Belgium, Corporate Criminal Liability Under the New Criminal Code (2026): What Companies & Directors Must Know

Since April 8, 2026, corporate criminal liability in Belgium operates under a fundamentally different legal framework. The New Belgian Criminal Code replaces the 1867 code with a modernised architecture that broadens the organisational-fault test, introduces an eight-level sanctions grid, and dramatically increases the financial and operational penalties that prosecutors can seek against legal entities. For general counsel, compliance officers, and board directors of companies operating in or with exposure to Belgium, the reform demands immediate action, from reviewing internal compliance programmes to stress-testing investigation-response protocols against the standards that OLAF, EPPO, FSMA, and national prosecutors will now apply.

Executive Summary, Immediate Takeaways for Boards and General Counsel

The new regime is already in force. Companies that delay their compliance response risk criminal prosecution under standards that are materially stricter than those that applied before April 2026. Below are the priority takeaways every board and general counsel should internalise this quarter.

• The organisational-fault test is broader. A company can now be convicted where the offence resulted from a decision taken within, or a failure of supervision by, the legal entity, even where no specific natural person is identified as the perpetrator.
• The sanctions grid is harsher. Eight graduated levels replace the former penalty structure, with corporate fines reaching into the millions of euros at the highest levels and confiscation of proceeds now a standard prosecutorial request.
• Director liability is personal and cumulative. Individual directors face criminal prosecution alongside the company. The new Code does not limit concurrent liability, meaning both the entity and its officers can be convicted for the same facts.
• Compliance programmes are essential, but not a guaranteed defence. A well-designed, documented and tested compliance programme is the single most effective mitigating factor, but prosecutors retain discretion and courts will scrutinise whether the programme was genuinely operational.
• Investigation readiness is non-negotiable. With EPPO, OLAF, and FSMA all empowered to trigger or coordinate criminal proceedings in Belgium, companies need a standing investigation-response plan with pre-appointed external counsel.

Key Changes to Corporate Criminal Liability in Belgium (2026)

The New Belgian Criminal Code, published in the Moniteur belge and entering into force on April 8, 2026, represents the most significant overhaul of Belgian criminal law in over 150 years. For companies, the most consequential changes concern how corporate liability Belgium is established, how penalties are calculated, and how the new sanctions architecture interacts with the Belgian Companies and Associations Code (CAC).

Timeline of the Reform (2018–2026)

Which Offences Now Attract Corporate Liability

Under the previous regime, corporate criminal liability Belgium was subject to important restrictions: certain offences could only be prosecuted against natural persons, and the so-called “decumulation rule” prevented the simultaneous conviction of a company and the natural person who acted on its behalf where the fault was exclusively attributable to that individual. The New Belgian Criminal Code removes these constraints. Key changes include:

• Universal applicability. In principle, all offences in the Criminal Code can now be committed by legal entities, unless the nature of the offence inherently requires a natural person (for instance, offences involving physical violence against oneself).
• Abolition of the decumulation rule. A legal entity and the natural person who committed the offence can be prosecuted and convicted concurrently, regardless of whether the fault is attributable primarily to one or the other. This materially increases director liability Belgium exposure.
• Broadened organisational fault. The test for attributing criminal liability to a company now expressly encompasses decisions, acts, or negligent omissions within the entity’s governance and operational structures, including failures of supervision, monitoring, and internal controls.
• Explicit sanctions framework. The eight-level sanctions grid replaces the former patchwork of penalty provisions, giving prosecutors and courts a structured, graduated scale for determining corporate penalties.

Sanctions Grid Belgium, The Eight Levels and Corporate Consequences

The New Belgian Criminal Code introduces a unified sanctions grid comprising eight levels, each corresponding to a range of penalties calibrated by offence severity. For legal entities, penalties at each level include criminal fines (often with statutory multipliers), confiscation of proceeds and instrumentalities of the offence, and, at the higher levels, dissolution of the entity, prohibition from public procurement, and temporary or permanent closure of establishments.

How Sanctions Apply to Natural Persons vs Legal Entities

The grid operates in parallel for natural persons and legal entities, but the applicable penalties differ. Where a natural person faces imprisonment, the legal entity faces an equivalent fine within the prescribed range for that grid level. The conversion mechanism ensures that the severity of the corporate penalty mirrors what a natural person would face for the same offence, but translated into financial and operational consequences. Industry observers expect that prosecutors will increasingly seek the higher-end penalties permitted under each level to establish deterrent precedent during the early enforcement period of the new Code.

