Categories
TechLaw10

TechLaw10: AI: US AI Action Plan vs EU AI Act

In this film, Punter Southall Law’s Jonathan Armstrong discusses different approaches to AI legislation with Eric Sinrod, California professor and attorney at Duane Morris LLP. This is episode 294 in the popular TechLaw10 series. You can listen to earlier podcasts here.

Jonathan & Eric start by talking about America’s AI Action Plan and the hands-off approach to AI regulation promoted by the Trump administration. Jonathan contrasts that approach with the approach in the EU under the EU AI Act. Jonathan talks about the elements of the EU AI Act that are already in force:

1. bans on prohibited AI

2. mandatory AI literacy programs

3. provisions relating to GPAI. There are FAQs on the EU AI Act here.

There is also a glossary of AI terms here.

Jonathan also talks about the GPAI Code, which is discussed here.

Eric & Jonathan also talk about:

  • The UK’s approach to AI regulation
  • The effect of AI regulation on the economy
  • The differences between Federal and State law in the US
  • The FTC’s role in policing AI & whether that will change
  • AI-related dawn raids
  • AI-related GDPR fines
  • suspensions of AI apps in Europe
  • The European AI Office

Our previous podcast on AI literacy is here    • TechLaw10: AI Literacy – What is it & How …  .

The AI Action Plan, which Eric discusses, is here.

Jonathan talks briefly about his work on the NYSBA AI Task Force. There are details of that here.

You can learn more about Eric at Duane Morris LLP, and Jonathan here at Punter Southall Law

This podcast was recorded on 5 August 2025

Connect with the Compliance Podcast Network at:

LinkedIn

Facebook

YouTube

X (formerly Twitter)

Instagram

Website

Categories
Blog

Sherlock Holmes and Compliance: Investigative Insights from “The Valley of Fear”

Here’s a detailed, insightful article in the style of Tom Fox for a corporate compliance audience, highlighting investigative lessons from the Sherlock Holmes novel, “The Valley of Fear.”

For compliance professionals, investigations are the bedrock of effective compliance programs. Whether it’s tracking down evidence of bribery, uncovering fraud schemes, or rooting out systemic misconduct, the investigative methods you deploy can significantly impact your organization’s integrity, reputation, and bottom line.

“The Valley of Fear” offers a wealth of investigative wisdom. Its narrative of deception, undercover operations, secret societies, and surprising plot twists provides vivid lessons highly relevant to today’s corporate compliance landscape. Let’s unpack five key investigative lessons, each illustrated with memorable scenes from this timeless detective classic.

Lesson 1: Do Not Take Facts at Face Value

Illustrated By: Detailed Analysis of the Crime Scene. Upon arrival at Birlstone Manor, Holmes carefully examines the room where Douglas’s body was discovered, noting inconsistencies like the placement of furniture, window access, and unusual blood patterns.

The central narrative of “The Valley of Fear” revolves around the apparent murder of John Douglas at his Manor House in Birlstone. Initially, the crime scene appears straightforward: Douglas has seemingly been shot at close range, and the crime scene implicates an intruder. Yet Holmes immediately suspects deeper layers beneath the obvious evidence. His meticulous examination of the scene, blood patterns, room layout, and oddities like misplaced items reveals inconsistencies that others missed.

For compliance professionals, the lesson is clear: avoid jumping to conclusions based solely on initial evidence. It is tempting and human to embrace straightforward narratives quickly. But like Holmes, investigators must resist that impulse, digging deeper, questioning assumptions, and rigorously testing evidence for hidden contradictions or overlooked facts. By refusing to accept surface-level interpretations, compliance teams protect organizations from premature and potentially misguided conclusions.

Compliance Takeaway: Always scrutinize initial evidence meticulously and objectively. Never accept evidence without question or assume that initial appearances represent complete facts.

