White-Collar and Regulatory Enforcement: What Mattered in 2024 and What to Expect in 2025

Posted by David B. Anders, Ralph M. Levene, and Randall W. Jackson, Wachtell, Lipton, Rosen & Katz, on
Wednesday, February 5, 2025
Comments Off on White-Collar and Regulatory Enforcement: What Mattered in 2024 and What to Expect in 2025 print this page Print
, , ,
More from: , , ,

David B. Anders, Ralph M. Levene, and Randall W. Jackson are Partners at Wachtell, Lipton, Rosen & Katz. This post is based on a Wachtell memorandum by Mr. Anders, Mr. Levene, Mr. Jackson, Kevin Schwartz, Aline Flodr, and Michael Holt.

As we write this memorandum, President Trump’s second administration is forming in Washington, with new leadership teams being appointed at DOJ, the SEC and across other regulatory and law-enforcement agencies. In 2017, when President Trump first took office, we avoided predicting what the administration’s significant white-collar and regulatory enforcement priorities and policies might be in the absence of noteworthy signals from President Trump or his nominees and in light of the then slow pace of leadership confirmations. Eight years later, however, the lessons from President Trump’s first administration, as well as the track record and statements from his recent nominees and closest advisors, offer some insights into the new administration’s likely enforcement priorities. Given that, we have some thoughts on what to expect from President Trump’s second term:

  • At DOJ, we likely will see a narrower set of enforcement priorities, focusing on “core fraud” cases rather than novel white-collar enforcement actions. Moreover, we expect DOJ will have fewer resources as a whole, and those resources may be shifted away from white-collar prosecutions to cases involving illegal immigration or violent crime as they were during the first Trump administration.
  • DOJ, along with other agencies, will likely face a severe resource crunch as a result of the efforts of President Trump’s highly-publicized Department of Government Efficiency (“DOGE”), which is tasked with cutting government spending. Whether through hiring freezes, increased resignations by ending remote work, or large-scale layoffs, the impact of DOGE and other executive branch actions on federal regulatory agencies’ resource-intensive white-collar enforcement cases could be significant.
  • With respect to the SEC, we expect some scaling back of the agency’s more novel and aggressive enforcement practices, with a renewed focus on cases involving conventional securities fraud and misleading disclosures that result in direct investor harm. Some areas where the SEC may pull back include pursuing internal accounting and disclosure controls violations in circumstances where the agency has found no substantive violation of the securities laws and charging cryptoasset companies for allegedly selling or facilitating the sale of unregistered securities.
  • We expect the Trump Administration to continue close scrutiny of major technology platforms, particularly in connection with antitrust enforcement. In nominating Andrew Ferguson to lead the Federal Trade Commission and Gail Slater to lead DOJ’s Antitrust Division, President Trump explicitly called out each nominee’s mandate to rein in “Big Tech.”

Although we can expect a pullback in some federal regulatory and law enforcement agencies’ more novel areas of enforcement, this shifting landscape should not lead to complacency when it comes to maintaining robust compliance policies and procedures. State Attorneys General and private whistleblowers will no doubt try to fill the void. Indeed, even in areas of federal enforcement, with fewer resources available, federal regulators and prosecutors may rely even more on private whistleblowers, incentivized by the wide array of federal whistleblower programs, to do the work of investigating and reporting corporate crime. Whether prompted by federal agencies, state authorities, whistleblowers or private plaintiffs, companies will likely continue to face a wide array of white-collar and regulatory enforcement risks in the coming year.

Finally, if past is prologue, we can expect companies to receive tangible benefits when they self-report wrongdoing and undertake remedial measures as a result of their compliance systems and policies. As we noted during President Trump’s first term, one of the salutary contributions of the prior Trump Administration was providing greater transparency, predictability, and proportionality when resolving investigations with corporations. We hope and expect this legacy to continue in the second term, with the administration incentivizing corporations to create and maintain robust corporate compliance programs and providing more generous treatment to those corporations who self-report wrongdoing, cooperate with the government, and undertake prompt remedial measures.

In the sections below, we provide our more detailed views on the main developments we saw in 2024 and the likely changes companies can anticipate in 2025.

