- within Criminal Law, Insolvency/Bankruptcy/Re-Structuring and Law Department Performance topic(s)
A new EU Directive on anti-corruption will require businesses with EU operations to reassess their anti-bribery and corruption (ABAC) frameworks. The Directive establishes minimum rules that Member States must transpose within 24 months, driving national reforms across the EU through 2026 to 2028. Member States remain free to adopt or maintain more stringent rules, so local implementation may vary.
Three features are of particular note. First, a new trading in influence offense will criminalize the brokering or purchasing of improper influence over public officials, creating a potentially new risk for organizations that engage lobbyists, government relations consultants, or political advisers in EU markets. Second, turnover-based penalty floors of up to 5% of worldwide turnover (or EUR 40 million) will transform the economics of bribery enforcement and require revised corporate provisioning models in several Member States which do not already have significant fines in their toolbox. Third, a broad corporate liability standard based on "leading position" misconduct and "failure to supervise" will catch conduct that might fall outside existing regimes in several Member States.
We look at the key anti-bribery features of the new regime and, in following articles, how it compares with existing Member State laws, and what it means for businesses who may have pegged their ABAC program to the U.S. FCPA or UK Bribery Act.
Key features
- A broad suite of offenses including public and private bribery, and trading in influence, all with wide extraterritorial application.
- A broad definition of ‘public official’, including private entities carrying out public functions.
- A new standard for corporate liability, based on the misconduct of an individual with a “leading position” or the “failure to supervise” by such an individual.
- Substantial turnover-based penalty floors for legal persons of up to 5% of worldwide turnover (or EUR 40 million), and 3% (or EUR 24 million) for trading in influence and related offenses.
- An effective corporate compliance program is formally recognized as a mitigating factor, though not formulated as a defense against liability or prosecution.
Recommended steps
Once the Directive has been implemented, in addition to the organization’s standard compliance reviews:
- Trading in influence risk. Any organization with employees or officers, or retained lobbyists, consultants, or intermediaries, who interact with public officials in EU markets should map those relationships against the new offense and ensure contracts, due diligence, monitoring, and training are adequate.
- Review Codes of Conduct regarding gifts and hospitality against national definitions of ‘undue advantage’ or similar concepts.
- Map the "leading position" population. Identify which individuals within the organization fall within the Directive's "leading position" definition and ensure training and controls are proportionate to the risk they create.
- Benchmark compliance programs against "effectiveness." Whilst an effective program is a mitigating factor, not a defense, organizations should ensure they are documenting measurable outcomes and data-driven evidence of program effectiveness.
More detail on the bribery and trading in influence offenses and corporate liability
Bribery
- Public sector bribery: The Directive criminalizes promising, offering or giving an undue advantage to influence a public official, as well as requesting, receiving or accepting an advantage to act or refrain from acting. “Public official" is broadly defined to cover persons performing public service functions in state-owned and state-controlled enterprises, as well as in privately-owned companies performing public service functions. In practice, this means that employees and officers of private contractors delivering government services may be treated as public officials for bribery purposes. There is no carve-out for facilitation payments; even small payments to secure routine government actions are generally treated as "undue" advantages unless permitted by law or classed as minimum-value gifts.
- Private sector bribery: The Directive covers the offering or giving, directly or through an intermediary, of an undue advantage to a person who directs or works for a private sector entity, for that person or for a third party, in order to induce that person to act in breach of duty (active bribery). Similarly, asking/accepting an undue advantage, directly or via an intermediary, is caught (passive bribery).
- “Undue advantage”: this can be tangible or intangible, pecuniary or non-pecuniary, but does not include benefits allowed by law or administrative rules, or minor gifts. Its interpretation is otherwise left to national authorities. This means that the definition of a “low value” gift may vary widely.
Trading in influence
The Directive introduces a new standalone offense that criminalizes the intentional brokering or purchasing of improper influence over public officials to obtain undue advantages, regardless of whether the influence is actual or effective.
Trading in influence is an offense that may not be familiar in all EU Member States, although it already exists in some. Many existing bribery provisions focus on a corrupt exchange with a public official, not the sale or purchase of access or influence by a third party.
