New Articles

EU Compliance Developments That Parent Companies Should Tackle in 2023

score diversity cultural employee compliance global trade risk

EU Compliance Developments That Parent Companies Should Tackle in 2023

Foreign parent companies, including US parent companies, are increasingly subject to extraterritorial legislations and are likely to face new compliance challenges coming from the European Union in 2023. Similarly, US subsidiaries of French groups should beware of both the applicable US rules and French compliance framework that they are subject to. Compliance regulations have exploded this year with 11 successive waves of EU sanctions issued against Russia. The French Anticorruption Agency (the “AFA”) has issued several publications which clarify the position of the French administration. We could not explain all these new major developments in this short article, but have selected three important topics which we dive into below.

I) The need to update the anti-corruption investigation procedures for companies owned by a French parent company

Who is concerned? Since December 2016,  French Sapin II[1] law makes internal anti-corruption compliance procedures mandatory for French companies with 500 employees and consolidated sales in excess of €100 million. This includes foreign and French subsidiaries when their head office is located in France with consolidated annual sales of more than 100 million euros.

Authorities may take serious civil, criminal and administrative sanctions both against the company and  individuals (legal representatives and directors) who are noncompliant with the Sapin II Law and/or with the French Criminal Code regarding active or passive corruption and influence peddling.

What is new? Internal measures and strong compliance procedures have been in force since June 2017. Companies can rely on the guidelines from the French Anti-Corruption Agency (AFA) to implement the required anti-corruption measures which, since 2021 are based on the following three pillars:

  • The commitment of the management body to compliance. The choice of executives’ commitment as the first pillar reflects the AFA’s emphasis that the implementation of the compliance program is the responsibility of its leaders.
  • Precise risk mapping for the group. Providing detailed information of the risks to which the group entities in each country are exposed to for each type of business activity; and
  • the management of these risksby means of prevention, detection and remediation measures and the issuance of adapted compliance procedures such as the Code of Conduct.

The French Anticorruption Agency (the “AFA”) and the French National Financial Prosecutor’s Office (the “PNF”) collaborated to publish on 14 March, 2023 a guide relating to internal anti-corruption investigations. The guide aims to support companies in implementing their relevant internal investigations and to assess facts that shall trigger investigations. The goal of these authorities is to encourage companies to fully cooperate and to report non-compliant facts. Like in the USA, the French authorities are also placing cooperation from companies at the heart of their new criminal policy.

II) The need to conduct corporate sustainability due diligence: The French and EU duty of care (“devoir de vigilance”)

Foreign companies can be caught under French law for breaches of the duty of care provided by the “Law on the duty of care of parent companies and ordering companies”[2]. Indeed, the French duty of care is binding on companies employing (i) at least 5,000 employees in their own organization and in subsidiaries with head offices located in France, or (ii) having at least 10,000 employees in their own organization and in subsidiaries with head offices located in France or abroad.

Foreign parent companies which meet these criteria shall be required to implement a corporate sustainability due diligence plan which complies with five pillars provided by French Law[3], including risk mapping and relevant implementation procedures. Non-compliance with these rules can lead to a court order to put in place an efficient due diligence plan, but more importantly, compensation for the damage caused as a result of the lack of an adequate due diligence plan and reputational damage.

A number of companies have already been subject to formal notice on this basis in France for various reasons, including: (i) Total for climate objectives insufficient to meet the objectives of the Paris Agreement” in relation to business activities in Russia where sanctions are imposed and its oil project in Uganda; (ii) Truck transport and logistics multinational XPO Logistics Europe (a subsidiary of the American group XPO Logistics) concerning workers’ rights in the truck transport multinational’s subcontracting chain, and (iii) McDonald’s France concerning workers’ rights in Brazil and France.

No doubt future litigation will shape this particular area of law. Big companies should therefore carefully draft their corporate sustainability due diligence plan since they can be held liable on this basis.