DOJ Developments

Following a very active 2024 for DOJ’s white-collar enforcement efforts, it is difficult to predict how DOJ’s enforcement priorities, policies, and practices will be affected by the change in administration. As in 2017, however, it is certain that things will change. President Trump has already publicly urged DOJ to ratchet up enforcement of immigration laws and expressed skepticism about law enforcement agencies like the FBI, but neither the President nor Attorney General nominee Pam Bondi has offered significant insight into the details of their plans for white-collar enforcement.

Beyond Ms. Bondi, the President’s nominees for other high-ranking positions in DOJ are expected to play a significant role in charting DOJ’s path forward. The nominee for Deputy Attorney General, Todd Blanche, was a prosecutor in the Southern District of New York before working in private practice for several years, most notably as President Trump’s personal attorney. Given his past experience, Mr. Blanche is expected to have a significant role in developing DOJ’s agenda. The current acting deputy attorney general, Emil Bove, is expected to serve ultimately as the Principal Deputy Assistant Attorney General. Mr. Bove also served as a federal prosecutor in the Southern District of New York and later served as one of President Trump’s personal attorneys—he too is expected to have a significant role in setting the DOJ white-collar enforcement agenda. That both Mr. Blanche and Mr. Bove have long institutional ties to DOJ suggests that at least some components of DOJ practice and policy may be maintained. But Mr. Bove has already initiated a number of changes in immigration enforcement policy and other areas, demonstrating that the new DOJ leadership will not be hesitant to break with past policy where it conflicts with the administration’s evolving agenda. Indeed, the President’s nomination for FBI Director of Kash Patel, an outspoken critic of DOJ’s efforts in recent years, is itself a harbinger of change. Additionally, President Trump has repeatedly promised to downsize the federal government, in part by ousting many career federal employees and implementing a federal hiring freeze by executive order. These actions may ultimately result in a downturn in white-collar enforcement as the new administration prioritizes other campaign promises and imposes resource constraints. Notably, 2017—the first year of President Trump’s first term—saw DOJ enter into the fewest corporate non-prosecution agreements (“NPAs”) and deferred prosecution agreements (“DPAs”) since 2009. But even if DOJ’s enforcement approach mimics the beginning of President Trump’s first term, the magnitude of these changes is harder to predict this time around.

Many components of DOJ’s agenda under the prior administration already have considerable momentum going into 2025—it is unclear how many of these policies will be pared back or continued under presumptive Attorney General Bondi. One constantly-shifting area that will be of particular significance to companies navigating DOJ’s evolving white-collar landscape will be DOJ’s various cooperation initiatives. For example, in January 2024, the U.S. Attorney’s Office for the Southern District of New York announced a Whistleblower Pilot Program that encourages individuals to voluntarily disclose information concerning certain fraud, corruption, and other criminal conduct, and offers individuals NPAs in exchange for cooperation in a resulting investigation and prosecution. And, in April 2024, DOJ launched a Pilot Program on Voluntary Self-Disclosures for Individuals to encourage culpable individuals to self-report in exchange for NPAs. Individuals must voluntarily self-disclose original information concerning criminal conduct and fully cooperate in a DOJ investigation to qualify. The program limits participation to individuals who are neither high-ranking within the company nor leaders of any purported criminal scheme. Some commenters criticized this program for effectively creating a race between a company and its own employees to be the first to disclose relevant information. Regardless, the Biden-era DOJ cooperation programs will likely receive scrutiny in the new administration and companies will need to closely monitor any resulting changes.

Facing a similarly uncertain fate is the initiative that Deputy Attorney General Lisa Monaco announced in August 2024 to “doubl[e] down on a proven strategy to ferret out criminal activity” by “design[ing] a program that would fill the gaps” in its enforcement “patchwork.” That initiative, the Criminal Division Corporate Whistleblower Awards Pilot Program—which we previously summarized—provides guidance for when whistleblowers are eligible to receive financial awards of up to $55 million in exchange for original information and cooperation in investigations. The program applies only to whistleblowers providing information concerning violations of: (i) anti-money laundering and fraud statutes, (ii) foreign corruption and bribery statutes, (iii) anti-kickback statutes, and (iv) federal health care laws.

