Business Insight

Corporate Crime and Investigations - What now for 2025?

Corporate crime and investigations What now for 2025?

    Global trends and key priorities

    Enforcement action against corporates and individuals for alleged bribery and corruption, AML violations, and market misconduct continued to define the economic crime landscape globally in 2024.   

    Sanctions remained a key compliance risk for many businesses as governments ratcheted up sanctions against Russia, including addressing loopholes in existing regimes targeting Russia and shifted their focus to investigation of suspected sanctions violations.  

    The scope of corporate compliance risks continues to evolve with investigations increasingly being driven by allegations of non-financial misconduct, unauthorised use of off-channel communications, and human rights abuses within supply chains.  

    Looking ahead to 2025, we predict that authorities will be focused on the enforcement of new rules and using enhanced prosecutorial toolkits to combat financial crimes, particularly in relation to fraud, greenwashing, and sanctions.  

    We also anticipate that international debate regarding the protection of whistleblowers will continue, given the role whistleblowers play in the detection of economic crime.  We expect that investigations arising from whistleblows will continue to increase.  Governments are facing increasing pressure to reform existing laws, with many countries exploring potential enhanced measures including financial reward programmes for whistleblowers.  

    What does this mean for businesses in 2025?

    The key priorities for in-house legal and compliance teams should be:

    Understand your risks: risk assessment remains foundational to an effective compliance framework and should be periodically refreshed, particularly to reflect exposure to emerging risks and to ensure that risks are assessed holistically where a product or business area may be exposed to a combination of financial crime risks (for example, laundering of proceeds of a sanctions violation).  

    Maintain effective compliance oversight: authorities globally are focusing on governance and senior management oversight (including horizon scanning of emerging risks) when assessing the effectiveness of compliance programmes. This is particularly important in jurisdictions where an adequate or reasonable procedures defence is available or where demonstrating the existence of systems and controls to prevent the alleged conduct is considered a mitigating factor.  

    Implement investigation procedures: how companies respond to allegations of suspected criminality within the business is increasingly under the spotlight.  It is important to design and implement a response strategy for investigating compliance concerns, ensuring fair treatment of whistleblowers, and adopting a lessons learned approach following investigations in order to mitigate legal, regulatory, and reputational risks.  

    We take a deeper look into the developments and trends in particular corporate crime areas, together with our predictions for 2025.

    Bribery and corruption

    As predicted, bribery and corruption enforcement remained at a high level in 2024, notably in the United States where there were several high-value resolutions with corporates in connection with alleged violations of the Foreign Corrupt Practices Act (FCPA).  In March, a Swiss commodities trading company pleaded guilty to bribery of Ecuadorean government officials. The Department of Justice (DOJ) entered into deferred prosecution agreements (DPAs) with a German-based software company ($220 million penalty) and a U.S.-based defence contractor ($950 million penalty).  The DOJ also successfully secured the conviction of a former Mozambique finance minister involved in the 'tuna bonds' scandal demonstrating that holding individuals accountable for foreign bribery schemes remains an enforcement priority. 

    In the UK, it was a mixed year for the Serious Fraud Office (SFO). It failed to secure any new DPAs, and two British citizens were acquitted in a prosecution concerning alleged corrupt payments to Saudi officials (although the SFO secured a related conviction for misconduct in public office). In August, the SFO charged seven former executives at one of the world's largest commodity traders with conspiring to make corrupt payments in West Africa. The prosecution promises to be one of the most high-profile on the SFO's roster and is set for trial in 2027. This was followed by the opening of a new investigation in November into suspected bribery and corruption involving a French multinational defence firm.  Both cases highlight the broad extra-territorial effect of the UK's anti-bribery laws and enforcement risks for overseas headquartered companies.  

    In an interesting development, in November 2024, the SFO claimed that a seismology instruments company (which entered into a DPA with the SFO in 2019) had breached the terms of its DPA, illustrating the SFO's focus on monitoring compliance with corporate settlements.  The SFO has requested a hearing at Southwark Crown Court to hear the matter, yet to take place.

    The National Crime Agency (NCA) and Crown Prosecution Service also secured the successful corruption conviction of a former aide to Madagascar's president, with the case involving the deployment of an undercover officer who gave evidence at trial.

