Compliance - Ethics
Compliance is a major issue for companies that have to comply with the legal and ethical standards in force in their field of activity. It helps prevent the risks of sanctions, damage to their reputation and loss of stakeholder confidence.
Focus : The Law on the Duty of Vigilance of Parent Companies and Major Companies was adopted on 21 February 2017 and aims to prevent serious violations of human rights and fundamental freedom, personal health and safety, and the environment by large companies.
​
Which companies are subject to the duty of vigilance?
​
Any company established in France which employs, at the close of two consecutive financial years :
-
at least 5,000,000 employees within the company and its direct or indirect subsidiaries, whose registered office is located in France,
or
-
at least 10,000 employees within the company and its direct or indirect subsidiaries, whose registered office is located in France or abroad.
These companies must effectively implement a vigilance plan.
This vigilance plan "includes appropriate vigilance measures to identify risks and prevent serious violations of human rights and fundamental freedom, the health and safety of individuals, and the environment, resulting from the activities of the company and the companies it controls [...] directly or indirectly, as well as the activities of subcontractors or suppliers with whom there is an established business relationship, when these activities are related to that relationship".
This due diligence plan must include the 5 measures listed in article L.225-102-4 of the French Commercial Code:
-
Risk mapping
-
Procedures for regular assessment of the situation of subsidiaries, subcontractors or suppliers with which the parent company or the company placing orders has an established commercial relationship.
-
Appropriate measures to mitigate risks or prevent serious harm.
-
A mechanism for alerting and collecting warnings about the existence or occurrence of risks, established in consultation with the representative trade union organisations in the company concerned.
-
A system for monitoring the measures implemented and evaluating their effectiveness.
The vigilance plan and the report on its effective implementation shall be made public and included in the company's annual report (accessible to all on the Internet).
Although these relatively high thresholds mean that few companies are affected by the implementation of these regulations, in practice a large number of contractors require their suppliers to comply with some or all of the provisions. As a result, a large number of companies are affected, especially as the European Commission adopted a proposal for a directive on 23 February 2022 that aims to extend the scope of these regulations and significantly lower the thresholds for direct application. These are all good reasons to start implementing these regulations now.
​
Our services include:
​
-
design, assessment and implementation of compliance programmes (ethics / anti-corruption / RGPD / duty of vigilance)
-
conducting risk audits
-
designing and implementing risk management and reporting processes
-
conducting internal investigations and preparing corrective action plans
-
prepare and support regulatory audits (e.g. AFA or CNIL dawn raid/competition audits)
-
assistance in setting up whistleblowing systems, third-party assessment systems and dedicated e-learnings
-
training for management boards and employees
-
drafting or reviewing codes of conduct, values charters and internal regulations
-
reviewing contractual clauses and general terms and conditions of sale and purchase
-
establishing powers of attorney
-
compliance due diligence (seller/buyer) for M&A transactions
​