Preventing the risk of corruption
The French law of 9 December 2016 on transparency, the fight against corruption and the modernisation of the economy, known as the “Sapin II” Law, brought France’s legislative arsenal in line with the best international standards regarding the prevention and elimination of corruption and other ethical breaches. Companies like EDF, having met size and revenue criteria, must to set up an anti-corruption compliance programme comprising eight requirements: a code of conduct included with the internal rules, an internal whistleblowing system, a risk map, third-party evaluation procedures, accounting audit procedures, a training system, a disciplinary mechanism and a control and internal evaluation system for the measures put in place.
In 2017, the Group Ethics and Compliance Division (DECG) and its network of Ethics and Compliance Officer (ECOs) drew up and deployed an anti-corruption programme within the EDF group, in order to meet the eight requirements set out in Article 17 of the Sapin II Law.
Compliance with the Sapin II law requirements
1. The Code of Conduct Ethics and Compliance
In the second half of 2017, EDF published its code of conduct, Ethics and Compliance following social dialogue launched in late 2016, as well as an opinion issued by the Central Works Council (CWS-"Comité central d'entreprise" (CCE) in French) on 1 June 2017, the date on which the law came into force.
In accordance with the law’s requirements and the recommendations of the French Anti-Corruption Agency (AFA) this code of conduct, which is binding on all employees, defines and illustrates, through practical cases, the different types of behaviour employees are likely to face as a result of the Company’s business activities and organisation, and which should be prohibited given that they may constitute acts of corruption or influence peddling. It defines rules for all the themes identified during the risk mapping process: prevention of corruption; integrity checks on business relations; gifts and entertainment; prevention of conflicts of interest; combating fraud; prevention of market abuse; prevention of the risk of money laundering and financing of terrorism; prevention of breaches of antitrust laws; respect for international sanctions and monitoring of international trade.
In order to prevent the risk of corruption and to provide employees with a framework and guidelines for assessing what does and doesn’t constitute misconduct, EDF’s code of conduct identifies, for each of the nine themes mentioned above, appropriate behaviours under a paragraph entitled “we must”, and prohibited behaviours under a paragraph entitled “we must not”. For educational purposes, it also illustrates “high-risk situations” and the “right reflexes” to adopt.
The DECG has strengthened its framework for gifts and entertainment, the rules of which are set out in the code of conduct. In 2017, the DECG published a practical guide for monitoring gifts and entertainment, as well as a support video to assist entities and subsidiaries in deploying this guide within their remit. In 2018, the Company developed and deployed an application (DECI) enabling employees to register any gifts and entertainment received, offered or refused.
The deployment of the Ethics and Compliance code of conduct, distributed to all employees is accompagnied by an awareness programme.
2. Ethics and Compliance Whistleblowing system
In December 2017, the EDF Executive Committee decided to upgrade its system in order to strengthen data security and maintain whistleblowers’ anonymity. It decided to set up a single alert system for all alerts under the Sapin II Law and the law on “duty of care” (“devoir de vigilance”). The DECG is the system’s contact for the Group. This system benefits all Group entities, including subsidiaries that already have an alert system. Subsidiaries in the regulated sector, Enedis and RTE (1), have indicated that they are setting up their own whistleblowing system.
The new system went live on 10 September 2018. The DECG assesses the admissibility of alerts, then handles those deemed admissible together with the Ethics and Compliance Officer and other experts, if required.
The collection of alerts is carried out within a completely secure framework (Sapin II and GDPR compliant), in order to ensure that all employees and third parties can process their data internally and confidentially, with a system that is completely disconnected from the Company’s information systems.
The interface of the Group’s ethics and compliance whistleblowing system is available in several languages (French, English, Italian, Portuguese, Dutch and Mandarin) in France and abroad, and the whistleblower can submit their alert in the language of their choosing. This tool complies with local regulations everywhere the EDF group operates. The external alert system is ISO 27001 certified and has the European Privacy Seal.