    In France, the PNF continued to be active, fining a nuclear power company over foreign bribery and conducting searches of the French football league's offices in connection with a corruption investigation. Swiss authorities also negotiated resolutions with two commodities traders in relation to foreign bribery schemes.

    In Australia, investigations by the recently established National Anti-Corruption Commission led to a number of prosecution referrals including charges against a Western Sydney Airport employee for soliciting bribes, and the jailing of a former Australian Taxation Office employee, and individuals who paid him cash bribes, for corrupt conduct.

    There were a series of important policy and legislative developments in the past 12 months:  

    • In Australia, a new failure to prevent foreign bribery offence for corporates came into force in September (read our briefing). The government also published guidance on the “adequate procedures” that companies can put in place to benefit from the defence to this new offence. The adequate procedures guidance covers six broad principles. Read our briefing for more detail.
    • In the UK, the new Labour government took a number of measures to strengthen the UK's response to corruption, increasing funding by £9.3 million to the SFO, appointing a new Anti-Corruption Champion to support the government's agenda to tackle corruption, and extending funding to the NCA's International Corruption Unit by up to £36 million over five years. The government also launched a new police unit within the City of London police to tackle domestic corruption and has pledged to bring forward a wide-ranging anti-corruption strategy in 2025, drawing on a range of expertise to develop a single UK response to tackling corruption.
    • The draft legislation for a proposed EU Anti-Corruption Directive continues to progress through the legislative process. This will establish a bloc-wide definition of corruption offences and introduce minimum penalties for violations and represents a step-change towards a more unified EU anti-corruption framework.

    Verdict: There were a number of notable enforcement outcomes in 2024 with authorities targeting bribery of foreign public officials in higher risk jurisdictions. Further changes to anti-bribery laws and additional resourcing in the EU, Australia, and the UK indicate that anti-corruption enforcement remains high up the global agenda.

    Anti-Money Laundering (AML) and Counter-Terrorism Finance (CTF)

    Enforcement authorities maintained their focus on participants in the crypto market. In April, the founder and former CEO of a major crypto exchange was convicted by a US Federal Court and sentenced to a four-month prison term for wilfully neglecting to establish effective AML protections at the exchange. In July, the SEC settled with a crypto firm for US$63 million. The firm faced charges of false and misleading disclosures regarding the strength of its AML compliance and the monitoring of crypto customers, including FTX.  These actions reflect the perceived increased vulnerability of crypto-related firms to money laundering and financial crime.  

    The gambling industry remained a target sector for enforcement in 2024. In June, the Federal Court of Australia approved a AU$67 million penalty sought by AUSTRAC against a casino for historical breaches of Australia's AML laws. And in October, another casino had its license suspended and was fined AU$15 million by a casino regulator for breaches of internal controls and other compliance failures. In December, AUSTRAC commenced civil penalty proceedings against an online betting operator for alleged systemic non-compliance with AML/CTF laws. 

    2024 saw further regulatory penalties against financial institutions for deficiencies in their AML systems and controls. In September, the Court of Justice of the EU upheld a decision by the ECB to strip an Austrian bank of its license owing to weaknesses in its AML controls. In October, a Canadian bank pleaded guilty to failing to monitor money laundering activities by drug traffickers and other criminals. The bank agreed to pay US$3.1 billion in penalties to various federal authorities, including the DOJ, making it the largest bank in US history to plead guilty to failures under the Bank Secrecy Act and the first to plead guilty to conspiracy to commit money laundering. In October, the FCA fined a challenger bank £29m for failings in their financial crime systems and controls related to financial sanctions screening and for breaching a requirement not to open accounts for high-risk customers, and in November, the FCA fined a UK bank £16.7 million for failing to address deficiencies in its automated transaction monitoring system between 2016 and 2020.  In July, the FCA also fined a payment service provider £3.5 million for repeatedly providing services to high-risk customers, in breach of a voluntary requirement agreed with the FCA. This marked the first enforcement action where the FCA exercised its powers under the Electronic Money Regulations 2011 and indicates the FCA's enforcement strategy extends beyond banks to all types of regulated businesses.

