Update on the new recommendations of the French Anti-Corruption Agency (AFA)
In accordance with the Sapin II law, the French Anti-Corruption Agency is in charge of developing guidelines to help public and private law legal entities to prevent and detect breaches of integrity. On the 12th January 2021, the FACA published guidlines that replace the previous ones of 2017. The AFA decided to retain three pillars for the elaboration of these recommendations.
- The commitment of the governing body.
- Awareness of the risks of a breach of integrity through the development of a risk map.
- Measures and procedures to control the risk of breaches of integrity
Although these are only guidelines/recommendations, it is in the companies’ interest to apply this method, otherwise they will be given a simple presumption of compliance with the Sapin II anti-corruption scheme during an AFA audit.
- Pillar 1: Commitment of the governing body.
The FAFA strongly supports the need for the commitment of the governing body in the implementation of the anti-corruption control system, as well as in the implementation of the necessary human and financial resources.
– Companies with a board of directors or other management body not falling under the definition of the management body: FAFA recommends that the anti-corruption framework and its updates be periodically presented to them.
The governing body remains personally responsible for the implementation of the anti-corruption framework, even if it delegates its operational implementation to an anti-corruption compliance officer.
- Pillar 2: Risk Mapping
By the combined reading of the various provisions of Article 17 and in particular 17.1, the AFA extends the scope of risk mapping to the risk of trading in influence, before there was only corruption. Thus, 6 steps are to be followed to set up this mapping.
The AFA encourages companies to detect and analyse the so-called “gross” risks, considered beforehand, as opposed to the so-called “net” risks, which take into consideration the means of control implemented. To this end, an appendix must be attached summarising the methodology followed.
- Pillar 3: Measures and procedures to control the risk of breaches of integrity
The methods to be implemented for all the procedures provided for in Article 17 of the Sapin II law are listed here (code of conduct, training system, third party evaluation, warning system, etc.). The new features are :
- Third party evaluation: a greater margin of appreciation left to companies
- Training: Awareness-raising among employees recommended.
- Warning system: A new formalism to be followed for the internal investigation phase.
The warning must indicate the procedures for accessing the system and exchanging information with the author of the warning. A formalised procedure is recommended with the establishment of a designated committee for handling warnings and an internal investigation phase leading to the drafting of an investigation report that is communicated to the management body.
For more informations please contact us [email protected]