Highlights of compliance issues for US Companies operating in Europe by Emmanuel DUPIC
Since 70’s, US companies ensure anticorruption compliance programs and export control rules in their daily activities.
Operating in Europe and France, Us companies must abide others specific compliance fields:
·???????? The European General Data Protection Regulation Directive known as GDPR (May, 25, 2018: specific rules in the European Union that regulates how personal data of EU residents is processed by organizations, regardless of the organization's location. It is considered as one of the strictest privacy laws in the world.
·???????? The Corporate Sustainability Due Diligence Directive (April, 24, 2024): Duty of Vigilance on protection of human rights, the health and safety of individuals and the environment. The rule aims to ensure companies operating in the EU market act responsibly throughout their global value chain
·???????? The EU Whistleblowing Directive (October 23, 2019) on the protection of persons who report breaches of Union law : compare to Us internal alert system, shorter delay to ensure answer to whistleblower and leading the internal? investigation
领英推荐
·???????? The EU Regulation on Artificial Intelligence known as AI Act (May 21, 2024). First world regulation to protect fundamental rights when using AI systems like privacy and non-discrimination. The AI Act classifies AI applications into different risk categories depending on unacceptable risk, high risk and limited risk
?·???????? In France, the Anti-Corruption obligations set forth by the French law known as Sapin II Act (December 9th, 2016) : compare to the US FCPA, a more preventive approach based on an administrative control by the French Anticorruption Authority (AFA)
?This challenge implies a very high understanding of these Europeans rules to handle all compliance issues and ensuring a good governance for businesses conducted within Europe:
????????????? Identify the major risks US organization may face with a risk mapping;
????????????? Collect information on identified risks and evaluate them in terms of impact and probability;
????????????? Identify the mitigation measures in place and the action plans to implement in order to continuously improve.
Compliance and M&A Executive Counsel | Author & Speaker@GRC conferences
6 个月Tout à fait exact! Je rajouterais aussi : le nouveau pacquet AML juste adopté par le Conseil (applicable en fonction du profil de la société dès 2027), la Directive NIS 2( Network and Information Security ) et la CSRD applicable dès FY 2024 si la sociéte remplit les critères définis dont celui d'être cotée sur un marché reglementé européen.