Richard Manfredi, Author at Gibson Dunn

We are pleased to provide you with the January 2026 edition of Gibson Dunn’s monthly European data privacy update. Please feel free to reach out to us to discuss any of these topics further.

Europe

01/27/2026

European Commission | Adequacy Decision | Brazil

The European Commission has adopted an adequacy decision under Article 45 GDPR, allowing EU personal data transfers to Brazil without additional safeguards.

The European Commission found that Brazil’s General Personal Data Protection Law provides a level of protection essentially equivalent to the EU data protection framework, permitting personal data to flow from the EU to Brazil without additional transfer mechanisms. On the same day, Brazil adopted its own adequacy decision for personal data transfers from Brazil to the EU.

For more information: European Commission Website

01/23/2026

EDPB | Guidance | EU-U.S. Data Protection Framework

The European Data Protection Board (“EDPB”) has updated its Data Protection Framework (DPF) FAQs to provide further guidance for businesses and individuals on EU-US personal data transfers.

The revised FAQs reiterate that exporters should first verify the U.S. recipient’s DPF self-certification status and the scope of that certification (including whether it covers any relevant subsidiaries). For transfers of HR data, the FAQs highlight additional steps, such as confirming that the importer’s certification includes HR data and informing the importer that the transferred data is HR data. The EDPB also reminds that participation in the DPF does not replace other GDPR obligations.

For more information: Businesses FAQs

01/22/2026

European Commission | Guidance | Data Act

The European Commission has released an updated version of its FAQs on the Data Act.

Developed with input from stakeholders, the FAQs are intended to support the practical implementation of the Data Act. They address topics such as unfair terms in business‑to‑business data‑sharing agreements, switching between data‑processing services, and interoperability requirements.

For more information: European Commission Website

01/21/2026

EDPB & EDPS | Joint Opinion | Digital Omnibus on AI

The European Data Protection Board (“EDPB”) and the European Data Protection Supervisor (“EDPS”) have published a joint opinion on the Proposal for the “Digital Omnibus on AI”.

In their opinion, the EDPB and EDPS support efforts to reduce the burdens of practical implementation, but caution that administrative simplification must not come at the expense of individuals’ rights. They recommend limiting any expanded use of special-category data for bias detection and raise concerns regarding the postponement of provisions relating to high-risk AI systems. The authorities also call for clearer definition of the role of market surveillance authorities, while emphasizing that the independence and powers of data protection authorities should remain preserved.

For more information: EDPS Website

01/20/2026

European Commission | Proposal | New Cybersecurity Package

The European Commission has launched a new cybersecurity package, including a Proposal for a revised Cybersecurity Act.

The revised Cybersecurity Act aims in particular to simplify the European Cybersecurity Certification Framework by introducing streamlined procedures designed to enable the development of certification schemes within 12 months. It would also expand ENISA’s powers, strengthening its role in the development of cybersecurity standards. The new cybersecurity package also includes targeted amendments to the NIS 2 Directive intended to enhance legal clarity by simplifying jurisdictional rules, improving the collection of data on ransomware attacks, and facilitating the supervision of cross‑border entities through ENISA’s reinforced coordinating role.

For more information: European Commission Website

France

01/22/2026

CNIL | Sanction | Data Breach

The French data protection authority (CNIL) fined a French governmental agency €5 million after a cyberattack exposed large-scale jobseeker data, citing major gaps in account security, monitoring, and access controls.

The sanction follows an unauthorized access to personal data relating to individuals registered with the agency over the past 20 years and account users. The CNIL found that security measures were not appropriate under Article 32 GDPR, pointing in particular to overly permissive password settings, lack of MFA for exposed adviser accounts, and insufficient real-time logging/monitoring.

For more information: CNIL Decision [FR]

01/22/2026

CNIL | Sanction | Data Sharing for Advertising Purposes

A company was fined €3.5 million for sharing loyalty-program contact data for ad-targeting without valid consent.

The CNIL sanctioned the company, finding the relied-upon “consent” was not valid because individuals were not properly informed of the targeting purpose. Other infringements identified include insufficient information, security shortcomings, failure to conduct a DPIA, and cookie/trackers compliance issues and was adopted in cooperation with 16 European counterparts given its cross-border impact.

For more information: CNIL Website [FR]

01/16/2026

CNIL | Recommendations | “Multi-device” Consent in Authenticated Environments

The CNIL published recommendations to set out how publishers can lawfully apply a user’s cookie/tracker choices across all devices tied to the same logged-in account without forcing repeated prompts.

The CNIL clarifies that multi-device consent is optional and only relevant in authenticated environments where user choices can be tied to an account and synced across logged-in devices. Consent, refusal, and withdrawal must all carry the same cross-device effect, and users should be informed upfront that their choice applies to all connected devices. The guidance also addresses conflicts between pre-login preferences and account settings, encourages consistent market practices, and highlights privacy-by-design concerns like avoiding the sharing of clear account identifiers with CMP vendors and handling shared devices carefully.

For more information: CNIL Recommendations [FR]

01/14/2026

CNIL | Sanction | Data Breach

The French data protection authority (CNIL) imposed a combined €42 million fine on a French telecom operator following a major customer data breach.

The CNIL reports that attackers accessed personal data tied to around 24 million subscriber contracts. The authority found shortcomings in security (including authentication and monitoring/detection measures), issues in the completeness of information provided to affected individuals, and non-compliant retention practices for certain categories of data. In addition to the fines (€27M for the mobile subsidiary and €15M for the parent company), the CNIL issued compliance orders with deadlines (notably to complete specific security measures within three months and bring certain retention practices into compliance within six months).

For more information: CNIL Website [EN]

Germany

01/27/2026

Data Authorities | Press Release | Record‑High Volume of Data Protection Complaints

German Data Protection Authorities have reported a strong increase in data protection complaints in 2025.

The authority of Lower Saxony received 4,022 complaints in 2025, marking a record high and representing a 70% increase from 2,361 the previous year. Similar trends were reported by various authorities across Germany. This increase reflects greater public awareness and sensitivity to improper data processing, partly driven by the growing digitalization of society.

For more information: LfDI Lower Saxony [DE], LfDI Hamburg [DE] and LfDI Berlin [DE]

01/26/2026

BfDI | Press Release | Privacy Sandbox

Germany’s federal DPA has launched “ReguLab,” a regulatory sandbox designed to reduce legal uncertainty for privacy-relevant innovation.

This month the BfDI presented ReguLab as a structured environment for organizations to test ideas and discuss data protection requirements early, aiming to accelerate compliant innovation by clarifying how rules apply in practice. The initiative is presented as a joint effort involving the Federal Ministry of the Interior and Community and the federal digital service, with initial focus areas including major public-sector digitization and digital identity building blocks (e.g., eIDAS/EU Digital Identity Wallet).

For more information: BfDI [DE]

12/11/2025

High Court of Frankfurt | Decision | Liability for Third‑Party Cookies Extends Beyond Website Operators

The recently published case of the Higher Regional Court (Oberlandesgericht) Frankfurt am Main concerns the liability of third-party service providers for cookie placement without valid user consent under German data-protection and telemedia law.

The court ruled that third-party providers who technically cause or contribute to the placement of cookies without valid user consent can be held liable, even if they are not the primary operator of the website on which the cookies are deployed. This includes third‑party analytics, advertising, and tracking providers, even when contracts with website operators stipulate that cookies should only be set with proper consent.

For more information: OLG Frankfurt [DE]

Sweden

01/26/2026

Swedish Supervisory Authority | Sanction | Data Breach

The Swedish Supervisory Authority (“IMY”) fined a Swedish digital sports administration platform €560,000 after a data breach.

IMY has fined the platform SEK 6 million (approximately €520,000) for GDPR violations following a January 2025 cyberattack that exposed personal data of over 2.1 million individuals, primarily children and young individuals. The leaked information, which included names, national ID numbers and health data, was subsequently published on the darknet. IMY found that the platform had long been aware of system vulnerabilities but failed to implement adequate technical and organizational safeguards, including real-time intrusion detection, to protect the sensitive data it processed.

For more information: IMY Website

Spain

01/19/2026

Spanish Supervisory Authority | Guidance | GenAI use cases

The Spanish Supervisory Authority (“AEPD”) released comprehensive GenAI management framework.

In late 2025, the AEPD published its General Policy for the Use of Generative AI, along with a practical annex establishing guidelines for the safe and ethical deployment of AI across the AEPD. In early 2026, it completed its internal framework with key obligations in governance, data protection, transparency, security, and vendor contracting, requiring prior approval of use cases, updated risk inventories, human oversight for automated decisions, and strict data minimization. Organizations are also reminded that GenAI should support, not replace, human decision-making, and must never be relied upon for critical or urgent processes requiring maximum accuracy.

For more information: AEPD Website

01/13/2026

Spanish Supervisory Authority | Informative Note | Risks of using third-party images in AI systems

The Spanish Supervisory Authority (“AEPD”) warned of visible and invisible risks in AI image use.

The AEPD published guidance analyzing the risks of using third-party images in AI systems, even in seemingly trivial or playful contexts. The document highlights high-risk scenarios such as sexualization, synthetic intimate content, and the use of images involving minors or vulnerable individuals. It also warns of less visible risks that arise simply from uploading images to AI systems, including loss of control, hidden data retention, and persistent identification risks, even when the output is never published.

For more information: AEPD Website [ES]

United Kingdom

01/21/2026

UK Government I Consultation I Under-16s Social Media Ban

The UK Government has launched a consultation on children’s social media use.

The UK Government’s consultation examining children’s use of mobile phones and social media will consider potential social media bans for children and the role of age assurance technologies. The consultation is expected to last three months with the UK Government’s response anticipated in the summer.

Alongside this consultation, an amendment was introduced during the passage of the Children’s Wellbeing and Schools Bill that would require the introduction of regulation raising the minimum age for social media access to 16. The Bill will move to the House of Commons, where ministers have signalled in the press they would seek to overturn the amendment and instead await the outcome of the consultation.

For more information: Consultation, Amendment, House of Lord website and Press Reporting

01/19/2026

UK Government I Memorandum of Understanding I Data protection

UK Department for Science, Innovation and Technology has published a Memorandum of Understanding (MOU) between the Information Commissioner’s Office (ICO) and the UK Government.

This MOU formalises the ICO and UK Government’s framework for cooperation on data protection. The MOU commits ministers and senior officials to earlier engagement with the regulator, regular assurance exercises and the creation of a data safety culture.

For more information: UK Government Website

01/15/2026

ICO I Guidance I International Transfers

The ICO has published updated guidance on international transfers.

This updated guidance does materially alter the substance of the ICO’s historic advice on international transfers but is intended to simplify the guidance for businesses. The updated guidance sets out a ‘three step test’ for organisations to use to help identify if they are making restricted transfers and reiterates the mechanisms available to ensure an equivalent level of protection for transferred data.

For more information: ICO

01/08/2026

ICO I Guidance I Agentic AI

The UK Information Commissioner’s Office (ICO) has published a report on the rise of agentic AI.

The ICO’s new report on agentic AI identifies certain key data protection compliance concerns, including in relation to transparency, purpose limitations in circumstances where the purpose of the agentic AI is unclear, data minimisation, and concerns in relation to automated decision-making (ADM). The report also notes that “[t]hroughout 2026 the ICO will actively monitor advancements and work with AI developers and deployers to ensure they are clear on what the law requires of them”, with a statutory code on AI and ADM being developed by the ICO and further regulatory guidance on agentic AI, ADM and profiling expected Q1 2026.

For more information: ICO report

01/07/2026

ICO I Investigation I AI Provider

The UK Information Commissioner’s Office (ICO) published a public statement in response to a social media and AI provider.

Following a statement on 7 January that the ICO had contacted a social media and AI provider to seek “clarity on the measures they have in place to comply with UK data protection law and protect individuals’ rights”, the ICO announced on 3 February it had opened formal investigations into the provider over the AI’s processing of personal data and the AI’s alleged generation of harmful sexualised content. The ICO’s investigation will also look into whether “appropriate safeguards were built into [the AI’s] design and deployment.” Alongside the data protection authority’s investigation, Ofcom and the European Commission have also launched investigations on 12 January into this social media and AI provider over the AI’s sexualised imagery under the Online Safety Act and the Digital Services Act respectively.

For more information: ICO Statement, ICO Investigation Announcement

The following Gibson Dunn lawyers prepared this update: Ahmed Baladi, Vera Lukic, Kai Gesing, Joel Harrison, Thomas Baculard, Ioana Burtea, Billur Cinar, Hermine Hubert, Christoph Jacob, Yannick Oberacker and Phoebe Rowson-Stevens.

Gibson Dunn lawyers are available to assist in addressing any questions you may have about these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any leader or member of the firm’s Privacy, Cybersecurity & Data Innovation practice group:

Privacy, Cybersecurity, and Data Innovation:

United States:
Abbey A. Barrera – San Francisco (+1 415.393.8262, abarrera@gibsondunn.com)
Ashlie Beringer – Palo Alto (+1 650.849.5327, aberinger@gibsondunn.com)
Ryan T. Bergsieker – Denver (+1 303.298.5774, rbergsieker@gibsondunn.com)
Keith Enright – Palo Alto (+1 650.849.5386, kenright@gibsondunn.com)
Gustav W. Eyler – Washington, D.C. (+1 202.955.8610, geyler@gibsondunn.com)
Cassandra L. Gaedt-Sheckter – Palo Alto (+1 650.849.5203, cgaedt-sheckter@gibsondunn.com)
Svetlana S. Gans – Washington, D.C. (+1 202.955.8657, sgans@gibsondunn.com)
Lauren R. Goldman – New York (+1 212.351.2375, lgoldman@gibsondunn.com)
Stephenie Gosnell Handler – Washington, D.C. (+1 202.955.8510, shandler@gibsondunn.com)
Natalie J. Hausknecht – Denver (+1 303.298.5783, nhausknecht@gibsondunn.com)
Jane C. Horvath – Washington, D.C. (+1 202.955.8505, jhorvath@gibsondunn.com)
Martie Kutscher Clark – Palo Alto (+1 650.849.5348, mkutscherclark@gibsondunn.com)
Kristin A. Linsley – San Francisco (+1 415.393.8395, klinsley@gibsondunn.com)
Vivek Mohan – Palo Alto (+1 650.849.5345, vmohan@gibsondunn.com)
Ashley Rogers – Dallas (+1 214.698.3316, arogers@gibsondunn.com)
Sophie C. Rohnke – Dallas (+1 214.698.3344, srohnke@gibsondunn.com)
Eric D. Vandevelde – Los Angeles (+1 213.229.7186, evandevelde@gibsondunn.com)
Frances A. Waldmann – Los Angeles (+1 213.229.7914,fwaldmann@gibsondunn.com)
Debra Wong Yang – Los Angeles (+1 213.229.7472, dwongyang@gibsondunn.com)

Europe:
Ahmed Baladi – Paris (+33 1 56 43 13 00, abaladi@gibsondunn.com)
Patrick Doris – London (+44 20 7071 4276, pdoris@gibsondunn.com)
Kai Gesing – Munich (+49 89 189 33-180, kgesing@gibsondunn.com)
Joel Harrison – London (+44 20 7071 4289, jharrison@gibsondunn.com)
Lore Leitner – London (+44 20 7071 4987, lleitner@gibsondunn.com)
Vera Lukic – Paris (+33 1 56 43 13 00, vlukic@gibsondunn.com)
Lars Petersen – Frankfurt/Riyadh (+49 69 247 411 525, lpetersen@gibsondunn.com)
Christian Riis-Madsen – Brussels (+32 2 554 72 05, criis@gibsondunn.com)
Robert Spano – London/Paris (+44 20 7071 4000, rspano@gibsondunn.com)

Asia:
Connell O’Neill – Hong Kong (+852 2214 3812, coneill@gibsondunn.com)

Attorney Advertising: These materials were prepared for general informational purposes only based on information available at the time of publication and are not intended as, do not constitute, and should not be relied upon as, legal advice or a legal opinion on any specific facts or circumstances. Gibson Dunn (and its affiliates, attorneys, and employees) shall not have any liability in connection with any use of these materials. The sharing of these materials does not establish an attorney-client relationship with the recipient and should not be relied upon as an alternative for advice from qualified counsel. Please note that facts and circumstances may vary, and prior results do not guarantee a similar outcome.

With the passage of SB 25, California becomes the third state to pass a state-level “mini-HSR” regime, joining Washington and Colorado, which enacted similar legislation in 2025. The Act applies to HSR notifications filed on or after January 1, 2027.

On February 10, California Governor Gavin Newsom signed SB 25 into law.[1] SB 25—the California Uniform Antitrust Pre‑Merger Notification Act—requires certain Hart‑Scott‑Rodino (HSR) filers to submit a copy of their federal premerger notification materials to the California Attorney General. Unlike the HSR Act, a California State filing does not trigger a waiting period that suspends the parties from closing their transaction, but the filing is mandatory and designed to create an early, streamlined avenue for state review and coordination. With the passage of SB 25, California becomes the third state to pass a state-level “mini-HSR” regime, joining Washington and Colorado, which enacted similar legislation in 2025. The Act applies to HSR notifications filed on or after January 1, 2027.[2]

The bill is based on model antitrust legislation published by the Uniform Law Commission and is designed to align state practice with federal HSR procedures rather than create a wholly independent state review regime. While the California Law Revision Commission has advanced broader antitrust proposals on single‑firm conduct and concerted action,[3] and continues to consider broader reform on mergers and acquisitions, SB 25 instead focuses narrowly on premerger notification procedures tied to HSR filings. SB 25 therefore seeks to improve process and coordination, not to redefine substantive merger standards.

California Attorney General Rob Bonta previously endorsed SB 25, emphasizing that the measure would provide “upfront access to federal merger filings,” “facilitate early information sharing and coordination,” and include “strong confidentiality provisions,” with the stated aim of streamlining merger evaluation for both the California Department of Justice (CA DOJ) and businesses. This endorsement suggests the state plans to coordinate, not duplicate, federal merger review.