The EDF group ethics and compliance whistleblowing system allows Group employees and external staff (temporary workers, service provider employees, etc.) or occasional employees (fixed-term contracts, apprentices, trainees, etc.), as well as third parties, to report actions of which group EDF or its employees are the culprits or victims, in accordance with the “Sapin II” and “Duty of Care” laws.
The admissibility of an alert is assessed with regard to this scope of application and the whistleblower’s relationship with the Company.
Alerts are submitted via a web page of the EDF website. The whistleblowing system is accessible 7 days a week, 24 hours a day, and whistleblowers receive an acknowledgement of receipt, notifying them that their alert is being analysed. Each admissible alert is processed in a secure dedicated tool. Whistleblowers have the option to submit an alert anonymously, as long as the severity of the reported facts is established and the factual elements are provided in precise and sufficient detail, so as to provide evidence for the reality of the reported facts. The Group Ethics and Compliance Division issues a regular report which is submitted to the Executive Committee and presented to the Governance and Corporate Responsibility Committee of the EDF Board of Directors.
3. Risk mapping
In 2016, the Group Ethics and Compliance Division began developing a tool for the ECOs, enabling Group entities and subsidiaries to identify the risks associated with their activities and then view them on a map of ethics and compliance risks. Based on this, the entities draw up action plans appropriate to their operational contexts to prevent and mitigate these risks.
Each year, a specific “corruption” risk map was prepared, which identifies and prioritises, by business sector and country, risks of exposure to corruption.
4. Integrity checks on business relations
Integrity checks on business relations are the subject of a memorandum of instructions which defines the third-party evaluation procedures to be implemented by the Heads of Ethics and Compliance of the entities before any commitment and throughout the course of the relationship. The scope of the checks depends on the third party's risk level. An educational outreach programme on the subject is available on the intranet, which can be accessed by all employees.
Risks of corruption are identified in relation to EDF’s departments and subsidiaries when third parties are assessed by the ECOs and their contacts during integrity checks on business relations.
5. Accounting controls
The control procedures defined in EDF are presented in its supporting guide to the fight against fraud accompanying the memorandum of instructions on the fight against fraud of 18 April 2017. The control procedures defined for the various meet the objective of the “Sapin II” law.
Following a technical analysis between the accounting department and the finance management teams of the operational departments concerned, any anomalies likely to be characterised as fraud are, where applicable, forwarded to the entity’s Ethics and Compliance Officer.
6. Anti-corruption training
The Group Ethics and Compliance Division is developing prevention and training actions and provides deployment tools for all employees. It coordinates a network of professionals in the various entities and has a dedicated forum on the Group intranet. The Group Ethics and Compliance Division has set up a training course on the “Prevention of the Risk of Corruption”, thus meeting the requirements of the “Sapin II” law. It was defined in detail from mid-2016 for managers, and was then deployed in 2017 and 2018 with regard to managers and staff exposed to such risks.
A serious game was developed in 2019 within the group, enabling employees to take the content of the code of conduct on Board in a fun and interactive way, and to assess employees’ understanding of its provisions.
The Group Ethics and Compliance Division has produced awareness-raising videos on the nine subject areas of the Group Ethics & Compliance Policy (PECG) and made them available on the ethics and compliance intranet. The nine subject areas are: insider information; international sanctions; harassment and discrimination; the fight against corruption; the fight against fraud; sector regulations; security of personal data; competition law; and, conflicts of interest. Internal tools have also been developed to raise awareness amongst all employees about conflicts of interest.
The Group Ethics and Compliance Division provides generic face-to-face training to certain risk-exposed staff, such as subsidiaries directors or contract managers, as well as more specific training, such as training provided by its ethics and compliance network on the new whistleblowing system and the way in which alerts are handled. The Ethics and Compliance Officers add to certain training courses through their networks of contacts.
In addition to the Group Ethics and Compliance Division's training initiatives, the Group Legal Division and Group HR Division offer an e-learning module called “Preventing corruption” designed for all employees: this programme deals operationally with the right conduct to adopt in situations involving business relations, conflicts of interest and gifts.
