Expert roundtable with Julien Fau (Senior manager, RSM France), Julien Vignon (Sales Director, Governance Risks & Compliance, Workiva) et Franck-Yves Inglebert (CEO, Eye2Scan) - following RSM France's « Les Matinale RSM », June 2025
Anti-corruption compliance is evolving fast. Organizations can no longer rely on static risk mappings, point-in-time controls, and siloed departments. Automated controls and AI are revolutionizing how companies manage their anti-corruption programs—from fraud detection to unifying entire compliance frameworks on single platforms. This comprehensive approach breaks down barriers between risk, internal audit, controls, compliance, and IT teams. We sat down with three experts to discuss this transformation.
“Regulators now prioritize living, personalized programs over check-the-box approaches.”, Julien Fau
Julien Fau (RSM France) : The challenge has shifted from simply checking compliance boxes to building truly effective programs. France's Anti-Corruption Agency (AFA) is crystal clear: off-the-shelf risk mappings no longer cut it. AFA Director Isabelle Jegouzo recently emphasized this point—she's seeing too many “cosmetic” programs without real added value.
Julien Fau : Three major issues. First, overly generic risk mappings that don't reflect company-specific realities. Second, difficulty integrating geographic expansion—clients sometimes discover new subsidiaries were created without updating their compliance framework. Finally, organizational silos: audit, internal controls, compliance, risk, and IT operate in isolation.
Key Insight : Regulators recommend “living” risk assessments that evolve with business activities and involve all stakeholders in development.
Julien Vignon (Workiva) : Our approach centralizes all compliance elements in a single platform. . Instead of having risk mappings in Excel, controls in another tool, and reporting in a third system, everything converges into a common framework.
Julien Vignon : Consider a vendor corruption scenario. In Workiva, you can directly see the associated controls, how well they're working, any mitigation efforts underway, and collaborate in real-time with operational teams. You can also monitor how risk levels change and spot trends over time.
Julien Vignon : That's exactly the point! Anti-corruption data required by Sapin 2 is also needed for ESG reporting. With a configurable platform, you feed both obligations from the same source. No more duplicated efforts.
“AI detects what traditional rule-based controls miss.”, Franck-Yves Inglebert
Franck-Yves Inglebert (Eye2Scan) : Intelligent controls combine three dimensions. First, expanding scope beyond accounting to operational processes—procurement, sales, inventory—where fraud and corruption risks actually originate. Second, leveraging artificial intelligence like Machine Learning.
Franck-Yves Inglebert : On a Purchase-to-Pay process, we simultaneously apply rule-based controls like segregation of duties violations and AI that identifies anomalous behaviors: unusual buyer-vendor pairs, abnormal amounts, suspicious purchase timing.
Franck-Yves Inglebert : The third dimension: transversal controls. We correlate all results to identify “high-criticality invoices”—those accumulating multiple risk signals. Result: fewer false positives, more time on real risks.
Use Case : A high-risk invoice might combine: SOD violation + new vendor + unauthorized modification + atypical buyer-vendor pair detected by AI.
Julien Fau : Integration makes all the difference. Eye2Scan automatically generates Key Risk Indicators (KRIs) that flow directly into Workiva. With RSM France's SapinGuard approach, internal audit teams get real-time visibility into risk trends without any manual data manipulation, and they can integrate this control intelligence into their broader compliance program covering all regulatory requirements.
Franck-Yves Inglebert : Auditors used to spend the bulk of their time requesting data extractions from local IT teams. Now they click a button and instantly get quantitative results tailored to their company and risk mapping for audit reports. The same applies to internal controllers who stay autonomous with their continuous monitoring. Both can focus on analysis and recommendations.
Julien Vignon : With Workiva and Eye2Scan, every stakeholder can access the tools but only sees information relevant to their role. Process owners can directly document why an anomaly flagged by Eye2Scan is actually justified. Internal audit keeps complete audit trails for regulators.
“Companies that don't automate are taking major risks.”, Julien Vignon
Julien Fau : We're seeing three major benefits. First, centralization: no more information scattered across Excel spreadsheets and multiple tools. Second, much better buy-in from operational teams—they finally understand their role in the program and can contribute directly. Finally, complete traceability: when regulators ask how you reached a decision, you have all the workshop notes and supporting documentation right in the system.
Franck-Yves Inglebert : I'd recommend starting with a pilot on a critical process—procurement is often a good choice. After a two-week implementation, you'll have concrete results to show management.
Julien Vignon : Focus on business impact. Dynamic risk mapping, automated controls, and real-time reporting transform compliance from a regulatory burden into a competitive advantage.
RSM is the 6th largest global network of audit, accounting, and advisory services, present in 120 countries. The network comprises over 66,000 professionals and partners. In France, RSM is a leading multidisciplinary firm for SME, mid-market, and large company executives. The network has 90 partners and 1,500 professionals across major regional economic centers, with 19 offices in Paris/Île-de-France, Rhône-Alpes, Occitanie, Western France (Brittany and Loire Valley), Grand Est, Provence-Alpes-Côte d'Azur, and overseas territories. Learn more at www.rsm.global/france/en
Workiva is on a mission to power transparent reporting for a better world. We build and deliver the world’s leading cloud platform for assured integrated reporting to meet stakeholder demands for action, transparency, and disclosure of financial and non-financial data. Workiva offers the only unified SaaS platform that brings customers’ financial reporting, Governance, Risk, and Compliance (GRC), & Environmental, Social, and Governance (ESG) data together in a controlled, secure, audit-ready platform. Our platform simplifies the most complex reporting and disclosure challenges by streamlining processes, connecting data and teams, and ensuring consistency. Learn more at workiva.com.