Article 17 of Law No. 2016-1691 of 9 December 2016 on transparency, the fight against corruption and the modernisation of economic life introduces an obligation of vigilance on the part of certain companies. Eight measures and procedures are to be implemented under the obligation of vigilance.
The Sapin 2 law is based on 8 fundamental pillars.
1/ A code of conduct
The code of conduct defines and illustrates the different types of behaviour to be proscribed with regard to corruption and influence peddling. It must be integrated into the company's Internal Rules, so that the persons concerned can simply and easily identify acceptable practices in terms of gifts, patronage, political life, or sanctions incurred...
2/ An internal warning device
An internal warning device must be defined. It provides employees with a clear method for reporting behaviour or situations that are contrary to their company's code of conduct. Be careful, if this procedure is not respected, the report is null and void.
3/ A mapping of corruption risks
Risk mapping is documentation designed to identify, analyse and prioritise the risks of the company's exposure to external solicitations for the purpose of bribery, based in particular on the business sectors and geographical areas in which the company operates. It must be regularly updated.
4/ Third party assessment procedures
Customers, first-tier suppliers and intermediaries must also be assessed with regard to risk mapping. Business partners are more exposed to corruption risks. For example, by using part of their commission to pay a bribe to obtain a new contract. They must therefore be audited systematically.
5/ Accounting control procedures
Accounting control procedures, whether internal or external, must be put in place. They are designed to ensure that books, records and accounts are not used to conceal facts of corruption or influence peddling, such as false invoices for fictitious services.
6/ Training of exposed managers and staff
A training system must be put in place for managers and people most exposed to the risks of corruption and influence peddling.
7/ A disciplinary system
The disciplinary system establishes the sanctions to be applied to the company's employees in the event of an actual violation of the code of conduct: warning, reprimand, dismissal, layoff, etc. The text must be clear and, above all, known by employees, by incorporating it into the internal regulations.
8/ A control and evaluation mechanism
A monitoring and evaluation system makes it possible to track the effectiveness and proper application of the measures of the company's anti-bribery programme through regular internal or external audits.