In the European Union, only France and Germany have adopted laws on duty of care. However,  duty of care should be implemented at the EU level in the following months, once adopted by the EU Council.  Indeed, on 1st June 2023, the European Parliament adopted a proposal for a Directive on corporate sustainability due diligence which aims to establish harmonized European legislation on the duty of care, in an effort to improve corporate respect for human rights and to strengthen environmental protection.

This EU duty of care will target more companies than the French one with decreased thresholds of applicability, i.e. (i) European companies employing more than 250 people on average and generating more than 40,000,000 euros in sales or (ii) companies that are the ultimate parent company of a group that employed 500 persons and generates more than 150,000,000 euros in sales worldwide during the last financial year.

 Thus, contrary to French law, the EU duty of care should also apply to big SMEs. In addition, this new Directive should lead to the adoption of new sanctions against companies for non-compliance with the due diligence framework, and the creation of a new regulator to monitor compliance with the EU duty of care.

III) Implementation of the GDPR

The well-known General Data Protection Regulation (“GDPR”) applies to any organization established in the EU territory which processes personal data, as well as those the activity of which directly targets European residents. Foreign companies should therefore pay particular attention to these very specific rules, the violation of which can result in severe sanctions.

Companies must guarantee protective rights to persons whose data is being processed, whether employees or customers. The GDPR also binds foreign companies as it places regulations on the transfer of data outside the EU, which is of particular interest to international groups.

The CJEU ruled in its Court judgment (Grand Chamber) of 16 July 2020, Data Protection Commissioner v Facebook Ireland Ltd and Schrems that the GDPR requires data exporters to assess the conditions framing transfers and to put in place suitable measures to ensure that such data is subject to protection substantially equivalent to that guaranteed in the European Union. Both data controllers and data processors transferring data are accountable for these requirements.

Since the invalidation by the CJEU on the 16 July 2020 of the EU-US Privacy Shield, the data transfer agreement between the EU and the US, such transfer has become a sensitive operation and required the implementation of strict safeguards ensuring sufficient guarantee, such as, according to the text of the GDPR, the implementation of Binding Corporate Rules and Standard Contractual Clauses.

However, it seems that the respect of these rules is not sufficient since the Irish Data Protection Authority has very recently stated, on Monday, May 22, 2023, that META’s recourse to “standard contractual clauses” was insufficiently protective of data transfers and fined it 1.2 billion euros, as well as ordering the US firm to cease all transfers of data from European Internet users to the USA as of October 12. The data collected since 2020 must also be repatriated to European data centers by November 12.

It appears in practice that organizations transferring data under U.S. surveillance legislation are the first to be affected by this ruling and that the strengthening of their data protection procedure is urgent whenever they are transferring personal data from the EU to the U.S.

Conclusion: Foreign parent companies are responsible for ensuring that their subsidiaries in France and the EU are able to meet these multiple compliance challenges, and must navigate a complex and international compliance framework.

[1] Law n°2016-1691 of 9 December 2016 on transparency, fight against corruption and modernization of the economic life.

[2] Law n° 2017-399 of 27 March 2017 on the duty of care of parent companies and ordering companies

[3] Article L225-102-4, I, of the French Commercial Code)

score diversity cultural employee compliance global trade risk

The 7 Best-Managed Companies

Ranking the best-managed companies is a tall order. Thankfully, the Drucker Institute, named after the famed management guru, Peter Drucker, is poised for such a task. The Drucker Institute’s annual Management Top 250 Ranking, is described as a “holistic measure of corporate effectiveness.” Effectiveness, for the Institute, is simply doing the right things well. 

The Institute exhausts its resources evaluating company performance over five principal categories: innovation, social responsibility, employee engagement and development, financial strength, and customer satisfaction. Some companies do quite well in multiple categories, but below average in others. There is even the company that scored number one overall – Microsoft – but scored rather poorly in customer satisfaction (519th).