    A landmark judgment in July by the UK Court of Appeal regarding the NCA's decision not to investigate cotton goods imported from the Xinjiang Uyghur Autonomous Region of China could have potentially significant consequences for the investigation of money laundering offences in the context of global supply chains.  The effect of the decision means that the criminal nature of goods can pass downstream and companies can no longer rely on a payment at market value (at any point in the supply chain) as a defence to any transfer or re-sale of those goods. This significantly increases the risk profile of global supply chains. This underscores the importance of effective due diligence procedures to understand the activities of suppliers and the source of goods including their raw materials or parts.  Read our full briefing here.  

    There were also notable policy developments that will shape the future AML landscape:

    • In the EU, a new legislative framework was passed which includes a single, harmonised rulebook on CDD and other core AML requirements in the form of a new, directly applicable Regulation. Compliance will be mandatory from July 2027. A new European Anti-Money Laundering Authority will also be established in Frankfurt. The Authority will have extensive supervisory and investigative powers and be fully operational from 2028.
    • In the UK, new provisions in the Economic Crime and Corporate Transparency Act 2023 (ECCTA) came into force. These changes are aimed at improving transparency and providing Companies House with new tools to further deter money laundering.
    • In Australia, a bill extending Australia's AML laws to additional services that are recognised by FATF as posing an elevated AML risk, and clarifying and simplifying aspects of existing AML laws, was passed by Parliament (read our briefing).
    • In Asia, Singapore passed a law which, among other things, lowers the evidentiary threshold for money laundering prosecutions. The prosecution no longer needs to show a direct link between the criminal conduct and the monies laundered. Instead, it is sufficient to prove that the defendant knew or had reasonable grounds to believe that they were dealing with criminal proceeds.

    Verdict: We expect enforcement activity to continue throughout 2025, particularly against firms in higher-risk sectors. The change in administration in the US may result in enforcement authorities reconsidering their focus in recent years on crypto market participants. Additionally, we anticipate that lawmakers will continue to look to enhance transparency by improving the availability and quality of beneficial ownership information.

    Market misconduct

    Many of last year's trends continued throughout 2024 and we expect these to remain focus areas for compliance teams in 2025. 

    The Financial Conduct Authority (FCA) continued to use its full supervisory and enforcement toolkit to tackle market abuse and misconduct.  The FCA's Annual Report reported 120 interventions made across various sectors in addition to nine supervisory visits between 2023 and 2024. The FCA also achieved its first two convictions for insider trading since 2019, against an analyst in an investment bank who was given a 22-month prison sentence for insider dealing and fraud, and a manager of a plastics manufacturer, for using inside information to trade shares ahead of the acquisition of a rival. We expect the FCA's focus on high-risk sectors to continue in 2025, and a number of market abuse cases to come before the FCA’s decision-making body, along with a key market manipulation case in the Upper Tribunal, in the coming year. 

    In Hong Kong, three individuals were convicted of carrying out false trading in the shares of Ching Lee Holdings Limited which netted illicit profits of over $124 million.  This was a landmark case as it was the first time that an offence under the Securities and Futures Ordinance was tried in the Court of First Instance. The successful prosecution is an example of the efforts made by Hong Kong's Securities and Futures Commission (SFC) to combat market manipulation. The SFC has stated its intent to use its statutory powers to mount more complex and impactful cases which will mean a heightened enforcement risk for market participants in the region.  

    In the US, the Securities and Exchange Commission (SEC) pursued a series of enforcement actions in relation to widespread use of "off-channel communications". The SEC has imposed penalties of over $390 million against companies for failing to maintain and preserve electronic communications on personal devices.  

    In the UK, the FCA issued a survey to firms regarding their use of encrypted messages services, following concerns that commercially sensitive information is being shared on off-channel platforms.  It remains to be seen whether a US-style crackdown is on the horizon once responses to the survey have been submitted.

    The Australian Securities and Investment Commission (ASIC) are also urging businesses to monitor encrypted communications and develop effective supervisory arrangements. In June, ASIC published Information Sheet 283 setting out guidance for market intermediaries on how they could better manage the risk of off-channel communications. 

    Greenwashing continues to be a priority for global regulators. In Australia, ASIC achieved a series of victories in relation to misrepresentations about ‘green’ credentials. Following earlier findings of contraventions, in August  the Federal Court approved ASIC's first-ever civil penalty of AUD $11.3 million for greenwashing conduct – in this case, misleading investors about the ESG impact of its investment options (read our briefing). This was followed by another ruling in September in which ASIC obtained a record-breaking $12.9 million penalty from the Federal Court against an investment manager due to its greenwashing conduct (read our briefing). ASIC have reaffirmed their commitment to resuming surveillance activity and taking robust enforcement action in its 2024-2025 Corporate Plan. Given that ASIC have already made 47 interventions during the FY 2023-2024, we expect to see greenwashing class actions forming part of the next wave of climate-related litigation in Australia. See our briefing here for more details. 

