As 2024 comes to a close, it’s a good time to reflect on the compliance landscape, including laws and trends that’ve shaped corporate ethics throughout the year. From increasing scrutiny on sanctions and export controls to heightened corporate liability in the UK, the last three months have been packed with developments that compliance professionals can’t afford to overlook.

Whether you’re a tech startup navigating complex export laws, a consulting firm working with government contracts, or a global company managing third-party risks, staying informed is critical. In this round-up, we’ll break down key compliance priorities, recent enforcement actions, and actionable tips to help you stay ahead of the curve in 2025.

Let’s dive into the highlights.

Sanctions and export controls are a compliance priority

In April 2022, Lisa Monaco, the Biden Administration Deputy Attorney General, described sanctions and export controls as the “new FCPA,” highlighting the complex area of national security law for enforcement. A year later, Seagate Technology, a California company, paid a $300 million fine for shipping hard drives to sanctioned Chinese telecom Huawei in violation of export laws. Not long ago, RTX (formerly Raytheon), paid more than $950 million to settle export control, bribery and other charges.  

This isn’t just for large companies. “Bleeding-edge” startups are at particular risk as they typically don’t have a functioning export control/sanctions function. As a result they are frequently targeted and exploited by  foreign entities trying to acquire restricted technology who know about their lack of guardrails, according to Matt Axelrod, the outgoing Asst. Secretary of Commerce for Export Enforcement.

Is this likely to change? Not if history is an any indication — remember that President Elect Trump personally announced the bans on Huawei and ZTE technologies!

Ethena Tip: No matter how small you are, if you have “bleeding edge” tech, you need to protect it by screening against sanctions lists and knowing the rules as to where and to whom you can ship. Even if you don’t have “edgy” tech, you still don’t want to find out that your supply chain starts in North Korea — true story.

What is the incoming Trump admin likely to prioritize regarding compliance?

We’ve already established that export controls, sanctions, and money laundering will almost certainly be a priority. During Trump I, export controls became a major foreign policy tool. The total bans imposed on Huawei and ZTE were White House-driven and overall technology controls were tightened. The Biden administration continued this focus with an uptick in enforcement cases; it’s likely to continue and expand under Trump II.

Domestic mergers and acquisitions will also be encouraged. Biden’s regulators, such as FTC Chair Lina Khan and DOJ Antitrust Division head Jonathan Kanter, have pursued a robust antitrust agenda, challenging mergers that reduce competition in any market segment, including labor. Assuming both Khan and Kanter are replaced with more business-oriented commissioners are added, the climate for M&A is likely to lead to the rollback of some agency initiatives. A second Trump administration would likely adopt a more permissive stance on M&A, reducing antitrust scrutiny for most deals.

Bribery laws can bite consulting companies, too

It’s not just industrial or construction companies like Siemens, Glencore, and Odebrecht that can run afoul of U.S. and other countries’ anti-bribery laws. 

This month, elite consulting company McKinsey & Company settled bribery charges with the U.S. Department of Justice, agreeing to pay $120 million in fines. The penalties arose as a result of payments made  by McKinsey’s South African subsidiary to obtain work from state-owned companies Eskom and Transnet, which resulted in millions of dollars in consulting contracts. Under the Foreign Corrupt Practices Act, employees of state-owned enterprises count as government officials. One McKinsey’s former senior partners plead guilty in connection with the payments.

Ethena Tip: Anti-bribery compliance remains a significant risk for companies working with state-owned enterprises (which can include hospital staff!) or government contracts.

UK guidance increases corporate accountability

In November, the UK Home Office put out statutory guidance on the new corporate offense of “failure to prevent fraud” that will come into force in September 2025. The new offense significantly increases the likelihood of domestic and foreign companies being successfully prosecuted in the UK. This is especially true in light of previous changes in the way in which liability for economic criminal conduct is attributed to corporate entities. The net effect is to significantly increase the likelihood of domestic and foreign organizations being successfully prosecuted in the UK. 

The new offense holds large organizations criminally liable for fraud committed by “associated persons” who provide services for or on behalf of the organization with the intention of benefiting the organization. Thus, potential liability for the acts of third parties just notched up several degrees. An effective defense will depend on whether the company had “reasonable procedures in place” to prevent fraud.

Ethena Tip:  Conduct due diligence on the third parties you hire, train them on key compliance topics, and carefully review their invoices, expenses, and dealings on your behalf.

About Ethena

Ethena helps its clients with flexible, employee-friendly resources that can measure impact. Our training courses come with short, sample questions soliciting employee feedback and testing knowledge that can be broken down by country, operations and other categories. Plus, our test-out, role-based training, adaptive learnings and certifications can help with training fatigue.

What are you waiting for? Snag a free sample of our training below!


Sample Training: Code of Conduct