FCPA One Year On

It has been just over a year since President Trump signed the executive order that paused new FCPA investigations. The revised guidelines that came out in June 2025 narrowed enforcement to four areas: conduct linked to drug cartels and transnational criminal organisations, harm to identifiable American businesses, national security threats, and schemes involving large bribes with deliberate concealment.

This refocusing has produced clear results in enforcement figures: the DoJ resolved three corporate FCPA cases in 2025, down from nine the year before, and there were no corporate FCPA enforcement by the SEC in 2025.

So, with prosecution risk from Washington greatly circumscribed, should investors approach corruption risks less seriously? No. As has been made clear by recent events, regulatory agencies elsewhere are seeking to take up the slack left by the DoJ, and have been focusing on areas and levels of corruption that may have been overlooked by the DoJ. The result is that investors will be obliged to tweak compliance policies to respond the enforcement actions by different countries, and take a renewed, more detailed approach to due diligence processes.   

The European response

In  March 2025, shortly after the suspension of FCPA, the UK Serious Fraud Office, the Swiss Office of the Attorney General, and the French Parquet National Financier announced a new International Anti-Corruption Prosecutorial Taskforce. The three agencies committed to pooling resources, sharing intelligence, and running joint investigations without relying on US initiation. By late 2025, senior officials from all three were publicly indicating that the Taskforce has active cases in development.

The SFO, for its part, has continued to open new investigations, with multiple cases now listed for trial this year. One of them is instructive: in April 2025, the SFO charged United Insurance Brokers Limited under Section 7 of the Bribery Act, for failing to prevent around $3 million in corrupt payments made by US-based intermediaries to an Ecuadorian state official. Relatively modest sums, routed through third-party agents in a developing country. The kind of matter the DOJ's revised guidelines would almost certainly not prioritise.

Other countries have followed suit. In January 2026, Norway's economic crime authority, Økokrim, indicted two Norwegian citizens and a subsidiary of PetroNor E&P for corruption in the Republic of Congo, on a matter the US DOJ had already closed its own inquiry on the previous April, citing the executive order. And the EU Anti-Corruption Directive reached provisional agreement that same month. Once transposed into national law, expected by mid-2028, it will harmonise anti-bribery offences across the bloc with corporate penalties of up to 4% of global turnover.

The UK Bribery Act 2010 remains the most active extraterritorial anti-corruption statute currently in enforcement. Its Section 7 "failure to prevent" offence imposes strict liability on any commercial organisation carrying on business in the UK. There is no need to prove that employees at the company knew about bribes, no facilitation payment defence, and no requirement for a US nexus.

Enforcement, in short, remains a material risk for business to consider when designing compliance programmes. This is also pertinent when considering the FCPA’s statute of limitations, which mean that unlawful conduct happening now would be prosecutable under a future US administration that restores the original scope of FCPA.

What this looks like on the ground

For investors operating in emerging markets, the practical consequences are fairly specific.

Take a common enough scenario. A European private equity fund with a London office acquires a logistics company based in Dubai. The target earns a good share of its revenue from customs clearance and procurement contracts with state-owned enterprises in Saudi Arabia and Iraq. It uses local agents to manage those relationships. A year ago, the primary enforcement risk would have been the FCPA. Today, the DOJ would very likely pass on looking into potential bribes paid by such local agents. But the fund's London presence puts it under the UK Bribery Act, and its Section 7 clauses.

As highlighted by the Ecuador case above, the risks are accentuated if intermediaries are used to conduct business in emerging markets. In regions such as the Gulf, intermediaries may have extensive political ties or links to armed political factions (increasing corruption risks); while in Central Asia, intermediaries are frequently linked to Russian sanctions circumvention networks, and have a track record of paying bribes.

Implications for investors

An absent DoJ, but renewed European and cooperation, and with distinct clauses to take into account. Where then, does this leave investors looking to update their approach to corruption and risk?

For starters, a compliance program that was built primarily around FCPA risk should be stress-tested against the UK Bribery Act's strict liability standard. The Section 7 adequate procedures defense is now key in most firms' compliance architecture, and it is not the one most have spent the most time on.

A deeper look at a counterparty’s operating practices, including its use of third parties (such as agents and intermediaries), is also key. This isn’t easy: publicly available information will generally not provide detail on how a target operates in regional markets, nor how its local teams are incentivized or overseen in their pursuit of new business. Here, a deep-dive investigations – making use of human intelligence – become crucial, and allow investors to fully learn about a counterparty’s modus operandi, and anticipate potential corruption risks.

Lastly, due diligence at the point of onboarding is not sufficient on its own anymore – ongoing monitoring is what regulators will ask about.

The statute of limitations is still running. The European Taskforce is building its caseload. The EU Directive is coming. None of that paused when the FCPA did, and neither should investors’ consideration of ABC risk.