How Fines Are Calculated and Confiscation Risk

Belgian criminal fines are subject to statutory multipliers (opdecimes/décimes additionnels) that significantly increase the nominal amounts stated in the Code. Following the multiplier calibrations that took effect on January 1, 2026, the practical effect is that a stated fine of €1,000 may translate into an actually payable fine many times that amount. Companies must factor these multipliers into any risk quantification exercise. Confiscation, of proceeds, assets used in the offence, and equivalent value, is now systematically available at every grid level and is mandatory at the higher levels, making it a material threat to corporate balance sheets.

Organisational-Fault Test, When Companies Are Criminally Liable

The organisational-fault test is the doctrinal cornerstone of corporate criminal liability Belgium under the new Code. It determines when a company, as distinct from its individual officers, bears criminal responsibility. The test is broader than its predecessor and draws on principles familiar from Dutch and French corporate criminal law, while incorporating distinctly Belgian features.

A legal entity is criminally liable where the offence has an intrinsic connection to the realisation of the entity’s purpose or the protection of its interests, or where the facts demonstrate that the offence was committed on behalf of the entity. Critically, the new Code establishes that liability can arise from:

1. A conscious decision by a person with authority to represent or manage the entity.
2. A failure of supervision or control by persons in a management or oversight position.
3. Structural deficiencies in the organisation’s internal controls, compliance mechanisms, or governance processes that made the offence possible or failed to prevent it.

Proving Fault, Evidence Prosecutors Rely On

Prosecutors building a case for corporate liability Belgium under the organisational-fault test will typically focus on the following categories of evidence:

• Board and committee minutes. Records of decisions (or non-decisions) on compliance matters, risk assessments, and responses to red flags.
• Internal audit and compliance reports. Whether reports identified risks, whether management responded, and the adequacy of the remediation actions taken.
• Whistleblower files. How internal reports of misconduct were received, investigated, and resolved, and whether any pattern of suppression or inaction is discernible.
• Training records. Evidence of whether relevant personnel received effective compliance training, and the frequency and quality of refresher programmes.
• Third-party due diligence. The rigour of know-your-counterparty and supply-chain due diligence processes, particularly in high-risk sectors such as defence procurement, public infrastructure, and financial services.

How Director Actions Are Imputed to the Company

Under the new Code, the actions or omissions of directors and senior managers are imputed to the legal entity where those persons acted within the scope of their authority or in the course of the entity’s activities. The abolition of the decumulation rule means there is no “either/or” analysis: the company is liable for the structural or governance failure that made the offence possible, and the director is personally liable for the decision or omission attributable to them. Early indications suggest that prosecutors will routinely pursue both tracks in parallel for serious white-collar crime Belgium cases.

Director Liability Belgium, Exposure, Defences and Board Duties

Individual directors face direct criminal exposure under the new Code for offences committed in the course of corporate activities. This exposure is not limited to executive directors; non-executive board members and members of audit committees can face prosecution where the evidence shows a failure in their oversight duties that contributed to the offence.

The principal defences available to directors include:

• Reasonable reliance on compliance systems. A director who can demonstrate genuine reliance on a properly designed and functioning compliance programme, and who had no actual or constructive knowledge of the misconduct, will be in a significantly stronger position.
• Documented decision-making. Clear, contemporaneous records of the board’s consideration of compliance risks and its responses to identified issues serve as critical evidence of diligence.
• Prompt escalation and response. Where a director learned of potential misconduct and took immediate, documented steps to escalate the matter and initiate an investigation, this weighs heavily against a finding of personal criminal fault.

Emergency Board Actions on Discovery of Wrongdoing

When a board discovers, or is alerted to, potential criminal conduct within the organisation, the following steps should be taken immediately and documented in formal board minutes:

1. Suspend the individual(s) suspected of involvement, with appropriate contractual safeguards.
2. Preserve all relevant documents, communications, and electronic data, issue an immediate litigation hold.
3. Engage external legal counsel with specific expertise in Belgian white-collar crime Belgium matters and, where EU funds or financial markets are involved, OLAF, EPPO, or FSMA procedures.
4. Assess whether self-reporting to the relevant regulator or prosecutor is advisable, taking into account cooperation credit and the specifics of the regulatory framework.
5. Initiate a privileged internal investigation, ring-fenced from operational management.

Insuring Director Risk, D&O Limitations

Directors’ and Officers’ (D&O) insurance policies typically exclude cover for criminal fines and penalties, and many Belgian policies contain exclusions for deliberate or fraudulent conduct. Boards should review their D&O coverage in light of the new Code to understand the limits of indemnification, particularly where investigation costs, which may be covered, are concerned. The likely practical effect of the reform will be increased D&O premiums and narrower coverage terms for Belgian-exposed directors during 2026 and 2027.

Investigation Landscape, OLAF, EPPO, FSMA and National Prosecutors

The investigation of corporate fraud investigations in Belgium involves multiple actors, each with distinct jurisdiction and powers. Understanding which body is likely to lead, and how they coordinate, is essential for any effective response strategy.

