The paper is prepared by the Agency to compare the existent French legal acts and other documents on the fight against foreign bribery with the respective US and UK legal provisions and the guidance of the World Bank Group (WBG).
The Presentation stresses that ever more attention has been paid to transnational corruption both at the international and the domestic levels over the recent years. In particular, many countries have adopted dedicated legal acts of extraterritorial enforcement and anti-corruption strategies that take into account the need to control transnational corruption crimes: besides the jurisdictions reviewed in the Presentation, such norms have been introduced, in particular, in Brazil, China, India and Australia.
The fight against corruption, including its transnational form, in the private sector is regulated by:
- the Criminal Code;
- Law of 9 December 2016 No. 2016-1691 on Transparency, the Fight against Corruption and the Modernization of Economic Life (Loi n° 2016-1691 du 9 décembre 2016 relative à la transparence, à la lutte contre la corruption et à la modernisation de la vie économique, also known and hereinafter referred to as the Sapin II Act) and accompanying secondary legislation;
- the French Anti-Corruption Agency Guidelines (in French and in English);
- other related guidance of the AFA.
According to the French legal provisions, prosecution for the crimes committed abroad is possible not only in the event that the offence is committed by a French citizen but by any natural and legal person generally residing or undertaking their economic activities fully or in part in the French territory.
Under the Sapin II Act, the French companies with over 500 employees and/or the companies headquartered in France with over 500 employees and a turnover exceeding € 100,000,000 including their activities via subsidiaries located abroad must take preventive measures against corruption and other related offences.
The list of measures to be adopted is also enshrined in law and includes: the adoption of a code of conduct, establishment of internal channels for reporting offences, conduct of risk assessment, due diligence procedures and accounting controls, organisation of anti-corruption training, implementation of a system of disciplinary sanctions, internal control mechanisms, and evaluation of effectiveness of the measures taken. The requirements to these measures are clarified in further detail in the Guidelines of the AFA.
The functions of monitoring of adoption of corporate anti-corruption measures rest with the AFA: the verification procedures can be undertaken by the Agency either at its own initiative or in the framework of court proceedings against companies.
In the event that failures to comply with the requirements to adopt corruption prevention measures are detected throughout the verification procedure initiated by the AFA, the following sanctions can be imposed on companies:
- an order to comply with anti-corruption requirements;
- a fine;
- a decision to publish information on the sanctions imposed.
If the lack or ineffectiveness of anti-corruption measures is detected in the framework of court proceedings with regard to a corruption case, one of the following decisions can be taken:
- to increase the fine imposed on the company for the respective corruption offence;
- to oblige the company to implement or improve its compliance programme under the supervision of the AFA within three years in the framework of a Judicial Public Interest Agreement (Convention Judiciaire d’Intérêt Public – CJIP);
- to sanction it for the failure to act in line with the compliance programme (peine de programme de mise en conformité), which means that the company must implement the measures and procedures to prevent and detect corrupt practices and trading in influence within five years under the supervision of the AFA.
The Unites States
The fight against transnational corruption in the United States is regulated by:
- the Foreign Corrupt Practices Act (FCPA);
- other relevant legal acts such as the Travel Act that bans travels between states or abroad, use of US post and other means facilitating illegal activities, the Sarbanes-Oxley Act mandating financial reporting practices for US issuers and others;
- the Resource Guide to the U.S. Foreign Corrupt Practices Act updated in 2020;
- the Criminal Division Corporate Enforcement and Voluntary Self-Disclosure Policy updated last January;
- the Evaluation of Corporate Compliance Programs (ECCP) Guidance updated last March;
- the Principles of Federal Prosecution of Business Organizations.
Under the FCPA, the following persons can be held liable for corruption offences:
- US issuers, i.e. companies listed on stock exchanges in the US or companies that carry out over-the-counter trade and are required to file periodic reports with the Securities and Exchange Commission (SEC);
- domestic concerns meaning the companies registered under the US law and/or undertaking their main activities in the US territory, and natural persons who are US citizens or residents;
- other persons undertaling directly or indirectly corrupt practices in the US territory regardless of their citizenship (for natural persons) or place of registration (for legal persons).