Lesson 2: Investigative Cooperation is Essential

Illustrated By: Collaboration between Holmes and MacDonald. Holmes and Inspector MacDonald openly discuss theories, evidence, and ideas, working cooperatively rather than competitively. Holmes shares insights freely, establishing mutual trust and respect that propel the investigation forward. 

Throughout the novel, Holmes collaborates closely with Scotland Yard’s Inspector MacDonald, who initially struggles to make sense of the complex scenario. Rather than competing, Holmes works cooperatively with MacDonald, openly sharing insights, theories, and information. Their mutual respect, dialogue, and professional cooperation ultimately contribute to solving the intricate puzzle.

Corporate compliance investigations similarly require effective internal and external cooperation. Compliance departments must partner seamlessly with Legal, HR, Audit, and IT functions, as well as outside counsel or forensic experts when necessary. Effective cooperation and collaboration across departments ensure thoroughness and objectivity, minimize blind spots, and enhance investigative outcomes. Holmes demonstrates that strong investigative results rely on teamwork rather than isolation or internal competition.

Compliance Takeaway: Foster collaborative relationships across organizational functions, aligning investigative efforts with Legal, HR, IT, and other stakeholders to produce effective outcomes.

Lesson 3: Patience and Persistence Yield Results

Illustrated By: Patient Uncovering of Douglas’s Background. Holmes painstakingly reconstructs Douglas’s past life in America, gradually identifying him as a Pinkerton detective who infiltrated the Scowrers. This meticulous work takes time, patience, and sustained investigative discipline.

Holmes painstakingly pieces together the clues surrounding John Douglas, ultimately revealing Douglas’s true identity as Birdy Edwards, a former Pinkerton detective who infiltrated a dangerous criminal organization, the Scowrers, in the United States. This revelation is not instantaneous; Holmes’ success comes from persistence, incremental discovery, and careful analysis of evidence collected over time.

In corporate compliance investigations, patience and persistence are equally critical. Compliance officers must frequently manage complex, multi-faceted investigations spanning weeks, months, or even years. Instant resolutions are rare; critical information often emerges slowly and incrementally. Holmes’s deliberate and patient approach to unraveling Douglas’s identity highlights the importance of tenacity, emphasizing that thoroughness and sustained attention invariably produce the clearest investigative outcomes.

Compliance Takeaway: Recognize and embrace that thorough investigative efforts are often incremental, requiring sustained attention and patience to understand complex compliance issues fully.

Lesson 4: Maintain a Big-Picture Perspective

Illustrated By: Contextual Awareness of Moriarty’s Influence. Holmes keeps Moriarty’s potential involvement clearly in mind throughout, maintaining awareness that individual incidents might connect to larger criminal patterns.

In the novel, Holmes repeatedly emphasizes that the apparent Birlstone murder is merely one small part of a larger, sinister picture orchestrated by the infamous Professor Moriarty. Though Moriarty never physically appears, his influence permeates the narrative, connecting seemingly unrelated events and adding deeper context to the investigation. Holmes maintains a sharp awareness of this broader context throughout, ensuring he does not lose sight of underlying motivations and interconnected plots.

This lesson resonates powerfully for compliance professionals. Frequently, investigations initially perceived as isolated incidents reveal systemic compliance or ethical weaknesses within an organization. Investigators must always remain cognizant of the broader organizational, cultural, or regulatory contexts influencing misconduct. By keeping this “big picture” perspective, compliance teams ensure investigations are holistic, not narrowly focused, enabling effective systemic remediation rather than piecemeal solutions.

Compliance Takeaway: Maintain holistic awareness in compliance investigations, ensuring isolated incidents are analyzed within broader organizational, regulatory, or ethical contexts to uncover deeper systemic issues.

Lesson 5: Effective Communication is Crucial 

Illustrated By: Contextual Awareness of Moriarty’s Influence. Holmes keeps Moriarty’s potential involvement clearly in mind throughout, maintaining awareness that individual incidents might connect to larger criminal patterns.