And in September 2024, DOJ updated its Evaluation of Corporate Compliance Programs (“ECCP”) guidance. The ECCP provides factors that DOJ will consider when evaluating the effectiveness of a company’s internal compliance systems. Under the updated policy, a company with a robust and effective compliance program may receive a more favorable outcome to a DOJ investigation.

With these and other programs potentially facing scrutiny in the new administration, companies may have significant opportunities to engage DOJ on needed adjustments to existing policies or even new policies where there is a perceived need for additional guidance and transparency regarding white-collar enforcement policy. It would be a mistake, however, to assume that all DOJ policies and programs that have evolved over the past four years are on the verge of repeal. Much more is likely to be retained than abandoned. Nevertheless, the relevant policymakers have signaled that we are at the doorstep of a significant and unpredictable overhaul of DOJ’s agenda—companies and individuals seeking to continue with prudent compliance will need to closely monitor DOJ’s next steps and adjust corporate policy accordingly.

SEC Developments

The arrival of this new administration is likely to produce more than the usual amount of change at the SEC. Most prominently, President Trump’s nominee as SEC chairman, Paul Atkins, is a well-known supporter of the crypto industry and, if confirmed, he will be replacing Gary Gensler, who is equally well-known for his enforcement program’s antagonism toward that industry. More broadly, Mr. Atkins is a former SEC staffer and commissioner—he knows the agency well and is familiar with the strengths and weaknesses of its enforcement program. There is good reason to hope that Mr. Atkins will lead an SEC that effectively fulfills its enforcement mission while also reining in some of the excesses that have characterized the program in recent times.

One of the signature features of the enforcement program during the Gensler years was an emphasis on increasing the level of monetary penalties imposed on corporations in settled enforcement actions. This policy was grounded in the mistaken belief that corporations view such penalties as a mere cost of doing business and the misguided hypothesis that magnifying penalties was the only way to assure vigorous corporate compliance efforts. This approach sometimes led to penalties that far exceeded what the SEC could have obtained in litigation. In truth, well-run companies recognize the value and importance of a strong compliance culture. In our experience, they do not need the added threat of higher penalties to induce them to promote ethical and law-abiding behavior among employees. We hope that the Commission and its staff will recognize when a company has made genuine efforts to be a good corporate citizen, and that enforcement resolutions will more frequently reflect that recognition.

One of the hallmarks of the SEC’s enforcement program has been its Wells process, by which the agency affords prospective defendants the opportunity to engage with the staff so that defense arguments may be given meaningful consideration before the staff proceeds with an enforcement recommendation. Under the prior administration, senior enforcement officials significantly cut back on the opportunity for Wells meetings, and in some cases the staff imposed unreasonable time constraints. Those changes overlooked the public interest in a robust Wells process that unquestionably led the SEC to reach more just conclusions over the years. Treating the Wells process as a box that must be rapidly checked off to clear the way to an inevitable enforcement action undermines the commitment to achieving justice and also undervalues the importance of the SEC being perceived as striving for fairness. Recently, there have been indications that the SEC may return to its historical approach with respect to Wells meetings. Specifically, the SEC’s Acting Deputy Director of Enforcement Antonia Apps stated that she expects the SEC will “revert to a position where the director and/or deputy director, in our acting capacities, will generally agree to have a Wells meeting to the respect that defendants request it.”

Another area where we are hoping to see some course-correction concerns the SEC’s recent tendency to charge violations of the internal accounting and disclosure controls provisions in circumstances that stretch those provisions beyond recognition. This scenario sometimes resulted in settlements on terms that the SEC could not obtain in litigation. Indeed, the SEC has sometimes fallen back on a controls charge when it seemingly found no underlying substantive violation—for example, charging a failure of internal accounting controls (and obtaining a $25 million penalty on that basis alone) where a company adopted a trading plan that did not satisfy the requirements of the Rule 10b5-1 affirmative defense, but with no charge of any insider trading violation (discussed in our January 2024 memorandum). U.S. District Judge Paul A. Engelmayer provided a useful corrective in this regard last summer, in dismissing a substantial portion of the SEC’s complaint in the SolarWinds case. The court rejected the SEC’s theories that (1) alleged defects in the company’s cybersecurity controls constituted defective internal accounting controls, and (2) an alleged failure to communicate certain information internally was proof of inadequate disclosure controls, where the facts showed that the company in fact had a robust system of disclosure controls in place.