SB 25’s Requirements, Protections, and Penalties

SB 25 requires HSR filers to submit a complete electronic copy of the HSR form to the CA DOJ when either of the following is true:

The person has its principal place of business in California; or
The person (or a person it directly or indirectly controls) had annual net sales in California of the goods or services involved in the transaction of at least 20% of the prevailing federal HSR filing threshold.[4]

The filing party must also submit a complete electronic copy of the HSR form to the CA DOJ contemporaneously—at the latest, within one business day of the federal filing. If the filing party’s principal place of business is in California, the submission must include a complete electronic copy of any “additional documentary material” filed with the HSR form. And if the obligation to file is triggered by meeting the California sales threshold (rather than by maintaining a principal place of business in California), the CA DOJ may request the additional documentary material, and the filer must provide it within seven days of the request.[5]

SB 25 enables the Attorney General to impose filing fees of $1,000 if the filing person has its principal place of business in California or $500 if the filing person had annual net sales in California of the goods or services involved in the transaction of at least 20% of the prevailing federal HSR filing threshold. The fees are deposited into the Attorney General’s antitrust account.[6]

The Attorney General must provide a secure means to receive and store submitted materials. [7]

SB 25 provides robust confidentiality protections that prohibit the CA DOJ from making any component of the HSR form public; exempt these materials from disclosure under California’s public‑records law, aligning with HSR confidentiality norms; and permit disclosure only under protective order in an administrative or judicial proceeding where the proposed merger is relevant.[8] However, SB 25 does allow the CA DOJ to share information with the Federal Trade Commission, the United States Department of Justice, and with other states that have adopted the ULC’s Uniform Antitrust Pre-Merger Notification Act (or substantively equivalent legislation) and that provide confidentiality assurances at least as protective as those in the uniform act.[9] For reciprocity‑based disclosures to other states, the CA DOJ must provide at least five business days’ advance notice to the submitting party before making a disclosure.

After written notice and a three‑business‑day cure period, the Attorney General may impose or seek to impose civil penalties of up to $25,000 per day for failure to submit the required materials or to respond timely to a request for additional documentary material.[10]

Practical Implications for Transactions

Transacting parties that already file HSR materials and either have a California principal place of business or meet the California sales‑based nexus will need to implement a parallel process to transmit a complete electronic copy of the HSR form to the CA DOJ within one business day of the federal filing. This is largely an administrative alignment task rather than a new analytical requirement.

Parties with a California principal place of business must include any HSR “additional documentary material” in their California submission at the outset, which effectively mirrors the federal submission package. And parties that qualify solely under the sales‑based nexus should prepare to produce additional documentary material within seven days if requested by the CA DOJ.

Prior to enactment of this legislation, the California Attorney General already could investigate merger activity by issuing subpoenas for HSR information, from the Federal Trade Commission or the U.S. Department of Justice but CA DOJ was not automatically notified of filings that may be in the state’s interest.

Takeaways

SB 25 is intentionally tethered to the federal HSR framework, avoiding an independent California notification regime with novel thresholds, forms, or substantive presumptions. The bill requires only a copy of what the HSR already demands, on a synchronized timetable, and leverages existing federal confidentiality norms, federal definitions, and federal threshold calibration.

Because SB 25 is integrated with HSR timing and form requirements, parties should expect earlier, more routine outreach from the CA DOJ in transactions with a California nexus. The aim is explicit: to “facilitate early information sharing and coordination between state and federal antitrust officials,” reducing the need for ad hoc negotiations or subpoenas to obtain HSR materials of interest. This early access may allow the CA DOJ to participate more actively in merger assessments that affect California markets, while preserving uniformity and confidentiality.

The bill’s reciprocity provisions also anticipate information‑sharing with other states that have enacted the uniform act or a substantively equivalent statute, but only with confidentiality assurances that meet or exceed the uniform act’s standards.

Gibson Dunn attorneys are available to discuss how this legislation and other state mini-HSR laws may apply to your business, affect your legal compliance policies and address any other questions you may have regarding the issues discussed in this update.

[1] Governor Newsom Signs Legislation 2.10.26, https://www.gov.ca.gov/2026/02/10/governor-newsom-signs-legislation-2-10-26/.

[2] Id. at Section 16787.

[3] See December 23, 2025 Client Alert; June 23, 2025 Client Alert.

[4] SB 25, Uniform Antitrust Pre-Merger Notification Act, Section 16782(a).

[5] Id. at Section 16782(b-c).

[6] Id. at Section 16782(e).

[7] Id. at Section 16782(d).

[8] Id. at Section 16783(a-c).

[9] Id. at Section 16783(d).

[10] Id. at Section 16785.

The following Gibson Dunn lawyers prepared this update: Rachel Brass, Daniel Swanson, Kristen Limarzi, Caeli Higney, Julian Kleinbrodt, Sarah Roberts, Kunal Jhaveri, and Tristan Locke.

Gibson Dunn lawyers are available to assist in addressing any questions you may have regarding the issues discussed in this update. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any leader or member of the firm’s Antitrust and Competition, Private Equity, or Mergers and Acquisitions practice groups:

Antitrust and Competition:
Rachel S. Brass – San Francisco (+1 415.393.8293, rbrass@gibsondunn.com)
Jamie E. France – Washington, D.C. (+1 202.955.8218, jfrance@gibsondunn.com)
Sophia A. Hansell – Washington, D.C. (+1 202.887.3625, shansell@gibsondunn.com)
Caeli A. Higney – San Francisco (+1 415.393.8248, chigney@gibsondunn.com)
Julian W. Kleinbrodt – San Francisco (+1 415.393.8382, jkleinbrodt@gibsondunn.com)
Kristen C. Limarzi – Washington, D.C. (+1 202.887.3518, klimarzi@gibsondunn.com)
Samuel G. Liversidge – Los Angeles (+1 213.229.7420, sliversidge@gibsondunn.com)
Michael J. Perry – Washinton, D.C. (+1 202.887.3558, mjperry@gibsondunn.com)
Cynthia Richman – Washington, D.C. (+1 202.955.8234, crichman@gibsondunn.com)
Bradley P. Smith – New York (+1 212.351.5376, bpsmith@gibsondunn.com)
Daniel G. Swanson – Los Angeles (+1 213.229.7430, dswanson@gibsondunn.com)
Stephen Weissman – Washington, D.C. (+1 202.955.8678, sweissman@gibsondunn.com)

Private Equity:
Richard J. Birns – New York (+1 212.351.4032, rbirns@gibsondunn.com)
Ari Lanin – Los Angeles (+1 310.552.8581, alanin@gibsondunn.com)
Michael Piazza – Houston (+1 346.718.6670, mpiazza@gibsondunn.com)
John M. Pollack – New York (+1 212.351.3903, jpollack@gibsondunn.com)

Mergers and Acquisitions:
Robert B. Little – Dallas (+1 214.698.3260, rlittle@gibsondunn.com)
Saee Muzumdar – New York (+1 212.351.3966, smuzumdar@gibsondunn.com)
George Sampas – New York (+1 212.351.6300, gsampas@gibsondunn.com)

An annual update of observations on new developments and highlights of considerations for calendar-year filers preparing their Annual Reports on Form 10-K for 2025.

Each year we offer our observations on new developments and highlight select considerations for calendar-year filers as they prepare their Annual Reports on Form 10-K. As we have worked with clients and reviewed filings by others, these are the developments that have been more top-of-mind and evolving. This alert touches upon recent trends, guidance and priorities of the U.S. Securities and Exchange Commission (the SEC or Commission), emerging trends among reporting companies, recent comment letters issued by the staff of the SEC’s Division of Corporation Finance (the Staff), and developments in the securities litigation and SEC enforcement landscape.

Since being appointed to chair the Commission, Chairman Paul Atkins has emphasized continuity in core disclosure frameworks while prioritizing modernization and materiality-driven reporting. Although the Commission has not yet proposed new disclosure rulemaking that would impact most public company issuers, it has actively pursued policy shifts through guidance, both formal (e.g., compliance and disclosure interpretations) and informal (e.g., speeches). Other changes in leadership at the SEC, including the appointment of longtime Gibson Dunn partner James J. Moloney as Director of the Division of Corporation Finance, are expected to help accelerate Chairman Atkins’s disclosure rationalization initiatives. While regulatory changes have been foreshadowed and shifts in review focus and enforcement priorities are expected, companies should be mindful to maintain compliance with existing rules and respond to any changes only after they are formally implemented.

An index of the topics described in this alert is provided below.

I…. Disclosure Trends and Considerations for the 2025 Form 10-K

A…….. Risk Factors
B…….. Tariffs and Export Controls
C……. Federal Policy and Regulatory Activity
D……. Generative Artificial Intelligence
E…….. Insider Trading State of Play
F…….. Human Capital
G……. Cybersecurity
H……. Climate Change and ESG

II…. SEC Comment Letter Trends

A…….. Management’s Discussion and Analysis
B…….. Non-GAAP Financial Measures
C……. Segment Reporting

III…. Securities Litigation

IV…. SEC Enforcement

A…….. Emerging Technologies (AI)
B…….. Financial Reporting
C……. Insider Trading
D……. Foreign Issuers

V…. Other Reminders and Considerations

A…….. Tax Footnote Disclosures
B…….. Avoiding Common XBRL Errors in Form 10-K Filings
C……. ASC 280 and Non-GAAP Measures
D……. Clawback Policies and Checkboxes
E…….. SRC Filer Status Guidance
F…….. SEC’s Flex Agenda

I. Disclosure Trends and Considerations for the 2025 Form 10-K

A. Risk Factors

Appropriately Characterize Risk Factors to Mitigate Risk

Recent securities litigation has highlighted the importance of properly characterizing the purpose of risk factor disclosures and clearly communicating the limitations of those disclosures to investors. Securities lawsuits increasingly include claims that risk factors are misleading when they describe potential risks as hypothetical when such risks have already materialized. Last year, the Supreme Court’s decision to dismiss the appeal in Facebook Inc. v. Amalgamated Bank left unanswered how securities fraud claims challenging risk factor disclosures should be analyzed, and, as a result, companies face even greater uncertainty in drafting risk factors.

To address this risk, we recommend companies update the introductory paragraph to the Risk Factors section to clarify that the risk factor disclosures reflect management’s beliefs and opinions about potential future risks and do not contain factual assertions about past events. As Gibson Dunn partner Michael Kahn explained to Bloomberg Law, “[r]isk factor disclosures fundamentally are an expression of a company’s opinions and beliefs about what poses a risk to their business,” and treating them as such “has sound basis in law and common sense and would help companies.”[1] Framing risk factors as opinion statements aligns with the Supreme Court’s decision in Omnicare Inc. v. Laborers District Council Construction Industry Pension Fund and reinforces that Item 105 of Regulation S-K calls for judgment-based, forward-looking disclosure.

The following is an example of language that could be included in the introductory paragraph of the Risk Factors section:

These disclosures reflect the Company’s beliefs and opinions as to factors that could materially and adversely affect the Company and its securities in the future. References to past events are provided by way of example only and are not intended to be a complete listing or a representation as to whether or not such factors have occurred in the past or their likelihood of occurring in the future.

Including such clarification communicates that Item 105 disclosures are inherently speculative and exclusively forward-looking. We encourage companies preparing their 2025 Form 10-Ks to incorporate similar language to strengthen their litigation protection while maintaining clarity.

Trends and Emerging Risks

Companies should review and update their risk factor disclosures to address material risks that have emerged or materially evolved during 2025. Material risks that have already materialized should be described accordingly, and risk factors that have become stale or are no longer material should be removed. Companies should also review any illustrative examples included in their risk factors to determine whether those examples remain current or should be refreshed. In addition, as risk factor disclosures are updated, companies should consider whether updates in other sections of the Form 10-K, such as in the Business section, Management’s Discussion and Analysis (MD&A), or Financial Statements, warrant corresponding or conforming updates.

Some of the themes and emerging risks we have observed this year include the following:

Generative Artificial Intelligence: Discussion of artificial intelligence (AI), including generative AI, within risk factors has expanded significantly. Companies are increasingly addressing how AI may affect risks related to cybersecurity, human capital, government regulation, competition, intellectual property, and business reputation. For example, many companies are discussing (i) risks related to attracting and retaining personnel with AI expertise, (ii) how the use of AI, particularly by bad actors, may exacerbate cybersecurity risks, and (iii) risks related to the internal adoption and use of AI technologies as well as the deployment of AI-related products. Please see Section I.D. “Generative Artificial Intelligence” below for more information regarding AI-related disclosures.

ESG: In response to increased scrutiny of, and heightened litigation over, environmental, social, and governance (ESG) and diversity, equity, and inclusion (DEI) initiatives, many companies have scaled back ESG- and DEI-related disclosure, including in the Risk Factors section. For example, some companies have opted to remove ESG-related risk factors entirely, while others have opted to replace ESG and DEI with less contentious terms, such as “corporate responsibility,” “sustainability,” or “inclusion.” In addition, many companies have added to their risk factor disclosures risks related to evolving and increasingly conflicting stakeholder expectations and regulations relating to ESG initiatives. We encourage you to refer to our client alert titled “Five Years of Evolving Form 10-K Human Capital Disclosures” for more information regarding S&P 100 companies’ human capital disclosures. Please also see Section I.F. “Human Capital” and Section I.H. “Climate Change and ESG” below for more information regarding ESG- and DEI-related disclosures.

U.S. Tariffs and Trade Policy: In connection with evolving changes in domestic and foreign trade policies, including U.S.-imposed tariffs and corresponding retaliatory actions by other countries, many companies have expanded their discussion of risks related to tariffs and other trade policies, including the potential effects that such policies may have on supply chains, costs, price fluctuations, and market demand. Please see Section I.B. “Tariffs and Export Controls” below for more information regarding disclosures related to tariffs and international trade policies.

Export Controls: Although less generally applicable, companies in certain industries have increasingly addressed risks related to U.S. export controls and related measures. For example, companies have addressed the potential effect of U.S. export controls on semiconductors, data flows, and AI technologies, as well as Chinese export controls on rare earth metals, on their business and operations. Please see Section I.B. “Tariffs and Export Controls” below for more information regarding disclosures related to tariffs and international trade policies.

U.S. Government Regulatory and Policy Changes: Many companies updated their risk factors to address risks related to the change in the U.S. presidential administration, including changes in the leadership of various federal regulatory agencies and changes in federal government policy, that have led to, in some cases, legal challenges as well as uncertainty around the funding, functioning, and policy priorities of federal regulatory agencies and the status of current and future regulations. Please see Section I.C. “Federal Policy and Regulatory Activity” below for more information regarding these types of disclosures.

Human Capital: Many companies have updated their risk factors to account for evolving risks related to their human capital. For example, some companies have addressed how evolving U.S. immigration policies and enforcement may disrupt workforce availability and increase related costs. In addition, a number of companies have updated risk factors related to work-from-home employees, such as potentially increased cybersecurity risks associated with work-from-home arrangements, as company policies regarding remote work continue to evolve. Please see Section I.F. “Human Capital” below for more information regarding human capital resource disclosures.

B. Tariffs and Export Controls

As tariffs, export controls, and other federal government and regulatory agency activities continue to evolve, companies should continue to ensure that their disclosures adequately address the implications and impacts to their business. During 2025, risks and operational challenges associated with these topics have shifted from hypothetical to reality, and upcoming filings should reflect this.

Tariff and Trade Policy Environment

Throughout 2025, companies have expanded on their disclosures related to tariffs and other trade policies as their impacts began to be felt. With respect to risk factors, companies have progressed from listing tariffs among general macroeconomic headwinds to providing more detailed descriptions of the specific impacts caused by tariff policies and related uncertainties, such as supply chain disruptions, increased costs, price fluctuations, and shifts in market demand. Going forward, companies should ensure that these disclosures remain consistent with ongoing trade policy implementation and changes and current with respect to specific company impacts. For example, any references to specific tariffs or potential retaliatory actions should be updated as needed quarter over quarter to keep the disclosure accurate, especially in light of the dynamic and rapidly developing changes in U.S. and foreign trade policies. Even for companies that include references to specific developments, due to the amount of activity in this area, they should also consider using evergreen language that can provide coverage as the scope of developments expands.

Beyond risk factors, companies should review tariff-related disclosures in their MD&A and Business sections to add quantifiable details where applicable and possible. In MD&A, when material, companies have quantified the effects of certain tariffs, including more robust examples and discussions of mitigation strategies. In the Business section, which calendar-year filers have not updated since before “Liberation Day” on April 2, 2025, non-calendar-year filers have increasingly added references to tariffs and other trade policy developments, specifically addressing their effects on the company’s products, manufacturing systems, and supply chain. The depth of these tariff-related disclosures will depend on each company’s specific industry and the extent to which tariff policies affect the company’s business.

For example, in their Q3 2025 Form 10-Qs, many companies within the biotechnology industry discussed the September 25, 2025 announcement of potential 100% U.S. tariffs on imported branded or patented pharmaceuticals without U.S.-based manufacturing plants and how such tariffs may affect their business, as discussed in our blog post. Companies that identify tariffs or trade policies likely to have a direct impact on their business should, to the extent material, address those matters in the Risk Factors, MD&A, Forward-looking Statement disclaimers, and other relevant sections, as applicable.

Export Controls

Although less broadly applicable than tariff policies, companies affected by export controls and related measures should ensure that their disclosures continue to evolve to appropriately address not only government policies that limit international sales but also, when material, the quantifiable impacts of such restrictions. During 2025, many companies, specifically technology companies, have addressed the effect that export controls on semiconductors, data flows, and artificial intelligence technologies have on their business.

The effects of these policies are increasingly reflected in MD&A, especially in discussions related to international sales and in the identification of new costs tied to compliance and relocation efforts. To the extent material, disclosure about how export controls may affect the company’s operations should be provided in the Risk Factors, Business section, and Financial Statements, as applicable.

C. Federal Policy and Regulatory Activity

The longest federal government shutdown in U.S. history concluded on November 12, 2025, but it remains clear that risks stemming from the fluidity of the federal government’s budgetary and regulatory agenda will persist. Even though the most recent shutdown threat was largely averted, these risks continue to warrant careful consideration by companies, especially those in highly regulated industries, such as the pharmaceutical industry, or those with significant government contracting exposure, such as defense and aerospace.

Since the start of the new presidential administration, companies have drafted new risk factor language to address heightened risks arising from shifting administrative enforcement priorities, such as the shift away from ESG policies and initiatives, the increased use of executive orders as a policy tool, and the potential effects of changing federal budget priorities on government contracts. While fewer disclosures regarding these trends have been included in MD&A (apart from those specifically tied to the previous government shutdown), companies should assess whether any quantifiable effects—particularly those involving government contracts—can be meaningfully measured and disclosed.

D. Generative Artificial Intelligence

AI, including generative AI, continues to be an increasingly relevant topic for public companies, all of which should continue to assess whether they have adequate AI-related disclosures, specifically considering the ways in which the company’s strategy, productivity, market competition and demand for the company’s products, investments, and the company’s reputation, as well as legal and regulatory risks, could be affected by AI. To the extent material, how the company uses AI and the risks related to its use—by the company or its competitors—should be provided in the Description of Business section, Risk Factors, and MD&A, as applicable.