At key points throughout the novel, Holmes carefully explains his deductions, processes, and conclusions to Inspector MacDonald, Dr. Watson, and other key players. His ability to clearly articulate reasoning and insights, especially when conclusions appear counterintuitive or complex, is essential to maintaining credibility, building consensus, and driving effective outcomes.

Corporate compliance investigators must also master clear, effective communication. It’s insufficient merely to uncover misconduct; the true skill lies in effectively communicating findings to stakeholders, management, regulators, and even potentially implicated employees. Holmes shows us that investigative brilliance must be matched by communicative clarity. In corporate settings, investigative reports must clearly explain methodology, facts, assumptions, and conclusions, ensuring decisions based on investigations are informed, justified, and actionable.

Compliance Takeaway: Maintain holistic awareness in compliance investigations, ensuring isolated incidents are analyzed within broader organizational, regulatory, or ethical contexts to uncover deeper systemic issues.

Sherlock Holmes as Compliance Inspiration

Sherlock Holmes remains an enduring inspiration to corporate compliance professionals precisely because effective investigations are foundational to compliance success. Holmes’s methods, including detailed scrutiny of evidence, a collaborative approach, patient and persistent inquiry, a holistic perspective, and clear communication, are not merely fictional flourishes; they represent essential best practices.

“The Valley of Fear” offers compliance officers vivid, relatable insights, underscoring that successful investigations require disciplined methodology, sustained inquiry, careful analysis, cross-functional cooperation, and effective stakeholder communication. As Sherlock Holmes memorably states, “It is, of course, a trifle, but there is nothing so important as trifles.” For compliance professionals today, Holmes’s wisdom is more relevant than ever, reminding us that attention to detail, disciplined process, and communicative clarity are never trivial.

By embracing Holmes’s investigative rigor and lessons from this classic novel, compliance professionals equip themselves and their organizations to meet today’s complex challenges effectively. After all, just like Holmes himself, the compliance investigator’s role is fundamentally about uncovering truth; patiently, methodically, and tirelessly ensuring organizational integrity and ethical clarity amidst a complex corporate landscape.

Categories
Innovation in Compliance

Operationalizing Trust at Scale: A Conversation with Amanda Carty on Compliance and AI

Innovation comes in many areas, and compliance professionals must be ready for and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. Today, we begin a 3-part podcast series sponsored by Diligent with Jessica Czeczuga, Amanda Carty, and Neta Meidav. In Part 2, Tom is joined by Amanda Carty, GM Compliance Solutions at Diligent.

Carty shares insights from her decade-long experience in the GRC field and offers detailed perspectives on how leaders can model ethical behavior within their organizations. The conversation dives into how Diligent helps companies assess and document leadership effectiveness and the role of AI in enhancing compliance initiatives. Carty emphasizes the necessity of leaders acting as ambassadors of culture and the impact of measurable outcomes in compliance programs. The episode also explores the integration of AI and chatbots to provide real-time compliance support to employees, ensuring efficiency and ease of access to crucial information.

Key highlights:

  • Importance of Tone at the Top
  • Leadership and Ethical Culture
  • AI in Compliance
  • Employee Engagement and Technology
  • Actionable Takeaways for Compliance Professionals 

Resources:

Amanda Carty on LinkedIn

⁠Diligent⁠

Tom Fox

⁠Instagram⁠

⁠Facebook⁠

⁠YouTube⁠

⁠Twitter⁠

⁠LinkedIn

Categories
Trekking Through Compliance

Trekking Through Compliance: Episode 67 – The Dangers of Assumption: How Star Trek’s “Elaan of Troyius” Proves Due Diligence Is Essential

Today, let’s set our phasers to “analyze” and travel back to one of Star Trek: The Original Series’ most underrated diplomatic dramas: “Elaan of Troyius.” This episode is not just a space opera of culture clashes, hidden agendas, and diplomatic peril; it is a near-perfect parable for compliance professionals wrestling with the eternal question: Why is due diligence mandatory when considering a new business partner?