As such, simply looking at the top seven or even ten companies based on their overall ranking is not a true measure of who the best-managed companies really are. Rather, it’s more accurate to look at those companies that scored at least one standard deviation above the mean for every company analyzed over all five categories. Those are the Drucker Institute’s best-managed companies.       

A company that registers a 50 in a given category sits on the mean. Those that score a 60 are one standard deviation above. These are companies in the top 15 to 20% of the total. Scoring a 60 is not unusual, but scoring at least a 60 in all five categories is rare. This year seven companies scored in this elite category: Apple Inc., Mastercard Inc., Procter & Gamble Inc., HP Inc., Pfizer Inc., Accenture PLC, and Visa Inc. 

All seven do a host of things well, but customer-centricity stands out. Mastercard, for example, has pledged to bring one billion people and 50 million small businesses into the digital economy. This obviously increases their customer base but also generates a significant social impact. Mastercard employees enjoy working for a company that makes an impact and as such continue to be highly motivated. 

Pfizer’s work during the pandemic is well-known and their employees also take great pride in working for a firm that has played a leading role in combatting Covid-19. Yet, of the seven best-managed companies, only one has been an All-Star firm since 2017 (scoring 60 or above in all five categories). That award goes to Procter & Gamble, Inc. Like Pfizer and Mastercard, Procter’s focus is the customer. Former CEO A.G. Lafely notes that only when the company becomes preoccupied with financial returns is when they stumble. In contrast, when the customer is front and center, they thrive.  

employee workplace

Top Tactics to Improve Business and Employee Efficiency – The Eric Dalius Guide

Even as the coronavirus pandemic has changed the way businesses operate to a great extent, the world over, improving business efficiency remains a top priority. According to Forbes, improving business efficiency not only boosts profits but also reduces employee stress. A few tactics that can help to boost employee productivity while saving time:

Delegate to the Maximum Possible

It is understandable that as an entrepreneur, you think that you are the best person to handle everything that needs to be done. Instead of trying to do everything and burning yourself out, the best policy is to hire competent individuals for all the critical functions and delegate both responsibility and the necessary authority to enable them to function efficiently. Not only do you get more time to focus on the things you can do to expand your business but also you can relax in the knowledge that vital functions are being handled capably and perhaps better than what you would have been able to do yourself.

Match Functions to Skills, Suggests Eric Dalius

One of the most effective ways of boosting employee efficiency is to give tasks that have the right fit with the employee’s competence and skills. If you are hiring for a fresh position, listing the key result areas and looking for candidates who fit the bill is the way to get things done better. Demanding that your employees be versatile and handle everything thrown at them well is not realistic. You could end up with results that are less than satisfactory. Performing a quick analysis every time you give a new task to someone will usually reveal if the person you are giving the responsibility has the competence to do it well.

Retain Your Focus on Attaining Specific Goals

Employees can only be efficient if they know exactly what they need to achieve. You should ensure when you are assigning tasks to employees that they are as specific as possible, and you and your employees are clear on what it entails, including the time frame. It can also help if you share with the employee how what they are doing has an impact on the organization. A good way of ensuring this is to have SMART goals – i.e., the objective should be specific, measurable, attainable, realistic, and timely, observes Eric Dalius.

Invest In Training and Development 

You may instinctively tend to think that cutting down on training or eliminating it is a great way of saving on costs and improving profitability. However, the truth is that it can be very inefficient when workers are forced to learn on the job. Instead of forcing employees to learn without guidance, it is far better to invest time and effort to give them proper training that will make them more productive.

Implement Flexible Work Location and Hours

More than ever, after a certain stage in life, employees are concerned about their work-life balance. Giving the opportunity of working remotely, or if that is not possible, the freedom to come to the office at their preferred times can give the business the benefit of maximum productivity and efficiency. Not only will the employees be happier with this convenience, but also they will be able to focus more on their work. Remote working has become more of compulsion in recent times due to the ongoing COVID-19 pandemic raging throughout the world. While many employers were skeptical about it being effective, the results have been surprising, to say the least, with a large number of organizations reporting an uptick in employee productivity. In the new reality, remote working may well become the norm with significant advantages to both employers and employees.