Direct violations of the FCPA are:
- bribery of foreign public officials;
- violation of accounting rules;
- violation of internal control rules.
The power to hold persons liable for the violations of the FCPA rests with the SEC (only in the case of civil proceedings against issuers) and the US Department of Justice (DOJ) (in criminal prosecution and civil proceedings against any persons subject to the enforcement of the FCPA).
Regarding compliance programmes, the US law does not oblige companies to implement these instruments. However, the presence of an appropriate corporate corruption prevention system affects:
- the decision of law enforcement not to prosecute the company or to conclude a pre-trial agreement with it;
- the final amount of the fine;
- the decision to assign independent monitorship (one of the conditions of pre-trial agreements/plea agreements with organisations that provides for assessment of efficiency of corporate compliance programmes by external experts within the term of agreements).
There is no list of anti-corruption measures that can be adopted by organisations in the US legislation either. However, taking into account the fact that the guidelines for the DOJ prosecutors are open for general public, companies can use them to understand what measures law enforcement expects them to adopt.
The United Kingdom
The provisions on the fight against transnational corruption in the UK are contained in:
- the UK Bribery Act (UKBA) of 8 April 2010;
- the Bribery Act Guidance;
- the Joint Prosecution Guidance of the Director of the Serious Fraud Office and the Director of Public Prosecutions on the Bribery Act;
- the Joint Guidance on Corporate Prosecutions;
- the Operational guidance and information: Guidance for corporates: Evaluating a Compliance Programme;
- the Financial Conduct Authority’s Financial Crime Guide: A firm’s guide to countering financial crime risks (FCG): section 6. Bribery and Corruption.
There is no direct general requirement for companies to implement anti-corruption measures in the UK.
At the same time, the organisations that fall under the jurisdiction of the Financial Conduct Authority are obliged to adopt measures to counter the risks of their use for commission of financial crimes, including corruption in general and bribery in particular.
Additionally, article 7 of the UK Bribery Act (failure of commercial organisations to prevent bribery) provides for the possibility to exempt organisations from liability for corruption if they have “adequate” bribery prevention procedures in place.
Also, the presence of certain corruption prevention measures can be taken into consideration by courts as a factor demonstrating a lower degree of guilt and, as a consequence, affecting the scope of sanctions; courts should also evaluate the impact of the penalty imposed on the capabilities of companies to implement efficient compliance programmes.
An indicative list of measures that can be adopted by organisations is provided in the UK Bribery Act Guidance.
The World Bank Group
The World Bank Group (WGB) has released the Anti-Corruption Guidelines in Connection with Projects Financed by a World Bank Group Entity to counter transnational corruption. The persons who commit violations of the Guidelines related to corruption, fraud, collusion and the like that can take place in the absence of appropriate prevention procedures can be subject to liability within the World Bank Group Sanctions System. In general, these sanctions imply temporary or permanent suspension of legal or natural persons from projects financed by the WBG also as subcontractors, consultants, provides of goods and services for the companies that can win contracts funded by the WBG. All in all, there are five types of sanctions: reprimand, conditional non-debarment, debarment, debarment with conditional release, and/or restitution (financial or otherwise). Besides sanctions, perpetrators can be obliged to adopt measures to repair the situation, for instance, develop and demonstrate the implementation of a compliance programme based on the principles outlined in the WGB Guidelines.
List of anti-corruption measures
The Presentation also analyses the formulation of requirements to the key anti-corruption measures to be taken by companies in legal acts and other documents of the countries and organisation under review.
1. Role of the management
France: the Recommendation of the AFA stresses that the corporate management should behave in an exemplary manner, promote the anti-corruption policy through personal communication, implement the necessary means for the deployment of an effective anti-corruption compliance programme, monitor its implementation and ensure that sanctions are enforced.
The United States: as per the regulating acts of the US DOJ, in evaluating compliance programmes, the US authorities check whether senior management has adopted and implemented anticorruption policies, whether senior management adheres to them and sets a proper “tone at the top” and “culture of compliance”.