7. The internal control and evaluation system
In order to make sure of the appropriateness and effectiveness of the measures for preventing and detecting any breach of ethics or failure of compliance, in 2016 the Group Ethics and Compliance Division put in place a dashboard enabling entities to evaluate the degree of deployment of each key requirement. The exercise meets the internal control requirements defined by the Group Ethics and Compliance Policy by allowing the implementation of the measures to be controlled, breaches to be identified and corrective measures established. This assessment of the level of control in terms of ethics and compliance has been carried out since 2017 as part of the annual internal control self-assessment initiative led by the Group Risk Division (DRG).
The control system is strengthened by regular internal audits at the entities and subsidiaries, ensuring that the system is continuously improved.
8. Disciplinary sanctions
In accordance with the Sapin II Law, any breach of the rules set out in chapter 3 of the code of conduct, Ethics and Compliance, may expose employees to disciplinary sanctions. A paragraph has been included in the code of conduct to inform employees of the disciplinary sanctions applied.
The sanctions concerned are those set out in Article 6 of the Electricity and Gas Industry agreement (EGI status) and those in the French Labour Code. Depending on the circumstances and situations, the penalty may range from a warning to dismissal.
Conflicts of interests
The Group Ethics and Compliance Policy obliges Group senior executives to implement a system to prevent conflicts of interest and raise employee awareness of hight-risk situations, provide a system for employees to declare their links to bodies in which they have a personal interest (elective mandates, corporate mandates, etc.), and an obligation to withdraw from an activity in the event of a potential conflict of interest.
The Group Ethics and Compliance Division has developed internal tools to raise awareness amongst all employees about conflicts of interest and a chapter of the code of conduct, Ethics and Compliance is devoted to the matter, in order to identify high-risk situations, reflexes to adopt and good practices.
Fighting against fraud
The fight against fraud has been a major concern since the end of 2010, when a “zero tolerance” policy was introduced. Within the framework of the internal control system, managers have drawn up and adopted anti-fraud measures locally.
The Group’s Ethics & Compliance Policy has strengthened its anti-fraud mechanisms. In mid-2017, following approval by the Group’s Executive Committee, a memorandum of instructions was distributed to senior executives. It sets out a definition of fraud at Group level and sets out the applicable requirements for preventing, detecting and handling suspected fraud. It is supplemented by an operational support guide entitled “Combating fraud”, the aim of which is to explain to managers and the entity Ethics and Compliance Officer, the main checks to be carried out in order to contribute to keeping the risk of fraud under control. This guide will be updated regularly. Finally, an awareness-raising video on the subject is available on the intranet, which can be accessed by all employees.
In a general sense, the EDF group complies with applicable international agreements, does not seek or attempt to obtain information or decisions in a dishonest manner, makes sure that it does not mislead or deceive stakeholders, decision-makers or public authorities, and ensures that the information it provides is honest, up-to-date and comprehensive.
In France, EDF is an interest representative within the meaning of Articles 25 et seq. of the Sapin II law (Articles 18 et seq.). In this respect, EDF is registered on the list of interest representatives maintained by the High Authority for transparency in public life - HATVP. The network managers RTE, Enedis and Dalkia are also registered.
The list of persons in charge of an interest representation identified in the register will be updated regularly.
Pursuant to this same law, in March 2018 EDF sent HATVP, its first declaration, relating to interest representation actions carried out between 1 July and 31 December 2017. As provided for by law, the declaration covers actions taken by the Company aimed at influencing a public decision, with national public officials identified by the legislator. By 31 March 2019, EDF and the registered subsidiaries will send HATVP their annual declaration on interest representation actions carried out during the year.
Non-financing of political parties
The EDF group complies with the laws and regulations in force concerning the financing of political parties. Such financing may take place only in countries that allow it, and only with due regard to the principle of neutrality. In accordance with the legislation in force in France, EDF makes no payments to political parties. The Group’s Italian and UK subsidiaries have written directly into their codes of conduct the prohibition of financing political parties. In Belgium, EDF Luminus has made no contribution to political parties. No payments were made in Latin America or Asia. In countries where it is allowed (such as the United States), EDF group companies may determine whether they wish to provide financial support. Every year, the Group companies concerned must report any financing to their parent company (statement of beneficiaries and relevant amounts).