In February 2025, President Donald Trump signed an executive order instructing the Department of Justice (DOJ) to pause enforcement of the Foreign Corrupt Practices Act (FCPA), marking a sharp departure from decades of bipartisan commitment to global anti-corruption efforts. Now, just four months later, the administration has not only reversed course but recalibrated how, why, and where the FCPA will be enforced.
This rapid pivot has created another layer of uncertainty for compliance teams. But the core message is clear: the FCPA remains law, enforcement has resumed, and the risks—while shifting in shape—have not disappeared.
A timeline of FCPA turbulence in 2025
10 February 2025: Trump signs an executive order pausing DOJ FCPA enforcement.
14 May 2025: DOJ outlines new corporate enforcement policies, including updated self-disclosure rules and reduced use of compliance monitors.
9 June 2025: DOJ formally resumes FCPA enforcement under a reoriented framework, with a focus on cartels, terrorism-linked networks, and conduct harming US national interests.
Don’t forget: the FCPA still stands
Despite the temporary pause, the FCPA was never repealed. The law still prohibits bribery of foreign officials by US persons and companies or those operating within the US. Penalties remain severe. Up to $2 million per corporate violation and up to 20 years’ imprisonment for individuals.
And while the Trump administration attempted to frame the pause as pro-business, many in the corporate world value the FCPA for the clarity and consistency it brings. Companies benefit from being able to point to a clear legal standard to resist bribery, especially in high-risk jurisdictions.
What’s changed under the DOJ’s new enforcement approach?
The DOJ’s renewed FCPA enforcement is more of a redirection than a resumption. The focus has shifted away from broad-based anti-bribery policing and toward misconduct that intersects with geopolitical risk, national security, and transnational crime.
Key DOJ enforcement priorities now include:
- Conduct that harms US national interests
- Cartel involvement or organised crime facilitation
- Bribery affecting national security-linked sectors (defence, energy, infrastructure)
- Links to terrorism or sanctions evasion
The DOJ’s message is unmistakable: the bar for enforcement has moved. Fewer cases may be brought, but those that do proceed will be strategic, faster-moving, and high-profile.
The “Blanche Memo” and the individual focus
In June, Deputy Attorney General Todd Blanche issued a memo instructing prosecutors to prioritise cases of individual misconduct, accelerate timelines, and weigh the broader impact of investigations on corporate entities and employees. New FCPA investigations must now be approved by the Assistant Attorney General, a bottleneck that may reduce volume but increase selectivity.
The DOJ is moving from quantity to impact. It wants fewer cases, but bigger targets. This will likely have a significant impact on individuals caught up in FCPA issues, with company executives more likely to receive jail time than their business is to be fined.
What hasn’t changed, and why FCPA compliance still matters
Even amid political whiplash, some fundamentals haven’t shifted:
The FCPA remains active law. A new administration, court ruling, or internal DOJ shift could bring full-force enforcement back at any moment.
The SEC continues FCPA-related enforcement, especially for publicly traded companies.
International enforcement continues to accelerate, with UK, EU, and OECD partners ramping up scrutiny.
Whistleblowers remain a core DOJ focus, particularly in areas like cartel activity, sanctions, and immigration fraud.
Critically, prosecutors may pursue FCPA-related cases under other statutes—wire fraud, money laundering, and false records—even if the FCPA itself is temporarily deprioritised.
DOJ’s new corporate enforcement philosophy
In May, Acting Criminal Division Chief Matthew Galeotti laid out a three-part philosophy for corporate enforcement: focus, fairness, and efficiency.
The biggest change is in the self-disclosure regime. There will only be guaranteed declination for companies that:
- Voluntarily self-disclose
- Fully cooperate
- Remediate timely and effectively
Even companies with aggravating factors can still benefit: up to a 75% penalty reduction, no monitor, and possible non-prosecution.
But here’s the catch: none of that matters if your compliance function doesn’t detect and escalate the issue in the first place.
Risk recalibrated: What counts as FCPA exposure now?
The definition of risk has changed. It’s no longer just “where corruption is common,” such as in various jurisdictions where bribery is a way of doing business. It’s about how your business activity intersects with US political and economic interests.
You’re at elevated risk if:
- You’re bidding against a US company overseas.
- Your counterpart is linked to a cartel or TCO.
- Your deal touches infrastructure, energy, or defence.
- Your partner has political influence or SOE ties.
This isn’t enforcement softening but enforcement sorting. And companies in the DOJ’s crosshairs may face faster investigations and fewer off-ramps.
Compliance actions to take now
Rather than dismantling well-functioning compliance programmes, experts strongly advise reinforcing them:
Reconfirm the FCPA’s relevance: Internally communicate that the law is still in effect and DOJ enforcement is active again.
Update risk assessments: Include national interest factors, TCO connections, and sector-based geopolitical risk in your analysis.
Ensure internal detection mechanisms work:
- Real-time red flag identification
- Whistleblower protection and visibility
- Escalation pathways and audit trails
Consider refreshed FCPA training: Especially for high-risk teams (procurement, overseas sales, third-party oversight)
Prepare for strategic cases: Map links to national security, tech, infrastructure, or defence and track partners’ ties to SOEs, cartels, or sanctioned entities
Don’t neglect global risk: UK’s SFO and regulators abroad are intensifying scrutiny. The same conduct might be legally safe in the US, but a liability in the UK
