Complying with Sapin II: How to identify and assess your corruption exposure

La Defense, Business District In Paris

Bill n° 2016-1691 relating to transparency, the fight against corruption and the modernisation of economic life (Sapin II), which was signed into law by French President François Hollande on 9 December 2016, has revolutionised France’s legislative and regulatory landscape. The key anti-corruption provisions, in force since 1 June 2017, aim to align France with the most advanced members of the OECD, in particular the US and the UK. The Foreign Corrupt Practices Act (FCPA) has become, since it took effect in late 1977, a tool of war of sorts at the hands of the US Department of Justice, notably through the principle of extraterritoriality which recognises neither borders nor nationalities. The 2010 UK Bribery Act (UKBA) has replaced old British laws dating from 1889, 1906 and 1916, with a view to modernising the fight against corruption by equally extending its scope to the whole world.

With Sapin II, France has now effectively joined the Anglo-Saxon club of countries insofar as it applies extraterritoriality and imposes upon eligible companies a number of obligations compliance with which can be verified at any time. While any company that has adopted best practices in line with the FCPA and the UKBA can reasonably deem itself largely compliant with Sapin II, the French law still has its national specificities. Nevertheless, despite the usual legalese and various norms and rules to follow, it is possible to discern the legislator’s intention to carry out a radical change in the way both French and foreign companies with operations in France do business internationally. To resist that change makes no sense; instead, it had better be seen as a marvellous opportunity to improve corporate governance, better assess the risks, put in a place a dialogue between the management and employees and better protect the corporate image.

As a well-established financial crime specialist, Aperio Intelligence keeps receiving a great quantity of requests for clarification of the key provisions of Sapin II from a variety of French companies. We have written this guide as a means to answer some of these queries. It is not intended to be exhaustive nor has it the ambition to substitute itself for official guidance issued by the French government. Its only objective is to provide increased clarity on two key aspects of the legislation contained in article 17, which we think are among the least well-understood today. They are respectively about risk mapping and third-party risk assessments – two areas on which we have developed a considerable expertise at Aperio. We have also tried at the end of this guide to provide direct answers to a series of the most frequent questions. We do hope that this document will be helpful to you and will enable you to cope with your new responsibilities in confidence.

We hope you enjoy the read.

Please click here to access our Sapin II guide (French version)

Please click here to access our Sapin II guide (English version)

George Voloshin, Head of Aperio Intelligence France