We turn now to the highlights of the SEC’s enforcement program in 2024. The Commission brought a total of 431 standalone enforcement actions in its fiscal year ended September 30, 2024, a 14% decrease compared to the prior year. The case mix in 2024 was in line with historical experience: public company disclosure and accounting cases were 11% of the total; insider trading cases totaled 8%; and securities offerings, as usual, represented a large component at 22%. Notwithstanding the decline in overall case numbers, the SEC obtained orders for a total of $8.2 billion in financial remedies, the highest amount in the agency’s history. The total included $6.1 billion in disgorgement and prejudgment interest—also a record—but $4.5 billion of that amount was generated by a single case.

The SEC’s whistleblower program, which was inaugurated in 2011, is now a well-established component of the enforcement program and continues to be a source of a large number of investigative leads. The Office of the Whistleblower’s annual report to Congress issued in November 2024, however, revealed that there has been some distortion of the program’s numbers over the past two years. Specifically, while the SEC has reported sharply escalating numbers of whistleblower tips over this period, this year’s report disclosed that two individuals submitted over 14,000 tips in 2024 and nearly 7,000 tips in 2023. Accordingly, although there has been a slight decline in the normalized numbers from the peak years of 2021 and 2022, the data shows that the number of tips has generally stabilized at a high level compared to pre-COVID experience.

The SEC made a total of more than $255 million in awards to 47 whistleblowers in 2024. This tally included an award of $98 million shared by two whistleblowers. The Commission also continued its emphasis on enforcing whistleblower protections. The agency brought 11 enforcement actions under Rule 21F-17 charging conduct intended to impede whistleblowing activity. These cases mostly involved confidentiality provisions in employment, separation, and settlement agreements. One case was premised on oral statements made to two investors. The respondent in one case based on settlement agreements with investment advisory and brokerage customers paid an $18 million civil penalty, the largest ever in a standalone Rule 21F-17 case.

Finally, we hope that the new leadership at the SEC will build on the agency’s past efforts to recognize cooperation in its investigations. As we noted with respect to DOJ, the public interest is served when the SEC recognizes cooperation in identifiable ways, both to reward specific cooperators and to incentivize future cooperation by others. In the SEC’s annual report on its enforcement program, it highlighted several instances in which the agency factored cooperation into the terms of resolutions, such as in settlements with J.P. Morgan Securities LLC and Circor International, Inc., in which the SEC imposed no financial penalty. As part of the SEC’s years-long sweep of cases against regulated financial services firms for failing to retain “off-channel” electronic communications, the SEC singled out one respondent for its cooperation. In announcing settlements with 12 firms, the SEC explained that it had determined not to impose a financial penalty against Qatalyst Partners LP, in view of Qatalyst’s cooperation, which included conducting an internal investigation and self-reporting the firm’s violations to the SEC, gathering communications from the personal devices of employees, prior implementation of policies, technology and training designed to achieve compliance with the recordkeeping requirements, enforcement of the firm’s policies through prior disciplinary action against at least 17 personnel for non-compliance, and implementation of additional procedures and training following the discovery of violations.

Resolutions such as these serve the goal of encouraging cooperation in future investigations. Hopefully, the SEC will continue to look for opportunities both to provide concrete benefits for genuine cooperation, and also to provide more transparent assurances that such recognition will be forthcoming when it is earned. These examples also reinforce that selfreporting is the single most weighty factor affecting the SEC’s view of a firm’s cooperation. Of course, a company has no opportunity to self-report misconduct of which it is not aware. Accordingly, there is no substitute for maintaining a strong compliance culture (including a strong tone from the top of the organization), publicizing internal reporting mechanisms, and responding forthrightly and promptly to any indication of potential wrongdoing.

Cryptoasset Developments

The cryptoasset industry remained a subject of intense scrutiny among enforcement agencies in 2024, though impending changes in the agency landscape may portend cessation of the widely criticized regulation-by-enforcement regime that has prevailed in recent years.

