The French Anticorruption Agency's Sanctions Committee's first decision: An analysis

By Maria Lancri

Maria Lancri (mlancri@squairlaw.com) is Attorney at Law for Squair in Paris, France.

The Sanctions Committee of the French Anti-Corruption Agency (AFA) issued its first decision on July 4, 2019.[1] Since mid-2017, the French Sapin II[2] law has required large French companies (i.e., companies incorporated in France with more than 500 employees or belonging to a group of more than 500 employees, and achieving a consolidated turnover of more than 100 million euro; also, French subsidiaries of foreign groups) to implement an anticorruption compliance program comprising eight items:

  • A code of conduct

  • A whistleblowing scheme

  • Risk mapping

  • Third-party due diligence

  • Accounting control procedures

  • Training program

  • A disciplinary system

  • An internal audit and evaluation mechanism[3]

The French Sapin II law was created in response to the OECD heavily criticizing France for failing to fight efficiently against corruption, although corruption offenses are part of the criminal code; other countries, like the US, have only guidelines issued by a regulatory body. Additionally, the AFA was created to prepare guidelines to assist both administrations and private companies in “preventing and detecting cases of corruption and influence peddling”[4] and related offenses. These guidelines provide companies with the AFA’s expectations of what a “good” compliance program looks like.

The Sapin II is a sort of experimentation:

  • No other law stipulates within the law the elements of an anticorruption compliance program; in other countries, this is being done through guidelines issued by the administration or prosecutors’ offices.

  • The law provides for a control of the viability of said programs and potential sanctions outside of any investigation or sanction of actual corruption cases. The AFA’s agents therefore have no other system of law to rely on or to compare with the French system.

Some French companies had already implemented an anticorruption compliance program prior to the Sapin II law, mainly when they added activities overseas like in the US or the UK, and were influenced by what other systems had developed. Others created their programs when the law was enacted.

Considering how new this requirement was for most companies, they had not yet fully developed their programs when the controls started.

The companies chosen for these controls have different backgrounds and are active in different markets. The AFA claims that the companies are selected to allow the agency to acquire a good knowledge of the French market. The AFA may also select companies when their behavior has been flagged.

Timeline of SAS S.’s control

One of the companies controlled was SAS S., a privately held French company, with activities in 44 countries.

This type of anticorruption compliance program control generally follows different steps:

  1. Notification of the control and request to answer a detailed questionnaire and provide documentation within 15 days (the questionnaire was made public after a few months to allow companies to get prepared);

  2. Analysis of the documentation remitted and further questions;

  3. On-site control during which interviews with officers and employees are conducted;

  4. AFA’s report;

  5. Written comments from the company and meeting with the AFA;

  6. Final decision (relief, warning, or transfer to the Sanctions Committee).

The full procedure is detailed in the Charte des droits et devoirs des parties prenantes au contrôle.[5]

The director of the AFA may decide to refer the case to the Sanctions Committee if he/she decides that the violations in the compliance program are too great. After a proper study of the matter, exchanges of briefs, and a hearing, the AFA’s Sanctions Committee has the power to (i) consider that there are no violations and release the company, (ii) order a company to adapt its compliance program, and/or (iii) render a monetary sanction of up to €200,000 for individuals, namely the corporate officers, and up to €1 million for corporate entities.

In the case of SAS S., the control phase of the process lasted from October 18 to December 15, 2017, and a year and a half later, the final step—the hearing before the Sanctions Committee—was held on June 25, 2019. Logically, the company took advantage of that long period to update and complement its compliance program. The Sanctions Committee made it clear during the hearing that, procedurally speaking, they would base their decision on how the compliance program had been developed until the day of the hearing. This position was restated in the decision.

The issues of the SAS S. case

The AFA considered that the company violated five of the eight items of the program:

  • Nonconformity of the risk mapping

  • Nonconformity of the code of conduct

  • Absence of a third-party due diligence procedure

  • Absence of anticorruption accounting controls

  • Absence of an internal audit and evaluation mechanism

The company considered their compliance program in-line with the requirements of the law and thought the AFA guidelines were adding obligations not provided for in the law. Their aim was to get the Sanctions Committee to rule on how binding the AFA guidelines were.

There was hope that the decision would be of great help for other companies under Sapin II obligations; however, the decision rendered on July 4 by the Sanctions Committee[6] fell short of expectations. It considered the company’s compliance program as adequate and released it from any further procedure, but the decision did not provide the guidance that the legal community wished for.

This document is only available to members. Please log in or become a member.
Become a Member Login
 


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field

First name field cannot be blank!
Last name field cannot be blank!
We will send you an email that will give you access to this entire article.
Email field cannot be blank!
Enter a valid email!
Company field cannot be blank!
Enter a valid company!
Title field cannot be blank!

We're committed to your privacy. The Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA) uses the information you provide us to contact you about our relevant content, products, and services. For more information, check out our Privacy Policy.


About SCCE

The Society of Corporate Compliance and Ethics (SCCE) is a non-profit, member-based professional association. SCCE supports our members' work with education, news, and discussion forums. We are a community of leaders, defining and shaping the corporate compliance environment across a wide range of industries and geographic regions. In developing and maintaining effective ethics and compliance programs, our members strengthen and protect their companies.

952.933.4977

About HCCA

The Health Care Compliance Association (HCCA), is a 501(c)6 non-profit, member-based professional association. HCCA was established in 1996 and is headquartered in Minneapolis, MN. We provide training, certification, and other resources to over 10,000 members. Our members include compliance officers and staff from a wide range of organizations, including hospitals, research facilities, clinics and technology service providers.

952.988.0141

Facebook Twitter LinkedIn
Copyright © 2024 by Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA). No claim to original US Government works. All rights reserved. All information provided through this site, including without limitation all information such as the “look and feel” of the site, data files, graphics, text, photographs, drawings, logos, images, sounds, music, video or audio files on this site, is owned and/or licensed by SCCE & HCCA or its suppliers and is subject to United States and international copyright, trademark and other intellectual property laws. Any third party logos and/or content provided herein is owned by such third parties and is used by permission herein. Your use of this site to is subject to our Terms Of Use and Privacy Statement.
Cookie settings