Discussion of risks associated with AI in periodic reports has increased, with AI-related risks being addressed in the substantial majority of all Forms 10-K filed by large companies during 2025. Companies typically discussed AI within the context of the following risk factors:

Cybersecurity: AI-related cybersecurity risks, especially risks arising from the use of AI by bad actors to commit cyberattacks, such as by creating sophisticated new attack methods, impersonating authorized individuals, or otherwise exploiting weaknesses in security systems, have become a common topic discussed by companies. Many companies have also noted that the use or misuse of AI by employees, contractors, or third-party vendors may increase cybersecurity risks.
Human Capital: Some companies that rely on AI as part of their business have included disclosure regarding risks related to attracting and retaining competent personnel with relevant AI experience. Additionally, some companies have addressed how AI offerings and the internal adoption of AI may disrupt or modify workforce needs.
Regulatory: With AI becoming increasingly incorporated into businesses and operations, many companies have begun to discuss risks related to new and developing AI-related government regulations, such as the EU AI Act.
Competition: Many companies have begun addressing AI in competition-related risk factors, noting that competitors may incorporate AI faster or more successfully into their products, services, or operations.
Execution: Risks related to the launching of new AI tools or offerings, such as the introduction of new vulnerabilities, bugs, or defects, or the risk of customers not accepting AI products, are also often discussed. Many companies also address how investments in new technologies, such as generative AI, may not be recoverable or achieve the company’s intended benefits.
Intellectual Property: Companies are increasingly discussing AI in connection with IP risks. In particular, many companies discuss risks related to the uncertainty around evolving AI IP laws and the increased risk of IP infringement due to the use of AI tools or AI training models.
Reputation: Many companies address how public perceptions regarding their use of AI may negatively affect their reputation or brand image.

Moreover, in lieu of (or in addition to) referencing AI in multiple different risk factors, many large companies have begun to include a standalone “AI risk factor” that consolidates the most relevant AI-related risks in one place.[2]

When making AI-related disclosures, companies should be careful of overly broad or otherwise imprecise language that could be interpreted as “AI Washing.”[3] As noted in a prior Division of Corporation Finance announcement, the Staff will consider how companies describe AI-related opportunities and risks, including, to the extent material, whether the company: (1) clearly defines what it means by “AI” and how the technology could improve the company’s results of operations, financial condition, and future prospects; (2) provides tailored, rather than boilerplate, disclosure about material risks related to AI; (3) focuses on the company’s current or proposed use of AI; and (4) has a reasonable basis for its claims when discussing AI prospects.[4]

Similar to last year, SEC comment letters continue to seek additional context for AI-related disclosures, frequently asking companies to explain the basis of AI-related performance claims and to provide specific descriptions of any AI technology being used by the company, such as the development, implementation, and source of the technology, and risks related to such use.[5]

E. Insider Trading State of Play

As we previously reported, pursuant to Item 408(b) of Regulation S-K, calendar year companies were required to file their insider trading policies as exhibits to their annual reports on Form 10-K and comply with the related disclosure requirements in their proxy statements for the first time during the 2024-2025 annual reporting season.[6] We recently published a survey of the insider trading policy disclosures from the S&P 100, available in our client alert titled “Survey of S&P 100 Insider Trading Policies in Year One of the SEC’s Insider Trading Exhibit Requirement.” We encourage you to refer to that alert for more information about trends regarding the S&P 100 companies’ insider trading policies. Relevant to the Form 10-K filing requirement is our finding that 90% of companies surveyed filed only one insider trading policy and no other related policies or documents, even when the policy referenced other ancillary materials (e.g., FAQs, handbooks).

F. Human Capital

Human capital resource disclosures by public companies have continued to be a focus since the SEC adopted new rules in 2020, not only for companies making the disclosures but also for employees, investors, and other stakeholders reading them. As we have done for the past several years, we recently published a survey of the human capital resource disclosures on Form 10-K from the S&P 100, available in our client alert titled “Five Years of Evolving Form 10-K Human Capital Disclosures,”[7] which also provides practical considerations for companies as we head into 2026. Key findings of that survey are summarized below.

Length of disclosure. 85% percent of companies surveyed decreased the length of their disclosures and the remaining 15% increased the length of their disclosures. In most cases, the decreases in length were driven at least partially by companies scaling back diversity-related disclosures. In some cases, diversity-related discussions were deleted in their entirety. Of the 85 companies that decreased the length of their disclosures, 49 decreased the length of disclosures in both 2024 and 2025, 30 increased the length of disclosures in 2024 followed by a decrease in 2025, and the remaining six had no change in the length of disclosures in 2024 followed by a decrease in 2025.
Number of topics covered. 72% of companies surveyed decreased the number of topics covered, 11% increased the number of topics covered, and the remaining 17% covered the same number of topics. Year over year, 36 companies decreased the number of topics covered in both 2024 and 2025, 29 companies covered the same number of topics in 2024 compared to the prior year but decreased the number of topics covered in 2025, seven companies increased the number of topics covered in 2024 followed by a decrease in 2025, 11 companies made no change to the number of topics covered in both 2024 and 2025, and nine companies made no change to the number of topics covered in 2024 followed by an increase in 2025.

Breadth of topics covered. Across all companies, the prevalence of three topics increased, 19 topics decreased, and six topics remained the same.
- The most significant year-over-year decreases related to diversity disclosures, continuing a trend from 2024, with decreases in every diversity-related category as well as in pay equity and quantitative pay gap disclosures. Other significant decreases related to disclosures addressing community investment (26% to 17%), governance and organizational practices (51% to 45%), and flexible work arrangements (37% to 32%).
- The year-over-year increases in frequency involved minor increases in unionized employee relations (39% to 40%), employee mental health (52% to 54%), and monitoring culture (68% to 70%) disclosures.

Most common topics covered. This year, the most commonly discussed topics remained consistent with the previous three years, with the top five most frequently discussed topics being talent development, talent attraction and retention, employee compensation and benefits, diversity and inclusion, and monitoring culture. The topics least discussed this most recent year, however, changed slightly from those of the previous year as quantitative pay gap and diversity in promotion disclosures were tied as the fifth least frequently covered topics (joining physical security, diversity targets or goals, quantitative new hire diversity, and supplier diversity), replacing full-time and part-time employee split.
Industry trends. Disclosure trends in the technology, finance, and pharmaceutical industries shifted slightly from previous years, with some industries responding differently to the changing DEI landscape than the S&P 100 as a whole, as further discussed below.

G. Cybersecurity

On July 26, 2023, the SEC adopted a final rule requiring public companies to provide current disclosure of material cybersecurity incidents and annual disclosure regarding cybersecurity risk management, strategy, and governance. The rule first applied to annual reports on Form 10-K for fiscal years ending on or after December 15, 2023, and companies provided the required disclosures for the first time in 2024. As companies prepare their second year of disclosures for 2025, we suggest reviewing our alerts titled “Cybersecurity Disclosure Overview: A Survey of Form 10-K Cybersecurity Disclosures by the S&P 100 Companies,” which analyzes disclosures made by 97 S&P 100 companies in response to Item 106 requirements as of November 30, 2024.

While certain disclosure trends have emerged under Item 106, there remains significant variation among companies’ cybersecurity disclosures, reflecting the reality that effective cybersecurity programs must be tailored to each company’s specific circumstances, including its size and operational complexity, the nature and scope of its activities, industry, regulatory environment, data sensitivity, and risk profile. Companies must strike a careful balance in their disclosures, providing sufficient, decision-useful information for investors, while taking care not to reveal sensitive information that could be exploited by threat actors. For example, when describing cybersecurity processes, management roles, or board oversight, companies should discuss these matters at the policy or governance level rather than detailing specific controls or response mechanisms that could expose vulnerabilities.[8]

SEC comment letters regarding Item 1C disclosures tended to fall into one of the following categories: (i) requests for additional information on the relevant cybersecurity expertise of individuals responsible for a company’s cybersecurity program; (ii) requests that the company provide Item 1C cybersecurity disclosure where it was omitted from the Form 10-K; and (iii) requests for additional detail regarding the processes the company uses to oversee and identify cybersecurity threats.[9]

H. Climate Change and ESG

The SEC’s climate disclosure rules[10] will not apply to the next Form 10-K, as they remain stayed and subject to ongoing litigation.[11] Even so, as has always been the case, public companies should consider whether, given their particular circumstances, existing SEC rules require disclosure on environmental or sustainability-related matters.[12] For example:

Companies who have faced, or expect to face, material environmental or social risks or impacts should address them in relevant sections of the Form 10-K. In the Risk Factors, for example, companies may foresee operational disruptions or reputational harm. The Business section may need to flag material climate-related laws or regulations or strategic changes. In MD&A, disclosure might focus on material costs invested in climate-related technologies or incurred to repair severe weather damage.
Companies should also revisit past disclosures on these topics and make relevant updates or removals. The company’s risk profile may have changed since the disclosure was introduced due to resilience investments, changes in the location of operations, or shifts in government funding or subsidies. The U.S. regulatory environment on climate-related matters has changed course from the prior presidential administration, and historical risks or expectations may need to be updated to account for such directional shifts.

Companies should also review their ESG-related statements and expectations outside of SEC filings, including in voluntary sustainability reports, third-party questionnaires or new mandatory sustainability reporting requirements. These matters should be consistent with material information being provided in the Form 10-K.

Finally, consider working with outside counsel to confirm that ESG-related claims and terms are accurate and properly qualified to avoid greenwashing litigation risks.

II. SEC Comment Letter Trends[13]

In 2025, comment letters from the Staff continued to focus on addressing disclosures in MD&A and the use of non-GAAP measures, followed by segment reporting, revenue recognition, and goodwill and intangible assets. Over the next year, we expect the Staff to focus on disclosures related to segment reporting following the adoption of Accounting Standards Update (ASU) 2023-07 and risks related to the current macroeconomic environment and AI.

A. Management’s Discussion and Analysis

Many of the comment letters addressing MD&A continued to focus on results of operations, with the Staff often requesting that companies explain related disclosures with more specificity. The Staff has continued to focus on the requirement that companies discuss material period-to-period changes in qualitative and quantitative terms as prescribed by Item 303(b) of Regulation S-K. For example, the Staff has continued to comment on disclosures about factors contributing to period-on-period changes in financial line items, such as revenue, gross margin, cost of sales, expenses, and operating cash flows, to request that companies provide both more quantitative detail regarding the extent to which each factor contributed to the overall change in the line item, as well as qualitative discussion of the underlying factors attributable to such contributing factors.[14] The Staff often requests that companies refrain from using terms such as “primarily,” “mostly,” or “mainly” in lieu of providing more specific quantitative disclosure.[15] The Staff has also continued to request that companies disclose known trends and uncertainties affecting their results of operations.

The Staff has also continued to emphasize the importance of clearly contextualizing key performance indicators (KPIs) to ensure they are not misleading.[16] For example, the Staff has requested that companies provide additional disclosures regarding how KPIs are defined and calculated, why they are useful to investors, and how they are used by management.[17] The Staff has also often asked companies to quantify and provide additional disclosure regarding significant components of financial condition and results of operations that have affected segment results.

Two other key areas of MD&A that the Staff has continued to focus on are (i) critical accounting estimates and (ii) liquidity and capital resources. The Staff frequently noted that companies’ disclosures regarding critical accounting estimates were too general and requested that companies provide a more robust analysis, including both qualitative and quantitative information necessary to understand the estimation uncertainty and its impact on the financial statements, consistent with the requirement now set forth in Item 303(b)(3).[18] The Staff often indicated that these disclosures should supplement, not duplicate, the disclosures in footnotes to financial statements.[19] The Staff frequently requested enhanced disclosures regarding goodwill and other intangible assets, including seeking clearer discussions of impairment methodologies and assumptions and identification of any reporting units at risk.[20]

B. Non-GAAP Financial Measures

The Staff continues to express concerns regarding the improper use of non-GAAP measures in filings, with recent comments focusing on whether companies are excluding costs that appear to be normal, recurring operating expenses, such as product development costs, letter-of-credit fees, or other routinely incurred expenses.[21] In addition, the Staff has reiterated that non-GAAP presentations must not give undue prominence to non-GAAP measures and has emphasized the need to quantify the contribution of each material factor affecting changes in non-GAAP metrics such as Adjusted EBITDA.[22]

C. Segment Reporting

The Staff has continued to comment on a number of segment reporting disclosures with recent comments emphasizing the need for more decision-useful analysis of segment results. In particular, the Staff has asked companies to quantify the impact of each material factor driving changes in segment revenue and operating profit, including the effects of price, volume, and product mix, and to explain why segment performance differs where segments have varying profitability profiles.[23] The Staff has also reminded registrants that MD&A must discuss consolidated results, with segment information provided as necessary to explain material trends.[24]

III. Securities Litigation

Companies should be aware of two decisions from the federal courts of appeal—Sodha v. Golubowski from the Ninth Circuit and In re WalMart Inc. Securities Litigation from the Third Circuit. In Sodha, the Ninth Circuit held that Sections 11 and 12 of the Securities Act may require a company to disclose intra-quarter or interim financial results in its offering materials if necessary to prevent other disclosures in the offering materials from being misleading. In Walmart, the Third Circuit confirmed that Section 10(b) and Rule 10b-5 do not require a company to describe all items or events in equal detail in their SEC filings, holding that the fact that one item is described in more detail than another does not make the less detailed description fraudulent. These decisions are discussed in further detail below.

Sodha

On August 29, 2025, the Ninth Circuit issued its decision in Sodha, holding that a company may violate the securities laws if it discloses historical financial results in its offering materials while omitting current, intra-period financial results that “differ[] in a material way” from the historical results.[25] The district court had found that disclosure of intra-quarter, interim results was only necessary when the interim results reflected an “extreme departure” from historical results.[26] The Ninth Circuit, however, held that the test was not whether interim results were an “extreme departure,” but rather whether the interim results were “material” in light of the total mix of information presented in the offering materials.[27] If so, said the court, then a company must disclose the interim results.

The court also held that a company must disclose interim financial results under Item 303 of Regulation S-K if the interim results constitute a known “trend” likely to have a material impact on the company’s revenues or financial condition.[28] The court emphasized that what constitutes a “trend” is a “fact-specific inquiry” that depends on the nature, not the duration, of the observed pattern.[29] In doing so, the court rejected the bright-line rule adopted by some courts that a “trend” has to be a pattern longer than two months.[30] The court reasoned there may be certain “short patterns”—such as the fallout from crises like the COVID pandemic or the 2008 financial crisis—that have persistent effects that are recognizable after less than two months.[31] In these cases, the “trends” would have to be disclosed under Item 303.[32]

On February 5, 2026, the defendant company in Sodha filed a petition for writ of certiorari, asking the United States Supreme Court to review the Ninth Circuit’s decision.

WalMart

On the same day the Ninth Circuit issued its decision in Golubowski, the Third Circuit decided WalMart, holding that a company does not commit securities fraud under Section 10(b) and Rule 10b-5 merely because certain items in its SEC filings are described in more detail than other items.[33] The plaintiffs argued that Walmart misled investors when describing certain investigations to which the company was subjected because it provided “detailed” descriptions of some investigations while providing less detail about the investigation that allegedly was the most “threatening.”[34] The Third Circuit rejected this argument, explaining that the fact that “a company describes one item in more detail than another does not make the less detailed description fraudulent” because “[t]he securities laws do not require disclosure of all material facts in equal detail.”[35] This made sense, said the court, because companies do not always have the same level of information about all the events included in their disclosures, “and neither the law nor the market encourages companies to disclose down to the lowest common denominator.”[36]

IV. SEC Enforcement

The recent transition in SEC leadership ushered in a “return to basics” enforcement regime for the Division of Enforcement. Chairman Atkins has emphasized going after bread-and-butter securities law violations involving industry participants who “lie, cheat, and steal.”[37] He has also emphasized the importance of fairness and transparency in the investigation process and discouraged the Staff from pursuing creative legal theories that penalize respondents for honest mistakes. Accordingly, companies should expect a more predictable enforcement regime that aggressively pursues enforcement against financially material misstatements and omissions that were intended to mislead investors and less attention on novel securities law theories or good-faith mistakes that are diligently remediated.

Several themes have emerged as to the types of disclosures the SEC’s enforcement regime may focus on in 2026.

A. Emerging Technologies (AI)

Building on a theme from the last administration, the Commission continues to prioritize enforcement action against “AI washing” in which companies overpromise on the capabilities and implementation of AI technology. In February, the SEC created a new “Cyber & Emerging Technologies Unit” to combat cyber-related misconduct and protect retail investors from misconduct in emerging technologies, such as AI and machine learning.[38] The actions from the Atkins-led SEC have thus far focused on companies that lie about the technology being used. In April, for example, the SEC filed an action against a former CEO of a mobile shopping app for lying to investors about the use of AI technology to process transactions when, in reality, transactions were processed manually.[39]

B. Financial Reporting

SEC enforcement will always prioritize financial reporting. While the SEC has slowed enforcement related to accounting, reporting, and disclosure against public companies, now is not a time for complacency. This administration is expected to focus its enforcement resources on traditional fraud cases, such as fabricated revenue numbers and audit reports. Companies that have experienced fewer enforcement inquiries this year would be well served to focus on evaluating and strengthening internal controls and rooting out potential accounting fraud. The SEC will continue to be interested in restatements and potential misconduct by bad actors and may return to a more aggressive posture in a market downturn or future administration.

C. Insider Trading

In March, the SEC’s acting enforcement director emphasized that insider trading would continue to be an enforcement priority. To align with Chairman Atkins’s “back to basics” approach to enforcement, the SEC will likely back away from novel “shadow trading” theories and focus on more traditional insider trading involving material nonpublic information (MNPI) from the company whose shares are being traded. For example, earlier this year the SEC announced settled charges against a former vice president of a pharmaceuticals company for insider trading in advance of the company’s announcement of negative news from the FDA.[40] In another example, the SEC filed charges alleging an insider trading scheme involving corporate insiders disclosing MNPI to outsiders who traded profitably on the information in advance of corporate announcements.

D. Foreign Issuers

On September 5, 2025, the SEC formed a Cross-Border Task Force to investigate potential securities law violations related to “foreign-based companies.”[41] Foreign issuers should expect increased scrutiny and enforcement in traditional areas within the SEC’s expertise, including the use of the SEC’s most advanced analytical tools to identify potential concerns. In addition, the SEC announced that the task force will focus special attention on the following areas: market manipulation, gatekeepers (e.g., auditors and underwriters), and jurisdictions, such as China, that may pose “unique investor risks” due to government control and other factors.

V. Other Reminders and Considerations

Set forth below is a discussion of a few other recent rule changes, as well as reminders and considerations to keep in mind as companies prepare their annual reports on Form 10-K.

A. Tax Footnote Disclosures

While the drafting of notes to the financial statements usually falls outside of the purview of corporate and securities lawyers, practitioners in this space should be aware that ASU 2023-09 (amending Accounting Standards Codification (ASC) Topic 740) expanded and enhanced income tax footnote disclosures, including adding more robust effective tax rate reconciliation requirements (e.g., units of measure, disaggregated components). These amendments are effective for years beginning after December 15, 2024.

