Companies find social and labour compliance to be an ally in managing risks and obligations

Over the last two decades, labour relations have become considerably more sophisticated, driven by the adoption of new regulations that impose obligations on companies. Alongside the use of technology to improve management in this area, companies themselves have found social and labour compliance programmes to be a strategic ally in this management.

Labour disputes have increased significantly, and organisations are seeking ways to manage these risks so as not to breach current regulations. The key in this context is good faith and diligence on the part of companies.

A law firm such as ECIJA, with around twenty lawyers in its Madrid office alone, was one of the pioneers in creating this area, under the supervision of Raúl Rojas. Fernando Vizcaino de Sas is the supervising partner for Litigation. Alvaro Rodriguez de la Calle, a labour inspector on leave of absence, is the partner in charge of managing relations with the inspectorate, while Carlos Martín is the partner responsible for the international labour area dedicated to multinationals.

The work of Rojas and his team helps many companies to reduce risks and avoid finding themselves in compromising situations with possible sanctions for non-compliance with legal obligations, which are increasing in companies and must be properly complied with. Lefebvre has now published a much-needed work, Claves Prácticas Sistemas de gestión de compliance sociolaboral (Practical Keys to Social and Labour Compliance Management Systems) UNE 19604, to help companies achieve this compliance and certify their work as proof that it has been carried out in accordance with objective quality standards.

Our interlocutor recalls that ECIJA has been talking about social and labour compliance since 2016, shortly after the introduction of criminal liability for legal persons. "We saw that there was a connection and the firm has been committed to this activity for several years, which is now key to our labour law practice. The key moment came when a working group was set up to create UNE 19604, in which we participated as a firm, alongside other law firms and associations. We culminated in the publication of the standard and shortly afterwards helped the first company, the insurance company Santa Lucia, to become certified."

For this expert, "with this international standard, it is clear that there is a practical application of these parameters. It allows you to achieve standards of excellence in business ethics, corporate social responsibility and due diligence in the socio-labour field." The manual includes a proposal for a specific management system for equality and harassment prevention, based on the UNE 19604 and UNE-ISO 53800:2024 standards, as well as annexes with catalogues of good practices, checklists and associated documents.

In his opinion, "social and labour compliance programmes are here to stay as strategic allies for companies, labour relations managers and external advisors. The UNE decided to commit to this standard because it realised that the labour regulatory landscape, at least here in Spain, is quite complex at the regulatory level. More and more technical standards are being introduced, which makes their application difficult. Ultimately, companies must have their own management system supported by expert consultants in order to deal with regulatory compliance effectively."

Regulations must be complied with

Regarding the recently published work, Raúl Rojas highlights that "it offers a framework for action to achieve optimal compliance with the complex socio-labour regulatory block, including both mandatory regulations and the organisation's 'self-compliance standards' commitments. It should be seen as a practical guide for legal practitioners, solicitors, compliance officers and any professional involved in labour relations to be able to apply the requirements of UNE 19604 in a practical manner. Each of the blocks set out in the standard is analysed with annexes and examples for better practical compliance."

This expert is aware of the complexity of the labour market in recent years, "a trend that is growing over time. Ultimately, if you have this management system in place, it is as if you have a compliance roadmap. One of its main objectives is not only to help comply with the standard, but above all to prevent future non-compliance when designing a social and labour risk map. With this map, the company can see at a glance the most important areas of risk in order to avoid future non-compliance. It is about prevention and implementing control measures."

Going into detail, Raul Rojas highlights the main risk groups that a company must mitigate. "At a material level, we can see two main areas of risk, the first of which is related to working time and everything to do with recording working hours, overtime, excessive working hours or requirements for complying with the use of the register. The law to be passed in Parliament will require companies to keep digital records. This will force companies to comply with these rules to avoid labour inspections."