The Directive states that the offense should not cover representation that seeks to legitimately influence public decision-making but does not entail an undue exchange of advantages.In practice, the boundary may be less clear, especially in Member States that do not have a regulatory framework applicable to legitimate lobbying. Is the intermediary being paid for their expertise and transparent advocacy (lawful) or for leveraging a personal relationship with a decision-maker to secure an undue benefit (unlawful)? Consider a company that retains a former senior government official to advise on regulatory strategy. If the retainer is for policy analysis and transparent representation, that is lawful lobbying. If the retainer is structured around success fees tied to specific regulatory decisions, and the value of the engagement lies in the individual's personal access to the decision-maker rather than their subject-matter expertise, the arrangement risks falling within trading in influence, particularly if the intermediary's role is not disclosed to the public authority. Notably, the “influence” need not be real or exercised, and the official need not even be aware of the arrangement; the offense is complete at the point of the improper exchange.
Compliance teams should scrutinize retainer terms, fee structures (especially success fees), and the extent to which the intermediary's value proposition is based on access rather than expertise.
Corporate liability and turnover based fines
The corporate liability provisions are significant for businesses. The Directive mandates a form of corporate liability. It does not have to be criminal, it can be administrative – but regardless of the form, the potential fines are steep:
| Feature | Details |
|---|---|
|
Primary liability |
Legal entity liable for offenses committed for their benefit by someone in a ‘leading position’ - with power to represent, decide on behalf of, or exercise control within the entity. |
|
Failure to supervise |
Legal entity liable where lack of supervision or control by a leading person made possible the commission of an offense, for the benefit of the entity, by someone under the entity's authority. |
|
Dual liability |
Corporate liability does not preclude criminal proceedings against individuals. |
The introduction of corporate liability will be new to several Member States, while other Member States (e.g. the Netherlands), already have corporate criminal liability for these offenses and may have lower thresholds to assign such liability than now included in the Directive.
There are substantial worldwide turnover-based fines for corporate offenders, which will be familiar from EU competition law but are a notable development in the criminal sphere:
| Offense | Maximum Fine (Turnover Basis) | Maximum Fine (Fixed Basis) |
|---|---|---|
|
Bribery |
At least 5% of total worldwide turnover |
At least EUR 40 million |
|
Trading in influence |
At least 3% of total worldwide turnover |
At least EUR 24 million |
Some Member States may have or introduce higher fines.
Effective compliance programs (whether implemented before or after offending) and prompt voluntary disclosure are mitigating factors, though "window-dressing" compliance is not.
Sanctions can also involve loss of public funding, exclusion from tenders, disqualification from business, permit withdrawal, contract termination, judicial supervision, company dissolution, or closure.
Extra-territorial reach
This is broad. A Member State must assert jurisdiction if the offender is a national; or if the offense occurred wholly or partially within its territory, including misconduct via information systems used on their territory whether or not the technology is based in their territory.
The reference to information systems used on a Member State’s territory is potentially significant for businesses with cloud-hosted or centralized IT infrastructure, as it could establish jurisdiction based on a purely digital connection to a Member State.
Member States can choose to extend jurisdiction further for misconduct abroad, e.g. where the offender has habitual residence in the Member State, the victim is a national, or the offense is committed for the benefit of a domestic legal person or in respect of business undertaken domestically.
This means that companies headquartered outside the EU, but with business interests within the EU, could face enforcement action in a particular Member State, even if the conduct in question occurs elsewhere.
Protection for whistle-blowers
Member States are required to ensure that Directive (EU) 2019/1937 (the EU Whistle-blowers Directive) applies to the reporting of corruption offenses contained in the new Directive. This means that anyone reporting corruption offenses should be granted protection.
Limitation periods
The Directive sets minimum limitation periods of five years for private sector bribery and trading in influence, and eight years for public sector bribery, allowing Member States to adopt longer periods. Limitation is especially relevant in an M&A context if trying to estimate exposure for historical conduct.
To conclude, the Directive is a minimum standard and some Member States may choose to gold-plate. It will take some time to see the full picture of implementation in each Member State, but businesses due an ABAC policy review should take into account the Directive’s minimum standards and then review again once the local position is clarified in Member States where they do business.
Our next articles will consider (1) how the Directive will impact laws in key European markets, and (2) what it means for businesses with FCPA / UK Bribery Act focused compliance programs.
Ensuring compliance programs keep up with new corporate criminal offenses was identified as one of the key challenges for 2026 in the A&O Shearman Cross-border white collar crime and investigations review 2026. Read the review for the other challenges.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
[View Source]