To date, 100% of Verescence’s exposed populations are trained in corruption risks, anti-competitive practices and information security. The GDPR (EU General Data Protection Regulation) has been in force since mid-2018. This new obligation has been added to the other texts with which we strictly comply: the French Sapin2 law on transparency and the fight against corruption, the Foreign Corrupt Practices Act (FCPA), the UK Bribery Act, essentially.
The 2018-2019 period is marked by the establishment of a data register under the GDPR. The associated GDPR policy is being finalized in mid- 2019. In addition to bringing its sites in France and Spain into compliance with this European regulation, Verescence is also in the process of implementing it, this time on its own initiative, across the Atlantic. The company firmly believes that it can anticipate and manage the risks inherent in the protection of private data on 100% of its sites.
With regard to the risks of corruption, anti-competitive practices and information security, new training was provided through an e-learning training cycle that covered all exposed employees regardless of their workplace.
Accessible to all, the other component of the system includes a multi-topic alert procedure (corruption, conflicts of interest, money laundering and other kinds of mismanagement) coupled with the possibility of verifying third parties through an official international database, called World-Check.
An external audit in 2018 enabled us to improve our own risk awareness, challenge ourselves and refine our mapping. All our suppliers and potential partners were subject to an update screening in 2018.