Make the Work Environment Happier and Less Stressful

It is no secret that happy employees are not only more productive but also more efficient and have a better quality of output. They are more inclined to be focused on their work and not distracted by things like checking out social media or personal emails. While asking employees for their suggestions on improving their workplace comfort is a good idea, special points of focus can be things like comfortable chairs, large enough desk space, less crowding, good lighting, the reduction of noise level, and clutter. Other issues could be too great a distance to access shared printers, copiers, and shredders or even the quality of the coffee. Regulating the temperature better and introducing greenery into the work environment can help a lot to reduce stress. You can even think in terms of installing pods where an employee can de-stress himself by lying down and listening to music.


When you are trying to boost business efficiency, it can be easy to get bogged down with details and start to micro-manage everything. It can help to think of the big picture and scrutinize all processes and practices before junking any of them. Communicating clearly and adopting automation for repetitive tasks can make your business more efficient.


How to Be a Leader, Not Just a Manager, Even Working from Home.

Nothing in the business is as valuable as the people, and nobody can help you more than an empowered team of like-minded people. Over the past twenty years, we had a few turning points for our company when we had to make significant changes to catch up with the world around us. Every time, our team helped us, supported us, and collaborated with us to make these changes happen. I could not even imagine doing all that on my own.

This is how I learned that leaders lead by inspiring others, while managers focus on what needs to get done on a daily basis. Both are needed, but only one will truly inspire your team to move through even the hardest times.

In the beginning, a lot of our team had to work nights and long weekends, just like any other start-up. Our management team always stayed with the teams even if we could not help them professionally. I always made sure that the team had something to eat (as simple as getting them a take-out or ordering a pizza) or could get home if buses were no longer going (driving them myself or getting them a cab). We lead by example, not just by telling our team what to do.

As a result, in 2008, our CTO and a few trusted employees opened our first US-based office. These people left the comfort of their established lives at home, they encountered a profoundly changing environment around them, and they practically had to travel halfway around the globe. However, they did it for us and with us. Some of our employees practically became part of the family.

How did this all happen? Through connectedness. When it comes to connectedness, it is essential that people feel that they are still working together even when no one is around.

Here are 5 tips to lead your team to a place that feels truly connected:

1. Make sure that everyone understands the common goal. Think of that as providing your employees with a North Star to guide them. It is the only way to align their efforts and your company’s vision and goals.

2. Make sure that they have enough means to communicate effectively. During COVID-19, we introduced multiple tools for our employees: forums, corporate discord servers, group chats on Skype, Zoom, Google Meet, etc. There are hundreds of products available on the market right now, so choose what works best for your business.

3. Ensure that your teams have at least one daily meeting where they share what they did yesterday to make you all closer to the goal; what is their commitment for today, and are there any obstacles on their way right now?

4. Visualize! Visualization is one of the most effective tools to keep everyone connected—Burndown charts, shared documents with progress, kanban boards, etc. There are plenty of instruments for visualization that allows everyone to keep track of what is going on. And that helps them to feel connected to the company and each other.

5. Make sure that information is being spread around. When people are working from home, you lose osmotic communication. So find ways to connect them. We introduced things like a monthly newsletter and town hall meetings. We share all the news and everything we think is essential in a newsletter. And then we assemble everyone at a general meeting, where anyone can ask management anything. Or share their information with everyone if they want to. That helps a lot.

Above all, ask questions and listen to your team. As leaders, you’re there to motivate, so listen hard and often.


Gehtsoft USA LLC is a software development and agile consulting company from Raleigh, NC. For more than 20 years, we help businesses to develop and support their products, resolve their IT problems, and do the Agile transformation of their business processes. Our technical experts, certified technical trainers, professional scrum masters, and product owners have a unique skill set and experience.