Let’s get into the heart of the episode and draw out five compliance lessons that every organization should heed before it signs that next contract.

1. First Impressions Are Deceptive: Always Probe Deeper

Illustrated By: Elaan’s arrival is marked by dramatic displays of power, arrogance, and cultural superiority.

Compliance Lesson. How many times have we seen organizations swept off their feet by a potential partner’s surface credentials, market reputation, or charismatic leadership? Due diligence is your organization’s safeguard against falling for the “Elaan effect”: the temptation to trust a partner’s public image without digging into their true character, operational practices, or hidden risks.

2. Cultural Blind Spots: Understand the Landscape Before You Leap

Illustrated By: Misunderstandings abound, from differing customs around authority and gender to fundamental misalignments in values.

Compliance Lesson. Entering into any partnership without understanding your partner’s culture, whether corporate, regional, or national, is asking for trouble.

3. Hidden Agendas and Sabotage: Trust, But Verify

Illustrated By: The mission is sabotaged by Elaan’s retinue, her bodyguard conspires with the Klingons, hiding a device that compromises the Enterprise’s defenses.

Compliance Lesson. When evaluating new partners, you must assume that unseen risks may be lurking just below the surface.

4. Emotional Reactions Cloud Judgment: Stay Objective

Illustrated By: Kirk finds himself emotionally entangled with Elaan after being exposed to her tears, which act as a potent love potion.

Compliance Lesson. In real-world business, emotional bias can cause teams to overlook red flags, downplay risks, or shortcut due diligence.

5. The Price of Ignorance: Remediation Is Harder Than Prevention

Illustrated By: Only after chaos erupts do Kirk and the crew scramble to uncover the source of their problems, a hidden device sabotaging the Enterprise’s engines.

Compliance Lesson. If you do not invest in rigorous due diligence up front, you will inevitably spend much more time, money, and resources cleaning up the mess after something goes wrong.

Final ComplianceLog Reflections

Elaan of Troyius” is a warning to any organization tempted to “wing it” when evaluating a new business partner. Diplomacy, optimism, and trust are essential, but they are not substitutes for due diligence. Hidden risks, cultural misunderstandings, and emotional biases can turn opportunity into disaster in a heartbeat. Kirk and the crew of the Enterprise ultimately succeed not because of luck, but because they confront hard truths, adapt, and persevere. In the world of corporate compliance, the same rules apply.

Resources:

⁠⁠Excruciatingly Detailed Plot Summary by Eric W. Weisstein⁠⁠

⁠⁠MissionLogPodcast.com⁠⁠

⁠⁠Memory Alpha

Categories
Daily Compliance News

Daily Compliance News: August 7, 2025, The SEC Can Gag Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the Daily Compliance News. All, from the Compliance Podcast Network. Each day, we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Top stories include:

  • Trump is making corruption more dangerous. (Foreign Affairs)
  • Uber picked business over customer safety. (NYT)
  • The 9th Circuit upholds the SEC gag rule. (Reuters)
  • To Regulate or Not to Regulate. (Bloomberg)

You can donate to flood relief for victims of the Kerr County flooding by going to the Hill Country Flood Relief here.

Categories
Hill Country Authors

Hill Country Authors – Exploring the Challenges of a Green Transition with Tom Ortiz

Welcome to a new season of the award-winning Hill Country Authors Podcast, sponsored by Stoney Creek Publishing. In this podcast, Hill Country resident Tom Fox visits with authors who live in and write in and about the Texas Hill Country. In this episode, Tom visits with Tom Ortiz, who discusses his diverse professional background, ranging from thermodynamic experiments to oil and gas industry work, and his critical views on the green energy transition.