B. Avoiding Common XBRL Errors in Form 10-K Filings

The Staff continues to emphasize the importance of accuracy in XBRL tagging, particularly in annual reports on Form 10-K. In 2025, after conducting an assessment of fiscal year 2024 filings, the Division of Economic and Risk Analysis issued a reminder that filers continue to make basic mistakes when tagging public-float data on the Form 10-K cover page. The Staff observed some filers committed scaling errors in certain filings along with inconsistencies in the date information between the HTML filing and the tagged data.[42] For example, one filer reported a public float of $78 million in its HTML filing but reported a public float of $78 in its XBRL data.[43] Another filer reported a public float of $800 million in its HTML filing but $8 billion in its XBRL data. This is not a new phenomenon—similar errors were first observed in 2019 and continue to occur.[44] Errors of this type can cause EDGAR validation warnings and require amended filings.[45]

Companies should carefully review common tagging pitfalls identified by the SEC and outside observers, including incorrect tag selection, sign conventions, scaling, and date-context mismatches.[46][47] Before submitting a Form 10-K, filers should either refer to the Staff’s EDGAR XBRL Guide or validate their XBRL using the EDGAR Renderer/Previewer, which displays how an Inline XBRL filing will appear on the SEC’s website and shows the same warning and error messages EDGAR generates when a filing is submitted. The SEC provides both the validation system and the Renderer/Previewer as open-source tools.

Companies should incorporate XBRL validation into their pre-filing process and coordinate with their financial printers or vendors to ensure tags align with the published U.S. GAAP taxonomy. Routine use of the SEC’s validation tools and prompt correction of any warnings or errors will help prevent filing delays and ensure the accuracy of public-data submissions.

C. ASC 280 and Non-GAAP Measures

Recent changes to ASC 280 (ASU 2023-07) clarify that, if the chief operating decision maker (CODM) uses more than one measure of segment profitability, a company may include these additional measures in the financial statement footnotes. Initially, there were questions about how these new provisions interact with the SEC’s non-GAAP rules, but in August 2024, the Staff confirmed that, because these additional measures are neither required nor expressly permitted by GAAP, they are considered non-GAAP measures under Regulation S-K Item 10(e)(5). The Staff also confirmed that it is acceptable for companies to include such non-GAAP measures in the financial statement notes or elsewhere (such as MD&A) as long as all required non-GAAP disclosures—like reconciliations to the most comparable GAAP measure—are also presented.

D. Clawback Policies and Checkboxes

In April 2025, the Commission published six new C&DIs relating to the Form 10-K restatement and clawback analysis check boxes and the related disclosures under Item 402(w) of Regulation S-K available here. A summary of the new C&DIs is available here.

E. SRC Filer Status Guidance

In August 2025, the Commission issued a new C&DI (available here) for determining filer status for smaller reporting companies (SRCs) that lose their eligibility as smaller reporting companies under the SRC revenue test in paragraph (2) or (3)(iii)(B) of the “smaller reporting company” definition in Exchange Act Rule 12b-2 and must transition to being accelerated filers. The key point is that, while a company that no longer qualifies as an SRC may no longer take advantage of the SRC scaled disclosure requirements starting with its first Form 10-Q of the fiscal year, a non-accelerated filer will have a one-year transition period before becoming an accelerated or a large accelerated filer.

F. SEC’s Flex Agenda

In September 2025, the Commission issued the Spring 2025 Unified Agenda of Regulatory and Deregulatory Actions (the Agenda). The Agenda outlines the Commission’s rulemaking priorities under the leadership of Chairman Atkins. A summary of the key aspects of the Agenda that potentially impact public companies is available here.

Over the coming year, the Commission is expected to advance several rule proposals—anticipated in April 2026—aimed at supporting capital formation, simplifying disclosure practices, and reducing compliance costs. These initiatives could include introducing voluntary semi-annual reporting, right-sizing the disclosure requirements in Regulation S-K, updating the exempt offering pathways to streamline businesses’ access to the market, modernizing shelf registration to ease compliance burdens and improve access to capital, and enhancing accommodations for emerging growth companies while simplifying and recalibrating filer-status categorizations for reporting companies. As discussed in Chairman Atkins’ recent speech, the Commission plans to pursue a broader rationalization of disclosure practices, focusing on refining disclosure requirements and clarifying what constitutes “material” information. Collectively, these efforts aim to facilitate more meaningful disclosure by companies and improve shareholders’ access to material information.

[1] Kahn, Michael, Treat Risk Disclosures as Opinions to Clean Up Fraud Challenges, Bloomberg Law (May 6, 2025).

[2] See “2025 Risk Factor Hop Topics: AI, Tariffs, Administration Change” (September 10, 2025), available at https://www.thecorporatecounsel.net/blog/2025/09/2025-risk-factor-hot-topics-ai-tariffs-administration-change.html.

[3] See “Chair Gary Gensler on AI Washing” (March 18, 2024), available at https://www.sec.gov/newsroom/speeches-statements/sec-chair-gary-gensler-ai-washing.

[4] See “The State of Disclosure Review” (June 24, 2024), available at https://www.sec.gov/newsroom/whats-new/gerding-state-disclosure-review-062424.

[5] Phunware, Inc. (link); FirstVitals, Inc. (link); Jefferson Capital, Inc. (link); Masterworks Vault 2, LLC (link).

[6] See Items 408(b) and 601(b)(19) of Regulation S-K, adopted by the SEC in connection with the Rule 10b5-1 amendments in December 2022. For fiscal years beginning on or after April 1, 2023, domestic public companies are required to disclose whether they have adopted insider trading policies and procedures governing the purchase, sale, and/or other dispositions of their securities by their directors, officers and employees, or the companies themselves, and if so, to file those policies and procedures as an exhibit to their annual reports on Form 10-K. If a company has not adopted such policies and procedures, it is required to explain why it has not done so. Disclosure about the adoption (or not) of policies or procedures must appear in a company’s proxy statement (and must also be included in, or incorporated by reference to, Part III of a company’s Form 10-K). Similar disclosure and exhibit filing requirements apply to foreign private issuers (FPIs) in respect of their annual report on Form 20-F, although Item 16J of Form 20-F does not specifically reference trading by the “registrant itself.” None of the filers covered by this client alert were FPIs.

[7] Data provided is as of November 14, 2025 and is based on the companies currently included within the S&P 100, so some statistics are slightly different than they were in the prior surveys. The categorization data necessarily involves subjective assessment and should be considered approximate.

[8] Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure, Release No. 33-11216 (July 26, 2023) at 60-63.

[9] First Merchant Corporation (link); Equifax, Inc. (link); New Peoples Bankshares, Inc. (link).

[10] For a further discussion of the climate reporting requirements, please see our prior client alert “SEC Adopts Sweeping New Climate Disclosure Requirements for Public Companies,” Gibson Dunn (Mar. 2024), available at https://www.gibsondunn.com/sec-adopts-sweeping-new-climate-disclosure-requirements-for-public-companies/.

[11] For a discussion of the most recent developments in the litigation, please see our prior client alert “ESG: Risk, Litigation and Reporting Update,” Gibson Dunn (Aug. 2025), available at https://www.gibsondunn.com/gibson-dunn-esg-monthly-update-august-2025/.

[12] Prior to adopting the climate disclosure rules, the SEC issued guidance in 2010 explaining how current SEC reporting requirements could already require discussion of climate-related matters. See “Commission Guidance Regarding Disclosure Related to Climate Change” (Feb. 8, 2010), available at https://www.sec.gov/files/rules/interp/2010/33-9106.pdf.

[13] For additional discussion of comment letter trends, see “SEC Reporting Update – Highlights of trends in 2025 SEC staff comment letters” (September 11, 2025), available at https://www.ey.com/content/dam/ey-unified-site/ey-com/en-us/technical/accountinglink/documents/ey-secru28204-251us-09-11-2025.pdf.

[14] Adtalem Global Education, Inc. (link); Energy Fuels, Inc. (link); Kyndryl Holdings, Inc. (link); Commvault Systems, Inc. (link); Ross Stores, Inc. (link); Ralph Lauren Corporation (link); REV Group, Inc. (link); Apogee Enterprises, Inc. (link).

[15] MeridianLink, Inc. (link); Rumble Inc. (link).

[16] Id. at 8.

[17] Kyndryl Holdings, Inc. (link).

[18] Azitra, Inc.(link); Cipher Mining Inc. (link); Babcock & Wilcox Enterprises, Inc.(link); Zynex, Inc. (link).

[19] Babcock & Wilcox Enterprises, Inc. (link); Cipher Mining Inc. (link); Azitra, Inc. (link).

[20] iRobot Corporation (link).

[21] See note 24; Babcock & Wilcox Enterprises, Inc. (link); Ralph Lauren Corporation (link); REV Group, Inc. (link); Comtech Telecommunications Corp. (link); Hillenbrand, Inc. (link).

[22] Ralph Lauren Corporation (link); City Office REIT, Inc. (link); UFP Industries, Inc. (link); Aviat Networks, Inc. (link); Matthew International Corp (link); Apogee Enterprises, Inc. (link).

[23] See note 24; Texas Instruments Inc. (link); Amphenol Corporation (link); Ralph Lauren Corporation (link); G-III Apparel Group, Ltd. (link).

[24] Babcock & Wilcox Enterprises, Inc. (link); TTM Technologies, Inc. (link); G-III Apparel Group, Ltd. (link).

[25] 154 F.4th 1019, 1033-35 (9th Cir. 2025).

[26] Id. at 1033, 1036.

[27] Id. at 1036-37.

[28] Id. at 1037-38.

[29] Id. at 1038.

[30] Id.

[31] Id.

[32] Id. at 1038-39.

[33] 151 F.4th 103 (3d Cir. 2025).

[34] Id. at 119.

[35] Id.

[36] Id.

[37] SEC Speeches and Statements, “Testimony Before the United States House Appropriations Subcommittee of Financial Services and General Government” (May 20, 2025), available at https://www.sec.gov/newsroom/speeches-statements/atkins-testimony-fsgg-052025.

[38] SEC Press Release, “SEC Announces Cyber and Emerging Technologies Unit to Protect Retail Investors” (Feb. 20, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-42.

[39] SEC Litigation Release, “SEC Charges Found and Former Ceo of Artificial Intelligence Startup with Misleading Investors” (April 11, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26282.

[40] SEC Litigation Release, SEC Charges Former Biopharmaceutical Company Vice President with Insider Trading (Mar. 7, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26262.

[41] SEC Press Release, SEC Announces Formation of Cross-Border Task Force to Combat Fraud (Sept. 5, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-113-sec-announces-formation-cross-border-task-force-combat-fraud.

[42] SEC Division of Economic and Risk Analysis, Announcement — Public Float Tagging Errors, U.S. Securities and Exchange Commission (July 21, 2025), https://www.sec.gov/newsroom/whats-new/2507-dqreminder-public-float-tagging-errors.

[43] Id.

[44] SEC Division of Economic and Risk Analysis, Announcement — Scaling Errors in Public Float, U.S. Securities and Exchange Commission (Nov. 20, 2019), https://www.sec.gov/newsroom/whats-new/osd-announcement-111919-data-quality-reminder.

[45] SEC Office of Structured Disclosure, Staff Interpretations and FAQs Related to Interactive Data Disclosure at A.3, U.S. Securities and Exchange Commission (June 16, 2025), https://www.sec.gov/data-research/structured-data/office-structured-disclosure-staff-observations-guidance-trends/staff-interpretations-faqs-related-interactive-data-disclosure.

[46] SEC Division of Economic and Risk Analysis, supra note 1.

[47] SEC Staff, EDGAR XBRL Guide, U.S. Securities and Exchange Commission (Nov. 2025), https://www.sec.gov/files/edgar/filer-information/specifications/xbrl-guide.pdf.

The following Gibson Dunn lawyers prepared this update: Mike Titera, Julia Lapitskaya, Ronald O. Mueller, Mark Schonfeld, David Woodcock, Colin Davis, Brian Lutz, Akiva Reich, Natalie Abshez, Lauren Assaf-Holmes, Chris Ayers, Jenny Chen, Bryan Clegg, Marcus Curtis, Chris Doherty, Clint Eastman, Olivia Field, Lauren Navarro, Antony Nguyen, Meghan Sherley, Matt Staugaard, Andy Strader, and Mason Ye.

Gibson Dunn’s lawyers are available to assist with any questions you may have regarding these developments. To learn more about these issues, please contact the Gibson Dunn lawyer with whom you usually work in the firm’s Securities Regulation & Corporate Governance, Executive Compensation & Employee Benefits, or Capital Markets practice groups, or any of the following practice leaders and members:

Securities Regulation & Corporate Governance:
Aaron Briggs – San Francisco (+1 415.393.8297, abriggs@gibsondunn.com)
Mellissa Campbell Duru – Washington, D.C. (+1 202.955.8204, mduru@gibsondunn.com)
Elizabeth Ising – Washington, D.C. (+1 202.955.8287, eising@gibsondunn.com)
Thomas J. Kim – Washington, D.C. (+1 202.887.3550, tkim@gibsondunn.com)
Brian J. Lane – Washington, D.C. (+1 202.887.3646, blane@gibsondunn.com)
Julia Lapitskaya – New York (+1 212.351.2354, jlapitskaya@gibsondunn.com)
Ronald O. Mueller – Washington, D.C. (+1 202.955.8671, rmueller@gibsondunn.com)
Michael A. Titera – Orange County (+1 949.451.4365, mtitera@gibsondunn.com)
Geoffrey E. Walter – Washington, D.C. (+1 202-887-3749, gwalter@gibsondunn.com)
Lori Zyskowski – New York (+1 212.351.2309, lzyskowski@gibsondunn.com)

Executive Compensation & Employee Benefits:
Sean C. Feller – Los Angeles (+1 310.551.8746, sfeller@gibsondunn.com)
Krista Hanvey – Dallas (+1 214.698.3425, khanvey@gibsondunn.com)
Kate Napalkova – New York (+1 212.351.4048, enapalkova@gibsondunn.com)
Gina Hancock – Dallas (+1 214.698.3357, ghancock@gibsondunn.com)

Capital Markets:
Andrew L. Fabens – New York (+1 212.351.4034, afabens@gibsondunn.com)
Hillary H. Holmes – Houston (+1 346.718.6602, hholmes@gibsondunn.com)
Stewart L. McDowell – San Francisco (+1 415.393.8322, smcdowell@gibsondunn.com)
Peter W. Wardle – Los Angeles (+1 213.229.7242, pwardle@gibsondunn.com)

Join our lawyers for a recorded half-hour briefing covering ERISA litigation trends and developments. This is part of a quarterly Executive Compensation and Employee Benefits webcast series, providing quick insights into emerging issues and practical advice.

Topics include recent trends in excessive fee litigation, new lawsuits challenging voluntary insurance benefit programs, prohibited transaction claims after Cunningham v. Cornell, and changes to regulations concerning ESG investments and private equity in 401(k) plans.

MCLE CREDIT INFORMATION:

This program has been approved for credit in accordance with the requirements of the New York State Continuing Legal Education Board for a maximum of 0.5 credit hour, of which 0.5 credit hour may be applied toward the areas of professional practice requirement. This course is approved for transitional/non-transitional credit.

Gibson, Dunn & Crutcher LLP certifies that this activity has been approved for MCLE credit by the State Bar of California in the amount of 0.5 hour.

Gibson, Dunn & Crutcher LLP is authorized by the Solicitors Regulation Authority to provide in-house CPD training. This program is approved for CPD credit in the amount of 0.5 hour. Regulated by the Solicitors Regulation Authority (Number 324652).

PANELISTS:

Ashley E. Johnson is a partner in the Dallas office of Gibson Dunn, where she is Co-Chair of the firm’s ERISA Litigation Practice Group and a core member of the firm’s Labor and Employment Practice Group. Her practice focuses on ERISA litigation, including high-stakes class actions involving retirement and health and welfare plans, as well as related workplace benefits disputes. Ashley represents employers and plan fiduciaries in trial and appellate courts nationwide, with an emphasis on legal strategy, dispositive briefing, and oral argument on complex statutory, fiduciary-duty, and prohibited-transaction issues.

Jennafer Tryck is a partner in the Orange County office of Gibson Dunn. She is a member of the Firm’s Litigation, ERISA Litigation, Labor and Employment, Insurance and Reinsurance, and Class Actions Practice Groups, and represents clients across a variety of industries, including manufacturing, telecommunications, health care, and higher education. Jennafer specializes in defending plan sponsors and insurers in high-stakes ERISA litigation in the trial courts and on appeal. She has represented clients in a wide range of single-plaintiff and class-action matters, including defending employers against excessive fee and prohibited transaction claims, actuarial equivalence claims, tobacco surcharge claims, and 401(k) plan forfeiture claims. In addition to litigation defense, Jennafer also advises clients on limiting litigation exposure for ERISA and non-ERISA benefit plans.

Sean Feller is a partner in Gibson Dunn’s Century City office. He serves as Co-Chair of the firm’s Executive Compensation and Employee Benefits Practice Group. His practice focuses on all aspects executive compensation and employee benefits. His practice encompasses tax, ERISA, accounting, corporate, and securities law aspects of equity and other incentive compensation plans; qualified and nonqualified retirement and deferred compensation plans and executive employment and severance arrangements. Sean has been recognized by his peers as one of The Best Lawyers in America in the area of Employee Benefits (ERISA) Law. In 2020 and 2022, he was ranked by Chambers USA as a Leading Lawyer in Los Angeles in the area of Employee Benefits and Executive Compensation.

CFIUS announces a preliminary framework for its long-awaited Known Investor Program and seeks public comments on the proposed structure, implementation, and eligibility requirements.

On February 6, 2026, the Committee on Foreign Investment in the United States (CFIUS or the Committee) issued a request for information (RFI) concerning its implementation of the long-awaited Known Investor Program (KIP).

As discussed in our previous client alert and recent Year-End Update, the idea of the KIP started to gain traction after President Trump’s America First Investment Policy, which directed CFIUS to develop rules for an “expedited ‘fast-track’ process, based on ‘objective standards,’ to facilitate greater investment from specified allied and partner sources in United States businesses involved with United States advanced technology and other important areas.”[1] In May 2025, CFIUS formally announced that the KIP was in development, and in January 2026, issued a set of frequently asked questions (FAQs) about the process. While the FAQs did not provide many specifics about the structure of the KIP, they indicated that the KIP would function as an abridged CFIUS review process, would be geared toward repeat CFIUS filers, and that a pilot program was conducted during the second half of 2025 with a select number of participants based on objective considerations, including “geographic diversity as well as frequency of filing with CFIUS in recent years.”[2]

The recent RFI underscores that the KIP is primarily designed to streamline the CFIUS review process, particularly for frequent filers whose transactions often pose minimal national security risk in the eyes of the Committee. To expedite review of certain lower risk transactions, the RFI outlines a process by which foreign investors can apply for Known Investor Entity (KIE) status by providing the Committee with information about their structure and investment activities through a standardized questionnaire. Interestingly, the RFI also provides key insight into the current work of the Committee, noting that “more than 90 percent of covered transactions reviewed by CFIUS over the past five years have been approved,” with approximately 70 percent of transactions being approved in the initial review phase (i.e., within the first 30- or 45-day review period, depending upon whether the filing was made as a declaration or notice).[3]

The RFI provides a broad overview of the proposed structure of the KIP and specifically requests feedback from the public on the program through Regulations.gov. Public comments are requested on or before March 18, 2026.

