Aug. 19, 2019
Par sa recommandation du 30 juillet 2019 sur les programmes de Compliance concernant l'exportation des "biens à double usage", la Commission européenne compense l'effet négatif d'un Droit de la Compliance à la fois extraterritorial et pourtant non global
Aug. 18, 2019
Aug. 14, 2019
probationary lesson of the decision of 4 July 2019 of the Sanctions Commission of the French Anti-Corruption Agency: the President of the Agency, a prosecuting body only bears the burden of allegation and the company must prove the execution of its Compliance obligation, presumed if it complies with the recommendations of the Agency
Compliance Law, like Regulatory Law, of which it is an extension, is an Ex Ante Law.
It translates into a set of obligations that companies must perform to ensure that harmful behavior does not occur, such as bribery, money laundering, pollution, etc.
This results in "structural" obligations, such as the establishment of a risk map, a third-party vigilance system, internal controls, the adoption of codes.
The practical question that arises is whether to punish a company, it is necessary but it is sufficient that the company has not adopted these structural measures, or if it is also necessary that within it or through the persons whom it must be accountable (through the corporate officers and the employees, but also the suppliers, the sub-contractors, the financed operators, etc.) there were behaviors that Compliance Law prohibits, for example corruption, money laundering, pollution, safety-related accident, etc.
The question is probative. Its practical stake is considerable.
Because to obtain the conviction the prosecuting authority will have to demonstrate not only a failure in the structural device but also a behavioral failure.
Si l'on considère que le Droit de la Compliance est à la fois sur l'Ex Ante et sur l'Ex Post, alors l'autorité de poursuite qui requiert une sanction doit démontrer qu'il y a un comportement reprochable (Ex Post) et qu'à cela correspond une défaillance structurelle (par exemple le compte bancaire anormal n'a pas été signalé) ; si l'on considère que le Droit de la Compliance est purement en Ex Ante, alors même s'il n'y a pas de comportement reprochable en Ex Post, la seule défaillance structurelle suffit pour que l'entreprise qui doit l'organiser en son sein soit sanctionné.
If we consider that Compliance Law is both on the Ex Ante and the Ex Post, then the prosecuting authority that requires a sanction must show that there is a reprehensible behavior (Ex Post ) and that this corresponds to a structural failure (for example the abnormal bank account has not been reported); if we consider that Compliance Law is purely Ex Ante, then even if there is no reprehensible behavior in Ex Post, the only structural failure is enough for the company to be sanctioned, even if it does its best efforts, even if no prohibited behavior will have accured in Ex Post.
The second system, which is much more repressive and places a considerable burden on companies, even if there is no proven illicit behavior, is that of French Law, probably because of a tendency towards Ex Ante organization. ..
Mais il faut garder mesure. Et cette mesure est probatoire.
But we must keep measure. And this measure is probative.
This is what the Commission des Sanctions of the Agence Française Anticorruption -AFA (French Anti-Corruption Agency's Sanctions Committee) has just said, in its decision of 4 July 2019, SAS S. et Madame C.,(written in French) contradicting the position of its director, who acted as the prosecuting authority. This is yet another general proof of the autonomy of the Sanctions Committee vis-à-vis to the Administrative Authority of which it is a part, and in relation to its director, who nevertheless governs it. But, jurisdictional model obliges, he has here the status of prosecuting authority, is subject to the regime of this one and not to the regime of head of the entity. Demonstration of the "functional autonomy" of the sanctioning bodies within the administrative regulatory and compliance authorities.
Indeed, this important decision expresses with precision and reason the distribution of the "burden of the allegation" and the "burden of proof" on the prosecuting body and on the company pursued, as well as the role of presumption that the recommendations issued by the French Anti-corruption Authority can play.
Read the analysis below.
