Compliance & Regulatory

In order to strengthen the protection of whistleblowers and prevent the risks of retaliation measures within their company, Law No. 2016-1691 of December 9, 2016 on transparency, the fight against corruption and the modernization of economic life requires companies with more than 50 employees to set up an internal whistleblowing system.

Law No. 2022-401 of March 21, 2022 designed to improve the protection of whistleblowers requires companies to update their internal whistleblowing system.

Over the years, risk management has become a major issue for companies. For decades, they have been faced with an increased criminalization of their activities and an explosion of new and increasingly complex regulations in a wide variety of fields such as the protection of personal data and respect for the environment.

This regulatory hell is paved with good intentions. The rule of law must guarantee a free competition environment where the dices are not loaded and where corruption has no place.

The OECD Working Group on the Implementation of the OECD Convention on Combating Bribery of Foreign Public Officials in International Business Transactions adopted the France Phase 4 report on December 9, 2021.

This is an opportunity to recall the origin of this Convention before briefly presenting the good and bad marks distributed by the monitoring team in charge of assessing France’s progress in the fight against foreign bribery and underlining its key role in the defense of the values of the civilized world.

Law No. 2016-1691 on transparency, the fight against corruption and the modernization of the economy of December 9, 2016, commonly referred to as the “Sapin II Law”, has provided France with innovative tools inter alia to detect, prevent and punish corruption and breaches of probity.

The reinforcement of the legal arsenal to better fight corruption is one of the major pillars of this Law, and the risks associated to breaches of compliance rules can prove to be a deterrent for buyers in the context of M&A transactions.

The French Data Protection Authority imposed on AG2R LA MONDIALE a 1.75 million euros fine for failing to comply with the obligations under the General Data Protection Regulation regarding data retention periods and information to be provided to individuals.

Two breaches were mainly highlighted: an excessive retention period for personal data and a lack of information provided to people during telemarketing calls by subcontractors.

As people’s awareness of global warming is growing and the struggle to preserve the environment and biodiversity is intensifying, the French Minister of Justice has adopted a circular setting out the principles and objectives to be pursued in the prevention and punishment of environmental crimes.