I. KEY TAKEAWAYS

The KIP, as proposed, represents a significant change compared to traditional CFIUS reviews—which analyze national security risks relating to a specific transaction—but its eligibility criteria remain strict. Below, we offer a few preliminary takeaways from the proposed structure:

The benefits may be limited to the most active CFIUS filers. Given the strict eligibility requirements and level of information that must be provided to CFIUS, the benefit of becoming a KIE may be limited to those foreign investors that file with the Committee multiple times in any given year and that are located in countries the Committee perceives as posing low risk to U.S. national security. For frequent filers with well-documented processes who meet the eligibility criteria and operate primarily in countries with low risk, this program could prove to be quite valuable in expediting the CFIUS review process, though the exact benefits of KIE status remain uncertain.

The information and documentation required for KIE eligibility are extensive—and go beyond that required in a typical filing review. While standard CFIUS reviews focus on the national security concerns presented by a specific transaction, KIE eligibility requires an extensive review of the foreign investor’s structure and affiliated investment vehicles, parent entities, past investment structure, historic and planned investments (including outside of the United States), connections to certain Adversary Countries (as defined below), contracts with and other connections to the U.S. government, and past instances of regulatory non-compliance, among others. Apart from potential business concerns with providing such extensive information, foreign investors may also face administrative difficulty in locating the required historic information in order to provide sufficient responses to the requests as currently formulated.

Certain business connections to China, other “Adversary Countries,” and/or restricted parties will be difficult to overcome. The Committee makes clear that it will heavily scrutinize connections to so-called “Adversary Countries” and a broad array of restricted parties under U.S. law, which in most cases will preclude the foreign investor from participating in the KIP. As proposed, the term “Adversary Countries” would include those countries identified in the America First Investment Policy and any subsequent updates, namely: China (including Hong Kong and Macau), Cuba, Iran, North Korea, Russia, and the “regime of Venezuelan politician Nicolás Maduro” (though it remains unclear if the latter regime still exists for purposes of the KIP).[4] In particular, many foreign investors may find that connections to Chinese investors, Chinese supply chains, and investments in China by related entities that are otherwise permissible under U.S. law may nevertheless render the foreign investor ineligible for KIE status.

For foreign investors with complex structures and multinational portfolios, providing sufficient information to obtain KIE status may present additional challenges. As noted above, the extensive required disclosure of business operations, partnership relationships, and financial information goes well beyond traditional transaction-based review. Disclosure of required elements may be particularly challenging for investors with complex organizational structures. We also note that some investors may encounter difficulty under non-U.S. banking laws or historic contractual provisions in providing sufficient information related to non-U.S. investment structures.

II. PROPOSED KIP FRAMEWORK

Informed by the pilot program conducted during the second half of 2025, the proposed questionnaire will contain a section designed to determine KIE eligibility, as well as extensive questions about the ownership, operation, activities, and management of the proposed KIE, among others.

A. CFIUS Sets a High Bar for KIP Eligibility

As proposed, the KIP would be open only to foreign investors who complete the questionnaire—including for entities under their common ownership or “control” (as currently defined in the CFIUS regulations)[5] for which information is provided—provided each entity meets the eligibility criteria. As a threshold eligibility matter, the foreign investor must meet the following filing frequency thresholds:

Recent History of Past Filings: The foreign investor (including its subsidiaries) must have submitted at least three distinct “covered transaction”[6] or “covered real estate transaction”[7] (as defined in the CFIUS regulations) filings to CFIUS within the past three years and received notification that CFIUS concluded all action or was unable to conclude action in the case of a declaration for at least one of the three transactions.

Expected Filing Activity: The foreign investor (including its subsidiaries) must also expect to submit at least one transaction that meets the definition of a “covered transaction” or “covered real estate transaction” to CFIUS within the following 12 months.

Even if the filing frequency thresholds are met, foreign investors are ineligible to participate in the KIP if they have a history of non-compliance or associations with certain restricted parties or Adversary Countries as follows:

Past Instances of CFIUS Non-Compliance: The foreign investor must not have received a written notice from CFIUS that it (i) submitted a material misstatement or omission in a past notice or declaration to CFIUS, (ii) made a false certification to CFIUS, or (iii) violated the terms of a mitigation agreement in the past five years. Importantly, this restriction does not appear limited to cases where a penalty was assessed and would include so-called Determination of Noncompliance Transmittal (DONT) letters.

Associations with Restricted Parties: The foreign investor cannot be identified on any of the following lists:
- the Entity List and Military End User List maintained by the U.S. Department of Commerce;
- the Specially Designated Nationals and Blocked Persons (SDN) List, Non-SDN Chinese Military-Industrial Complex Companies (NS-CMIC) List, and the Sectoral Sanctions Identification (SSI) List maintained by the U.S. Department of the Treasury; and
- the Chinese Military Companies (Section 1260H) List maintained by the U.S. Department of Defense.

Additionally, no entity or individual on any of the above lists can, directly or indirectly, (1) hold a 10 percent or greater interest in or (2) otherwise hold the right to appoint a member of the board of directors (or equivalent) of the foreign investor. In particular, the inclusion of the NS-CMIC and Section 1260H Lists is notable given that these lists do not typically carry the same restrictive weight as the other lists and directly target Chinese entities.

Connections to Adversary Countries: The foreign investor cannot maintain certain connections with Adversary Countries, including:
- Neither the foreign investor’s headquarters nor its principal place of business can be in an Adversary Country;
- No government of an Adversary Country (including its instrumentalities) can, directly or indirectly, (1) hold a 10 percent or greater interest in or (2) otherwise hold the right to appoint a member of the board of directors (or equivalent) of the foreign investor;
- No entity with its headquarters or principal place of business in an Adversary Country can hold greater than a 25 percent interest in the foreign investor;
- No national of an Adversary Country can hold greater than a 25 percent interest in the foreign investor;
- No board members or equivalent (including external directors or similar individuals) or officers of the foreign investor may be principally located in, or a national of, an Adversary Country;
- More than 50 percent of the foreign investor’s employees cannot be located in one or more Adversary Countries; and
- If applicable, all of the foreign investor’s manufacturing facilities and/or research and development facilities cannot be located in one or more Adversary Countries.

Concerning Supply Chains: The foreign investor cannot knowingly use components, equipment, or infrastructure—or incorporate such items into its products or services provided to third parties—that are sourced from entities or individuals on the Entity List, Military End User List, or 1260H List.

B. Information and Document Requests Extend Well Beyond Traditional CFIUS Review

If a foreign investor can overcome the eligibility thresholds outlined above, the KIP requires the prospective KIE to respond to extensive document and information requests, including the following:

KIE Eligibility Factors	Examples of Information/Documentation Required
*Legal and Organizational Factors*. Information concerning the governance structure of the prospective KIE.	Ownership information for any individuals or entities with greater than 5 percent interest in the foreign investor; All funds used by the foreign investor to make investments in U.S. businesses in the past 5 years or anticipated to be used in the upcoming year; Governance documents for the foreign investor and its parent(s); Information on non-passive shareholders (including past participation in shareholder meetings); Thresholds for quorum and decision-making of the foreign investor and its parent(s); and Any significant relationships with foreign governments, among others.
*Personnel and Process for Governing and Operating*. Information on how the prospective KIE is managed and operated.	Biographical and personal information on directors, officers, and any individuals who have 5 percent or greater ownership interest in the foreign investor or its parent(s); Explanation of committees and personnel that contribute to the investment decision-making process; Information on how the foreign investor decides who will represent its interests on the board of its funds, operating companies, and/or portfolio countries; Description and related documentation of how the foreign investor identifies investment transactions and evaluates compliance or reputational risk; and Information on the foreign investor’s frequent co-investment partners, among others.
*Nature and Characteristics of the KIE’s Business*. Information on the prospective KIE’s lines of business and corporate strategy.	Annual reports for the foreign investor and its parent(s); Detailed financial information, including primary revenue-generating businesses and information on credit providers and debtholders; Certain investment strategy documents and governance provisions; Standard consent and veto rights held by the foreign investor in U.S. portfolio companies and the frequency with which such rights have been exercised or withheld in the past five years; Information on the managerial oversight the foreign investor exerts over its subsidiaries and portfolio companies; Governance and decision-making arrangements related to access to data, proprietary information, intellectual property, personal information, and systems and infrastructure of the foreign investor’s subsidiaries and portfolio companies; and Security and compliance information, including policies, practices, trainings, and controls regarding risk management, cybersecurity, data privacy and security, intellectual property protection, physical security, and supply chain integrity, among others.
*Engagement with the U.S. Government and Compliance Posture*. Information on the prospective KIE’s interactions with the U.S. government and activities in non-U.S. jurisdictions.	Descriptions of any products or services the foreign investor provides, directly or indirectly, to U.S. government entities and related documentation; Information on previous CFIUS filings and mitigation agreements; Description of any incremental acquisition made after CFIUS cleared a covered transaction; Compliance history with certain U.S. government agencies, seemingly including instances of alleged non-compliance even when no penalties were assessed; Whether any proposed investment by the foreign investor was prohibited or mitigated by a foreign investment authority in the past 5 years; Any remedial action taken as part of a settlement, criminal, or civil enforcement action in a non-U.S. jurisdiction since 2020; and Description of the foreign investors process for multi-jurisdictional filings and approval, among others.
*Verifiable Distance from Adversary Countries*. Information on the prospective KIE’s connection to any Adversary Country.	Information on investment partners located in Adversary Countries; Investments in or other ties to Adversary Country governments; Investment strategies and targets involving Adversary Countries; Planned investments in the next 24 months and expected growth pipeline over the next 5 years; and Operational connections to Adversary Countries, such as primary business lines located in and information on hardware or software sourced from Adversary Countries.

The level of detail required by such requests extends well beyond information typically supplied during the course of a typical CFIUS review and is likely to pose significant hurdles to investors with complex structures across multiple jurisdictions. Additionally, the prospective KIE would be required to certify the completeness and accuracy of its questionnaire responses, though such information would be subject to the same confidentiality protections typically applied to CFIUS submissions.

C. CFIUS Is Actively Seeking Public Comments on the KIP

The RFI included 45 broad questions seeking feedback and suggestions related to proposed KIP structure, additional factors to consider in evaluating all aspects of the KIP, and what challenges may arise from providing this information. Many of the questions are focused on identifying difficulties that may result from collecting the extensive information requested, including one specifically asking which types of information collected under the program would take the most time and effort to provide, indicating that CFIUS acknowledges the extensive nature of the materials required for enrollment. Other KIP-focused questions relate to the proposed definitions, identification of KIEs, eligibility criteria, information requests (as discussed above), and other instances where additional information or clarity may be needed.

D. CFIUS Wants Input More Broadly as Well

CFIUS appears to be focused not just on standing up the KIP structure, but also is soliciting feedback about the CFIUS process more generally. The areas of focus include:

General Processes: The Committee is seeking a variety of feedback regarding its review processes, ranging from specific questions pertaining to discrete items, such as pre-notice consultations and technical changes to CFIUS authorities, to broad commentary and suggestions on how to streamline the review process. CFIUS also appears to be aiming to increase public information sharing and enhance transaction parties’ overall experience during the review process, as well as attempting to gain insight into transaction parties’ considerations when undergoing filing review. Interestingly, the Committee is considering methods for calibrating its processes based on industry sector, investor or investment type, and other transaction-specific characteristics.

Mitigation: Consistent with the current administration’s goal of making CFIUS mitigation less onerous, as outlined by the America First Investment Policy, the Committee is seeking commentary on the substantive and procedural aspects of mitigation agreements. Examples of requested feedback include general information regarding transaction parties’ practices when negotiating mitigation agreements, financial and operational considerations informing the negotiation of specific mitigation terms, and process improvements for voluntarily abandoned transactions.

Lessons Learned: CFIUS is soliciting efficiency-focused insights discovered from interactions with other regulatory regimes, both domestic and foreign. If parties submit favorable suggestions about methods employed by other governmental authorities to conduct their review process in a more streamlined way, the Committee may be poised to adopt such practices.

These questions align with the current administration’s focus on reevaluating and revising the inner workings of the Committee to increase efficiency and promote foreign investment that does not pose national security concerns.

Following its review of the public comments received, CFIUS is likely to engage in at least one more round of public rulemaking before finalizing the regulations to implement the KIP, though interested parties should consider engaging early in the review process and submit any comments ahead of the March 18, 2026 public comment deadline.

[1] The White House, America First Investment Policy § 2(c) (Feb. 2025), https://www.whitehouse.gov/presidential-actions/2025/02/america-first-investment-policy.

[2] CFIUS, CFIUS Known Investor Frequently Asked Questions 3 (Jan. 2026), here.

[3] Request for Information Pertaining to the CFIUS Known Investor Program and Streamlining the Foreign Investment Review Process, 91 Fed. Reg. 5,694, 5,695 (Feb. 9, 2026), here.

[4] The White House, America First Investment Policy § 4 (Feb. 2025), https://www.whitehouse.gov/presidential-actions/2025/02/america-first-investment-policy.

[5] See 31 C.F.R. § 800.208.

[6] See id. § 800.213.

[7] See id. § 802.212.

The following Gibson Dunn lawyers prepared this update: Chris Mullen, Layla Reynolds*, and Stephenie Gosnell Handler.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these issues. For additional information about how we may assist you, please contact the Gibson Dunn lawyer with whom you usually work, any leader or member of the firm’s International Trade Advisory & Enforcement practice group, or the authors:

United States:
Adam M. Smith – Co-Chair, Washington, D.C. (+1 202.887.3547, asmith@gibsondunn.com)
Ronald Kirk – Co-Chair, Dallas (+1 214.698.3295, rkirk@gibsondunn.com)
Stephenie Gosnell Handler – Washington, D.C. (+1 202.955.8510, shandler@gibsondunn.com)
Donald Harrison – Washington, D.C. (+1 202.955.8560, dharrison@gibsondunn.com)
Christopher T. Timura – Washington, D.C. (+1 202.887.3690, ctimura@gibsondunn.com)
Matthew S. Axelrod – Washington, D.C. (+1 202.955.8517, maxelrod@gibsondunn.com)
David P. Burns – Washington, D.C. (+1 202.887.3786, dburns@gibsondunn.com)
Nicola T. Hanna – Los Angeles (+1 213.229.7269, nhanna@gibsondunn.com)
Courtney M. Brown – Washington, D.C. (+1 202.955.8685, cmbrown@gibsondunn.com)
Amanda H. Neely – Washington, D.C. (+1 202.777.9566, aneely@gibsondunn.com)
Samantha Sewall – Washington, D.C. (+1 202.887.3509, ssewall@gibsondunn.com)
Roxana Akbari – Orange County (+1 949.475.4650, rakbari@gibsondunn.com)
Karsten Ball – Washington, D.C. (+1 202.777.9341, kball@gibsondunn.com)
Sarah Burns – Washington, D.C. (+1 202.777.9320, sburns@gibsondunn.com)
Hugh N. Danilack – Washington, D.C. (+1 202.777.9536, hdanilack@gibsondunn.com)
Justin duRivage – Palo Alto (+1 650.849.5323, jdurivage@gibsondunn.com)
Zach Kosbie – Washington, D.C. (+1 202.777.9425, zkosbie@gibsondunn.com)
Dorkas Laura Medina – Washington, D.C. (+1 202.777.9444, dmedina@gibsondunn.com)
Chris R. Mullen – Washington, D.C. (+1 202.955.8250, cmullen@gibsondunn.com)
Sarah L. Pongrace – New York (+1 212.351.3972, spongrace@gibsondunn.com)
Anna Searcey – Washington, D.C. (+1 202.887.3655, asearcey@gibsondunn.com)
Erika Suh Holmberg – Washington, D.C. (+1 202.777.9539, eholmberg@gibsondunn.com)
Audi K. Syarief – Washington, D.C. (+1 202.955.8266, asyarief@gibsondunn.com)
Scott R. Toussaint – Washington, D.C. (+1 202.887.3588, stoussaint@gibsondunn.com)
Lindsay Bernsen Wardlaw – Washington, D.C. (+1 202.777.9475, lwardlaw@gibsondunn.com)
Shuo (Josh) Zhang – Washington, D.C. (+1 202.955.8270, szhang@gibsondunn.com)

Asia:
Kelly Austin – Denver/Hong Kong (+1 303.298.5980, kaustin@gibsondunn.com)
David A. Wolber – Hong Kong (+852 2214 3764, dwolber@gibsondunn.com)
Fang Xue – Singapore (+65 6507 3692, fxue@gibsondunn.com)
Qi Yue – Beijing (+86 10 6502 8534, qyue@gibsondunn.com)
Dharak Bhavsar – Hong Kong (+852 2214 3755, dbhavsar@gibsondunn.com)
Soo-Min Chae – Singapore (+65 6507 3632, schae@gibsondunn.com)
Hui Fang – Hong Kong (+852 2214 3805, hfang@gibsondunn.com)
Arnold Pun – Hong Kong (+852 2214 3838, apun@gibsondunn.com)

Europe:
Attila Borsos – Brussels (+32 2 554 72 10, aborsos@gibsondunn.com)
Patrick Doris – London (+44 207 071 4276, pdoris@gibsondunn.com)
Michelle M. Kirschner – London (+44 20 7071 4212, mkirschner@gibsondunn.com)
Penny Madden KC – London (+44 20 7071 4226, pmadden@gibsondunn.com)
Irene Polieri – London (+44 20 7071 4199, ipolieri@gibsondunn.com)
Benno Schwarz – Munich (+49 89 189 33 110, bschwarz@gibsondunn.com)
Nikita Malevanny – Munich (+49 89 189 33 224, nmalevanny@gibsondunn.com)
Melina Kronester – Munich (+49 89 189 33 225, mkronester@gibsondunn.com)
Vanessa Ludwig – Frankfurt (+49 69 247 411 531, vludwig@gibsondunn.com)

*A recent law graduate who is not admitted to practice law.

Join leaders of our DOJ Data Security Program Task Force in conversation with experts from FTI for a dynamic discussion about how companies are responding to the new DOJ Data Security Program regulations. Topics include initial observations about where companies are focusing their compliance efforts, key challenges companies are grappling with, and early examples of and insights on how public companies are thinking about disclosures from the DOJ’s Data Security Program.