Notable criminal prosecutions in the cryptoasset arena over the past year may mark the turning of the page for the cryptoasset industry from the failure of FTX and some other institutions in 2022. In the highest profile prosecution in the sector, Sam Bankman-Fried’s late 2023 fraud conviction culminated in a 25-year prison sentence. Alex Mashinksy, the founder and former CEO of Celsius, the failed crypto “shadow bank,” pled guilty to fraud and market manipulation and agreed to forfeit over $48 million in proceeds. And following an August 2023 indictment, the DOJ has proceeded with its prosecution of Roman Storm, a co-founder of virtual currency mixer Tornado Cash, for conspiracy to commit money laundering, violate sanctions, and operate an unlicensed money-transmitting business. But in a development of broad interest to developers of open source software, and with potential significance for Storm’s prosecution, in November the U.S. Court of Appeals for the Fifth Circuit found that the U.S. Treasury exceeded its authority in its imposition of Office of Foreign Assets Control (“OFAC”) sanctions against the Tornado Cash software protocol. Shortly before this memo’s publication, cryptocurrency exchange BitMEX was sentenced to a $100-million fine and cryptocurrency exchange KuCoin pled guilty and agreed to pay nearly $300 million for Bank Secrecy Act violations with respect to know-your-customer and anti-money-laundering failures.

The past year has also witnessed a number of high-profile civil enforcement actions. Several of these actions involved the SEC, which continued to pursue a breathtakingly broad, “regulation-by-enforcement” approach to all things crypto under the leadership of Chair Gensler. These actions included a $4.5-billion settlement with Terraform Labs and founder Do Kwon relating to the collapse of so-called stablecoin UST, following a jury verdict finding them liable for fraud. After launching an investigation in 2023 into transactions in one of the leading digital assets, Ether, as purportedly constituting “securities,” in June 2024 the SEC terminated that investigation following the filing of a lawsuit by software developer, Consensys Software, that challenged the agency’s investigation and threat of enforcement as unlawful. Following its stand-down on Ether, the SEC countered with its own litigation against Consensys for alleged unlawful brokering or offering of securities in connection with its popular digital wallet software, MetaMask. And the SEC persisted in its sprawling regulation-by-enforcement litigation regime—dispatching a raft of additional Wells notices to leading crypto companies, from decentralized exchange Uniswap Labs and NFT marketplace OpenSea, to centralized exchanges Robinhood Crypto and Crypto.com, to gaming blockchain developer Immutable Labs; and continuing its litigation against other industry leaders, including Coinbase, Binance, Kraken, and Ripple, with some significant setbacks in the process (including dismissal of allegations that Coinbase acted as an unregistered broker through its wallet software).

The past year has also witnessed a number of high-profile ciFor its part, the CFTC remained active in cryptoasset enforcement in 2024. In a landmark settlement in August, the agency settled claims it had commenced in 2023 against FTX and Alameda Research for $12.7 billion. In September, the CFTC settled charges against Uniswap Labs, finding that Uniswap illegally offered leveraged retail commodity transactions in digital assets through its protocol, imposing a cease-and-desist order and a $175,000 fine. And shortly before this memo’s publication, the CFTC entered a consent order against Gemini Trust Company for making false statements to the CFTC in respect of bitcoin futures, imposing a $5- million penalty. The year also witnessed major enforcement efforts at the state level: New York entered into a $2-billion settlement with bankrupt cryptoasset “shadow bank” Genesis Global Capital and sued cryptocurrency companies NovaTechFx and AWS Mining for allegedly operating a pyramid scheme defrauding investors of over $1 billion.

Notwithstanding this flurry of activity in 2024, the future of enforcement activity in the cryptoasset space appears to be headed in a different direction. Paul Atkins, the nominee for Chair of the SEC, has publicly noted his support for crypto and his disagreement with many of these past actions. In 2023, Mr. Atkins noted on a podcast appearance that, “if the SEC were more accommodating and would deal straightforwardly with these [cryptoasset] firms, it would be a lot better to have things happen here in the United States.” Given new SEC and CFTC leadership, we expect enforcement activity in this area going forward will focus on outright fraudulent schemes instead of the past enforcement actions that often attacked the fundamental nature of the crypto business. In such a climate, it will be prudent for crypto companies to avoid “foot faults” that allow regulators to pursue actions when they otherwise may be prepared to step back.

