Compliance Enforcement Trends and the Current State of Preventive Measures

In October, WLG's Compliance & Investigations Group held a frank, cross-border check-in to discuss the current state of compliance. The agenda was simple – enforcement trends and the current state of preventive measures – but the discussion quickly revealed a more complex picture: less budget, fewer "classic" Foreign Corrupt Practices Act (FCPA)-style mandates, but a broader and more political enforcement landscape in which compliance is deeply entangled with ESG, financing, and access to markets.

A first theme was quiet retrenchment. Several participants reported a noticeable slowdown in preventive compliance work and extensive internal investigations, particularly those historically driven by U.S. FCPA risk. In Germany, there has been hesitation among small and mid-sized companies to invest in comprehensive compliance management systems, as the legal value is uncertain and economic conditions are challenging. In China, there has been a noticeable decline in FCPA investigations, accompanied by a greater emphasis on fee caps and cost predictability before companies proceed. In Turkey, budget pressure is even more acute, with some multinationals opting to terminate implicated employees rather than fund a fact-finding exercise.

Yet this was not a story of compliance "losing ground" so much as clients becoming highly selective. Work remains steady where there is a clear, tangible benefit: access to government contracts, project financing, ESG-driven lender requirements, or demonstrable reductions in penalties. In Brazil, for example, companies seeking to sell to the federal government above certain thresholds must implement and maintain a compliance program subject to oversight by the federal controller's office. Those programs also count when negotiating fine reductions. AI-enabled training and more efficient tools are being explored precisely because the underlying obligation to have a program is not going away.

The second theme was that enforcement risk is shifting rather than receding. Brazil's authorities are expanding their efforts beyond "bags of cash" scenarios to pursue more subtle forms of corruption, including obstruction of inspections, hospitality, and gifts to public officials, under the same anti-corruption framework. In India, regulators are highly active in combating corruption, tax evasion, and supervising financial institutions, with investigations that often cascade from one authority to another. Enforcement decisions are publicly available online, which significantly increases reputational pressure.

Singapore offers another illustration of this recalibration. While its zero-tolerance stance on corruption remains intact, recent developments have brought anti-money laundering and scams into the spotlight, including high-profile criminal cases and new legislation that empowers financial institutions to freeze accounts where customers appear to be victims, even over their objections. Participants noted that these measures may sometimes feel heavy-handed. Still, they emphasize that enforcement attention is shifting toward anti-money laundering (AML) and fraud, as well as the integrity of the financial system.

Across Europe, legislators are highly active in AML, data protection, AI, and ESG, even if corporate criminal liability and "failure to prevent" offenses are not yet widely harmonized. In Turkey, by contrast, the legal framework on paper is strong – including provisions that mirror extraterritorial anti-bribery regimes – but there are still no established enforcement precedents. That disconnect between statutory alignment and practical enforcement was noted as a risk in itself.

A third, strongly emerging theme was the convergence of compliance and ESG. In Europe, ESG is absorbing a significant share of the budgets that once went solely to "traditional" compliance, driven by supply chain due diligence, reporting obligations, and broader governance expectations. Governance and whistleblowing systems are now understood as integral components of ESG, rather than parallel tracks. In Brazil, regulators have formally incorporated ESG considerations into their evaluation of corporate compliance programs. In Turkey, manufacturers exporting to the EU are investing heavily in supply chain and environmental compliance to maintain market access, which raises new questions regarding energy sourcing and long-term regulatory demands.

Participants noted that this convergence isn't only reshaping compliance priorities; it also reflects how clients are reframing risk. ESG, supply chain integrity, and regulatory credibility are increasingly interconnected, especially for companies operating across multiple jurisdictions or entering ESG-sensitive markets. As these expectations evolve, firms are seeing greater demand for guidance that spans both compliance fundamentals and emerging ESG requirements.

Looking ahead to 2026, the group flagged a range of issues likely to influence compliance strategies: rising whistleblower activity in markets undergoing restructuring; sustained focus on AML and scam-related risks; ESG and supply chain obligations tied to trade and import regimes; AI and data protection as both enablers and sources of new exposure; and tighter scrutiny of government interactions and public procurement. Against the backdrop of trade tensions, export controls, and the potential use of anti-corruption enforcement as a geopolitical tool, the traditional FCPA-driven model no longer defines the landscape.

For WLG firms, the takeaway is not about volume but about positioning. Even as companies curb discretionary spending, they still need credible, defensible programs in the areas that regulators, investors, and business partners prioritize most. The October discussion highlighted the value of cross-border perspectives in helping clients interpret these shifts—and the importance of staying connected as global expectations continue to evolve.