Ortiz elaborates on his new book, ‘Why We Struggle to Go Green,’ aiming to bridge the gap between casual readers and academic audiences with accessible yet detailed insights into energy systems like hydrogen and carbon capture. He addresses the harsh realities of shifting to renewable sources, emphasizing the need for reduced energy consumption and greater resilience to climate change. Ortiz also reflects on the evolving role of academia and its challenges in fostering unbiased technological advancement. The discussion concludes with Ortiz’s future aspirations and a brief about his collaboration with Stony Creek Publishing.

Key highlights:

  • The Genesis of the Book
  • Harsh Realities of the Green Transition
  • Managing the Costs of Clean Energy
  • The Role of Academia
  • Sustainable Solutions for Population Growth

Resources:

Tom Ortiz on LinkedIn

Tom Ortiz Substack

Tom Ortiz on Stoney Creek Publishing

Why We Struggle to Go Green on Texas A&M University Press

Stoney Creek Publishing Website

Podcast Cover Art

Nancy Huffman Fine Art

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Compliance Tip of the Day

Compliance Tip of the Day – Why Engage in Pre-acquisition Due Diligence

Welcome to “Compliance Tip of the Day,” the podcast where we bring you daily insights and practical advice on navigating the ever-evolving landscape of compliance and regulatory requirements. Whether you’re a seasoned compliance professional or just starting your journey, we aim to provide you with bite-sized, actionable tips to help you stay on top of your compliance game. Join us as we explore the latest industry trends, share best practices, and demystify complex compliance issues to keep your organization on the right side of the law. Tune in daily for your dose of compliance wisdom, and let’s make compliance a little less daunting, one tip at a time.

Today, we consider the multiple legal and business reasons to engage in pre-acquisition due diligence in M&A transactions.

For more on this topic, check out The Compliance Handbook, a Guide to Operationalizing Your Compliance Program, 6th edition, which LexisNexis recently released. It is available here.

Categories
AI Today in 5

AI Today in 5: August 7, 2025, The US v. China Episode

Welcome to AI Today in 5, the newest addition to the Compliance Podcast Network. Each day, Tom Fox will bring you 5 stories about AI to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the AI Today In 5. All, from the Compliance Podcast Network. Each day, we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest about AI.

For more information on the use of AI in compliance programs, Tom Fox’s new book is Upping Your Game. You can purchase a copy of the book on Amazon.com

Categories
Blog

The Price of Ignorance: Five Due Diligence Lessons from Star Trek’s “Elaan of Troyius”

Today, let’s set our phasers to “analyze” and travel back to one of Star Trek: The Original Series’ most underrated diplomatic dramas: “Elaan of Troyius.” This episode is not just a space opera of culture clashes, hidden agendas, and diplomatic peril; it is a near-perfect parable for compliance professionals wrestling with the eternal question: Why is due diligence mandatory when considering a new business partner?

For those who have not revisited this classic, the USS Enterprise is assigned a high-stakes diplomatic mission: transport Elaan, the tempestuous Dohlman of Elas, to the planet Troyius, where her arranged marriage will seal a peace treaty between two warring worlds. As tensions flare between Elaan’s culture and that of the Federation, Captain Kirk, Spock, and the crew quickly realize that more than just a wedding is at stake; hidden motivations, subterfuge, and cross-cultural misunderstandings threaten to unravel the entire peace process. What seems a straightforward escort mission rapidly reveals layers of complexity and risk.

Let’s get into the heart of the episode and draw out five compliance lessons that every organization should heed before it signs that next contract.

1. First Impressions Are Deceptive: Always Probe Deeper

Illustrated By: Elaan’s arrival is marked by dramatic displays of power, arrogance, and cultural superiority. The Federation diplomats are immediately intimidated and distracted by her forceful presence and sharp temperament.

Compliance Lesson. How many times have we seen organizations swept off their feet by a potential partner’s surface credentials, market reputation, or charismatic leadership? In “Elaan of Troyius,” Kirk and his crew quickly learn that initial impressions, whether good or bad, can conceal much deeper realities. Due diligence is your organization’s safeguard against falling for the “Elaan effect”: the temptation to trust a partner’s public image without digging into their true character, operational practices, or hidden risks.