On this issue, the lawyer points out that "the regulation came into force in 2019, but the change proposed as future law greatly toughens the spirit of sanctions and makes the company responsible for the proper use of the working hours record. This new regulation proposes not only the complete digitisation of the system but also a change in the LISOS (Law on Labour Safety and Health) in terms of infringements. Until now, not having a record was a company infringement, punishable by a fine of around €7,500, but the aim is to make infringements per worker. This will force companies to reassess their risks from the perspective of their social and labour compliance system."

In his opinion, "the other major focus is everything related to dismissals. Now, following the transposition of European regulations, disciplinary dismissal procedures must include hearings. At the same time, there are increasing presumptions of nullity in situations of discrimination or violation of fundamental rights. Along with this, other causes for dismissal may be situations of harassment and equality, where there are more and more complaints. Companies must manage these investigations, which are opened in compliance with the new law."

With regard to dismissals, this lawyer adds that "one of the elements of social and labour compliance and UNE 19604 is to establish effective internal protocols to prevent non-compliance. One of these protocols has been designed at the level of dismissals to prevent non-compliance. In the work, we include a prior nullity check; before dismissing a worker, it will be necessary to assess and review whether there is any cause for the worker to be placed under presumption of nullity, one of which is having previously filed a complaint in the internal information system. If the worker is a whistleblower, the presumption of nullity is for the following two years."

Along with this, Rojas emphasises that "we cannot forget the application of new technologies, which is generating areas of risk. We have been saying this for years, but now with the use of AI at the tool level, companies have rushed to apply AI tools without much control, even though there is a European and national legal framework that can lead to regulatory breaches and subsequent sanctions for the lack of impact assessment of some treatments or the lack of human supervision. Its impact on issues of discrimination and equality is clear."

High technological risks

In this technological field, Rojas is aware that many of these tools could violate workers' privacy. "It is important to manage these data processing operations well in a preventive manner, which in some cases will require impact assessments or PIAS to really know what degree of impact on fundamental rights they may have. The use of technology helps us to be more efficient internally and improve our customer relations, but we must know how to use these tools. This is one of the issues, the guarantee of digital rights, that really concerns the labour inspectorate."

As for the relationship with the labour inspectorate itself, everything seems to indicate that it will now be more digital than before. "In its approved Strategic Plan for 2025 to 2027, one of the important areas is equality and prevention of harassment, along with digital guarantees, which also deals with digital disconnection, the right of workers not to be disturbed by the company outside their working hours. It also deals with the psychosocial risks caused by computer fatigue, and algorithmic biases related to AI are in the spotlight of the labour inspectorate. Companies will have to be careful in their actions and adapt to this new, more digital relationship with the labour inspectorate."

Regarding the role of the 19604 certification, Rojas highlights that "this certification is a guarantee of quality, certified by a third party, such as UNE, an entity dedicated to this, which certifies that the company's compliance programmes comply with the standards of the 19604 regulation.

This certification is enforceable against third parties; if there is a labour inspection or a lawsuit, the company will be able to provide evidence at any given time that it has no intention of breaching the standard, quite the contrary. This can reduce or eliminate the administrative penalty. Certification is another milestone that endorses your processes, but the courts require that UNE 19604 be used consistently.

Ultimately, what companies must promote with this certification is continuous improvement of the system. For companies that already have a social and labour management and compliance system in place, the next step is certification, not only to make this public and prove that they are a law-abiding company. This improves the company's internal image, at the level of the internal committee and employees, as well as its external image. The natural next step is for a third party to come in and certify that you are complying with the standards of good practice derived from the application of UNE 19604.

Looking ahead to 2026, which is about to begin, Raul Rojas predicts that requirements at European and national level will be higher. "The enforceability of the new regulatory framework will be higher, from what we are seeing. Three days ago, the new Sustainable Mobility Law was published in the Official State Gazette. This law requires companies to have an additional protocol: a Sustainable Mobility Plan for their employees within a period of twenty-four months. In this new year, existing obligations will be reinforced and we will probably have new obligations. The pay transparency directive will have to be transposed, to give one example."

Access the full article published in Law & Trends here.