Antitrust Developments

In recent years, DOJ’s Antitrust Division adopted an aggressive approach to enforcement, which included a campaign of bringing criminal antitrust cases alleging anticompetitive labor market agreements and an unprecedented expansion of DOJ’s bid-rigging prosecutions to those involving vertical agreements between manufacturers and distributors that historically have not been viewed as per se violations of the antitrust laws. The Federal Trade Commission (“FTC”) has been no less aggressive, not only in its enforcement efforts, but also in its rulemaking. For example, in April 2024, a divided FTC voted along party lines to issue a final rule prohibiting non-compete clauses for nearly all U.S. workers.

These sweeping efforts during the Biden Administration yielded lackluster results for DOJ and the FTC. DOJ’s prosecutions in the wage-fixing and no-poach context resulted in three high-profile acquittals and one voluntary dismissal, and, more recently, a denial of DOJ’s petition for certiorari in United States v. Brewbaker, in which the Fourth Circuit overturned an antitrust conviction for bid-rigging because the alleged restraint had occurred between two companies in a vertical relationship and thus no per se antitrust offense had occurred. The FTC’s ban on non-competes fared no better, with a district court in Texas issuing a nationwide injunction against implementation and ruling that the FTC lacked substantive rulemaking authority as to unfair methods of competition.

Although we expect the new administration will take a far more reserved approach when it comes to pursuing novel antitrust prosecutions and with respect to the FTC’s substantive rulemaking, lessons gleaned from the first Trump Administration and President Trump’s choices for key leadership positions suggest that antitrust enforcement will remain active under this administration and, in particular, that large technology platforms will continue to be in the government’s crosshairs. In announcing his choice of Gail Slater to lead DOJ’s Antitrust Division, President Trump posted on social media that “Big Tech has run wild for years, stifling competition in our most innovative sector and, as we all know, using its market power to crack down on the rights of so many Americans, as well as those of Little Tech!” After Andrew Ferguson was selected to chair the FTC, Mr. Ferguson posted on social media that he would “end Big Tech’s vendetta against competition and free speech.” Mark Meador, President Trump’s nominee for the third republican seat on the FTC, has also been a supporter of efforts to break up “Big Tech.” While serving as a staffer for Republican Senator Bill Lee, Meador drafted a bill that would have forced the breakup of Google’s advertising technology business. More recently, Meador has been vocal on social media about what he perceives as “a connection between Big Tech abuses and market power.” In light of these statements, it would not be surprising to see DOJ or the FTC focus enforcement efforts on companies’ perceived support of social or political initiatives that the current administration disfavors, such as pledges to meet environmental goals or increase diversity.

FCPA Developments

FCPA enforcement activity in 2024 generally was in line with 2023 levels, with DOJ and the SEC resolving a total of 14 corporate investigations, four of which were joint resolutions involving the same companies. On the DOJ side, the corporate resolutions involved five DPAs with the now standard three-year term, one NPA, and two guilty pleas. The SEC resolutions were all by settled administrative proceedings. Financial penalties were up significantly from 2023 levels, with DOJ and the SEC imposing a total of approximately $1.8 billion in FCPA-related criminal and civil penalties, disgorgement, and prejudgment interest, which, after offsets for amounts paid to foreign enforcement authorities and netting, yielded a total recovery to DOJ and the SEC of about $1.3 billion. DOJ also issued two FCPA-related declinations under its Corporate Enforcement and Voluntary Self-Disclosure Policy (“CEP”). As for FCPA prosecutions against individuals, in 2024 DOJ brought FCPA or related money laundering or other charges against 17 individuals, a significant uptick from 2023. The SEC brought civil charges against two of the same individuals.