    In the UK, the FCA’s new anti-greenwashing rules (read our briefing here) came into force in May 2024. The FCA has also published good practice examples for firms to meet the Sustainability Disclosure Requirements and investment labels regime. The regime, which commenced on 2 December 2024, aims to ensure that firms demonstrate specific sustainability criteria.

    Non-financial misconduct has become a key priority area, particularly in the regulated sector. In the UK, the FCA surveyed over 1,000 wholesale firms in February 2024 and published its findings on 25 October 2024. The FCA noted a rise in reported incidents of bullying, harassment and discrimination and asked firms to reflect on their processes, procedures and controls and to ensure that non-financial misconduct was a discussion point at board level. 

    The UK’s insurance body, Lloyds of London, also published a consultation setting out amendments to its Enforcement Byelaws, which includes expanding the definition of "misconduct" to include sexual harassment and bullying and increasing support for whistleblowers. Read our full briefing here.

    Verdict: we expect increasing focus on non-financial misconduct this year given the FCA's highly anticipated final rules are expected to be published in early 2025.  We also predict that greenwashing will be an area of interest for regulators globally as they probe compliance with new rules.  Off-channel communications and record keeping will continue to attract regulatory interest globally given the proliferation of personal device usage across financial services businesses. 

    Fraud

    Tackling fraud was a key priority for governments, regulators, and prosecuting authorities in 2024.   

    In November 2024, the UK Government published its long-awaited guidance on the new failure to prevent fraud offence introduced by Section 199 ECCTA, in advance of the offence going live on 1 September 2025. The offence enables large organisations to be criminally liable for fraud offences committed with the intention to benefit them, or their clients, by persons acting on their behalf. In-scope companies therefore have nine months to ensure their compliance procedures effectively identify and mitigate fraud risk, as the only defence available is for a company to prove that it had reasonable prevention procedures in place at the time the fraud was committed.

    In September 2024, there was a meeting of Five Eyes – an intelligence alliance between the UK, Australia, Canada, New Zealand and the US – to discuss and share information on how governments are detecting, recouping, and prosecuting public sector fraud committed during the COVID pandemic.  This demonstrates a continued commitment to cross-border cooperation which has defined the financial crime enforcement landscape over the past decade.  

    There has also been significant collaboration in the private sector. In Australia, leading banks joined a pilot for the world’s first inter-bank financial crime intelligence sharing network, BioCatch Trust

    Tax fraud continues to be a significant focus for regulators and prosecuting authorities. In Germany, a lawyer was charged with tax evasion related to a €428 million cum-ex fraud scheme. The charges allege that the lawyer was a central figure in a scheme to fraudulently claim capital gains tax refunds from German tax authorities between 2007 and 2015. Similarly, Denmark's tax authority successfully prosecuted two British traders for their role in a cum-ex trading scheme in 2024, securing six and 12-year sentences respectively. They have also brought civil claims in London against one of the traders. These cases highlight that historic cum-ex schemes remain a clear enforcement priority for domestic tax authorities. 

    Investment fraud has become increasingly prevalent and is another target area for regulators. In the UK, the FCA secured convictions against two individuals for defrauding investors out of approximately £1.5 million using false investment schemes and fake identities. In Australia, the Federal Court of Australia recently found Bill Papas liable for defrauding financiers in the $500 million Forum Group fraud case. In the US, the conviction of Bill Hwang for a $100 billion fraud on Wall Street exemplifies the scale at which these schemes can operate. 

    In the UK, the Payment Systems Regulator has introduced new rules to protect consumers from authorised push payment (APP) fraud. These rules, effective from October 2024, mandate that payment service providers reimburse victims of APP scams, within five business days for losses up to £85,000, with provisions for escalating cases to the Financial Ombudsman Service for higher amounts.  

