After much deliberation between the upper and lower chambers, the French Parliament has adopted tough new anti-corruption legislation. Known as Sapin II, the new law presents a tougher framework for the prevention and prosecution of corruption in France and is likely to have far-reaching consequences for French and foreign groups.
It comes in response to criticism from the OECD for France’s perceived failures in the prosecution of corruption (less than five convictions in the first 12 years of the new millennium) and also represents a bid to change the country’s perception on the international stage following the conviction by US authorities of several French companies for corrupt practices.
The lack of prosecutions belies the stringency of existing anti-bribery legislation under which both active and passive bribery, facilitation payments, private bribery and domestic influence peddling are criminal offences, punishable by up to 10 years imprisonment and fines of up to €1m for individuals and €5m for legal entities. Consequently there are few anticipated changes to the practices that need to be prohibited. The one significant change is the extension of the offence of influence peddling to include officials of international organisations as well as French public officials.
Sapin II focuses on five key areas:
- A legal obligation on French companies to implement anti-corruption compliance programmes
- The introduction of a new anti-corruption agency tasked with detecting and preventing corruption
- A new offence of corruptly influencing a foreign public official and the extension of French authorities’ powers to prosecute and sanction acts of corruption committed outside France.
- The possibility for companies to enter a deferred prosecution agreement in lieu of criminal prosecutions
- The clearer definition and protection of whistleblowers
The duty to prevent corruption
A binding obligation to prevent corruption is the key innovation of Sapin II. Under the new law, companies and groups with 500+ employees and a minimum turnover of €100m will be required to have effective internal procedures in place to prevent and identify any act of corruption committed at home or abroad by any of their employees. This obligation applies to all subsidiaries, whether French or foreign, that publish consolidated financial statements.
Companies will be expected to:
- adopt a code of conduct which defines and illustrates prohibited behaviours and is incorporated in the company’s internal rules and regulations (‘réglement intérieur’)
- operate an internal whistleblowing system
- conduct anti-corruption risk assessments taking into account geographic location and industry sector
- conduct due diligence on intermediaries, agents, partners, suppliers and other third parties
- implement accounting controls to ensure accounting systems do not conceal acts of corruption
- offer training programmes for executives and employees most exposed to corruption risks
- impose disciplinary sanctions for any breaches of the company’s anti-corruption procedures
- establish an internal monitoring system to evaluate the effectiveness of measures taken
Failing to set up such a compliance programme may lead to fines of up to €200,000 for executives and up to €1m for the company. Monitoring implementation will be the responsibility of the country’s new anti-corruption agency, which will have the powers to impose fines and require improvement of anti-corruption compliance programmes to meet the above criteria.
Any company found liable for acts of corruption will be subject to the criminal penalty of ‘mandatory compliance’ and will be required to implement an effective anti-corruption compliance programme at their own expense and within five years, whether or not they meet the size and turnover thresholds stipulated above.
On the plus side, as with the UK Bribery Act, in the event of a criminal prosecution, the ability of the company to establish that it had a robust compliance programme (adequate procedures in the UK) can be used as mitigation.
Agence Nationale de Prévention et de Détection de la Corruption (ANPDC)
The new national anti-corruption agency will have more powers than its predecessor the Service Central de la Prevention de la Corruption (SCPC). Under Sapin II, the new agency will: –
- issue guidelines to companies and organisations on setting up their compliance programmes to meet the new requirements
- monitor the effectiveness of compliance controls and report on adequacy
- sanction organisations and individuals for breaches of legislation
- supervise monitorships
To enable the agency to fulfil its duties it will have powers to interview any person of its choice, obtain documents and conduct on-site searches and verifications. It will be responsible for imposing fines and issuing compliance injunctions.
Deferred Prosecution Agreements (DPAs) are also being introduced allowing companies to pay a fine instead of being prosecuted if they are suspected of international or national corruption offences. The fine will be capped at 30% of average annual revenue based on the three previous years. If entering into a DPA the company would have to implement an internal compliance programme improvements for three years. Third parties affected by the corruption would have to be compensated.
Companies would therefore avoid a criminal sanction, but details of the fines would have to be published on the organisation’s website. As in the UK, the DPA would be reserved for corporate entities, not individuals who could still find themselves facing criminal charges.
Broader extraterritorial reach
Under the current legislation, French authorities are largely restricted to prosecuting corruption offences that occur within France, unlike their UK and US counterparts. Sapin II adds the new offence of corruptly influencing a foreign public official. In addition, article 12 of the new legislation extends the jurisdiction of French authorities to cover offences committed abroad.
Definition and protection of whistleblowers
Under current French law, there is no clear definition of a whistleblower and no general provisions to ensure their protection.
Sapin II changes this with a clear definition of a whistleblower as one who “selflessly and in good faith reports a crime, offence or threat, or incident that would pose a serious threat to the public”. The steps to follow are clearly spelt out and protection from reprisals is enshrined.
In addition, all organisations with more than 50 employees, communities with more than 10,000 inhabitants and all state administrations must operate whistleblowing systems.
So what steps should businesses be taking?
With its extra territorial reach, the new law can hold companies with a connection to France accountable for corrupt activities conducted anywhere in the world by the company’s employees or agents. Organisations already complying with the UK Bribery Act of the FCPA may not need to update their systems, however, the following steps are recommended:
- Anti-corruption audit: review current anti-corruption policies and procedures and conduct a detailed audit of existing anti-corruption controls to assess effectiveness against the new legislation. Draft new policies and processes where necessary and implement monitoring systems to ensure compliance.
- Risk assessment: Carry out a detailed review of the company’s activities to assess the corruption risk, identifying geographical locations, areas of business, business functions and personnel most exposed to risk from corruption
- Due Diligence: Carry out risk-assessed anti-corruption due diligence on all third parties, including, agents, intermediaries, partners and suppliers
- Communication and training: ensure that any changes to the code of conduct and anti-corruption policies and processes are clearly communicated to all stakeholders and third parties, particularly to high-risk individuals
- Monitoring: conduct regular audits of the effectiveness of the organisation’s anti-corruption compliance programme including third-party audits
- Whistleblowing: ensure that an effective whistleblowing system is operational, properly monitored and trusted by all stakeholders.
GoodCorporation has been working with international organisations to help prevent corruption for over 15 years. We offer a range of anti-corruption compliance services including high level reviews of policies and processes, whole company anti-corruption audits using the GoodCorporation Anti-Bribery and Corruption Framework, anti-corruption due diligence as well as code of conduct development and benchmarking.
Posted December 2016
The Government’s plans to revise the UK’s data protection laws, announced this week, will effectively ensure that the UK remains compliant with the EU’s General Data Protection Regulation (GDPR) which is applicable from May 2018. This announcement is helpful for…