The United Kingdom: the UKBA Guidance highlights that the top management should be committed to preventing bribery.
The World Bank: The WBG Guidelines call for strong, explicit, visible and active support and commitment from senior management.
2. Responsible units
France: the AFA stresses the importance of the human and financial resources devoted to the implementation of an anti-corruption compliance programme. It does not impose a specific model, as long as the head of anti-corruption compliance is guaranteed access to information relevant to his or her mission, independence from other functions within the entity and direct access to the management body.
The United States: recommend that companies devote appropriate personnel and resources to preventing and detecting corruption and to remediating any violations that do occur promptly and appropriately. The compliance function must have sufficient seniority within the organization and be independent from senior management.
The United Kingdom: the UKBA Guidance recommends that senior management engagement is likely to include the selection and training of senior managers to lead anti-bribery work where appropriate.
The World Bank: the WBG Guidelines call for oversight and management of the compliance programme to be performed by senior corporate officers, with an adequate level of autonomy, sufficient resources and the authority to effectively implement the programme.
3. Risk mapping
France: risk mapping is a major pillar of an effective compliance programme. The AFA recommends a six-step methodology, including the identification, evaluation and prioritization of risks, the implementation of an action plan to ensure their control, its regular updating and archiving.
The United States: it is recommended that companies consider risk factors such as industry sector, country or location, transaction size or type, and the method and size of payments to third parties.
The United Kingdom: the UKBA Guidance advises categorising external risks into five broad groups (country, sectoral, transaction, business opportunity and business partnership) and emphasises the importance of prevention measures for the identified risks.
The World Bank: the WBG Guidelines state that a comprehensive risk assessment should be carried out when establishing a compliance programme and should be updated periodically and whenever necessary to meet changed circumstances.
4. Code of conduct
France: the law requires companies to implement an anti-corruption code of conduct, integrated into the company’s internal regulations. The AFA recommends that policies relating to gifts and invitations, sponsorship, lobbying, management of conflicts of interest, entertainment expenses, side activities and any other procedure deemed relevant be included in or annexed to the code.
The United States: the FCPA Resource Guide states that the most effective codes are clear, concise, and accessible to all employees; the accessibility is ensured, in particular, by making the code available in the local language so that employees in foreign subsidiaries can access and understand it. It is also recommended periodically reviewing and updating the code.
The United Kingdom: there are no direct indications that a code of conduct must be in place. However, the UKBA Guidance emphasises that policies are a necessary measure in the prevention of bribery but they will not achieve this objective unless they are properly implemented.
The World Bank: it is advised that companies draw up a code of conduct or a similar document; a company’s compliance programme should illustrate what constitutes expected good conduct and what is considered to be misconduct.
5. Gifts and hospitality
France: the AFA advises companies to draw up a policy governing gifts and hospitality, which should be incorporated into their codes of conduct. The Agency has also published a detailed guide on this subject.
The United States: the FCPA Resource Guide states that clear guidelines and processes can be effective and efficient means for controlling gift-giving, deterring improper gifts, and protecting corporate assets.
The United Kingdom: the UKBA Guidance recommends that companies should include rules and measures on gifts and hospitality in their procedures.
The World Bank: it is recommended that companies establish procedures covering gifts, hospitality, entertainment, travel or other expenses to ensure that they are reasonable and do not improperly affect the outcome of a business transaction, or otherwise result in an improper advantage.
6. Conflict of interest
France: the AFA advises companies to draw up a policy managing conflicts of interest, which should be incorporated into their code of conduct. The Agency has also developed a detailed guide on this subject.
The United States: as per the guiding documents of the US DOJ, measures designed to prevent and detect conflicts of interest are important elements of a corporate compliance programme.
The United Kingdom: the UKBA Guidance recommends that companies include rules and measures on avoiding conflicts of interest in their procedures.
The World Bank: the WBG Guidelines recognise the importance of the measures that seek to prevent conflicts of interest, especially in relation to dealings with public officials.