    Verdict: We expect prosecuting authorities to continue to aggressively pursue fraudsters, particularly in relation to frauds against investors and consumers.  Regulators will continue to look for ways to collaborate with one another to achieve a shared purpose of global anti-fraud enforcement. This will lead to greater scrutiny of companies and individuals with suspected involvement in fraudulent conduct. Much of the focus in the UK will be on preparing for the implementation of the new failure to prevent fraud offence in September.  Further legislative developments to give regulators and prosecutors greater powers to pursue fraud in other jurisdictions should also be expected – the UK is the first jurisdiction out of the gates but will not be the last.

    Sanctions

    The US, UK, EU and their G7 allies have continued to ratchet up sanctions against Russia throughout 2024. Although the velocity and scale of new restrictions has abated, the sanctioning coalition have been laser-focused on closing down loopholes in the existing regime. One notable consequence is that the EU has eliminated an exemption which permitted EU companies to provide otherwise restricted professional business services to their Russian subsidiaries.  

    In the process, the UK and EU sanctions regimes have also become more extra-territorial. Over the past year, the UK and EU have continued to target individuals and entities located in third countries for their purported support for Russia's military actions in Ukraine. Critically, the EU has tacitly broken with its longstanding position on the non-extraterritoriality of its sanctions regime by requiring, for the first time, EU companies to undertake "best efforts" to ensure that their direct or indirect non-EU subsidiaries do not "undermine" the EU-Russia sanctions.  

    While the enforcement of Russia sanctions has been muted to date, the US, UK and EU are taking decisive action to lay the groundwork for future investigations and enforcement activities. The US doubled the statute of limitations to 10 years for civil and criminal violations of primary sanctions, while the EU enacted a new directive harmonising criminal offences for sanctions violations and deepening cooperation among EU member states. The UK, in turn, has created a new enforcement authority, the Office of Trade Sanctions Implementation, with new civil enforcement powers to penalise UK trade sanctions violations on a strict liability basis. Given investigations can take several years to complete, we expect a stream of Russia related enforcement actions to be announced next year.

    In parallel, the sanctioning coalition is intensely focused on disrupting sanctions evasion and circumvention. For the first time, the G7 export control authorities published joint guidance on preventing Russian export control and sanctions evasion. It calls on traders and all other parties in the supply chain to conduct appropriate due diligence to prevent the diversion to Russia of 'battlefield' items (i.e., items listed on the Common High Priority List).  

    In parallel, government authorities are putting pressure on financial institutions not to facilitate prohibited trade with Russia and those that do, face increasing risks. Notably, the Office of Foreign Assets Control's (OFAC) guidance clarified that foreign financial institutions will face US sanctions risks if they facilitate transactions involving any person deemed to be part of "Russia’s military-industrial base" as defined by OFAC, even if such person is not themselves a blocked person.  

    The guidance published by the US Bureau of Industry and Security continues the trend of enhanced export control compliance expectations for financial institutions. It is a reminder of the general prohibition on financing or otherwise servicing any item subject to the US Export Administration Regulations (EAR) with knowledge that a violation of EAR has occurred, is about to occur, or is intended to occur. Given the broad extra-territorial scope of the EAR, the guidance will be of relevance to US and non-US financial institutions.

    More generally, states continued to resort to general export controls to obtain and retain strategic technological advantage. As the US-China 'chip war' escalates, both countries are ramping up controls on exports to the other of goods that they consider are strategic in dominating the technologies of the future. Other countries are joining the fray. Earlier this year, the UK enacted new export controls on quantum, cryogenic, semiconductor technologies, additive manufacturing equipment and advanced materials. Similar actions have been taken in recent years by the US, Japan, France, and the Netherlands. The ongoing consultation in the EU on the future of its export control policy is likely to lead to reform of the EU export-control regime in a similar direction.

    In Australia, the government launched an inquiry into the efficacy of its sanctions regime, due to report in February 2025. While there has been an uptick in civil cases testing the operation and effect of that regime, there remain a number of uncertainties as to its operation (see our briefing note).

    As the year comes to an end, all attention turns to the return of President Trump to the White House in January 2025. The new administration is likely to continue to enact new sanctions and export controls against Iran, China and Venezuela. While the EU and UK will be reluctant to follow on China, we may see a continued increase in EU and UK sanctions on Iran due to its support of Russia and the perceived failure of the nuclear deal, which is due to expire in 2025, together with the opportunity for a "snap back" (namely the automatic reimposition of sanctions on Iran). Finally, while President Trump has suggested a quick end to the war in Ukraine, lifting of all US sanctions on Russia is unlikely in the short term. It is more likely that the US, UK and EU sanctions on Russia will be an important bargaining chip and a potential lever to bring Russia to the negotiating table.  

