Since the entry into force of the Sapin II law, companies with consolidated or unincorporated turnover of more than 100 million euros, employing at least 500 employees directly or indirectly through a group whose workforce exceeds 500 employees and whose mother house is headquartered in France, have the obligation to set up a system for preventing and detecting corruption through the design and implementation internally of an anti-corruption compliance program, effective and adapted to their operational realities. This program, re-evaluated and regularly updated, must include the introduction of an ethical alert system. This obligation is applicable since 1 January 2018.
Legal and regulatory study by Taj and the Deloitte Legal network country by country before the implementation of the chosen solution (Software as a Service or On Premise) for the alert system.
Data Privacy Impact Assessment at the level of the organization in France that determines the purposes and means of the device for the definition of its functional and technical specifications.
Realization of the prerequisites before the launching of the process
Legal documentation with the various entities and for the cross-border transfer of personal data (eg: internal company rules, standard contractual clauses).
Assistance from the Deloitte Legal network for the procedures equivalent to the CNIL Compliance Commitment, to be achieved in countries outside France (country to be defined according to the legal and regulatory study).
Assistance, if necessary, to the staff in charge of the CNIL Compliance Commitment and exchanges with the CNIL.
Support for providing legal expertise to the organization's Data Protection Officer.
Integration of the process in the internal group rules (development of alert procedures, data processing, etc.) and creation of an ethics committee.
Support of local teams in setting up and operating the system (coordination/installation of the reporting tool, commissioning of the system, possible training).