7. Facilitation payment
France: facilitation payments, regardless of their frequency or amount, are considered bribery under French law.
The United States: the FCPA has an exception for facilitation payments in certain limited circumstances (to further “routine governmental action”).
The United Kingdom: facilitation payments are illegal under the UK law, irrespective of their frequency or value.
The World Bank: the WBG Guidelines state that companies should not make facilitation payments.
8. Sponsorship and charitable donations
France: the AFA recommends that companies regulate sponsorship operations, particularly in their code of conduct.
The United States: the FCPA Resource Guide recommends that companies implement controls when making charitable donations to prevent charitable giving from being used as a vehicle to conceal corrupt payments.
The United Kingdom: the UKBA Guidance advises companies to establish specific controls for charitable donations and sponsorship activities.
The World Bank: the WBG Guidelines state that all charitable contributions and sponsorships should be publicly disclosed unless secrecy or confidentiality is required under local law.
9. Awareness and training
France: under the law, companies are required to provide training for managers and staff who are most at corruption risk. The AFA’s guidelines define the requirements to this training, and recommend that companies raise awareness of all employees about the established standards and procedures.
The United States: the ECCP Guidance states that training should be appropriately tailored to the audience and materials should be made available in the local language for employees in foreign subsidiaries. The ECCP also states that it is necessary to consider whether employees in control functions or high-risk roles receive training to address relevant risk areas.
The United Kingdom: the UKBA Guidance states that companies should provide appropriate training for staff in implementing anti-bribery policies.
The World Bank: the WBG Guidelines mention the provision of tailored training to employees and potentially also to business partners.
10. Third party due diligence
France: under the law, customers, first-tier suppliers and intermediaries must be assessed with regard to the risk of corruption. The AFA’s guidelines propose a detailed methodology, divided into several stages, illustrated by examples of assessment criteria and vigilance measures that can be taken in risky situations.
The United States: the FCPA Resource Guide recommends conducting thorough third-party assessments. Assessments should be conducted prior to entering into a business relationship and as part of mergers and acquisitions. Monitoring should be done during the business relationship with the riskiest third parties. All assessments should be documented.
The United Kingdom: the UKBA Guidance states that companies should implement risk-based due diligence procedures.
The World Bank: the WBG Guidelines state that companies should conduct properly documented, risk-based due diligence before entering into a relationship with a business partner, and on an ongoing basis during the relationship. Companies also should avoid dealing with business partners known or reasonably suspected to be engaging in misconduct.
11. Mergers and acquisitions
France: the AFA considers mergers and acquisitions transactions as risky situations. It also reminds the French legislative framework concerning administrative, civil and criminal liability for acts of corruption committed by a target, absorbed or acquired company. In addition, the AFA has published a guide on anticorruption due diligence for mergers and acquisitions.
The United States: the FCPA Resource Guide outlines the liabilities that companies take on when they merge with or acquire another company, including liability for corrupt practices committed by the predecessor company. Companies are therefore encouraged to conduct pre-acquisition due diligence and improve compliance programs after mergers and acquisitions. The ECCP Guidance notes that a well-designed compliance programme should include comprehensive due diligence of any acquisition targets, as well as a process for timely and orderly integrations of the acquired entity into the existing compliance programme.
The United Kingdom: the UKBA Guidance refers to mergers of commercial organisations as having particularly important due diligence implications.
The World Bank: not available.
12. Whistleblowing system
France: under the law, companies are required to implement a whistleblowing system for receiving reports about situations that violate the company’s code of conduct. The AFA’s guidelines explain in detail how to proceed when these kinds of reports are received, as well as how the data should be processed and archived.
The United States: companies may set up anonymous hotlines or ombudsmen to receive whistleblowing reports and should have in place a robust process for investigating allegations. The FCPA Resource Guide also emphasises that companies may want to consider taking stock of lessons learned from any reported violations and the outcome of any resulting investigation to update their compliance programme and focus future training on such issues.
The United Kingdom: it is recommended that companies establish a secure, confidential and accessible means for raising concerns about bribery.
