawn from the exercise of that right. Counsel must be present at all stages of formal questioning (see 2.3 Investigatory Powers ). Witnesses, by contrast, may be compelled to testify; refusal without lawful justification constitutes a crimi - nal offence. As regards document production, the ICCP does not impose a general obligation to comply with RFIs – however, non-compliance is likely to trigger searches and seizures (see 2.3 Investigatory Powers ). 2.7 Pre-Charge Powers Italian law provides extensive pre-charge and pre- trial powers to seize and restrain assets through two main tools: preventive seizure under the ICCP (a pre - cautionary measure within criminal proceedings) and preventive confiscation under the Anti-Mafia Code
109 CHAMBERS.COM
Powered by FlippingBook