Since December 9, 2016, companies subject to Article 17 of the so-called Sapin II law have been required to implement a corruption prevention and detection system, one of the pillars of which is the assessment of third parties.

This summer, the AFA (French Anti-Corruption Agency) published for consultation its draft practical information sheets on the evaluation of third parties, partly because many players subject to the law are behind schedule when it comes to implementing this measure, which is considered complex, but also because it requires the allocation of human and financial resources.

So let's take a step back and look at the three major benefits that we believe merit this allocation of resources. What will third-party assessment bring to the company and its management?

 

benefits third-party valuation

More peace of mind

In the same way as cyber risk, corruption risk is a major risk from which your company must be protected in order to preserve it for the long term. To be convinced of this, you need to measure the devastating impact of a corruption case on the company's value and reputation, and in turn, on its employability and business.

It's only by looking at each third party that the company will really know the risk it's taking in working with a given intermediary, customer or supplier. Knowing your third parties as closely as possible means - over and above the pillars of a code of conduct and staff training - taking the measures appropriate to the scale of the risk identified.

By setting up an internal third-party assessment system, managers can limit both the risk of one day being publicly exposed for corruption, and the risk of a structural and impacting adjustment following an AFA audit. No shareholder wants to see his or her investments collapse one day as a result of a proven case of corruption. The manager will be all the more responsible if he or she has not taken the steps recommended by the regulations to avoid such a situation. Such a system does not totally exclude the risk, but it does provide the manager with much greater peace of mind in the knowledge that the risk has been assessed and controlled through appropriate measures.

 

contract

Proof of integrity

Although business ethics are widely promoted by companies in their corporate communications, and even if they are reflected in the company's values, it's not easy to prove to the market that these ethical values are applied in practice.

However, when you ask each line manager responsible for the relationship with each third party qualified as "at risk" to carry out due diligence following a precise evaluation procedure in line with the AFA recommendations, you are demonstrating, as a manager, your desire to have a company with integrity by investing in the last metre, i.e. the relationship with the third party.

In fact, it is reassuring to read, in the latest national diagnosis of anti-corruption measures in companies published by the AFA at the end of 2024, that the second most important reason for companies to implement anti-corruption measures is, after the regulatory obligation (84%), to be in line with their organization's values (78%).

Involving employees and third parties in a qualitative approach to making the economy virtuous is a courageous and visible cause. The best proof of a company's contribution to this noble cause is to provide the market with an annual report on the actions it has taken to evaluate third parties.

 

Business

Implementing a comprehensive anti-corruption policy will help you meet the expectations of your stakeholders. Whether it's your biggest customers who regularly question their suppliers, or financial players who are increasingly including your CSR commitment in their analyses.

This requirement is becoming increasingly important when inviting tenders from both the private and public sectors, with major corporations and public sector players increasingly taking the lead in integrating sustainability into their choice of service providers, and in particular in the fight against corruption or economic dependence for good corporate governance.

If you don't take your third-party assessment seriously, you run the risk of being excluded from new markets or, worse still, of losing a major customer. In this sense, compliance also serves the company's commercial interests and development objectives.

 

third parties,suppliers,customer

So when should you start?

Today, the digitization of due diligence processes means that fewer resources need to be allocated. Digital solutions are increasingly user-friendly, as they have already been tried and tested by many of the world's leading companies. What's more, these tools facilitate compliance, with workflows that guide the user step by step.

It is therefore becoming increasingly difficult for managers to justify not having set up a system for assessing third parties and measuring and remedying risks, almost 10 years after the Sapin 2 law was passed. Rather than being obliged to do so, it is in their own interest to do so, in order to gain peace of mind, demonstrate their commitment to ethical business practices to the market, and achieve their growth objectives.