• Belgian Federal Prosecutors. The primary domestic authority for serious criminal offences, including complex fraud, corruption, and organised financial crime. Federal prosecutors have full investigative powers, including search and seizure, wiretapping, and the use of undercover agents.
• EPPO (European Public Prosecutor’s Office). Competent for offences affecting the financial interests of the European Union, including fraud involving EU funds, VAT carousel fraud exceeding specified thresholds, and cross-border corruption linked to EU-funded programmes. Belgium is a participating Member State, meaning EPPO can open investigations and prosecute directly before Belgian courts.
• OLAF (European Anti-Fraud Office). Conducts administrative investigations into fraud, corruption, and serious misconduct within EU institutions and involving EU funds. OLAF findings are referred to national prosecutors (including Belgian) for criminal follow-up. While OLAF does not itself prosecute, its reports carry significant evidentiary weight.
• FSMA (Financial Services and Markets Authority). The Belgian financial regulator with powers to investigate market abuse, insider dealing, and breaches of financial markets legislation. FSMA can impose administrative sanctions independently and refer cases to prosecutors for criminal proceedings.

Preserving Privilege and Evidence

On receipt of a search warrant, dawn-raid notification, or formal request for information, companies must immediately activate their investigation-response protocol. Critical steps include:

1. Contact pre-appointed external counsel before any substantive response or document production.
2. Identify and segregate privileged communications, Belgian law protects lawyer-client privilege, but the scope of protection during criminal investigations can be narrower than companies expect.
3. Issue an organisation-wide preservation notice for all potentially relevant documents, data, and electronic communications.
4. Designate a single point of contact for all communications with investigators to prevent inconsistent statements.

When to Notify Regulators and When to Self-Report

Self-reporting is not mandatory under Belgian law for most offences, but voluntary cooperation, including proactive self-reporting, is increasingly recognised as a mitigating factor in prosecutorial decision-making and sentencing. The calculus depends on the specific facts: where EU funds are involved and OLAF or EPPO is likely to discover the issue independently, early self-reporting can materially improve the company’s negotiating position.

Cross-Border Coordination

Multinational companies operating in Belgium must be aware that EPPO investigations can span multiple EU Member States simultaneously, and OLAF regularly coordinates with national authorities across jurisdictions. Companies that are subject to parallel investigations in Belgium and other countries should ensure that their legal strategy is coordinated across borders to avoid inadvertent admissions or inconsistent positions.

Practical Compliance Checklist Belgium, Concrete Steps to Limit Organisational-Fault Exposure

The organisational-fault test under the new Code makes the quality of a company’s compliance programme the central determinant of corporate liability Belgium risk. Below is a phased compliance checklist Belgium designed for boards and in-house teams to implement immediately.

Compliance Programme Design, Minimum Elements

Immediate actions (within 30 days):

• Conduct a gap analysis of existing compliance policies against the organisational-fault test criteria in the new Code.
• Confirm that a written code of conduct is in place, is current, and has been communicated to all employees and relevant third parties.
• Review and update the investigation-response protocol, including pre-appointment of external criminal defence counsel.
• Issue a board resolution formally acknowledging the entry into force of the new Code and mandating a compliance review.

Short-term actions (within 3 months):

• Design or update a risk assessment that maps the company’s activities to the offence categories in the new sanctions grid, prioritising those at Level 4 and above.
• Implement or refresh training programmes for all employees, with enhanced modules for senior management and board members covering the organisational-fault test and director liability Belgium exposure.
• Review and strengthen whistleblower procedures to ensure compliance with both Belgian law and the EU Whistleblower Protection Directive, ensure accessible, confidential reporting channels and documented follow-up processes.
• Update third-party due diligence procedures, particularly for suppliers, agents, and intermediaries in high-risk sectors or jurisdictions.

Medium-term actions (within 6–12 months):

• Commission an independent review or audit of the compliance programme’s effectiveness, including scenario-based testing.
• Establish regular board-level reporting on compliance programme performance, incident trends, and remediation actions.
• Develop and document a remediation playbook for use in the event that misconduct is discovered, covering internal investigation procedures, regulatory notification decision trees, and cooperation strategies.
• Integrate compliance KPIs into management performance evaluations and incentive structures.

Monitoring and Testing (KPIs)

A compliance programme that exists on paper but is not actively monitored and tested will not withstand prosecutorial scrutiny under the organisational-fault test. Companies should track and document the following key performance indicators:

• Number of compliance training sessions delivered versus planned, with completion rates by business unit.
• Number and outcome of whistleblower reports received, investigated, and resolved.
• Findings from internal audits and compliance spot-checks, and the timeliness of management’s remediation responses.
• Results of third-party due diligence screenings, including rejection rates and escalations.
• Board-level reporting frequency and the quality of compliance-related agenda items in board minutes.

