In an era of intensifying regulatory scrutiny, multinational corporations face a wave of new criminal offenses that pierce traditional protections, holding companies directly accountable for misconduct by directors, employees, and associates. Reforms across key jurisdictions aim to simplify prosecutions, shifting the burden to businesses to prove they implemented “reasonable procedures” to avert crimes like fraud, bribery, and sanctions breaches. This shift, detailed in A&O Shearman's Cross-Border White-Collar Crime Review 2026, underscores the urgency for executives to fortify compliance frameworks amid expanding extraterritorial risks.
The United Kingdom leads with its Economic Crime and Corporate Transparency Act, introducing a “failure to prevent fraud” offense effective September 1, 2025, targeting large UK and foreign firms. Under this strict liability regime, organizations are culpable if associates commit fraud to benefit the company, unless they demonstrate adequate preventive measures. “Updating corporate compliance programs is crucial for ensuring that organizations remain compliant with evolving legal and regulatory landscapes,” notes Paula Anderson, a partner at A&O Shearman. UK financial services firms have already faced prosecutions for weak anti-money laundering controls, even absent direct losses, highlighting enforcement momentum.
UK's Broadened Attribution Rules
Beyond fraud, the UK's proposed expansion of the “senior manager” test—lowered in late 2023 for economic crimes—via draft Crime and Policing Bill legislation before Parliament would extend to all offenses, easing identification of directing minds. As Reuters reports, this regime exposes foreign entities to liability if any offense element occurs in the UK or targets UK victims, complicating global operations. Government guidance issued in November 2024 outlines six principles for reasonable procedures: risk assessment, proportionality, communication, training, monitoring, and review.
Australia bolstered its “failure to prevent” bribery offense in 2024, imposing strict liability for associates bribing foreign officials, countered only by an “adequate procedures” defense. A new multidisciplinary taskforce now probes such cases, per A&O Shearman. In the UAE, October 2025 AML reforms added predicates and direct corporate offenses, while Hong Kong targeted cybersecurity lapses at critical infrastructure operators in sectors like banking and energy.
Italy's updates introduce environmental predicates to corporate liability, AI aggravators for market manipulation, and planned reforms for parent-subsidiary accountability and supply chain certifications. France added a tax concealment offense for firms enabling income hiding, and Belgium's new Criminal Code arrives in April 2026, poised to heighten exposures.
EU Harmonization Accelerates Penalties
The European Union's Sanctions Crime Directive (EU) 2024/1226 mandates member states to criminalize sanctions circumvention, broadening director and entity liability by May 2025. An Anti-Corruption Directive, agreed late 2025, sets minimum standards for bribery offenses, imposing fines up to 5% of global turnover, with robust compliance as a mitigator. Germany plans to raise corporate fines to €40 million for intentional acts. “The Directive aims to provide more effective, proportionate and dissuasive sanctions,” states Herbert Smith Freehills Kramer.
China reformed anti-bribery laws and AML predicates, impacting state-owned enterprises. These changes, as cataloged in A&O Shearman's review, demand jurisdiction-specific risk mapping, especially for multinationals.
In contrast, the US emphasizes individual accountability under the Trump administration's second term, per Harvard Law School Forum on Corporate Governance. Yet, firms face aiding-and-abetting claims for lax controls enabling customer fraud, and banks incurred fines for off-channel communications like WhatsApp.
DOJ's Updated Compliance Blueprint
The DOJ's September 2024 Evaluation of Corporate Compliance Programs (ECCP) revisions spotlight AI risks, data analytics, and whistleblower protections. “Companies are expected to maintain a rigorous framework to manage emerging technology risks,” per Skadden. Directed by Deputy AG Lisa Monaco's March 2024 remarks, prosecutors now probe AI misuse in white-collar crimes, urging periodic risk reviews citing NIST frameworks.
DOJ stresses compliance access to data for monitoring, self-reporting incentives under the Corporate Enforcement Policy, and anti-retaliation training. The August 2024 Corporate Whistleblower Awards Pilot bolsters speak-up cultures, while Antitrust Division guidance aligns on leadership commitment and tech risks.
Enforcement data reveals patterns: UK SFO alliances with US DOJ via data-sharing pacts, and first HMRC prosecution under failure-to-prevent tax evasion in August 2025, as noted by Mayer Brown.
Fortifying Defenses Amid Reforms
Robust programs deter crimes, enable defenses, and sway penalties. Experts advocate comprehensive risk assessments, tech-leveraged monitoring, whistleblower channels, and tailored training. A&O Shearman's authors—Paula Anderson (New York), Dr. Tim Nikolas Müller (Frankfurt), Eve Giles (London), Michael Shepherd (Sydney), Amy Edwards (London)—recommend external audits for AI governance and sanctions compliance.
As DLA Piper observes, pragmatic shifts like France's revisited pleas signal multinationals must align with US/UK/French standards. Proactive updates, per DOJ ECCP, position firms for declinations, as in Liberty Mutual's FCPA self-disclosure.
With EU AML packages slated for 2027, boards must prioritize data-driven functions. Failure risks not just fines—up to turnover percentages—but reputational ruin in interconnected markets.


WebProNews is an iEntry Publication