Risk mapping solves compliance challenges of Sapin II and Devoir de Vigilance

With two new laws entering into force in France, Sapin II and Devoir de Vigilance, companies face substantial compliance challenges from new legal frameworks on corruption and due diligence requirements on sustainability issues.

Having studied the new laws, we believe the good news is that both pieces of legislation have a great deal in common and overlapping requirements will present opportunities for companies to adopt an integrated compliance approach.

Sapin II requires French businesses to implement a wide-ranging anti-corruption compliance programme, while Devoir de Vigilance (or ‘duty of care’) mandates large French companies to implement a due diligence plan to manage human rights and environmental risks in direct operations and supply chains.

Both pieces of legislation include requirements on risk mapping; procedures to evaluate third parties; whistleblowing programme/system of alerts; and a monitoring scheme.

It is vitally important for companies to adopt the correct approach to each of these from the outset. We have developed an approach to risk mapping that will help French companies and their subsidiaries comply with this key requirement. The solution utilises a traditional matrix-based approach using graphical visualisations and maps, which assess risks to business across three key areas:

  • The inherent risks the businesses are exposed to due to their operating locations and supply chain footprints – we assess these using our proprietary collection of 150 risk indices covering 198 countries.
  • The actual or potential impact of the risk using business specific information (e.g. number of employees or turnover in each operating location, type of industry or activity, use of third parties, etc.)
  • The ability of businesses to handle the risks they are exposed to, or ‘risk management proficiency’

Helping companies adopt such an approach means we can provide them with an overarching view of their risk, pinpoint key hotspots across the organisation and the global supply chain, and help prioritise mitigation activities.

Sapin II enters into force on 1st June 2017, while the ‘duty of care’ bill is widely expected to be enacted in 2017.

Contact us to discuss how we are helping multinational corporations comply.