Remediation, Cooperation and Negotiating Outcomes

Where misconduct is discovered or an investigation is initiated, companies face critical strategic decisions about cooperation, remediation, and settlement. The new Code does not introduce a formal deferred prosecution agreement (DPA) framework of the kind seen in the United Kingdom or the United States, but Belgian prosecutors have significant discretion in how they handle corporate cases, and cooperation can yield tangible benefits.

Draft Remediation Plan Template

A credible remediation plan should address the following elements, documented and presented to prosecutors or regulators as evidence of genuine corrective action:

• Root cause analysis. Identification of the governance, control, or structural failure that permitted the misconduct.
• Personnel action. Disciplinary measures taken against individuals involved, including termination, reassignment, or reporting to professional bodies.
• Control enhancements. Specific changes to internal controls, approval workflows, and oversight mechanisms to prevent recurrence.
• Monitoring commitment. Agreement to independent monitoring or enhanced internal audit for a defined period.
• Victim compensation. Where applicable, restitution to harmed parties, including repayment of misappropriated funds.
• Training and culture. Refreshed training programmes and cultural initiatives to reinforce compliance expectations organisation-wide.

Companies that fail to remediate, or that present remediation plans without genuine substance, face the most severe outcomes under the sanctions grid, including dissolution at Levels 7 and 8. Industry observers expect Belgian prosecutors to adopt an increasingly structured approach to evaluating remediation efforts during the early years of the new Code’s application.

Short Illustrative Scenarios and Defences

The following hypothetical scenarios illustrate how the organisational-fault test and the sanctions grid may apply in practice under the new regime.

• Scenario 1, Procurement fraud. A mid-level manager at a construction company systematically inflates invoices submitted under a public works contract. The company has no compliance programme, no third-party due diligence process, and no internal audit function covering procurement. Under the organisational-fault test, the company faces corporate criminal liability Belgium at Level 4 or 5 of the sanctions grid, including substantial fines, confiscation of the illicit proceeds, and possible exclusion from future public procurement. Recommended action: immediate engagement of counsel, preservation of all procurement records, and initiation of an internal investigation.
• Scenario 2, Insider trading by a senior executive. The CFO of a listed company trades on material non-public information ahead of a scheduled earnings announcement. FSMA detects unusual trading patterns and refers the matter to prosecutors. The company had a share-dealing policy but had not updated it in three years and had not conducted compliance training for senior officers. Corporate liability Belgium is assessed under the organisational-fault test based on the failure to maintain effective controls. Recommended action: immediate suspension of the CFO, FSMA cooperation, and comprehensive review of the share-dealing policy and training records.
• Scenario 3, Misuse of EU funds. A technology firm receiving Horizon Europe grants diverts a portion of funding to unrelated commercial activities. OLAF opens an administrative investigation and refers findings to EPPO, which initiates criminal proceedings in Belgium. The company has no specific compliance procedures for EU-funded projects. Exposure includes Level 5–6 penalties, confiscation, and reputational damage from EPPO prosecution. Recommended action: engage specialist EU funds counsel, cooperate with EPPO, prepare full restitution, and implement ring-fenced project compliance controls.

Conclusion, Corporate Criminal Liability Belgium Demands Action Now

The New Belgian Criminal Code has fundamentally reshaped corporate criminal liability Belgium. The broader organisational-fault test, the eight-level sanctions grid, and the abolition of the decumulation rule together create a legal environment in which every company with Belgian operations or exposure must take compliance seriously, not as a theoretical exercise, but as an operational imperative. Boards that act now to review their compliance programmes, prepare investigation-response protocols, and document their governance decisions will be in the strongest position to defend against prosecution and to mitigate penalties if proceedings are initiated.

The companies that delay will find themselves exposed to a sanctions regime that is, by design, more severe, more systematic, and more difficult to navigate than anything Belgian criminal law has applied before. For companies seeking specialist guidance on the new regime, the Global Law Experts lawyer directory connects organisations with experienced Belgian white-collar crime practitioners.

Sources

1. Belgian Official Gazette / Federal Public Service Justice (Moniteur belge)
2. FSMA, Belgian Financial Services and Markets Authority
3. European Public Prosecutor’s Office (EPPO)
4. OLAF, European Anti-Fraud Office
5. Loyens & Loeff, Belgian Criminal Code reform commentary
6. A&O Shearman, corporate criminal liability analysis
7. Freshfields, global corporate criminal liability guide
8. Liedekerke, Belgian white-collar crime practice guide
9. Chambers Practice Guides, Belgium white-collar crime