Applying the Sapin II plan to public-sector players: a process that is still incomplete

With the law of December 9, 2016 on transparency, the fight against corruption and the modernization of economic life, known as “Sapin II”, the legislator has defined a strong anti-corruption benchmark, inspired by international standards. This law also created the French Anti-Corruption Agency (AFA), which has been entrusted with the task of monitoring and advising public bodies in particular.

In 2019, AFA opened 36 inspections, 16 of which concerned public bodies.

We will begin by attempting to characterize the phenomenon of corruption in France, before examining the preventive measures advocated by the AFA, as well as their effective implementation by local public players.

Some figures on corruption in France

The term “corruption” in its general sense is commonly used to refer to various forms of bribery (corruption, influence peddling, illegal interest-taking, pantouflage, misappropriation of public funds, favoritism and concussion), but it should be noted that there is a legal term that covers all these offences, known as “offences against probity”.

Breaches of probity are not peculiar to the current period, they have no doubt always existed, but the current period is characterized by the fact that society is coming to terms with them less and less, and as citizens’ demands have grown: in 2018, public prosecutors dealt with 823 cases involving these offenses, which constitutes an increase of 24. 5% on 2013. Corruption accounts for the bulk of convictions, with 45.8% of cases.

Below is a breakdown of probity convictions in 2018:

Alongside the measurement of sanctions, which in itself shows the importance of the corruptive phenomenon, there is a measure of the public’s perception of corruption: since 1999, the European Commission has been compiling a “Corruption Perception Index”. Eurobarometer, at regular intervals, the latest vintage being 2019which measures the degree to which European citizens perceive corruption. Data by country provide a European perspective.

We now turn to the AFA’s framework for preventing corruption in the public sector.

Corruption prevention guidelines

This framework is made up of a number of elements, which we will briefly describe below.

1. Commitment by the governing body to implementing an anti-corruption system
   This is a fairly general recommendation, but it is important because it marks the commitment of senior executives to a zero-tolerance policy and to preventing breaches of probity. This commitment is not only “political” in nature, but also materializes in the allocation of resources, the definition of an objective and a timetable for achievement. This is the starting point.
2. Adoption of a code of conduct
   Mapping corruption risks involves identifying, assessing and prioritizing the corruption risks inherent in the organization’s skills, activities and processes, with a view to controlling them.
   In concrete terms, this means :
   – identify and describe in detail all the processes implemented by the organization;
   – define precisely, in each identified process, the roles and responsibilities of each player, whether a public servant, an employee under public or private law, or an elected representative;
   – provide for appropriate decision-making and internal control procedures for operations deemed to be high-risk. Risk mapping is a prerequisite.
3. 
   
   Adopting a code of conduct

   
   As the name suggests, this is a “code”. It is therefore not to be confused with ethical charters, guides, guidelines, best practices or guidelines, all of which are collections of principles. The code, on the other hand, contains enforceable rules, non-compliance with which is liable to disciplinary sanctions and even criminal prosecution. It must not be limited to a reminder of the ethical principles of public action, but must be adapted to the risks identified during the risk mapping process (discussed above).

4. Internal whistle-blowing system
   The internal whistle-blowing system is designed to alert senior management to behaviour, or the risk of behaviour, that is contrary to the highest ethical standards. Inspired by the Anglo-Saxon “wistleblower”, this reporting mechanism is now codified in the Sapin II law (articles 6 to 8), and is very much surrounded by European law (see European directives) such as the rights defender. For example, this system will have to guarantee the protection of whistle-blowers – provided the conditions are met – as well as the secrecy surrounding them.
5. Third-party assessment procedure
   Third-party assessment procedures are designed to ensure the “reputability” of people with whom the organization has a business or non-business relationship (for example, an association receiving a municipal grant). The assessment of third parties takes the form of a search for information, based on risk mapping, in order to evaluate the specific risk induced by this relationship. So, when an organization has protected itself from the risk of corruption by adopting, or even adapting, internal procedures, it is also protecting itself from the risk of corruption induced by a third party.
6. Internal control and evaluation systems
   Control is the counterpart to the freedom given to each public servant to carry out his or her mission. It is because he is relatively free to deal with his files – within the framework of the procedures laid down and the authority delegated to him – that control is important.
   These may include, for example, accounting control procedures (on-the-spot or documentary verification), post-file verifications or random checks. These controls are intended to cover all activities that may give rise to probity risks, both internally and in relations with organizations and third parties.
7. Corruption risk training system
   Risk mapping is also a useful tool when drawing up an anti-corruption plan, as it enables us to identify the people occupying the positions and mandates most exposed to the risk of misconduct, and therefore to give them priority for training.
   However, these training courses should gradually be extended to all staff in the form of awareness-raising sessions, as probity is above all a question of individual behavior. It is therefore important to raise the level of knowledge and awareness among agents and elected representatives alike.
   Now that the AFA’s recommendations are clearer, the question is: how have public players implemented these guidelines?

Setting up the prevention framework by public players

The AFA’s 2019 annual activity report paints a rather pessimistic picture of the public sector’s commitment to anti-corruption, and speaks of “rather low maturity” on their part. However, this is just one of the lessons learned from the few controls that have been carried out.

Prevention and detection measures and procedures are described as “scattered and incomplete”, and are not based on risk mapping.

Legal obligations in terms of ethics are unevenly applied, and risk management is underdeveloped: very few risk maps or codes of conduct have been set up by public-sector players.

To go into more detail, we can examine

The analysis report on this survey describes prevention measures as little-known and poorly deployed.

The main survey data are summarized in the following table:

Only 7.3% of local public bodies have an anti-corruption plan, and – as the report points out in the text – even if such a plan exists, not all the components contained in the Sapin II law have been deployed.

One of the data from this AFA survey that may lead us to wonder is the assessment of local public sector agents’ knowledge of offences against probity.

In fact, only 27.6% of survey respondents said they could define 3 breaches of probity. So, even if most officials seem to be able to define corruption, the other offences against probity are not yet uniformly known.

Lack of knowledge on these issues seems to be an obstacle to the effectiveness of an anti-corruption plan: a whistleblower can only denounce a fact that he knows to be an offence, and management bodies can only get involved in preventing corruption by knowing about offences and their qualifications.

It is also interesting to note (as does the survey analysis report) that 71.2% of entities with no anti-corruption plan or measures justified themselves by qualifying the risk as low or under control. Yet, surprising as it may be, only 1 .7% of entities have carried out risk mapping. Under these conditions, to assert that the risk of corruption is low without even researching it is unfounded.

The usefulness of risk mapping is demonstrated by the fact that 58.2% of entities that have carried out risk mapping have strengthened their internal controls as a result.

It seems that public players have an unexplained and unfounded confidence in the integrity of agents and elected representatives. An anti-corruption plan would be a pointless exercise, whereas respect for the principles of ethics and probity is a guarantee of the proper allocation of public funds and the smooth running of the administration. A solid anti-corruption plan will also enable agents to avoid the criminal and disciplinary risks that punish breaches of probity.

It should be noted, however, that there are a number of other obligations aimed at preventing breaches of probity, which are in line with the Sapin 2 law and the AFA’s recommendations. So it was not easy for local authorities to understand how best to draw up an anti-corruption plan.