What should you do now? Do not accept a new partner at face value. Investigate their ownership structure, past conduct, litigation history, financial health, and compliance record. Unmasking the reality behind the reputation is the first step.

2. Cultural Blind Spots: Understand the Landscape Before You Leap

Illustrated By: The cultural gap between Elaan and the Federation nearly derails the mission. Misunderstandings abound, from differing customs around authority and gender to fundamental misalignments in values. The crew is blindsided by these gaps, leading to avoidable conflict.

Compliance Lesson. Entering into any partnership without understanding your partner’s culture, whether corporate, regional, or national, is asking for trouble. Seemingly minor cultural mismatches can lead to miscommunication, legal violations, or ethical lapses. In cross-border or third-party relationships, this risk is magnified: local customs may hide corrupt practices, labor abuses, or anti-competitive behaviors.

What should you do now? Include cultural and ethical risk assessments as part of your due diligence. Engage local experts, conduct interviews, and be ready to adapt your approach to fit the landscape without compromising your core values.

3. Hidden Agendas and Sabotage: Trust, But Verify

Illustrated By: The mission is sabotaged by Elaan’s retinue, her bodyguard conspires with the Klingons, hiding a device that compromises the Enterprise’s defenses. Kirk is nearly assassinated, and the entire mission teeters on the brink of disaster because no one anticipated internal betrayal.

Compliance Lesson. When evaluating new partners, you must assume that unseen risks may be lurking just below the surface. These could take the form of undisclosed beneficial ownership, connections to sanctioned parties, or corrupt insiders. Even a trusted contact within a partner organization can turn out to be a risk factor if not properly vetted. In “Elaan of Troyius,” failure to probe the intentions and backgrounds of all involved parties nearly results in catastrophe.

What should you do now? Conduct background checks not just on the company, but also on key personnel, agents, and ultimate beneficial owners. Use open-source intelligence, watchlists, and external investigators as needed. “Trust, but verify” is not simply good (Ronald Reagan) advice; it is mandatory.

4. Emotional Reactions Cloud Judgment: Stay Objective

Illustrated By: Kirk finds himself emotionally entangled with Elaan after being exposed to her tears, which act as a potent love potion. His objectivity and command judgment are compromised at a critical moment, nearly dooming the ship.

Compliance Lesson. Emotional responses, from excitement about a lucrative new market to personal connections with a partner’s leadership, can cloud even the best compliance professional’s judgment. In “Elaan of Troyius,” emotional manipulation nearly brings down the Federation’s flagship. In real-world business, emotional bias can cause teams to overlook red flags, downplay risks, or shortcut due diligence.

What should you do now? Build structured, objective processes for due diligence that minimize the risk of bias. Use checklists, outside counsel, and independent reviews to ensure no one is “drunk on the deal.” Compliance must be immune to infatuation.

5. The Price of Ignorance: Remediation Is Harder Than Prevention

Illustrated By: Only after chaos erupts do Kirk and the crew scramble to uncover the source of their problems, a hidden device sabotaging the Enterprise’s engines. They’re forced into a desperate race against time to fix what could have been prevented.

Compliance Lesson. If you do not invest in rigorous due diligence up front, you will inevitably spend much more time, money, and resources cleaning up the mess after something goes wrong. Investigations, regulatory fines, lost business opportunities, and reputational damage are all far more expensive than preventative action. Just as Kirk would rather have found the sabotage before launch, compliance professionals must treat prevention as their first line of defense.

What should you do now? View due diligence as an investment, not a cost. The price of ignorance, missed risks, surprise violations, or regulatory enforcement will always exceed the price of preparedness.

Final ComplianceLog Reflections

Elaan of Troyius” is a warning to any organization tempted to “wing it” when evaluating a new business partner. Diplomacy, optimism, and trust are essential, but they are not substitutes for due diligence. Hidden risks, cultural misunderstandings, and emotional biases can turn opportunity into disaster in a heartbeat. Kirk and the crew of the Enterprise ultimately succeed not because of luck, but because they confront hard truths, adapt, and persevere. In the world of corporate compliance, the same rules apply.