MCLE CREDIT INFORMATION:

This program has been approved for credit in accordance with the requirements of the New York State Continuing Legal Education Board for a maximum of 1.0 credit hours, of which 1.0 credit hours may be applied toward the areas of professional practice requirement. This course is approved for transitional/non-transitional credit.

Attorneys seeking New York credit must obtain an Affirmation Form prior to watching the archived version of this webcast. Please contact CLE@gibsondunn.com to request the MCLE form.

Gibson, Dunn & Crutcher LLP certifies that this activity has been approved for MCLE credit by the State Bar of California in the amount of 1.0 hours in the General category.

California attorneys may claim “self-study” credit for viewing the archived version of this webcast. No certificate of attendance is required for California “self-study” credit.

PANELISTS:

Stephenie Gosnell Handler is a partner in Gibson Dunn’s Washington, D.C. office, where she is a member of the International Trade and Privacy, Cybersecurity, and Data Innovation practices. She advises clients on complex legal, regulatory, and compliance issues relating to international trade, cybersecurity, and technology matters. Stephenie ’s legal advice is deeply informed by her operational cybersecurity and in-house legal experience at McKinsey & Company, and also by her active duty service in the U.S. Marine Corps. Stephenie Gosnell Handler is admitted to practice law in the District of Columbia, Maine, and New York.

Vivek Mohan is a partner in Gibson Dunn’s Palo Alto office, where he is Co-Chair of the top-ranked Artificial Intelligence practice and a core member of the Privacy, Cybersecurity and Data Innovation practice. Vivek advises clients on legal, regulatory, compliance, and policy issues on a global scale with a focus on cutting-edge technology issues. His practice spans counseling, regulatory response, incident response, advocacy, and transactional matters, allowing him to provide clients with strategic advice whether they are developing a new product or service, responding to a regulatory inquiry, setting up a privacy program, responding to a data breach, or negotiating a complex agreement. He is admitted to practice law in California, District of Columbia, and New York.

Melissa Farrar is a partner in the Washington, D.C. office of Gibson, Dunn & Crutcher. Her practice focuses on white collar defense, internal investigations, and corporate compliance. Melissa represents and advises multinational corporations in internal and government investigations on a wide range of topics, including the U.S. Foreign Corrupt Practices Act, the False Claims Act, anti-money laundering, export controls compliance, and accounting and securities fraud, including defending U.S. and global companies in civil and criminal investigations pursued by the U.S. Department of Justice (“DOJ”) and the U.S. Securities and Exchange Commission (“SEC”). She also has experience representing U.S. government contractors in related suspension and debarment proceedings. Melissa is admitted to practice in the District of Columbia and Virginia.

Section 45Z, which was added to the Code by the Inflation Reduction Act of 2022 and amended by the One Big Beautiful Bill Act, provides a tax credit for eligible fuels that are produced after December 31, 2024 and sold before January 1, 2030.

On February 3, 2026, the Internal Revenue Service (the IRS) and the Department of the Treasury (the Treasury) issued proposed regulations (the Proposed Regulations) regarding clean fuel production tax credits under section 45Z (the 45Z Credit).[1] Section 45Z, which was added to the Code by the Inflation Reduction Act of 2022 and amended by the One Big Beautiful Bill Act (the OBBBA), provides a tax credit for eligible fuels that are produced after December 31, 2024 and sold before January 1, 2030.[2] The text of the Proposed Regulations can be found here. Our prior alert on the changes enacted by the OBBBA to clean energy tax provisions can be found here.

The Proposed Regulations[3] are lengthy and complex and address a myriad of issues. Below, we highlight five significant issues and developments.

Qualified Sale: No Need to Cut out the Middleman

Appropriate scope of “qualified sale.” To claim 45Z Credits, a taxpayer must make a “qualified sale” of an eligible transportation fuel to an unrelated person for use in a trade or business or for production of a fuel mixture or a retail fuel sale. In January 2025, the IRS released a notice of forthcoming proposed regulations (the January 2025 Notice) that would have provided that a sale would meet the requirement for use in a trade or business only if the sale were to a purchaser who was going to use the fuel “as a fuel.” In a welcome development, the Proposed Regulations confirm that a qualified sale includes a sale of transportation fuel to a reseller, such as an intermediary wholesaler and distributor, eliminating concern among taxpayers about the narrower (and deeply questionable) interpretation in the January 2025 Notice.

Expanded look-through rule. The Proposed Regulations also provide a broad look-through rule for sales made through related intermediaries, allowing a taxpayer to be treated as engaging in a qualified sale of fuel to an unrelated person if that related intermediary (such as a dealer) ultimately sells the fuel to an unrelated person. This rule expands on the IRS’s January 2025 look-through rule, which had applied only to corporations that were members of the same consolidated group.

Watch Out for Stacking Pitfalls. 45Z Credits cannot be stacked with certain other credits, including section 45V credits (clean hydrogen production), section 48 credits claimed in lieu of 45V credits, and section 45Q credits (carbon capture, sequestration and utilization). The Proposed Regulations provide various clarifications and examples that illustrate the application of anti-stacking rules that provide more certainty to taxpayers. For example, if a credit under section 45Q is claimed in respect of a facility in year 1 but not in year 2, a 45Z Credit could not be claimed in year 1 but could be claimed in year 2.

Watch Your Feedstock

No doubling up of 45Z Credits allowed. As amended by the OBBBA, 45Z Credits are not allowed for fuel that is produced from another fuel for which a 45Z Credit is allowable. Before the OBBBA amendment, the IRS, in January 2025, had asserted that a fuel was ineligible for a 45Z Credit if it had a primary feedstock that itself also qualified as a 45Z Credit-eligible transportation fuel. The preamble to the Proposed Regulations clarify that a fuel still can qualify for the 45Z Credit even if its production process uses a 45Z Credit-eligible transportation fuel solely as a process fuel or as another non-primary-feedstock input, but not as a primary feedstock.

Enhanced 45Z Credit may be available for animal manure feedstock. Fuels derived from animal manure feedstock (including dairy, swine, and poultry manure) potentially are eligible for an enhanced 45Z Credit amount. Section 45Z authorizes Treasury to identify “any other sources” of animal manure feedstock (other than dairy, swine, or poultry manure) that are eligible for this enhanced rate, but the Proposed Regulations do not do so.

Suitable for Use Does Not Require Actual Use. 45Z Credits are available only if a fuel is “suitable for use” as fuel in a highway vehicle or aircraft, but section 45Z does not define “suitable for use,” and the Proposed Regulations confirm helpful guidance from the January 2025 Notice making clear that fuel is “suitable for use” if it has practical and commercial fitness for use in a highway vehicle or aircraft (or may be blended into a fuel mixture that has practical and commercial fitness for use as fuel in a highway vehicle or aircraft) and that actual use as a fuel in a highway vehicle or aircraft is not required. Thus, for example, a diesel fuel that meets all other section 45Z requirements would be considered suitable for use in a highway vehicle or aircraft even if it is sold to a customer that uses that fuel as marine diesel fuel.

Being a Producer (of Alternative Natural Gas) is Good. The Proposed Regulations make clear that the person potentially eligible for 45Z Credits in connection with the production of alternative natural gas (including renewable natural gas) is the person that processes untreated sources of alternative natural gas to remove water, carbon dioxide, and other impurities. The Proposed Regulations thus make clear that a producer of renewable natural gas that delivers that gas to a pipeline (and otherwise satisfies the section 45Z requirements) is eligible for 45Z Credits even if another person subsequently removes the alternative natural gas from a pipeline, compresses it further, and then sells that further compressed alternative natural gas.

[1] Unless indicated otherwise, all “section” references are to the Internal Revenue Code of 1986, as amended (the Code).

[2] The legal name for the Inflation Reduction Act of 2022 is “An Act to provide for reconciliation pursuant to title II of S. Con. Res. 14,” and the legal name for the OBBBA is “an Act to provide for reconciliation pursuant to title II of H. Con. Res. 14.”

[3] The preamble to the Proposed Regulations provides that taxpayers may rely on the Proposed Regulations until final regulations are published in the Federal Register, provided that taxpayers follow the Proposed Regulations in their entirety and in a consistent manner. 91 Fed. Reg. 5160, 5181 (Explanation of Provisions, IX).

The following Gibson Dunn lawyers prepared this update: Josiah Bethards, Michael Q. Cannon, Matt Donnelly, Abram Dorrough, Blake Hoerster, and Eric B. Sloan.

Gibson Dunn lawyers are available to assist in addressing any questions you may have regarding this proposed legislation. To learn more about these issues or discuss how they might impact your business, please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any member of the firm’s Tax and Tax Controversy and Litigation practice groups:

Tax:
Dora Arash – Los Angeles (+1 213.229.7134, darash@gibsondunn.com)
Sandy Bhogal – Co-Chair, London (+44 20 7071 4266, sbhogal@gibsondunn.com)
Michael Q. Cannon – Dallas (+1 214.698.3232, mcannon@gibsondunn.com)
Jérôme Delaurière – Paris (+33 (0) 1 56 43 13 00, jdelauriere@gibsondunn.com)
Anne Devereaux* – Los Angeles (+1 213.229.7616, adevereaux@gibsondunn.com)
Matt Donnelly – New York/Washington, D.C. (+1 212.351.5303, mjdonnelly@gibsondunn.com)
Benjamin Fryer – London (+44 20 7071 4232, bfryer@gibsondunn.com)
Evan M. Gusler – New York (+1 212.351.2445, egusler@gibsondunn.com)
James Jennings – New York (+1 212.351.3967, jjennings@gibsondunn.com)
Kathryn A. Kelly – New York (+1 212.351.3876, kkelly@gibsondunn.com)
Rachel D. Kleinberg – Palo Alto (+1 650.849.5207, rkleinberg@gibsondunn.com)
Brian W. Kniesly – New York (+1 212.351.2379, bkniesly@gibsondunn.com)
Pamela Lawrence Endreny – Co-Chair, New York (+1 212.351.2474, pendreny@gibsondunn.com)
Gregory V. Nelson – Houston (+1 346.718.6750, gnelson@gibsondunn.com)
Benjamin Rapp – Munich/Frankfurt (+49 89 189 33-290, brapp@gibsondunn.com)
Jennifer Sabin – New York (+1 212.351.5208, jsabin@gibsondunn.com)
Eric B. Sloan – Co-Chair, New York/Washington, D.C. (+1 212.351.2340, esloan@gibsondunn.com)
Edward S. Wei – New York (+1 212.351.3925, ewei@gibsondunn.com)
Lorna Wilson – Los Angeles (+1 213.229.7547, lwilson@gibsondunn.com)
Daniel A. Zygielbaum – Washington, D.C. (+1 202.887.3768, dzygielbaum@gibsondunn.com)

Tax Controversy and Litigation:
Saul Mezei – Washington, D.C. (+1 202.955.8693, smezei@gibsondunn.com)
Sanford W. Stark – Chair, Washington, D.C. (+1 202.887.3650, sstark@gibsondunn.com)
C. Terrell Ussing – Washington, D.C. (+1 202.887.3612, tussing@gibsondunn.com)

*Anne Devereaux, of counsel in the firm’s Los Angeles office, is admitted to practice in Washington, D.C.

From the Derivatives Practice Group: This week, the CFTC reissued Staff Letter 25-40 with a limited revision to the definition of “payment stablecoin; the CFTC also withdrew its Notice of Proposed Rulemaking and its Staff Advisory on event contracts.

New Developments

CFTC Staff Reissues Letter 25-40 Updating Payment Stablecoin Definition. On February 6, the CFTC’s Market Participants Division announced it has reissued CFTC Staff Letter 25-40 with a limited revision to the definition of “payment stablecoin.” This No-Action Position is with respect respect to futures commission merchants that accept certain non-securities digital assets as margin collateral and (a) take into account the value of such digital assets for purposes of certain regulatory requirements, subject to conditions or (b) deposit payment stablecoins as residual interest, subject to conditions. The CFTC’s revision specifies that a national trust bank may be a permitted issuer of a payment stablecoin for purposes of the no-action position. [NEW]

SEC Publishes Data on Exchange Traded Funds and Fund Mergers; Updated Statistics on Municipal Advisors, Transfer Agents, and Security-Based Swap Dealers. On February 5, the SEC’s Division of Economic and Risk Analysis (DERA) published two new reports on exchange traded funds and fund mergers, and updated statistics and data visualizations on municipal advisors, transfer agents, and security-based swap dealers. The reports provide the public with information about the growth in active ETFs and the changes in fees paid by investors when mutual funds and ETFs acquire other funds. [NEW]

CFTC Withdraws Event Contracts Rule Proposal and Staff Sports Event Contracts Advisory. On February 4, the CFTC announced it has withdrawn the notice of proposed rulemaking titled “Event Contracts” that it published on June 10, 2024 (see CFTC Press Release No. 8907-24). The CFTC does not intend to issue final rules with respect to the proposal. Additionally, Commission staff has withdrawn CFTC Staff Letter 25-36, a Staff Advisory on Certain Contract Markets (see CFTC Press Release No. 9137-25). [NEW]

CFTC Staff Issues Interpretation on Legacy Swap Status. On February 2, the CFTC’s Market Participants Division and Division of Clearing and Risk issued an interpretive letter addressing the effect of a merger conducted as part of an internal reorganization at Morgan Stanley, a CFTC-registered swap dealer, on the status of legacy swaps. Based on the facts and circumstances of the merger as described in the letter, the divisions concluded the swaps at issue retain their legacy swap status under the Commission’s uncleared swap margin and swap clearing requirements. [NEW]

CFTC Designates Xchange Alpha LLC as a Contract Market. On February 2, the CFTC announced it has issued an order designating Xchange Alpha LLC as a designated contract market (DCM) under Section 5 of the Commodity Exchange Act (CEA). The CFTC determined Xchange Alpha demonstrated its ability to comply with the CEA and CFTC regulations applicable to DCMs. The terms and conditions of the designation order require, among other things, Xchange Alpha to comply with all applicable provisions of the CEA and the CFTC regulations applicable to DCMs. [NEW]

CFTC and SEC Hold Joint Event on Harmonization, U.S. Financial Leadership in the Crypto Era. On January 29, the CFTC and the SEC held a joint event at CFTC headquarters to discuss harmonization between the two agencies and their efforts to deliver on President Trump’s promise to make the U.S. the crypto capital of the world. During the event, Chairman Selig provided his first public remarks since joining the Commission.

CFTC Chairman Offers First Public Remarks as CFTC Chairman. On January 29, CFTC Chairman Michael S. Selig offered his first public remarks as CFTC Chairman at the CFTC-SEC Joint Event on Harmonization “U.S. Financial Leadership in the Crypto Era.” During his remarks, Chairman Selig announced that the CFTC is partnering with the SEC on Project Crypto to “advance a clear crypto asset taxonomy, clarify jurisdictional lines, remove duplicative compliance requirements, and reduce regulatory fragmentation.” Chairman Selig specifically discussed priorities including expanding eligible tokenized collateral, creating onshore pathways for perpetual derivatives, and facilitating permissionless innovation. Additionally, Chairman Selig said that he has directed CFTC staff to draft rules to foster leveraged, margined, and financed trading, both on- and off-exchange and explore the creation of a new category of DCM registration that is tailored specifically to retail leveraged, margined, or financed crypto asset trading. He also committed to working closely with the SEC to identify opportunities to better align regulatory requirements across markets and examine whether substituted compliance can achieve equivalent or better regulatory outcomes at lower costs for market participants. With respect to prediction markets, or “event contracts,” Chairman Selig highlighted his recent actions directing CFTC staff to (1) withdraw the 2024 event contracts rule proposal prohibiting political and sports-related event contracts and the cautionary 2025 staff advisory regarding access to sports-related event contracts, (2) move forward with drafting an event contracts rulemaking, (3) reassess the Commission’s participation in currently pending litigation with an eye toward defending its exclusive jurisdiction over commodity derivatives, and (4) work with SEC counterparts to develop a joint interpretation on Title VII definitions intended to draw a clearer line between certain commodity and security options, CFTC-regulated swaps, and SEC-regulated security-based swaps.

CFTC Announces Tyler S. Badgley as General Counsel. On January 28, the CFTC announced that Tyler S. Badgley has been named the agency’s General Counsel. Badgley comes to the CFTC from the U.S. Department of the Treasury, where he served as the Deputy General Counsel and, previously, Executive Secretary. Prior to his time at Treasury, he was Senior Counsel at the U.S. Chamber of Commerce Litigation Center.

CFTC Staff Issues No-Action Letter, Announces Implementation Updates to 2024 Large Trader Reporting Rule. On January 27, the CFTC’s Division of Market Oversight (DMO) announced it has taken a no-action position regarding the compliance date for the Part 17 large trader reporting final rule in response to a request from the Futures Industry Association. DMO will not recommend the Commission take enforcement action against futures commission merchants, clearing members, foreign brokers, or designated contract markets for failure to comply with the 2024 Part 17 large trader reporting final rule. The no-action relief will extend for 18 months after CFTC staff execute the actions referenced below.

CFTC Chairman Selig Announces Alex Titus as Chief Advisor. On January 26, Chairman Selig announced Alex Titus as Chief Advisor to the Chairman. Titus joins the CFTC after serving as Chief of Staff at the White House Council of Economic Advisers under Chairman Stephen Miran and Acting Chairman Pierre Yared.

Chairman Selig to Sponsor the CFTC’s Agricultural Advisory Committee. On January 23, Chairman Selig announced that he will sponsor the CFTC’s Agricultural Advisory Committee (AAC). The CFTC is seeking nominations to fill current vacancies on the AAC. Submissions must be received by February 18.

New Developments Outside the U.S.

ESMA to Hold Conference “A New Era for EU Capital Markets” on May 21, 2026. On February 5, ESMA announced that it is organizing a high‑level conference “A New Era for EU Capital Markets” on May 21, 2026 in Paris, France. The conference will bring together senior policymakers, regulators, leaders of major market infrastructures and financial institutions, as well as investor representatives. Discussions will focus on how to deepen market integration, strengthen supervision and improve the investor journey in support of the Savings and Investments Union. [NEW]

ESMA Launches Selection Process for its Next Chair. On February 3, ESMA launched the selection procedure for the position of ESMA Chair. This key leadership role offers the opportunity to shape the future of Europe’s financial markets and steer the organization through an evolving regulatory and supervisory landscape. [NEW]

ESMA Signs Memorandum of Understanding with the Reserve Bank of India. On January 27, ESMA signed a Memorandum of Understanding with the Reserve Bank of India (RBI) to facilitate cooperation and exchange of information for the recognition of central counterparties established in India and supervised by RBI. This agreement marks a significant step towards restoring access for EU clearing members to Indian central counterparties and follows two years of sustained engagement between ESMA and RBI.

