top of page

Integrating CSR and integrity issues into third-party assessments

What if tomorrow's third-party information included CSR and integrity components? Pascal Goupilleau looks back on his presentation to professionals from the Occitan region of France last December in Toulouse.



Excerpts from a talk given by Pascal Goupilleau, Director of Ellisphere's Compliance Business Line, to risk management and compliance professionals in Toulouse last December, on the future of third-party information in the BtoB sector.  


"Regarding integrity, we can clearly say that today, and this since the so-called Sapin 2 law of 2016, solutions exist to enable the evaluation of its third parties in BtoB from the angle of integrity. For the record, those subject to Article 17 of the Sapin 2 law are companies with at least 500 employees and sales in excess of €100m. These companies are required by law to assess their third parties, whether customers or suppliers. Evaluating the integrity of third parties is one of the pillars of the system for preventing and detecting corruption.


According to the latest study by the AFA (Agence Française Anti-corruption - French Anti-Corruption Agency), the regulatory aspect is the main reason for companies to set up an anti-corruption system, but it's also because the manager and his or her management committee want to do so. Not only because the executive bears criminal responsibility, but above all because he or she considers prevention preferable to cure.


Source : AFA


When corruption is proven, it destroys value for the company.


Today, two risks are emerging and prompting companies to take action:


The risk to the employer brand, particularly when it comes to young people. Young people have a greater need to be in tune with their own values and ethics. This will be even more true in the future, with the development of Corporate Social Responsibility (CSR).


Another risk is inherent in market access. Managers are increasingly sensitive to the fear of being driven out of a market because they fail to meet the compliance requirements of their customers, who are often major accounts.


So how do you assess the integrity of your third parties?

Ellisphere has a business line dedicated exclusively to compliance issues. Thanks to this organization, we offer a solution available on an online platform, called Compliance For Business (CFB). This solution screens legal entities, their directors and beneficial owners. These persons are then cross-referenced with lists of sanctions and politically exposed persons (PEPs), as well as with the adverse media, in order to determine whether there are any ongoing cases involving a reputational risk for the third parties studied.


Today, with the CFB platform, it is possible to enter the name of a company to obtain an integrity score in 2 minutes. This score can be customized to the company using the solution. In addition, remedial action can be taken to deal with false positives and decide whether or not to continue the relationship with third parties.


Today, however, the number of requests to assess third parties from a CSR perspective is increasing considerably. It's true that integrity is essential; it's part of an ethical approach, found in the "G" for "governance" in the acronym ESG (Environment, Social, Governance).


For us, this is clearly where the next challenge lies: providing information on companies from a CSR perspective, to go far beyond the notion of integrity.


Especially as things are changing very fast. Firstly, with the arrival of the CSRD (Corporate Sustainability Reporting Directive), the European directive that will replace the NFRD (Non Financial Reporting Directive), and therefore the DPEF (Déclaration de la Performance Extra-Financière) in France.


From January1, 2024, the CSRD will first apply to all large companies currently subject to the NFRD, and therefore to the DPEF, and then, to simplify matters, to economic players classified as large companies in Europe.


These companies will have to publish a sustainability report in their management report, which will have to meet certain norms or standards, in order to give any investor or company access to reliable and comparable information. Whereas the EPFD is above all "literature", sometimes likened to greenwashing, the sustainability report, which will have to be approved by the statutory auditors or an equivalent professional, will have to meet the expectations of the 12 EFRAG standards, which will shortly be published as a delegated act in the Official Journal of the European Union.


For the companies you represent, this means three things:


  • The possibility of being subject to these new, more demanding regulations, with the obligation to provide extra-financial data with action plans to be implemented. This will primarily be the responsibility of the CFO and the internal CSR manager, but in practice it will have to involve the whole company. In particular, this obligation will apply to companies exceeding 2 of the following 3 criteria: €25 million in total assets, €50 million in sales or 250 employees.


  • The obligation to question and better understand your stakeholders to improve the sustainability of your value chain. You'll need a tool like the Compliance for Business platform to assess your third parties from an ESG perspective, measure their progress in order to feed your sustainability report and thus meet CSRD requirements.


  • Finally, the possibility of gaining a better understanding of your third parties from a CSR point of view, with data that will become accessible via a single European repository, ESAP, covering the 27 countries of the European Union. This will enable us to provide you, via the Compliance for Business platform, with all the CSR information on your third parties, even if this single entry point will not see the light of day before 2027, or even beyond.


Ellisphere's aim is to be a player in the sustainable economy, enabling any company to assess the sustainability of its value chain, thanks to our expertise in data, our dedicated solutions, and our ecosystem of partners."

bottom of page