So, the next time your organization eyes a shiny new partnership, ask yourself: Are we seeing only what we want to see? Or are we committed to the hard work of real due diligence, the only sure path to success, and to a future where both sides prosper?

Resources:

⁠⁠Excruciatingly Detailed Plot Summary by Eric W. Weisstein⁠⁠

⁠⁠MissionLogPodcast.com⁠⁠

⁠⁠Memory Alpha

Categories
Blog

Cross-Atlantic Fraud & Corruption Enforcement: Intersections and Divergences

In today’s dynamic compliance landscape, navigating the complexities of international corporate wrongdoing requires vigilance, foresight, and strategic action, as highlighted in A recent article entitled “Cross-Atlantic Impact: DOJ and SFO Self-Reporting and Enforcement Priorities,” by lawyers from McDermott, Will & Schulte. The article is an excellent review of areas where the fight against fraud and corruption aligns between the two countries and areas where they diverge. Today, I will review the article and consider what it means for the US company doing business in the UK or with UK companies.

The Serious Fraud Office (SFO) in the United Kingdom has made clear its expectations regarding self-reporting corporate misconduct, mainly aligning in philosophy, if not always in exact details, with its U.S. counterpart, the Department of Justice (DOJ). American companies must understand these nuances and adapt their compliance programs accordingly. Here are five critical reasons why U.S. businesses must closely monitor and adhere to the UK’s evolving fraud and bribery enforcement regime.

Prompt Self-Reporting Weighs Heavily in Favor of DPAs

The SFO guidance unequivocally states that companies demonstrating prompt self-reporting of corporate wrongdoing significantly increase their chances of obtaining a Deferred Prosecution Agreement (DPA). Conversely, any delay in self-reporting suspected wrongdoing “within a reasonable time of it coming to light” adversely impacts the company’s standing with the SFO.

Much like the DOJ, the SFO does not insist on complete internal investigations before self-reporting. Indeed, in many ways, both sets of prosecutors want companies to step forward as soon as possible. The degree of the inquiry expected depends on the clarity and strength of evidence. Where evidence indicates wrongdoing, companies are expected to self-report swiftly. Ambiguities may permit a more extensive preliminary investigation, but American companies should note that delays can risk losing the advantages offered by early disclosure.

Jurisdictional Triggers Demand Simultaneous Reporting

For American companies dealing with potential misconduct spanning jurisdictions, awareness and agility become paramount. According to SFO guidance, companies reporting suspected misconduct to another agency, such as the DOJ, should also inform the SFO simultaneously or immediately thereafter. Failure to do so negates any potential credit for self-reporting.

Consider a scenario where a company seeks a declination from the DOJ through prompt self-disclosure. Identifying a UK jurisdictional nexus, such as conduct occurring partly in the UK or financial impact felt within the UK, is crucial. The UK’s “failure to prevent bribery” and new “failure to prevent fraud” offenses can impose liability based on international conduct linked to a business presence or financial repercussions in the UK. Understanding and navigating these jurisdictional nuances quickly is imperative to safeguard against regulatory pitfalls and secure favorable treatment.

Increasingly Aggressive Fraud Enforcement

Fraud has emerged as a prominent enforcement priority for both the DOJ and SFO. American companies should pay particular attention to the UK’s new “failure to prevent fraud” (FTPF) offense, effective from September 1, 2025. This robust enforcement tool targets UK and non-UK entities whose associates engage in fraudulent conduct impacting UK interests.

American companies operating internationally must proactively establish “reasonable fraud prevention procedures” to counteract potential liability under this legislation. The urgency conveyed by the SFO, highlighted by senior officials expressing eagerness to utilize these new powers aggressively, cannot be overstated. Companies that neglect preparation risk being among the first prosecuted examples of this powerful legislation.