New Industry-Led Developments

ISDA Chief Executive Scott O’Malia Gives Remarks at Trading Book Capital Event. On February 5, Scott O’Malia gave welcoming remarks at ISDA’s Trading Book Capital event. In his remarks, O’Malia highlighted three priorities: (1) preserving the viability of Fundamental Review of the Trading Book internal models and improving current treatment of non-modellable risk factors, (2) mitigating market‑functioning strains, and (3) ensuring that the supplementary leverage ratio operates as a backstop after recent U.S. modifications. [NEW]

ISDA Responds to RBI Unique Transaction Identifier Proposals. On February 3, ISDA submitted comments to a Draft Circular from the Reserve Bank of India (RBI) proposing to mandate the global Unique Transaction Identifier for all transactions in OTC markets for Rupee interest rate derivatives, forward contracts in Government securities, foreign currency derivatives, foreign currency interest rate derivatives, and credit derivatives in India. [NEW]

ISDA Publishes Paper on How and Why Pension Funds Use Derivatives. On February 2, ISDA published a paper that it said reviews how and why pension funds use derivatives. It also reviews the global regulatory landscape that shapes derivatives use and highlights the role ISDA plays in helping pension funds navigate these markets. [NEW]

ISDA Publishes Paper on Climate Risk Scenario Analysis for the Trading Book: Phase 4. On January 29, ISDA published a paper that it said reviews, from a trading book perspective, the short-term scenarios recently published by the Network of Central Banks and Supervisors for Greening the Financial System (NGFS). ISDA also noted that the paper provides a set of market risk shocks consistent with two of those NGFS scenarios.

ISDA Publishes Paper on the Development of a Safe and Efficient OTC Commodity Derivatives Market in India. On January 27, ISDA published a white paper that it said explores the case for broadened the use of over-the-counter (OTC) commodity derivatives in India and considers the necessary steps to make this a reality. ISDA indicated its belief that the development of a robust and liquid OTC commodity derivatives market in India could support the continued growth of India’s economy given its significant reliance on commodities.

ISDA Publishes Note on Key Trends in the Size and Composition of OTC Derivatives Markets in the First Half of 2025. On January 22, ISDA published a research note on the latest data from the Bank for International Settlements (BIS) over-the-counter (OTC) derivatives statistics, which showed an increase in notional outstanding of OTC derivatives during the first half of 2025 compared to the first half of 2024. Notional outstanding rose across all major asset classes, including interest rate derivatives, foreign exchange, and equity and commodity derivatives.

ISDA Responds to ESMA on CCP Participation Requirements. On January 6, ISDA responded to a consultation from ESMA on central counterparty (CCP) participation requirements. ISDA maintained that participation requirements for CCPs are vital for safe and efficient clearing markets, and ISDA broadly supported ESMA’s consultation and proposed regulatory technical standards. ISDA stated that it welcomes the inclusion of sponsored models with clear responsibilities and contingency measures, as well as proposals addressing mutualization risks.

The following Gibson Dunn attorneys assisted in preparing this update: Jeffrey Steiner, Adam Lapidus, Karin Thrasher, and Alice Wang.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Derivatives practice group, or the following practice leaders and authors:

Jeffrey L. Steiner, Washington, D.C. (202.887.3632, jsteiner@gibsondunn.com)

Michael D. Bopp, Washington, D.C. (202.955.8256, mbopp@gibsondunn.com)

Michelle M. Kirschner, London (+44 (0)20 7071.4212, mkirschner@gibsondunn.com)

Darius Mehraban, New York (212.351.2428, dmehraban@gibsondunn.com)

Jason J. Cabral, New York (212.351.6267, jcabral@gibsondunn.com)

Adam Lapidus, New York (212.351.3869, alapidus@gibsondunn.com )

Stephanie L. Brooker, Washington, D.C. (202.887.3502, sbrooker@gibsondunn.com)

William R. Hallatt, Hong Kong (+852 2214 3836, whallatt@gibsondunn.com )

David P. Burns, Washington, D.C. (202.887.3786, dburns@gibsondunn.com)

Marc Aaron Takagaki, New York (212.351.4028, mtakagaki@gibsondunn.com )

Karin Thrasher, Washington, D.C. (202.887.3712, kthrasher@gibsondunn.com)

Alice Yiqian Wang, Washington, D.C. (202.777.9587, awang@gibsondunn.com)

The Trump administration re-entered the White House with an expansive vision for how international trade tools can be wielded to meet a range of “America First” policy goals. After one year in office, we have seen an unprecedented deployment of old and new tools of economic coercion wielded against allies and adversaries alike—with countermeasures wielded by them in response. Businesses, governments, and consumers throughout the world have found themselves on the front lines of this tit-for-tat throughout 2025, experiencing significant uncertainties and challenges that will only increase in 2026.

Upon his return to the White House in January 2025, President Trump quickly promulgated “America First” Trade and Investment Policies, laying out roadmaps for the administration’s priorities and methodologies to achieve its strategic objectives. One year into the administration, it is clear that implementation of these policies has pushed economic statecraft to new, untested limits.

Certain cornerstones of U.S. trade policy have carried over with the new administration, including robust imposition and enforcement of sanctions and export controls and the policy stance that the United States is open for foreign investment. However, the first year of the second Trump administration has been set apart by the dominance of an additional tool of economic coercion—the unprecedented use of tariffs, including (even more innovatively) the newly emerged “secondary tariff.” Deployed as a negotiating tool against strategic rivals and core partners alike, tariffs have emerged as the administration’s favored tool to achieve foreign policy, national security, and domestic economic objectives. The novel imposition of tariffs pursuant to the International Emergency Economic Powers Act of 1977, a decades-old statute that underpins the vast majority of U.S. sanctions and other trade-related initiatives such as outbound investment regulations, has further pushed the limits of U.S. law—so much so that the U.S. Supreme Court is set to weigh in on their legality in the coming weeks or months.

As Washington initiated fundamental shifts and policy reorientations, the European Union and the United Kingdom continued to build on the groundwork they have been laying over the last few years, cementing trade controls as strategic pillars of their foreign policies rather than solely reactive measures or follow-on tools to what the United States may impose. The EU Member States’ increased alignment of sanctions violations penalties and the United Kingdom’s establishment of a new sanctions enforcement body enhance enforcement risk for multinational firms that have until now primarily had to contend with U.S. enforcement agencies.

The United States and its traditional allies have undoubtedly experienced friction in connection with evolving policy approaches throughout 2025. However, the year also showed important signs of continued collaboration amidst common goals and strategic priorities. The snapback of EU and UK sanctions on Iran brought those sanctions regimes into closer alignment with the United States, which continued to ramp up pressure on Iran—the primary focus of new U.S. sanctions designations in 2025. Coordinated EU, UK, and U.S. sanctions targeting Russia’s largest oil producers struck at the core of Russia’s hard currency revenue streams, as efforts to broker peace between Moscow and Kyiv stalled. This alignment even extended to the lifting of sanctions, as all three jurisdictions moved to ease long-standing restrictions on Syria after the Assad regime was deposed and new leadership emerged.

Still, as renewed threats of tariffs dominated the news cycle in the early weeks of 2026, “America First” is poised to continue driving the Trump administration’s approach to trade controls in the coming years, with immediate and long term consequences for allies and geostrategic competitors. As a result, the increased uncertainty that characterized 2025 is unlikely to subside in the year ahead.

TABLE OF CONTENTS

I….U.S. Sanctions

Iran
Russia
Syria
Venezuela
Counter-Terrorism and Counter-Narcotics
International Criminal Court
Enforcement Trends

II….U.S. Export Controls

Artificial Intelligence
End-User Controls
ITAR Updates
Licensing Trends
Enforcement Trends
Other BIS Regulatory Regimes

III….U.S. Foreign Investment Restrictions

Inbound Investment
Outbound Investment

IV….U.S. Import Restrictions

Tariffs
Uyghur Forced Labor Prevention Act

V….European Union

Sanctions
Export Controls
Foreign Direct Investment

VI….United Kingdom

Sanctions
Export Controls
Foreign Direct Investment

I. U.S. SANCTIONS

The total number of U.S. sanctioned parties continued to climb in 2025. As always, however, the numbers only tell part of the story.

Iran supplanted Russia as the chief target of new list-based U.S. sanctions, accounting for around half of all designations by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) in 2025. While the year reflected a substantial number of new sanctions designations, hundreds of parties in Syria were also de-listed as the Trump administration lifted a comprehensive embargo to give breathing room to the new Syrian government.

And in stark contrast to the Biden administration, the Trump administration’s deployment of economic tools was often prelude to its deployment of military tools. The reimposition of “maximum pressure” on Iran in the first days of the new Trump administration, including a relentless series of sanctions on Tehran’s revenue sources and defense networks, escalated by mid-year into U.S. airstrikes targeting Iranian nuclear facilities. Unprecedented designations of cartels and drug trafficking groups as terrorist organizations foreshadowed U.S. military strikes on alleged drug smuggling boats in the Caribbean. A tightening of sanctions targeting Venezuela’s energy sector was followed by oil tanker seizures and, at the start of 2026, a stunning U.S. military operation in Caracas to capture Venezuelan President Nicolás Maduro.

A. Iran

Relations between the United States and Iran entered a volatile phase during 2025 as President Trump, within days of re-entering the Oval Office, announced the resumption of his first term’s “maximum pressure” campaign against Tehran. In a bid to deny Iran a nuclear weapon, halt its ballistic missile program, and disrupt its destabilizing activities abroad, the new U.S. administration accelerated the pace of Iran sanctions designations, pressed the regime to return to the negotiating table, and, in June, launched an airstrike against three Iranian nuclear facilities.

The Islamic Republic—alongside a small handful of other jurisdictions, including Cuba, North Korea, and certain Russian-occupied regions of Ukraine—remains subject to comprehensive U.S. sanctions, as a result of which U.S. persons are generally prohibited from engaging in almost any dealings involving Iran. In addition to those restrictions, during 2025 OFAC added to its Specially Designated Nationals and Blocked Persons (SDN) List nearly one thousand individuals, entities, vessels, and aircraft tied to high-priority sectors of the Iranian economy. Frequent targets of Iran-related sanctions designations included parties allegedly involved in:

The Iranian petroleum and petrochemicals trade, with a particular focus on shippers and vessels comprising the Iranian “shadow fleet,” along with China-based importers and refiners of Iranian crude;
The Iranian shadow banking system, including parties using neighboring states such as the United Arab Emirates as sanctions evasion and transshipment hubs; and
The Iranian defense sector, including nuclear, ballistic missile, and unmanned aerial vehicle (UAV) procurement networks.

The United States was not alone in pressuring Iran. The U.S. attack on Iranian nuclear targets took place alongside Israel’s 12-day war in June 2025, which battered the Islamic Republic’s air defenses and domestic political standing. Iran’s economic and diplomatic isolation further deepened in September 2025 with the snapback of UN, EU, and UK sanctions (discussed further below) that for the past decade had been suspended under the Joint Comprehensive Plan of Action (JCPOA)—commonly known as the Iran nuclear deal. By early 2026, Tehran found itself mired in a deepening currency crisis, roiled by anti-government demonstrations, and bracing for possible U.S. military action as the regime brutally cracked down on protesters.

Barring further dramatic developments on the ground, the Trump administration appears set to continue prosecuting its maximum pressure campaign throughout the near future. In light of the President’s stated objective of driving Iranian oil exports to zero, further sanctions designations targeting shipping companies, vessels, oil traders, and financial institutions dealing in Iranian barrels are likely on the horizon. As seen in Venezuela, it is possible that the Trump administration may take to boarding and seizing vessels carrying Iranian crude. It is also conceivable that the Trump administration could in coming months begin targeting larger, more economically consequential parties based in the People’s Republic of China (PRC)—by far the largest remaining buyer of Iranian crude—though at the risk of upsetting the fragile trade truce between Washington and Beijing.

B. Russia

Following a three–year period in which the United States, in concert with its allies and partners, imposed historic trade restrictions on Russia, the pace of new U.S. sanctions targeting Russia slowed in 2025 as President Trump sought to broker peace between Moscow and Kyiv. When talks failed to end the fighting in Ukraine, the United States intensified pressure on Russia’s crucial energy sector, including by increasing tariffs on a key buyer of Russian crude, blacklisting two Russian oil majors, and threatening sharply higher duties on countries that import Russian energy.

Similar to the strategy adopted by the prior U.S. administration as it worked to coax Iran to resume nuclear negotiations, President Trump unveiled no new sanctions on Russia during his first six months in office in a seeming effort to create space for peace talks to progress. However, the Trump administration’s patience with Moscow appeared to wear thin in August 2025 when, on the eve of a major summit between Presidents Trump and Putin, the White House announced unprecedented “secondary tariffs” on India stemming from Delhi’s continued purchases of Russian oil. From a policy perspective, that novel measure—which involves levying increased duties on all Indian-origin goods entering the United States, rather than penalizing specific firms involved in the Russian oil trade—appears calculated to limit the Kremlin’s ability to finance its war effort by deterring foreign governments from allowing Russian petroleum and petroleum products into their territories. As part of a reported U.S.–India trade deal, President Trump indicated in early February 2026 that the United States had agreed to reduce tariffs on India, which will in turn stop buying Russian oil. The effectiveness of these measures in halting the war in Ukraine will likely hinge on whether the Trump administration is prepared to impose similar restrictions on China, the world’s most prolific consumer of Russian oil.

As peace negotiations dragged on, President Trump in October 2025 ratcheted up pressure on Russia’s energy sector by imposing full blocking sanctions on the country’s two largest oil producers, Rosneft and Lukoil. Blocking sanctions are arguably the most potent tool in a country’s sanctions arsenal, especially for countries such as the United States with an outsized role in the global financial system. Upon becoming designated an SDN (or other type of blocked person), the targeted individual or entity’s property and interests in property that come within U.S. jurisdiction are blocked (i.e., frozen) and U.S. persons are, except as authorized by OFAC, generally prohibited from engaging in transactions involving the blocked person. The SDN List therefore functions as the United States’ principal sanctions-related restricted party list. Moreover, the effects of blocking sanctions often reach beyond the parties identified by name on the list. By operation of OFAC’s “50 Percent Rule,” restrictions generally also extend to entities owned 50 percent or more in the aggregate by one or more blocked persons, whether or not the entity itself has been explicitly identified on the list.

Although the U.S. government targeted relatively few Russia-related parties this past year—together representing a tiny percentage of new OFAC sanctions designations announced during 2025—Rosneft and Lukoil are among the largest and most economically consequential enterprises ever subjected to a U.S. asset freeze. The impact of those designations on the global oil market was further magnified by similar measures from the European Union and the United Kingdom (discussed further below). The joint designations represented a fundamental shift in U.S., EU, and UK thinking on Moscow. Ever since the Crimean invasion in 2014, the Western powers have carefully avoided blacklisting large parts of the Russian energy sector for fear of upsetting global markets and denying European and Japanese allies critical fuels they came to rely upon Russia to provide. No more. That the European Union followed this designation with a pronouncement that the bloc will be free of Russian oil purchases by 2027 underlined the rupture between Russia and what had been its principal markets.

President Trump, at least in the near term, appears set to maintain and potentially expand U.S. sanctions on Russian energy to maximize U.S. leverage in negotiations with Moscow. One option available to the administration to increase pressure on the Kremlin could involve urging the U.S. Congress to adopt the Sanctioning Russia Act—a bill spearheaded by Senators Lindsey Graham (R-SC) and Richard Blumenthal (D-CT) that enjoys bipartisan support on Capitol Hill and would authorize “bone crushing” secondary tariffs of up to 500 percent on all goods imported into the United States from any country that knowingly purchases Russian-origin oil, petroleum products, or uranium. It is also possible that the White House could threaten to impose “secondary sanctions” (i.e., penalties up to and including blocking use of the U.S. financial system or freezing all property interests) on foreign financial institutions that continue to process payments involving Russian petroleum and petroleum products. This would be an add-on to the Biden-era authority that threatens to impose secondary sanctions on foreign banks that process transactions involving Russia’s military-industrial base.

Conversely, if talks among Washington, Moscow, and Kyiv bear fruit, it would not be surprising if the White House were to quickly ease restrictions on dealings involving Russia. With the narrow exception of certain U.S. sanctions designations pursuant to Executive Order 13662, nearly all Biden- and Trump-era measures targeting Russia (which were implemented via Executive Order) can be rescinded with the stroke of a pen. For example, President Trump could narrow or revoke existing measures such as the prohibition on “new investment” in the Russian Federation set forth in Executive Order 14071 by issuing new or amended Executive Orders, or by issuing permissive general licenses. Any such relaxation of U.S. sanctions could, however, result in a split between the United States and its European allies and partners, who, to date, have shown little appetite for easing their own considerable restrictions on Russia, especially in light of the perceived broader threat that Russia poses to select EU Member States.

C. Syria

One of the most unexpected and consequential trade developments of 2025 involved the United States’ easing of sanctions on Syria. This policy change, announced by President Trump to the surprise of most observers while on a state visit to Saudi Arabia in May 2025, involved the White House quickly paring back most U.S. trade restrictions—including lifting comprehensive sanctions on Syria—as it sought to bolster the government of President Ahmed al-Sharaa and facilitate the country’s reconstruction. Although the continuing rapprochement between Washington and Damascus suggests that remaining restrictions could be eased in coming months, the new government still faces significant challenges in consolidating power, and it will take time for policymakers to disassemble the full suite of U.S. trade controls on Syria, some of which require an act of Congress to revoke.

In its first moves to unwind Syria restrictions, the United States in early 2025 issued two general licenses authorizing a steadily broader range of transactions involving Syria. The first such license, issued in January 2025, permitted U.S. persons to engage in certain limited transactions involving Syria’s post-Assad governing institutions, the country’s energy sector, and the processing of noncommercial, personal remittances. In May 2025, OFAC—in a move that foreshadowed more lasting sanctions relief to come—issued a separate general license authorizing U.S. persons to engage in substantially all transactions prohibited by the agency’s Syrian Sanctions Regulations, including making new investments in Syria, exporting services to Syria, and importing into the United States Syrian-origin petroleum or petroleum products.

Concurrent with that May 2025 announcement, the U.S. Department of State issued a 180-day waiver of certain provisions of the Caesar Syria Civilian Protection Act of 2019 (the Caesar Act)—a statute that then mandated sanctions against non-U.S. persons that knowingly engage in certain significant transactions involving Syria—in a bid to reassure humanitarian aid organizations and prospective foreign investors considering re-entering the Syrian market.

As described in a prior client alert, President Trump in June 2025 built on those measures by issuing a groundbreaking Executive Order that replaces longstanding comprehensive sanctions on Syria with a targeted, list-based sanctions program that restricts dealings involving certain specified bad actors such as terrorist organizations and Assad regime insiders. Among other key changes, that order revoked the Syrian Sanctions Regulations, enabled the lifting of blocking sanctions on over 500 Syria-related parties, and allowed the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) to waive certain export controls, while the State Department set in motion a process to eventually rescind Syria’s designation as a State Sponsor of Terrorism (SST).

