Staying on top of compliance changes isn’t just about avoiding fines; it’s about protecting your organization’s reputation, ensuring ethical business practices, and keeping up with a rapidly evolving regulatory landscape. This quarter has brought major developments in anti-corruption enforcement, AI regulations, and sanctions compliance that could have significant implications for businesses worldwide.

From the Trump administration’s shift in FCPA enforcement priorities to the EU’s groundbreaking AI Act and increasing global scrutiny on sanctions violations, these updates highlight the need for companies to stay informed and proactive. Here’s what’s changing, what it means for your organization, and how you can stay compliant in a shifting regulatory environment.

1. Anti-corruption enforcement: what's changed?

The Trump administration has made waves in anti-bribery enforcement, prompting extensive discussion. Rather than speculate, let’s break down what’s actually happening.

In February, Attorney General Bondi issued a memorandum shifting FCPA enforcement priorities toward cases involving drug cartels and transnational criminal gangs. Shortly after, President Trump signed an executive order pausing FCPA enforcement for 180 days while the Attorney General conducts a review. Another executive order followed, requiring independent regulatory agencies to align their policies with the White House.

These changes are already having a real-world impact. Calavo Growers, a California-based produce company, voluntarily disclosed potential FCPA violations in January. By mid-February, the SEC informed them that their case was postponed. Several DOJ anti-bribery cases have also been placed on hold as the review process unfolds.

While U.S. enforcement is slowing down, other countries are stepping up. In March, the UK Serious Fraud Office, Switzerland’s Attorney General’s Office, and France’s National Financial Prosecutor’s Office launched the International Anti-Corruption Prosecutorial Taskforce to strengthen global anti-corruption efforts. Additionally, the UK’s new “failure to prevent fraud” offense, set to take effect in September 2025, increases the likelihood of domestic and foreign companies facing prosecution.

Ethena tip: Despite these shifts, key compliance principles remain unchanged. The FCPA is still in place with a five-year statute of limitations, and most corporate codes of conduct continue to prohibit bribery in all its forms. Now is a great time to remind employees that bribery is never tolerated, regardless of external policy changes.

2. Navigating the EU's regulatory framework for AI

The European Union’s Artificial Intelligence Act is officially in effect, with the first set of requirements enforced as of February 2, 2025. The next phase will roll out in August. But what does this mean for businesses?

The Act applies to both companies that develop AI systems and those that use them. One of the immediate requirements is ensuring that employees working with AI have adequate training to identify risks and use AI responsibly. Additionally, the Act prohibits certain AI practices, including subliminal techniques that manipulate behavior, exploiting vulnerabilities, social scoring, emotional manipulation, and unauthorized image scraping.

The penalties for non-compliance are steep. Companies found in violation can face fines of up to EUR 35 million or 7% of their total worldwide annual revenue.

Ethena tip: To mitigate risks, businesses should start by reviewing their AI systems to ensure they don’t engage in prohibited practices. Conducting a risk analysis to understand where AI is being used and implementing AI-specific training for employees is also key. A clear, user-friendly AI policy can help ensure ongoing compliance with the Act as new requirements come into play.

3. The rising importance of sanctions compliance

Sanctions laws continue to pose significant risks to businesses, as recent enforcement cases demonstrate.

One of the most notable recent cases involves Herbert Smith Freehills (HSF), a leading UK law firm. The firm was fined nearly £500,000 for making payments to three Russian banks under sanctions while closing its Moscow office. However, because HSF voluntarily disclosed the breaches, their penalty was reduced by 50%.

Sanctions violations aren’t limited to corporations. In early March, Yale University placed an associate research scholar on administrative leave after reports linked her to an entity designated as a “specially designated global terrorist organization” by U.S. and Canadian authorities.

Ethena tip: Given the heightened scrutiny, organizations should take proactive steps to ensure compliance. Regularly screening transactions and hiring practices for links to sanctioned entities, staying updated on evolving sanctions lists, and training employees on compliance requirements related to money laundering, as well as sanctions & export controls, are all essential.

4. Tougher export control enforcement

At the annual Bureau of Industry update conference on March 24, the newly appointed Commerce Secretary announced stricter penalties for violations of export control laws. The Administration also emphasized that export controls would become a standard part of trade negotiations moving forward.

Officials from the Commerce Department highlighted Hong Kong as a major risk point for evading export controls, particularly those targeting China. Businesses must carefully scrutinize their customers, shipping routes, and the justification for shipments to high-risk destinations like Hong Kong to prevent unauthorized diversions.

Ethena Tip: Every company should evaluate its exposure to these regulations and implement strong screening measures for transactions and hiring practices. Ensuring compliance with U.S. sanctions, anti-money laundering laws, and export controls is essential to mitigating legal and financial risks.

The bottom line

The compliance landscape is shifting, but companies that stay proactive will remain ahead of the curve. Whether it’s adjusting to new FCPA enforcement priorities, aligning with AI regulations, or strengthening sanctions compliance, now is the time to review policies, reinforce training, and ensure your organization is prepared.