Coordination Between DOJ and SFO Enhances Risk Exposure

With the DOJ emphasizing fraud in areas affecting U.S. interests, ranging from healthcare and procurement fraud to investment scams, there is considerable overlap with misconduct addressed by the UK’s FTP fraud offense. The authors note that the US Supreme Court held in Kousisis v. United States that a defendant may be convicted of wire fraud for inducing a victim to enter a contract under material pretenses, even if there was no economic loss to the victim. This ruling may allow US prosecutors to pursue a broader range of fraud cases.”

A cross-jurisdictional approach is therefore essential. American companies uncovering fraud that victimizes both U.S. and UK entities or markets must carefully assess reporting obligations to both jurisdictions. The simultaneous or nearly simultaneous reporting requirements heighten the stakes and complexity, demanding robust internal mechanisms for rapid assessment and disclosure.

Continuing Vigorous Anti-Bribery Efforts Globally

Despite temporary uncertainties in the DOJ’s stance toward anti-bribery enforcement, global initiatives indicate relentless international focus. The SFO has intensified anti-bribery efforts through initiatives like the International Anti-Corruption Prosecutorial Taskforce, collaborating closely with French and Swiss authorities. The SFO’s involvement in the International Anti-Corruption Coordination Centre (IACCC) further underscores its commitment. The authors report that “the IACCC aims to facilitate international cooperation on ‘grand corruption’ investigations, including concerning intelligence and evidence gathering.”

In addition to the IACCC, “In March 2025, the SFO established an ‘International Anti-Corruption Prosecutorial Taskforce’ with the French Parquet National Financier (PNF) and the Office of the Attorney General of Switzerland (OAG) (Taskforce). Through the Taskforce, the SFO, PNF, and OAG commit to strengthening their existing cooperation and collaborating to deploy their wide-reaching anti-bribery legislation to prosecute overseas conduct.”

The DOJ’s recent reaffirmation of anti-bribery efforts through its White-Collar Enforcement Plan, highlighting bribery and money laundering harming U.S. interests, may complement these international initiatives. American companies must remain vigilant regarding potential liabilities under both the FCPA and the UK Bribery Act, carefully calibrating their compliance programs to meet rigorous enforcement expectations across jurisdictions.

Practical Steps for American Companies

Given these compelling reasons to pay close attention to the SFO guidance and evolving UK legislation, American companies must take proactive steps to fortify their compliance efforts:

  • Enhance Internal Controls: Companies must quickly develop comprehensive “reasonable fraud prevention procedures,” supported by thorough risk assessments and regularly updated policies.
  • Cross-Jurisdictional Risk Assessments: Implement rigorous processes for promptly assessing jurisdictional ties when misconduct emerges, allowing immediate and coordinated reporting where necessary.
  • Integrated Compliance Training: Ensure global compliance teams, legal counsel, and executive management understand SFO and DOJ expectations clearly, fostering prompt, informed responses.
  • Monitoring International Developments: Maintain continuous awareness of evolving enforcement policies and initiatives, particularly regarding fraud and bribery, to swiftly adapt compliance programs accordingly.
  • Preparedness and Responsiveness: Establish clear protocols for internal investigations and self-reporting decisions, emphasizing speed and comprehensiveness to maximize potential cooperation credit.

Conclusion

Navigating the intricate and often intersecting expectations of the SFO and DOJ presents ongoing challenges for American companies. However, understanding the strategic implications of prompt self-reporting, jurisdictional coordination, aggressive fraud enforcement, international collaboration, and robust anti-bribery efforts is vital.

Proactive compliance management, aligned closely with evolving international regulatory landscapes, is not merely advisable but something that every multinational needs to put in place. American corporations should approach compliance with the understanding that today’s oversight environment demands swift and strategic decision-making to mitigate risks effectively and position themselves favorably in the face of potential regulatory scrutiny.