As is often true, statistics tell only part of the story. The details of last year’s resolutions offer important insights into the areas of greatest FCPA risk, as well as into application of the array of relevant corporate enforcement policies currently in place:

  • The Importance of Getting Cooperation and Remediation Right. Over the last 10 years, DOJ has implemented a number of policies intended to encourage corporations to engage in timely and effective cooperation and remediation when confronting a DOJ investigation. At this point, the benefits of doing so are more transparent and significant than ever. But the flipside of the current dynamic is that DOJ has made clear that cooperation is earned, not given. Failing to meet cooperation and remediation expectations can have significant negative consequences, for example, in reducing credit in the calculation of criminal fines or contributing to a determination to impose a monitor. In a number of the 2024 resolutions, DOJ highlighted cooperation and remediation failures, ranging from failing to timely preserve, collect and produce important documents and evidence in the initial phase of an investigation, to failing to implement timely disciplinary and remedial action for employees engaged in misconduct. Perhaps most significant was the DOJ’s statement in announcing the Trafigura guilty plea, criticizing the company’s slow and incomplete cooperation and its initial posture in resolution negotiations. To be sure, we do not believe that DOJ’s policies and expectations with respect to cooperation and remediation should chill strong, good-faith advocacy on behalf of a company in any phase of an investigation. However, it is important to deploy such advocacy in a manner that also seeks to preserve a company’s opportunity to obtain the significant benefits available from timely and effective cooperation and remediation.
  • Significant Risks from Using Third-Party Intermediaries. FCPA resolutions in 2024 involved a variety of bribery schemes—e.g., corrupt payments to help obtain or retain government contracts, secure inside information to assist in bidding for government business, modify public tender terms or otherwise impede competing bidders for government business—and arose from conduct in many different countries—e.g., Azerbaijan, Ecuador, India, Japan, Nepal, South Africa, Thailand and Venezuela. But a unifying principle across all of 2024’s FCPA resolutions was the central role of third-party intermediaries, whether consultants, agents, distributors, suppliers, value added resellers or joint-venture partners, in executing corrupt schemes. In light of this demonstrated risk, effectively implementing compliance controls concerning the vetting, onboarding, managing and monitoring of third-party intermediaries is one of the most critical aspects of a robust anti-corruption compliance program.
  • Application of the Requirements Under DOJ’s CEP. The lone 2024 NPA resolution, involving aviation services company AAR Corp., underscores the critical importance of moving expeditiously once a company identifies a potential FCPA problem. While AAR had pursued a declination under the CEP, DOJ concluded that the company’s disclosure did not qualify because the problem had already been publicized in overseas media reports and less than two weeks prior to the company’s disclosure to DOJ, an independent source reported allegations of the misconduct in Nepal to DOJ. Nonetheless, because the company selfdisclosed before it was aware the misconduct had come to DOJ’s attention, DOJ gave significant weight to the disclosure, including in resolving the investigation by an NPA, as well as limiting the NPA term to 18 months.
  • The Importance of Post-M&A Compliance Integration. The SEC’s resolution with the John Deere company highlights the importance of timely and effective pre-contract M&A due diligence and post-closing compliance integration. The bribery-related misconduct took place at Deere’s Thailand subsidiary, which it acquired as part of a 2017 transaction. In announcing the FCPA resolution, the SEC underscored that John Deere’s failure to timely and effectively integrate the Thai subsidiary into its compliance and controls programs allowed the corrupt conduct to continue unchecked for several years and contributed to the SEC’s charging an internal controls violation. Timely and effective pre-M&A due diligence and post-M&A compliance integration is also critical to permit an acquiror to avail itself of DOJ’s M&A Safe Harbor Policy, which provides significant benefits in the event FCPA-related misconduct is identified at an acquired company.

Although prior to taking office in 2017, President Trump openly questioned whether the FCPA impedes American business in foreign nations, FCPA enforcement continued apace during the first Trump Administration. We expect the same during the second Trump Administration. Beyond that, it is important to note that FCPA enforcement is driven not only by DOJ and SEC-generated cases, but through whistleblowers, including foreign-located individuals, seeking rewards for reporting misconduct, anti-corruption enforcement efforts of authorities in other countries, many of which have become more active and sophisticated in their anti-corruption efforts as a result of working with DOJ and/or SEC, as well as the CEP through which DOJ may receive leads on misconduct by non-reporting companies active in similar industries and countries. Simply put, anti-corruption risk remains high, the financial and other negative impacts of a problem can be substantial, and the CEP provides an opportunity for companies to significantly mitigate such negative impacts. As a result, it continues to be advisable to implement, maintain, test and, if appropriate, enhance a robust anti-corruption and anti-bribery compliance program tailored to a company’s particular risk profile in light of its business activities, geographic footprint and foreign government touchpoints.

