Home //Blog //Anticorruption //Risk mapping: the end of a painful task?
Credits : Pressfoto, Freepik

The French Anticorruption Agency’s recommendations

Have you heard about the French Anticorruption Agency (AFA) is a national department under the joint authority of the Minister of Justice and the Minister of Finance. Its mission is to prevent, control and issue sanctions in the fight against corruption.

The AFA published recommendations aimed at helping public and private companies prevent and detect acts of corruption, influence peddling, corruption, wrongful appropriation, misuse of public money, and favoritism.

Let’s start with a quick look at those recommendations. Why ? Because they are intended to be both an advisory tool and an analytical grid in the event of an audit. They should be seen as “an instruction manual for the law”.

These recommendations are one of the building blocks in France’s anti-corruption arsenal. They do not create legal obligations. They are not binding. You are therefore free to adopt them or not.

However, if you choose to comply with them, you will benefit from a simple presumption of conformity. This means that it is up to the French authority to demonstrate, in the event of an inspection, that its recommendations have not been applied effectively, correctly and/or completely.

Conversely, this means that if you choose to apply methods other than those recommended by the authority, you will have to demonstrate that you meet the requirements of the Sapin 2 law.

These recommendations are based on “3 inseparable pillars”.

1. Commitment of the top management

In other words, the management team must demonstrate “exemplary personal behavior” and a personal commitment to promoting the anti-corruption system.

It’s worth noting here the increasingly important role of the management body.

Their commitment is the cornerstone of any anti-corruption system. Why? Quite simply because if you don’t have a sponsor at the highest level of the organization, if you don’t manage to get the top management on board, your anti-corruption system is doomed to failure… You won’t have the means (human or financial), and it will be difficult for you to convey a true culture of compliance within your organization.

2. Risk awareness

Once you’ve got the top management on board, you need to draw up a precise and comprehensive map of the risks associated with corruption. Why do you need to do this? Because every organization is different and has its own risks. So it’s important to identify them, understand them and control them.

Risk mapping is the fundamental and central element of the anti-corruption process.

The French authority even calls it a “cornerstone”, and insists that risk mapping must be systemic. It must be tailor-made BY and FOR each organization; standardization must be avoided at all costs.

3. Risk management

This involves setting up a compliance system to prevent, detect and control risks. The monitoring and evaluation of compliance systems are also important, but we’ll deal with them later.

Focus on the 2nd pillar: risk awareness

As you can see, risk mapping is definitely at the heart of the anti-corruption measures required by the Sapin 2 law.

The end of a laborious exercise

Data Legal Drive can help you map out your risks: with our Anticorruption software, you can turn a laborious exercise into a simple, collaborative activity. You’ll no longer need to spend weeks sending Excel spreadsheets to your teams – everything can be managed from our Risk Mapping module!

Discover our software

A basic heat map?

Who can be content with a huge Excel file, a static point cloud on a three-color heatmap? With a PDF report that’s ultimately very difficult to use?

At Data Legal Drive, we’ve developed a dynamic analysis tool to extract the full value from the detailed data collected during the process.

With DLD Risk Mapping module, you can :

  • Take full account of the french authority’s recommendations on mapping corruption risks
  • Make the most of the information gathered during interviews and workshops
  • Turn your mapping into an effective tool
  • Set up a collaborative action plan, a risk management system and associated controls in just a few clicks
  • Simply put: better control your risks!

Risk mapping doesn’t have to be a tedious annual exercise. You can distill it into your daily routine, dealing with one process at a time, entering and dealing with risks as they arise.

A dynamic risk map!

And because risks are not static (they can evolve in frequency or severity), the process of identifying, understanding and assessing them needs to be repeated regularly. So it’s essential to keep your risk map up to date, and to monitor the implementation of your action plan.

It is therefore preferable to have a dynamic tool, which will enable you to bring your risk mapping to life on a daily basis.

Read More