    Verdict: We will see headline-grabbing enforcement actions in 2025 and continued clamp-down of circumvention. However, as President Trump re-enters the White House, expect the unexpected. It is unlikely that Russia sanctions are going anywhere in the short term, but we should also not underestimate the risk of the new administration adopting an "escalate to de-escalate" approach. Export controls will continue to play a significant role in the geopolitical competition.

    ESG and Modern Slavery

    This year we saw an increase in climate-related litigation and a renewed focus on corporate responsibility. The International Tribunal for the Law of the Sea (ITLOS) issued an advisory opinion on states' obligations in relation to climate change under the United Nations Convention on the Law of the Sea. ITLOS found that states have a due diligence obligation to protect and preserve the marine environment from the effects of climate change. The advisory opinion adds to the growing body of international case law used by claimants to hold corporations to account for climate change and social responsibility. 

    The Court of Appeal of the Hague overturned the Shell Emissions Ruling but concluded that international companies like Shell have an obligation to limit CO2 emissions to counter climate change. This responsibility is reinforced by EU climate legislation, including the Corporate Sustainability Due Diligence Directive (CSDDD). The CSDDD was approved in May 2024 and introduced legal liabilities for companies regarding environmental and human rights violations in their supply chains (read our briefing). This directive affects companies with a net turnover of €450 million, emphasising the EU's commitment to sustainable corporate practices. 

    The UK saw a significant rise in reported modern slavery cases. The number of potential modern slavery victims reported to the Home Office in 2024 reportedly reached the highest levels since records began in 2009, although this could be due to increased awareness. 

    This increase of reported instances is accompanied by greater action being taken by governments. In the UK, the government is addressing modern slavery through employment law reforms and the recruitment of additional modern slavery officers. The House of Lords Modern Slavery Act 2015 Committee also published a report evaluating the effectiveness of the Modern Slavery Act 2015 (MSA 2015). The report recommends several improvements to address the impact and effectiveness of the MSA 2015, including mandatory supply chain due diligence, corporate accountability sanctions for non-compliance, and the establishment of a Single Enforcement Body to act as a single point of contact for labour exploitation. 

    The government responded to the report in December, acknowledging the achievements of the MSA 2015 as well as its shortcomings - such as the need for ongoing assessments and adaptations to address emerging challenges and the lack of sanctions for organisations that do not comply with supply chain requirements. The government plans to introduce measures that ensure businesses are held accountable for their actions, such as penalties for non-compliance with reporting requirements, working with international partners to jointly tackle modern slavery as a global issue and developing "a public-facing data dashboard"to provide more data to the public in a cohesive way. While there is a limited response to Section 54 of the MSA 2015 (being the requirement for commercial organisations to prepare a slavery and human trafficking statement) the government recognises that the power to enforce penalties for non-compliance with the supply chain requirements has not been utilised so far. The government is reviewing how it can strengthen penalties for non-compliance and create a proportionate enforcement regime. 

    These trends reflect a significant increase in awareness, identification and reporting of modern slavery cases, with a more proactive response from government, and ongoing legislative reviews aimed at strengthening the framework to combat modern slavery.

    Verdict: international efforts to combat modern slavery in supply chains will continue in 2025.  We can expect increased scrutiny of due diligence processes and the steps businesses are taking to ensure that human rights and environmental obligations are upheld with a focus on cross-border movement of goods.  We predict that NGOs will continue to drive detection risk and climate-related litigation.  

    Credits

    Authors: Rani John, Ruby Hamid, Judith Seddon, Tom Cummins, Alexander Dmitrenko, Neil Donovan, Andris Ivanovs, Charlotte Ball, Anthony Asindi, Tom Stroud, Laura Bell, Jonas Weissenmayer, Eleanor Robinson, Anya Brown, Olivia Reed

    The information provided is not intended to be a comprehensive review of all developments in the law and practice, or to cover all aspects of those referred to.
    Readers should take legal advice before applying it to specific issues or transactions.