The World Bank: the WBG Guidelines state that all personnel should have a duty to report promptly any concerns they may have regarding the compliance programme and that the company should provide confidential channels for the submission of reports, also on an anonymous basis, as well as protection for whistleblowers.
13. Internal investigations
France: the AFA advises companies defining an internal anti-corruption investigation policy by specifying the actors, the process and the follow-up, while respecting the rights of employees who are suspects or witnesses, in particular, the rights of defense and the rights to privacy and personal data protection. The AFA has published a guide with the French National Financial Prosecutor’s Office on this subject.
The United States: the FCPA Resource Guide recommends that companies should take stock of lessons learned from internal investigations to determine whether the issue stems from a problem with their compliance programme, and take remedial action as required. The ECCP Guidance suggests that investigations should be properly scoped by qualified personnel, conducted in a timely manner, and the company should ensure investigation findings are remediated.
The United Kingdom: it is advised that companies investigate high-risk situations.
The World Bank: the WBG Guidelines provide that companies should implement procedures for investigating misconduct and other violations of the compliance programme.
14. Accounting controls
France: under the law, companies must implement internal or external accounting control procedures to ensure that books, records and accounts are not used to conceal corruption or trading in influence. The AFA has released a guide on accounting controls to prevent corruption.
The United States: an entire section of the FCPA Resource Guide is devoted to the accounting control requirements applicable to issuers.
The United Kingdom: the UKBA Guidance states that measures to implement bribery prevention policies may include financial and commercial controls such as adequate bookkeeping, auditing and approval of expenditure.
The World Bank: the WBG Guidelines provide that companies should establish and maintain an effective system of internal controls comprising financial and organizational checks and balances over their financial, accounting, recordkeeping and other business processes. Such internal controls should be subject to regular, independent, internal and external audits.
15. Monitoring and evaluation of compliance programmes
France: in addition to the law, which provides for the implementation of an internal control and evaluation system for anti-corruption measures, the AFA recommends deploying a system on three levels (proper execution of procedures, control plan, audit plan) and formalizing it within a procedure.
The United States: companies are expected to evaluate periodically the effectiveness of the corporate compliance programme and update it as appropriate.
The United Kingdom: the UKBA Guidance recommends that organisations monitor and review bribery prevention procedures. It suggests consideration of periodic reviews and reports for top-level management as well as external verification.
The World Bank: the WBG Guidelines state that companies should conduct regular, independent, internal and external audits to provide an objective assurance on the design, implementation and effectiveness of internal controls, and to bring to light any transactions which contravene the compliance programme.
16. Corrective measures
France: in its guidelines, the AFA suggests that the shortcomings of the compliance programme, observed in particular during internal controls or audits, give rise to the definition of corrective measures, which may be included in action plans. The AFA recommends that these plans be regularly monitored and that the management body be informed of their results.
The United States: companies are encouraged to implement “remedial measures” as necessary, and to adapt these measures to the situation.
The United Kingdom: the UKBA Guidance refers to the need to adapt bribery prevention measures where necessary following monitoring and evaluation. It also refers to the use of staff surveys and feedback from training as a means to inform continuing improvement of anti-bribery policies.
The World Bank: the WBG Guidelines state that companies should take appropriate corrective action following the discovery of misconduct, including modifications to the compliance programme if necessary.
17. Disciplinary rules
France: under the law, companies are required to implement a disciplinary system allowing them to sanction their employees in case of violation of the code of conduct. Detailed recommendations on how to build this system are provided in a dedicated guide issued by the AFA.
The United States: the guidance of the US DOJ indicates that companies should have effective disciplinary procedures that are “commensurate with the violation” and apply to all staff. Companies are also encouraged to introduce incentives and rewards for strict adherence to the company’s compliance programme.
The United Kingdom: the UKBA Guidance stresses disciplinary action as a way of implementing bribery prevention measures as well as communicating disciplinary processes and sanctions for breaches of anti-bribery rules.
The World Bank: the WBG Guidelines state that companies should take appropriate disciplinary measures (including contract termination) with all persons involved in misconduct or other violations.