RSS Feed
Friday, June 26, 2026
Iratxe Gurpegui

7 angles morts à éviter pour construire un programme anticorruption fondé sur les risques

La plupart des cartographies des risques de corruption échouent de façon prévisible : elles paraissent complètes, mais n'expliquent pas comment la corruption pourrait réellement survenir dans vos processus, et ne produisent pas la preuve que vos contrôles fonctionnent.

Friday, June 12, 2026
Iratxe Gurpegui

How to Build a Compliance Risk Map in 6 Steps

Sure, you can run a compliance program without a risk map — but it won’t get you very far. Without a clear view of where the company is most exposed, compliance activities often become generic, disconnected, and, in the end, a waste of resources.

Friday, June 12, 2026
Iratxe Gurpegui

7 blind spots to avoid if you want to build a risk-based anti-bribery program

Most bribery risk maps fail in a predictable way: they look complete, but they do not explain how bribery could realistically happen in your workflows, and they do not produce evidence that your controls actually operate.

Friday, June 12, 2026
Iratxe Gurpegui

Loi Sapin II control evidence: What AFA expects to see

The AFA doesn't want your policy. It wants your evidence. The email lands on a Tuesday at 5:43 PM. "Please provide evidence of your internal control plan and its execution." You have a code of conduct. A risk map. A polished slide deck.

Friday, June 12, 2026
Iratxe Gurpegui

Loi Sapin II risk mapping that actually survives an AFA audit

The first time the AFA asks, "how did you score this risk?", the room goes quiet. Not because the team did nothing. Because the risk map was built like a workshop deliverable, not like an auditable decision.

Next