Ignoring France's new corruption guidelines could spell trouble beyond fines
2 February 2018. By Ben Lucas.
New French guidance on the systems companies should put in place to prevent and detect corruption are detailed, prescriptive, but not legally binding.
The nature of the guidelines, coupled with the lack of an established enforcement trend by the recently formed French Anticorruption Agency, has raised questions about how closely companies should follow its recommendations.
But ignoring them completely could simply sow suspicions and open companies up to additional intrusive inquiries.
Also, being caught out won’t merely expose companies to a fine of up to 1 million euros ($1.2 million).
Crucially, if the AFA finds evidence of wrongdoing when it checks the quality of a compliance program, it could flag incidents to the central financial crime authority, the Parquet National Financier.
— New requirements —
Under France’s corruption-fighting legislation, known as “Sapin II,” French companies must have a corruption compliance program in place.
This obligation applies to national companies, and their international units, with more than 500 employees and yearly sales greater than 100 million euros. This also applies to the French units of foreign companies.
The guidelines stipulate eight measures that companies should have in place, including a code of conduct and an internal whistleblowing system. Companies should also carry out “risk mapping” to identify specific corruption risks, conduct proper background checks on business partners, have special controls in their accounting system, and provide appropriate training for staff.
Many companies operating across borders may already adhere to similar standards, as they seek to avoid the long-arms of US or UK corruption laws and enforcement action. But for some, the new requirements represent an additional burden, calling for more extensive due diligence on business partners than that recommended by the US or UK.
— Uncertainty —
The guideline’s prescriptive and detailed nature has put some companies on edge.
Legal experts are speculating whether its non-binding nature could form part of a reasonable defense if a company seeks to appeal a fine imposed by the AFA in the courts.
The regulator is confident its guidance text will stand the test of time. The AFA told MLex many companies consider the guidelines as “soft law” and that their substance is more important than their legal standing.
Mandatory or not, companies are unsure how rigidly the agency will stick to the guidelines when it comes to reviewing or even imposing fines.
The agency is yet to issue any penalties for poor or weak systems or controls, although it has said it is currently inspecting six unnamed companies.
In the most serious cases, the agency can call upon its Sanctions Commission — an internal six-person panel — to impose fines of up to 200,000 euros for individuals and 1 million euros for companies for poor systems and controls.
So far, the agency’s tone in its communications has been one of wanting to help companies meet compliance obligations, and to offer guidance and support.
Many hope that this approach will continue and that the agency will be pragmatic when enforcing its guidelines, allowing companies to comply with the spirit of the recommendations, rather than treat them as doctrine.
— The real risk —
Without an established enforcement trend to guide companies, it would be foolish to ignore the agency’s guidelines altogether. Total disregard for the recommendations could make the agency unnecessarily suspicious, and lead to additional inquiries into a company’s books.
The agency has warned it will carry out checks on companies across all industries each year. And it also has the ability to conduct targeted checks, potentially as the result of a tip-off.
The agency’s checks are thorough. Companies are initially sent a list of up to 100 questions, and must hand over several internal documents. Based on the answers provided, the agency can ask additional questions, request more information and even conduct interviews with staff.
If the agency decides to conduct a review of a company’s compliance program, it could uncover and refer suspicions of corruption to the more established PNF.
This is the real risk, and once this happens, companies will lose their ability to control and handle investigations as they see fit. They would lose the opportunity to self-report suspicions of wrongdoing, which could jeopardize the chances of negotiating a settlement with investigating authorities.