The landmark conviction of Lafarge, a French cement manufacturer by the Paris Criminal Court is a significant case in the history of corporate conduct in conflict zones. This is the first time a corporation in France has been criminally convicted for financing terrorism linked to overseas operations. The implications for multinational firms operating in volatile regions are immediate and far-reaching.
The company was fined the maximum amount of 1.125 million euros, this is the first time for a French company. Crucially, a previous plea agreement in the US with a 778 million dollars fine was seen as no obstacle. The CEO, Bruno Lafont, and deputy CEO, Christian Herrault, were sentenced to six and five years imprisonment respectively, and were taken to prison from the courtroom.
The case centres on Lafarge’s operations in northern Syria between 2013 and 2014. The company had invested heavily in a cement plant in Jalabiya and sought to maintain production as the Syrian civil war intensified and territorial control shifted between armed factions.
To continue operating, Lafarge made payments totalling approximately €5.5 million to various armed groups, including ISIS and the al-Nusra Front. These payments were linked to securing safe passage, maintaining supply routes, and ensuring access to raw materials and distribution channels.
The conduct was first exposed in 2016 by Le Monde, prompting legal complaints from NGOs including Sherpa and the European Center for Constitutional and Human Rights. A lengthy investigation followed, culminating in a 2021 decision by the French Supreme Court to uphold charges of financing terrorism and complicity in crimes against humanity. The proceedings were later divided, with the terrorism financing charges proceeding to trial while the crimes against humanity investigation remains ongoing.
The defence of business necessity was not accepted
Lafarge’s defence reflected a familiar narrative in high-risk environments. Executives argued that the company had been subject to extortion and that payments were made under duress. Continuing operations, they suggested, was necessary to protect employees and preserve a major investment in the hope that the crisis would be temporary. Senior leadership also sought to distance themselves from the conduct, claiming that they were not aware of the full extent of the payments.
The court rejected these arguments in unequivocal terms. In a strongly worded judgment, the presiding judge concluded that the payments went beyond coercion and instead constituted a “commercial partnership” with terrorist organisations.
The ruling emphasised that the funds provided by Lafarge contributed to ISIS’s ability to control natural resources and finance terrorist activities, including attacks beyond Syria. This was a key element of the successful prosecution given the company was engaged in conduct that amounted to active facilitation of terrorist operations.
How did Lafarge get compliance so wrong?
The case highlights a breakdown in corporate governance. The decision to prioritise operational continuity appears to have overridden escalating legal and ethical risks. Payments to armed groups became embedded in the company’s operating model rather than treated as exceptional or unacceptable. Governance structures either failed to escalate the issue effectively or failed to act on the information available.
There is also a clear failure to understand and manage supply chain risk. The payments were linked to intermediaries, logistics providers, and access routes, highlighting how exposure often arises indirectly through third parties rather than through direct engagement with high-risk actors.
The implications extend well beyond this single case. For companies operating in high-risk jurisdictions, the supply chain is often the primary channel through which legal and compliance risks materialise. Complex networks of subcontractors, local partners, and intermediaries create layers of opacity. In conflict zones, these networks are frequently intertwined with armed groups, political actors, and illicit economies. Payments that appear routine can, in reality, be diverted to entities that create significant legal exposure.
This is particularly acute in Syria. During the relevant period, territorial control was fragmented, sanctions regimes were evolving rapidly, and armed groups were deeply embedded in economic activity. While these days Syria is being welcomed back into the global economy, sanctions relief does not remove the entrenched networks of politically exposed actors, militia-linked businesses, and informal financial systems that define the operating environment.
Is extreme due diligence the answer?
The Lafarge case raises a fundamental question about the adequacy of existing due diligence frameworks. Enhanced due diligence (EDD), as commonly applied, focuses on identifying high-risk counterparties and verifying key information. In environments like Syria, that approach is unlikely to be sufficient.
A more robust model is required. What VinciWorks describes as extreme due diligence (EXDD) involves a deeper, more investigative approach to risk. It requires mapping ownership structures in detail, tracing financial flows across multiple layers of counterparties, and interrogating the purpose and context of transactions. It also demands continuous monitoring and a willingness to challenge assumptions about how business is conducted on the ground.
In practice, this means looking beyond immediate counterparties to understand who ultimately benefits from a transaction, who controls critical infrastructure, and how money moves through the system. It requires combining traditional compliance tools with intelligence, local expertise, and a high degree of scepticism.
In Syria, decades of sanctions have unwound in a matter of months, while a regime with a track record of chemical weapons, terror alliances and organised crime remains entrenched. Turkish developers are practically salivating at the thought of rebuilding Syria’s shattered cities, but who’s really behind those contracts? Could the same regime operatives who built WMD sites be about to build luxury apartment blocks, laundering the proceeds of state violence through construction? The West seems to have decided sanctions fatigue is worth the risk. But it will be risk-exposed companies on the business end of realpolitik.
Extreme due diligence is the only realistic approach to begin to interact with this high-risk world. Forget static sanctions-screening lists. You need an active tracing of wallet addresses, network analysis of counterparties and a relentless focus on the beneficial owners of the exchanges and brokers involved. Extreme due diligence would mean investing in blockchain analytics as well as human intelligence, local partnerships and pattern recognition tools that go beyond “name matching” to build dynamic risk profiles.
Take Dubai. It has become a magnet for sanctioned wealth, as Russian oligarchs purchase towers in cash and Iranian proxies use intermediaries to funnel oil profits into property and luxury assets. Meanwhile, the Emirati sheikhs have negotiated their way off the high-risk jurisdictions list. In a world of bribery, or worse, only extreme due diligence has a chance to map the murky chain of relationships, identify the political entanglements and put together a picture of hidden influence and layered proxies.
Operating in high risk jurisdictions or post conflict zones is full of risk, and the Lafarage case shows that a failure can end with high fines and prison time. Firms who are operating in these areas should consider extreme due diligence as a potential answer, or at least a way to mitigate such significant risk.