State AG Developments

As we have foreshadowed with respect to previous administration transitions, we expect state attorneys general to continue to play an active role in criminal and regulatory enforcement as the level of federal regulatory and enforcement activity will likely flatten or perhaps even shrink under the new administration. State and local political considerations are often an important factor in state AG investigations. Democratic state AGs increased their level of activity during the first Trump Administration, seeking to fill the void from reduced activity at the federal level and to challenge the new administration’s policies. Many such AGs are ready to reprise that role and bring cases in areas where they perceive enforcement vacuums. And as governors organize themselves into coalitions, such as Illinois governor J.B. Pritzker and Colorado governor Jared Polis’s Governors Safeguarding Democracy, these groups will likely pursue multistate investigations into, and challenges to, the administration’s agenda. On the other side of the political spectrum, Republican state AGs will be looking for opportunities to support and enhance the Trump Administration’s regulatory and enforcement agenda. Some recent cases provide clues about where state authorities may focus their efforts.

While the new administration is expected to be crypto-friendly, Democratic state AGs may seek to use state law to rein in cryptoasset companies. For instance, in May 2024, the New York Attorney General Letitia James secured settlements worth $2 billion from cryptoasset firms Genesis Global Capital LLC, Genesis Asia Pacific Pte. Ltd., and Genesis Global Holdco LLC—reportedly the largest settlement against a cryptoasset company in state history. Shortly thereafter, in June, NYAG James reached a settlement with Gemini Trust Company LLC for approximately $50 million.

Similarly, while federal regulators may slow their push to implement additional disclosure obligations on companies that are the victim of cyberattacks, state AGs have already signaled their intention to focus on such conduct. Most recently, on January 8, 2025, Bayview Asset Management LLC and three affiliates agreed to pay an approximately $20 million fine and improve their cybersecurity programs to settle allegations from 53 state financial regulators that the mortgage companies had deficient cybersecurity practices and didn’t fully cooperate with regulators after a 2021 data breach.

At the same time as some Democratic state AGs are filling the gap left by reduced federal enforcement, Republican state AGs are initiating litigation to complement the Trump Administration’s policy agenda. A number of Republican state AGs have sought to end private-sector diversity, equity, and inclusion efforts. For example, in March 2024, Texas Attorney General Ken Paxton opened an investigation into Spirit Aerosystems, a Boeing parts supplier, over whether its diversity, equity, and inclusion commitments are compromising the company’s manufacturing processes.

Similarly, state AGs on both sides will likely continue to scrutinize companies’ ESG policies. For example, in November 2024, Texas Attorney General Ken Paxton and 10 other state AGs filed suit against institutional investors BlackRock, State Street, and Vanguard for state and federal antitrust violations and state consumer fraud violations. The state AGs allege that the asset managers invested in publicly traded coal companies and pressured the coal companies to reduce coal output and add climate disclosures, driving up energy costs. Relatedly, we saw Democratic state AGs pursue enforcement actions involving so-called “greenwashing” allegations. For example, in September 2024, California Attorney General Rob Bonta filed suit against energy company ExxonMobil for misleading the public about the recyclability and benefits single-use plastic products, among other claims.

Although the change in administration suggests that many Democratic state AGs may be galvanized to implement a more aggressive enforcement strategy, we expect state AGs on both sides of the aisle to play an active enforcement role. These investigations can pose particular challenges to companies as they often involve multiple jurisdictions, competing priorities, and partisan considerations. Companies will need to develop coherent strategies to manage these multistate investigations and reach effective global resolutions.

Conclusion

Presidential transitions typically cause uncertainty in the world of white-collar and regulatory enforcement and this transition appears no different. Indeed, recent policy announcements, executive orders and certain appointments suggest that the new administration will cause even more uncertainty than we have ever seen before. This uncertainty will last for some time as the new leaders of key agencies settle in to their positions and establish their agenda and enforcement priorities. In such times, companies will be well-served to rely on tried and true tactics for avoiding costly investigations and related regulatory problems: invest in compliance, update policies and procedures, identify new and emerging compliance risks, set a tone at the top and a tone at the middle that values compliance. Companies that follow this formula will be well-positioned to handle any enforcement or regulatory issue that may arise.