Aug. 7, 2019
Aug. 5, 2019
Aug. 5, 2019
July 30, 2019
By its "Fashion ID" judgment of July 29, 2019, the Court of Justice of the European Union makes an obligation of co-compliance to the site which inserts an active emoticon Facebook: the intermingling of Compliance is reinforced by "the right to know "of the digital user
Europe is definitely the zone of the world in which the protection of persons is thought.
Elle le fait par des textes, dont le très fameux Réglement adopté en 2016 relative à la protection des personnes physiques à l'égard du traitement à caractère personnel et à la libre circulation de ces données, dit "RGPD", recopié par exemple en Californie par la loi du 12 juillet 2018, par des initiatives nationales, comme la prochaine loi française contre les discours de haine dans l'espace numérique, par de nombreuses études et rapports - le droit souple étant aussi importante que le Droit pénal en Droit de la Compliance, mais encore par des décisions de justice.
Europe does this by texts, including the very famous Regulation adopted in 2016 relating to the treatment of personal data for their free circulation and the protection of peope concerned by them ( known as General Data Protection Regulation - GDPR ), copied for example in California by the Act of 12 July 2018, by national initiatives, such as the next French law against hate speech in the digital space, by numerous studies and reports - Soft Law being as important as Criminal Law in Law of Compliance system -, but also by court decisions.
Indeed, judicial decisions were at the origin of the movement of the person protection, with the creation of a "right to be forgotten" by the 2014 Google Spain decision of the Court of Justice of the European Union.
The judgment of the CJEU on 29 July 2019, Fashion ID, is just as important. Like the previous one, it clearly settles an essential question: who must police consents in the digital space?
And the answer is: all the digital players who benefit from it.
As a result, there is an "intermesh" (on this notion which is the future of Compliance Law in the digital world, see Frison-Roche, M.-A., The contribution of Compliance Law in the Governance of Internet, 2019 ).
See below the analysis of the judgment.
Updated: July 15, 2019 (Initial publication: April 30, 2019)
Reference : Frison-Roche, M.-A., L'apport du Droit de la Compliance dans la Gouvernance d'Internet (The contribution of Compliance Law to the Internet Governance), Report asked by the French Government, published the 15th July 2019, 139 pages ; report fully translated in English in September 2019.
Report Summary. Governing the Internet? Compliance Law can help.
Compliance Law is for the Policy Maker to aim for global goals that they requires to be achieved by companies in a position to do so. In the digital space built on the sole principle of Liberty, the Politics must insert a second principle: the Person. The respect of this One, in balance with the Freedom, can be required by the Policy Maker via Compliance Law, which internalises this specific pretention in the digital companies. Liberalism and Humanism become the two pillars of Internet Governance.
The humanism of European Compliance Law then enriches US Compliance law. The crucial digital operators thus forced, like Facebook, YouTube, Google, etc., must then exercise powers only to better achieve these goals to protect persons (against hatred, inadequate exploitation of data, terrorism, violation of intellectual property, etc.). They must guarantee the rights of individuals, including intellectual property rights. To do this, they must be recognized as "second level regulators", supervised by Public Authorities.
This governance of the Internet by Compliance Law is ongoing. By the European Banking Union. By green finance. By the GDPR. We must force the line and give unity and simplicity that are still lacking, by infusing a political dimension to Compliance: the Person. The European Court of Justice has always done it. The European Commission through its DG Connect is ready.
Plan of the Report (4 chapters): an ascertainement of the digitization of the world (1), the challenge of civilization that this constitutes (2), the relations of Compliance mechanisms as it should be conceived between Europe and the United States, not to mention that the world is not limited to them, with the concrete solutions that result from this (3) and concrete practical solutions to better organize an effective digital governance, inspired by what is particularly in the banking sector, and continuing what has already been done in Europe in the digital field, which has already made it exemplary and what it must continue, France can be force of proposal by the example (4).
Read the interview published the 18 July 2019 : "Gouvernance d'Internet : un enjeu de civilisation" (in French, "Gouverning Internet: an Issue of Civilization")
Read below the 55 propositions that conclude the Report.