French entities were particularly solicited in the past few years to be proactive on compliance matters, in particular as regard to anti-corruption regulations. On December 19, 2019, the French Anti-corruption Agency (“AFA”), which has the mission to assist all person and entity to prevent and fight against corruption, released updated guidelines on the corporate anti-corruption compliance function1.
These Guidelines, which first version has been initially published in February 2019, gives the keys elements of what is expected by the AFA regarding the anti-corruption compliance function in a company.
I. The anti-corruption compliance function, a multi-task and intersecting function
The Guidelines highlights the strategical interest for a company to have a compliance process integrating dedicated anti-corruption compliance functions. These functions may be assigned to a dedicated person, depending on the entity’s characteristics (status, size, activity). The anti-corruption compliance officer shall however coordinate her/his action with the entity others compliance areas (such as competition law, fight against money laundering and terrorism financing, protection of personal data, export control etc.) and be applied at each stage and to each employee of the entity.
A variety of missions are attributed to the anti-corruption compliance officer. She/he will be responsible for designing a compliance program, managing the implementation and the update of her/his functions, spread an anti-corruption culture within the entity by implementing training sessions, be the reference contact of business partners, report on the efficiency of the program to the management. She/he will also have a key role for the implementation and the follow-up of any investigation related to allegations of corruption2.
Depending on the organization of the entity, the anti-corruption compliance officer will have responsibilities, or a consultative role shared with the entity’s others key managers (general counsel, human resources manager, internal audit manager, etc. 3).
II. The compliance functions governance coordinated and shared with the management
Even though the designation of a compliance officer is not mandatory, the AFA recalls that entity management is responsible for the implementation an efficient anti-corruption governance, which implies to clearly identify the person handling such functions4. In addition, the management will have to ensure a regular follow-up and update of the anti-corruption programs. Furthermore, the anti-corruption compliance officer will need to be provided with enough resources and means to fulfill her/his mission (a dedicated compliance team, external counsels, IT tools, etc.). She/he shall also be guaranteed to be supported and listened by the management and she/he might be helped by anti-corruption compliance referents deployed within the entity5.
The Guidelines recommend ensuring that the position of the compliance officer guarantee her/his objectivity and independence. She/he shall have an effective access to all useful information and is encouraged to be part of the decision-making process. She/he is however required to report on her/his activity to the management. 6 In case of delegation of powers, the management however remains administratively of criminally liable for anti-corruption breaches7. Also, Article 17 of the Sapin II law8 charges responsibility for the implementation of the compliance measures on the entity’s manager9. She/he can thus be held personally liable (as well as the legal entity) before the AFA Enforcement Committee10.
III. Specifications on the compliance function’s profile and skills
Notwithstanding that no specific background is required to embody anti-corruption compliance functions, the Guidelines provide a series of recommendation for recruiting the compliance officer. Independently of being recruited among the entity’s employees, she/he will need to (i) have a good knowledge of the entity (ii) be able to handle transversal functions (management, communication, impartiality, team spirit, patience, prudent) (iii) have good knowledge of the regulations and an experience of risk mapping, internal control and analyze tools. As to the Guidelines, being specifically qualified for anti-corruption compliance shall also be valorized11.
IV. Compliance functions imply specific liabilities
The Guidelines specify that the anti-corruption compliance officer cannot be held liable under article 17 of the Law Sapin II. It also indicates that from a criminal law perspective, a breach committed within the compliance officer functions cannot be considered as a constituent element of the offence of corruption. To be held liable, the law requires an active participation to the acts of corruption. Hence, weak or incomplete measures do not answer to this definition. The Guidelines however recall that an anti-corruption compliance officer might face disciplinary sanction in case of breach committed within her/his functions. It could for instance be the case if she/he failed to report o prevent a breach for which she/he was provided with the appropriate means to do so12.
The Guidelines send a strong and useful message to entities subject to anti-corruption regulation. Although the function is not mandatory, the anti-corruption compliance officer is presented as one of companies’ vital component for the fight against corruption.