What’s Next for FCPA and Anti-Corruption? A Wake-Up Call for Compliance and Risk Management

Author: James Swenson, Managing Director, Ethixbase360

Navigating Operational Risk & Resilience in Times of Regulatory Uncertainty

Yesterday’s fact sheet¹ from the Trump administration announcing a pause in FCPA enforcement, along with recent policy shifts²  by the U.S. Department of Justice (DOJ) under Attorney General Pamela Bondi are making traditional compliance increasingly confusing for companies that have prioritized anti-bribery and corruption in their third-party risk management programs.

These changes, along with the disbanding of DOJ’s Kleptocracy Team and Corporate Enforcement Unit and deprioritization of anti-corruption cases, have created uncertainty around U.S. enforcement moving forward. Despite potential deregulation in the U.S. however, global regulations remain stringent and in some cases are heightening corporate liability³, with local and cross-border enforcement activity across Europe, the Pacific, Asia and South America. Yesterday’s announcement of a pause of FCPA enforcement ironically comes at the same time as the release of the 2024 Transparency International Corruption Perceptions Index, which ties corruption not only to human rights abuses but also playing a role in the climate crisis⁴.

U.S. Focus: Cartel-Linked Supply Chains

The DOJ’s policy shift prioritizing cartel-related bribery cases serves as a warning for companies with supply chains exposed to precursor chemicals. Industries such as pharmaceuticals, chemicals, and logistics must reassess their risk exposure and compliance programs to adapt to these changes. In fact, many industries—particularly in agriculture, mining, and logistics—also face risks of cartel infiltration, extortion, and money laundering. Companies transporting goods should also consider the risk of inadvertently becoming involved in drug smuggling operations, leading to severe legal and reputational repercussions.

To navigate these threats, businesses should implement:

• Regulatory Compliance with Controlled Substances Laws: Companies should enhance compliance measures to adapt to new regulations, including:
  • Promoting awareness of raw material origins and potential regulatory implications.
  • Understanding chemical sourcing and distribution to mitigate risks associated with illicit networks.
  • Strengthening internal controls around counterfeit pill production.
  • Maintaining serialized tracking systems for pill-press machines and associated materials.
• Enhanced UBO Screening: Conduct ultimate beneficial ownership (UBO) checks to ensure suppliers are not linked to criminal organizations.
• Continuous Third-Party Monitoring: Use AI-driven compliance tools to track real-time changes in supplier risk profiles.
• Geopolitical Risk Assessments: Regularly evaluate country-specific corruption, trafficking, and organized crime threats.

Navigating Global Regulatory Pressures

While the DOJ may be shifting its focus other regions have seen a recent tightening of anti-corruption provisions and particularly an increase in corporate liability with failure to prevent provisions introduced recently in Australia and Singapore rumored to be pursuing its first Deferred Prosecution Agreement (DPA). European regulators are also tightening compliance expectations. The European Union’s Corporate Sustainability Due Diligence Directive (CSDDD) will impose mandatory due diligence obligations on companies operating in the EU, including U.S. firms with European subsidiaries or supply chain links. While a simplification package is scheduled to be announced later this month key requirements currently include:

• Mandatory human rights and environmental due diligence across global supply chains.
• Severe penalties for violations, including potential civil liability.
• Supply chain transparency obligations, requiring businesses to conduct thorough risk assessments of third-party vendors, particularly in high-risk regions such as Latin America and Asia.

For U.S. companies engaged in global trade, ignoring third-party risks is not an option. Regardless of policy changes that could impact the direction of U.S. enforcement , companies must comply with increasingly stringent global regulations, and be prepared to respond to future actions.

Uyghur Forced Labor Prevention Act (ULFPA): Avoiding Supply Chain Liabilities

In addition to European mandates, the Uyghur Forced Labor Prevention Act (UFLPA) presents another major compliance challenge. So far, the Trump administration has intensified efforts to enforce the UFLPA. Notably, the administration is considering adding Chinese e-commerce giants Shein and Temu to the Department of Homeland Security’s forced labor list, citing concerns over their supply chains potentially involving forced labor from China’s Xinjiang region.

The law bans the import of goods made with forced labor from China’s Xinjiang region, placing the burden on importers to prove that their supply chains are free from forced labor. Additionally, the Trump administration’s continued focus on China may further complicate imports, with heightened scrutiny and potential new trade restrictions adding to compliance challenges.

To mitigate risks, U.S. businesses must:

• Conduct enhanced supplier due diligence, particularly for raw materials sourced from China.
• Implement traceability programs to verify product origins.
• Stay ahead of Customs and Border Protection (CBP) enforcement actions, which have already led to seizures of goods suspected of being linked to forced labor.

Failure to comply can result in seizures, fines, and public scrutiny, making robust third-party vetting an essential business practice.

Reputational Risks of Unethical Business Practices

Enforcement is no longer the main driver of compliance as it may have been years ago. Compliance programs and third-party risk management help companies maintain stakeholder trust, reduce overall costs, and increase profits. Despite a potential retreat of FCPA enforcement, companies should remain vigilant about reputational risks associated with perceived unethical business practices. The “cost of corruption” extends past the potential for fines. Public scrutiny, media exposure, and consumer activism can significantly impact brand value and financial performance. Ethical lapses—whether real or perceived—can lead to lost business opportunities, investor concerns, and long-term damage to corporate credibility.

To mitigate these risks, organizations must prioritize integrity and transparency in their third-party relationships to maintain a competitive advantage and avoid costly missteps. 

The Importance of Third-Party Risk Assessments and Continuous Monitoring

Third-party risk management has become an essential business function, independent of the regulatory or enforcement landscape. Companies cannot afford to treat it as a checklist exercise; instead, it must be fully integrated across an organization’s operations. Conducting thorough due diligence, regularly updating risk assessments, and implementing continuous monitoring are critical to protecting operations from legal, financial, and reputational harm that could arise from third-party misconduct be it corruption, fraud, human rights abuses or other misdeeds. By prioritizing a structured and proactive approach, companies cannot only mitigate risks but also foster stronger, more resilient partnerships in an increasingly complex global environment.