The United States continued to peel back layers of restrictions on Syria as 2025 wound down. The Commerce Department issued a final rule that, as of September 2025, authorizes exports to Syria of EAR99 items (i.e., goods, software, and technology that have purely civilian uses) to most end users under a new License Exception Syria Peace and Prosperity (SPP). In November 2025, the State Department lifted blocking sanctions on President al-Sharaa—until then, a designated terrorist—ahead of a White House summit with President Trump. Finally, in an apparent effort to provide more certainty for non-U.S. parties, Congress in December 2025 repealed the Caesar Act and its mandatory secondary sanctions, thereby eliminating a major deterrent to the large-scale, long-term capital investments that Syria will need to rebuild its shattered economy after a more than decade-long civil war.

Despite considerable U.S. sanctions relief over the past year, not all U.S. trade restrictions on Syria have been lifted. For example, Syria remains home to several hundred individuals and entities that are subject to U.S. blocking sanctions by virtue of appearing on OFAC’s SDN List. Syria also remains subject to a trade embargo under the U.S. Export Administration Regulations (EAR) as well as an arms embargo under the U.S. International Traffic in Arms Regulations (ITAR), and the country continues to be designated an SST, with the result that U.S. foreign assistance and certain U.S. exports to Syria are restricted.

While more regulatory changes will be needed to prove that the new Syria is truly “open for business,” post-Assad Syria has been granted a meaningful opportunity to re-enter the global economy. In recent weeks, however, the Syrian government has made advances to reclaim control over large areas of territory in eastern and northern Syria, testing U.S. support of the new government as it has clashed with the Kurdish-led Syrian Democratic Forces that have been a key U.S. partner in the fight against the Islamic State. The further easing of U.S. restrictions targeting Syria may well hinge on how President al-Sharaa handles this and other challenges in coming months as he continues his efforts to unite his fractured nation.

D. Venezuela

Although traditional U.S. trade controls on Venezuela were largely quiet for much of the past year, sanctions tell only part of the story. President Trump during 2025 renewed his first term’s hardline focus on the regime of President Nicolás Maduro, including by massing forces in the Caribbean, striking alleged drug-trafficking vessels, partially blockading Venezuela’s coast, seizing tankers carrying Venezuelan oil, and in early January 2026 launching a midnight raid that resulted in Maduro’s capture and extradition to the United States. As of this writing, Maduro’s top lieutenants remain in charge in Caracas and U.S. sanctions are mostly unchanged—though restrictions on Venezuela’s crucial oil sector have already been eased as the Trump administration looks to stem the flow of migrants and jumpstart Venezuela’s moribund economy.

U.S. sanctions on Venezuelan energy seesawed during the first half of 2025. Starting in March 2025, OFAC replaced a longstanding general license, which authorized certain transactions related to the operation and management by a U.S. energy company of its joint ventures involving the state-owned oil giant Petróleos de Venezuela, S.A. (PdVSA), with a series of time-limited wind-down authorizations. The Trump administration allowed that license, along with a separate general license that permitted certain Venezuela-related dealings involving four named U.S. oilfield services companies, to expire in May 2025. According to news reports, the White House quietly reversed course in July 2025 by issuing one or more OFAC specific licenses authorizing the U.S. energy company at issue to resume many of its prior activities in Venezuela, including the exportation to the United States of Venezuelan-origin oil.

President Trump in parallel moved to deter shipments of Venezuelan oil to other jurisdictions, including by issuing an Executive Order in March 2025 authorizing secondary tariffs on all goods imported into the United States from any country determined by the U.S. Secretary of State to have imported Venezuelan-origin petroleum or petroleum products on or after a certain date. Unlike in the Russia context, the Trump administration has not yet levied any such duties. Indeed, in light of the apparent U.S. policy interest in reviving Venezuelan energy production following President Maduro’s January 2026 ouster, the threatened Venezuela-related tariffs seem unlikely to be implemented by the Trump administration, at least in the near term. Rather, an Executive Order signed by President Trump in late January 2026 authorizing secondary tariffs on any country determined to sell oil to Cuba may reflect a new approach by the administration in pursuit of its Western Hemisphere policy objectives.

As we observed in a prior client alert, although President Maduro has been removed from office, power in Caracas has not changed hands, and U.S. trade restrictions broadly remain the same. U.S. persons continue to be, except as authorized by OFAC, prohibited from engaging in transactions involving the Government of Venezuela, which is defined to include not just government agencies and political subdivisions, but also any entity that is majority-owned or controlled by the government. Consequently, U.S. persons (and non-U.S. persons when engaging in a transaction with a U.S. touchpoint) potentially risk triggering U.S. sanctions when dealing with an arm of the Venezuelan state, such as a state-owned enterprise like PdVSA or the country’s central bank. Over 400 parties, including public and private firms, presently appear on the SDN List pursuant to various Venezuela-related legal authorities.

The situation on the ground in Venezuela remains highly fluid. As U.S. sanctions targeting the Maduro regime are not codified in statute, they can be quickly eased through executive action—including, for example, issuing (or re-issuing) OFAC general licenses authorizing certain dealings involving the country’s energy sector, de-listing PdVSA, or conceivably lifting blocking sanctions on the entirety of the Government of Venezuela. As an initial step, the Trump administration announced plans to “selectively roll[] back sanctions to enable the transport and sale of Venezuelan crude and oil products to global markets.” Executive Order 14373 quickly followed, creating an untested mechanism for U.S. government oversight of certain Venezuelan oil revenues. OFAC in late January 2026 further paved the way for Venezuelan crude to be sold on legitimate global markets with the issuance of Venezuela General License 46, authorizing, subject to certain conditions, established U.S. firms to engage in transactions that are “ordinarily incident and necessary to the lifting, exportation, reexportation, sale, resale, supply, storage, marketing, purchase, delivery, or transportation of Venezuelan-origin oil, including the refining of such oil.”

A further easing of U.S. restrictions could be contingent upon the leadership in Caracas meeting certain milestones, such as curbing illicit drug trafficking and irregular migration, distancing itself from Cuba, Iran, China, and Russia, and perhaps taking concrete steps toward the restoration of Venezuelan democracy.

E. Counter-Terrorism and Counter-Narcotics

In addition to measures targeting countries such as Iran and Russia, the United States in 2025 vigorously used OFAC’s thematic sanctions programs, which are global in nature and seek to deter particular types of conduct such as human rights abuses or corruption no matter where they occur. In one of the signature trade developments of the past year, the Trump administration often wielded counter-terrorism and counter-narcotics sanctions authorities against novel targets, including drug cartels, organized crime groups, and sitting heads of state.

Following an election campaign in which he declared illegal immigration, violent crime, and drug trafficking to be core national priorities, on Inauguration Day, President Trump signed an Executive Order declaring it the policy of the United States to ensure the “total elimination” of cartels and transnational criminal organizations—and setting in motion a process to name such groups Specially Designated Global Terrorists (SDGTs) and Foreign Terrorist Organizations (FTOs). During 2025, the Trump administration applied the more restrictive FTO label—which can trigger criminal, civil, and reputational consequences for parties that engage with such organizations—to a record-shattering 25 new entities. Such counter-terrorism designations (or, in many cases, re-designations) targeted major Mexican drug cartels and South American criminal enterprises such as Tren de Aragua, as well as Yemen’s Ansarallah (commonly known as the Houthis) and several European anti-fascist groups.

SDGT and FTO designations are similar in that each involves the imposition of U.S. blocking sanctions. Upon becoming designated an SDGT, an FTO, or other type of blocked person, the targeted individual or entity’s property and interests in property that come within U.S. jurisdiction are blocked and U.S. persons are, except as authorized by OFAC, generally prohibited from engaging in transactions involving the blocked person and their majority-owned entities.

The chief difference between those two types of counter-terrorism designations is that being named an FTO triggers further, onerous restrictions that are unique among U.S. sanctions programs. In particular, designation as an FTO results in the targeted organization becoming blocked and also (1) renders representatives and members of the FTO, if they are not U.S. citizens or U.S. nationals, inadmissible to the United States; (2) exposes persons subject to U.S. jurisdiction to criminal liability for knowingly providing “material support or resources” to the FTO; and (3) gives rise to a private right of action in which terrorism victims can bring civil suits against, and seek treble damages from, parties that knowingly provide “substantial assistance” to an FTO. Certain dealings with SDGTs (a list which, as of today, also includes all FTOs) can further trigger U.S. Securities and Exchange Commission reporting obligations.

Historically, U.S. counter-terrorism sanctions (and their attendant consequences) have been reserved mostly for Islamist militant groups based in the Middle East and South Asia, such as al-Qaeda and ISIS. The Trump administration’s unprecedented use of counter-terrorism authorities to target apolitical, profit-driven groups based in the Western Hemisphere presents substantial practical challenges for enterprises operating in Latin America. For example, Mexico-based cartels are tightly integrated into the legitimate economy of a major U.S. trading partner and seldom appear by name on invoices or other transaction documentation. Moreover, in light of the lower threshold for criminal liability and the possibility that a U.S. court could award substantial monetary damages, FTO designations can result in de-risking by financial institutions and other key business partners that may be prohibited from (or otherwise unwilling to engage in) transactions that could, directly or indirectly, involve such a named terrorist group. Accordingly, it is prudent for businesses with activities in Latin America and the Caribbean to conduct restricted party screening and enhanced due diligence to assess whether their current or prospective counterparties have links to newly designated terrorist organizations.

In tandem with counter-terrorism measures, the Trump administration has increasingly used U.S. counter-narcotics sanctions as a cudgel against left-leaning political figures in South America. Notably, the United States on multiple occasions this past year imposed sanctions on the Cartel de los Soles, purportedly led by Venezuela’s President Nicolás Maduro. In October 2025, the U.S. government, in a surprise action against a longstanding security partner and a Major Non-NATO Ally, designated the President of Colombia pursuant to a counter-narcotics authority following his vocal criticism of U.S. airstrikes off the Venezuelan coast.

In coming months, the Trump administration appears set to continue heavily using terrorism- and narcotics-related sanctions to advance the White House’s domestic policy priorities and discredit opponents abroad, even at the expense of dulling the moral sting that has traditionally accompanied the use of such tools.

F. International Criminal Court

The White House extended its aggressive use of OFAC’s thematic authorities by reviving a short-lived and unorthodox sanctions program—created under the first Trump administration and quickly dismantled by President Biden—targeting certain parties associated with the International Criminal Court (ICC).

In February 2025, President Trump issued an Executive Order resuscitating the ICC sanctions program, citing that body’s threat to the sovereignty of states, such as the United States and Israel, that are not party to the Rome Statute and have not consented to the ICC’s jurisdiction. Concurrent with that order, the United States imposed blocking sanctions on the court’s chief prosecutor, stemming from his involvement in the issuance of an arrest warrant against Israel’s Prime Minister Benjamin Netanyahu and former Defense Minister Yoav Gallant. As a result of further designations announced in June, July, August, September, and December 2025, the United States has added to the SDN List a total of 15 parties associated with the court, including specific judges, prosecutors, and nongovernmental organizations deemed to be supporting ICC investigations of Israeli nationals.

U.S. sanctions targeting the ICC are presently limited in scope. Although U.S. persons are restricted from engaging in transactions involving the 15 named parties associated with the ICC who appear on the SDN List (as well as those parties’ majority-owned entities), OFAC has indicated in various contexts that, as a general matter, “when a designated individual has a leadership role in a governing institution, the governing institution is not itself considered blocked.” Consequently, absent the involvement of a sanctioned party, U.S. persons are not generally restricted by OFAC sanctions from engaging in activities involving the ICC as an institution or its various organs, such as the Office of the Prosecutor, the Presidency, or the Judicial Divisions.

The return of U.S. sanctions targeting ICC personnel, including lawyers and jurists, highlights the Trump administration’s willingness to impose sanctions against non-traditional targets and without coordination with, or support from, traditional U.S. allies. This trend was reinforced by the July 2025 sanctions targeting Brazilian Supreme Federal Court Justice Alexandre de Moraes, one of only a few designations this year under OFAC’s human rights-focused Global Magnitsky sanctions (although Justice Moraes was removed from the SDN List by year’s end). If in the future the ICC were to launch an investigation into conduct by President Trump, other senior U.S. officials, or U.S. military personnel, it is possible that the United States could expand its existing sanctions to prohibit U.S. nexus dealings involving the ICC itself. Any such expansion is likely to be met with U.S. legal challenges, as certain U.S. district courts have already expressed skepticism of the legality of the current ICC sanctions on First Amendment grounds, at least as applied to certain U.S. citizens supporting the court’s activities.

G. Enforcement Trends

1. OFAC Enforcement Actions and Compliance Lessons

2025 was a busy year for OFAC enforcement as the agency, across 14 enforcement actions, imposed a combined $265.7 million in fines—a fivefold increase over the prior year. That uptick was principally driven by a blockbuster $215.9 million penalty against a California venture capital firm stemming from alleged dealings involving a sanctioned Russian oligarch. But for that case, the aggregate amount of fines levied by OFAC would have been roughly on par with the agency’s five-year median of approximately $50 million in civil monetary penalties per year.

Notably, 8 of the 14 OFAC enforcement actions announced during 2025—including the five largest resolutions of the year—involved apparent Russia sanctions violations. While enforcement actions are often a trailing indicator of OFAC enforcement priorities, as matters can take several years to resolve after a potential violation has been identified, this trend nonetheless suggests that dealings involving the Russian Federation—and, in particular, Russian oligarchs—is likely to remain an area of continued enforcement for U.S. authorities in coming months.

We highlight below the most noteworthy compliance lessons from OFAC’s 2025 enforcement activity. Many of these takeaways were explicitly communicated by OFAC through the “compliance considerations” section included in the web notice for each of its enforcement actions:

“Gatekeepers” can be subject to heightened sanctions compliance expectations: The role of gatekeepers—sophisticated U.S. parties such as investment advisors, accountants, attorneys, trust and corporate formation service providers, and real estate professionals—was a major theme of OFAC’s enforcement activity this past year. OFAC repeatedly emphasized that such individuals occupy positions of trust, have considerable access to information, and can lend a transaction involving a sanctioned party an air of legitimacy. Consequently, such professionals may be subject to heightened expectations to monitor for and detect potential sanctions evasion, and should conduct thorough due diligence into prospective clients to minimize the risk of their services facilitating a restricted party’s access to the U.S. financial system.
Transaction parties should be alert to indications that a sanctioned party owns—or controls—property: Several of OFAC’s recent cases highlight the importance of understanding potential sanctioned-person control or influence over investments—even when such persons are not named in transaction documentation such as deeds, property records, or contracts. Professionals and professional services firms should be sensitive to the possibility that blocked persons may be indirectly involved in a transaction, including through proxies or opaque legal structures. OFAC has further cautioned that transaction parties and their advisors should avoid formalistic analyses and, where appropriate, look beyond nominal ownership to a transaction’s underlying practical and economic realities—a trend that puts considerable pressure on OFAC’s ownership-driven 50 Percent Rule and suggests that over time OFAC may move to an “ownership or control” test with respect to downstream sanctions impacts like that in place in the European Union and the United Kingdom.
Transaction parties should heed OFAC blocking notifications and cease-and-desist orders: OFAC enforcement activity suggests that the agency is increasingly using notifications of blocking and cease-and-desist orders to alert interested parties to the existence of a blockable property interest before a sanctions violation (or further violation) occurs. Such notices can also be used by OFAC to show that a party had actual knowledge that a subsequent transaction involving that property might implicate the agency’s prohibitions. In at least two enforcement actions published in 2025, transaction parties appear to have disregarded such explicit warnings. Recipients of blocking notifications and cease-and-desist orders should take such notices seriously, closely scrutinize the person or property identified by the agency, and timely block and report to OFAC any property within U.S. jurisdiction in which a blocked person holds an interest.
OFAC may be less willing to settle: Historically, the vast majority of OFAC enforcement actions resulting in monetary penalties were resolved with a settlement agreement. The issuance of a penalty notice—a mechanism by which OFAC unilaterally announces its determination that a violation of its regulations has occurred and imposes a penalty in whatever amount it deems appropriate—has been rare. In a departure from past practice, OFAC in 2025 resolved three cases, each involving a Russian oligarch and conduct that the agency deemed egregious, by issuing a penalty notice to the alleged violator in lieu of settling. Such resolutions, which have in the past often triggered a lawsuit by the enforcement target, appear calculated to convey to the regulated community that there are certain cases about which OFAC feels especially strongly and is prepared to litigate if necessary.
OFAC is increasingly holding individuals accountable for U.S. sanctions violations: OFAC this past year imposed substantial civil monetary penalties against three unnamed individuals for providing professional services to blocked persons, breaking from the agency’s recent practice of levying fines almost exclusively against corporate entities. Indeed, prior to 2025, OFAC had penalized only five natural persons during the preceding ten years combined. The agency’s recent enforcement activity suggests that individual professional service providers should familiarize themselves with common “red flags” for sanctions risk, understand how their work could expose them to sanctions liability, and conduct careful due diligence on higher-risk clients.

2. U.S. Department of Justice Enforcement Priorities

Alongside robust civil enforcement by OFAC, the U.S. Department of Justice (DOJ) announced in May 2025 that it would prioritize criminal enforcement of sanctions evasion. In a memorandum detailing its new White Collar Enforcement Plan, DOJ’s Criminal Division directed its prosecutors to focus on, among other top priorities, national security offenses, including pursuing “gatekeepers, such as financial institutions and their insiders that commit sanctions violations or enable transactions” by drug cartels, transnational criminal organizations, hostile nation-states, and FTOs. As we described in a prior client alert, the memorandum also calls for an “America First,” business-friendly approach to white collar enforcement, which could ultimately lead to fewer or less aggressive prosecutions of U.S. companies. In light of the memorandum’s explicit focus on sanctions evasion as both a criminal and national security concern, we anticipate that DOJ, including not just the Criminal and National Security Divisions in Washington, but also individual U.S. Attorney’s offices around the country, will vigorously pursue financial institutions that facilitate sanctions evasion by processing illicit transactions.

In line with DOJ and OFAC efforts to combat sanctions evasion, U.S. authorities this past year continued to engage in a multi-agency push to both prosecute and sanction parties involved in North Korea’s sustained effort to generate hard currency to fund North Korea’s weapons of mass destruction programs, through the placement of remote information technology (IT) workers across hundreds of U.S. companies. As part of this IT worker scheme, which has been active for several years, a sizeable contingent of North Korean individuals have fraudulently obtained remote employment with U.S.-based companies, leveraging stolen identities of U.S. persons, and relying on the assistance of U.S.-based individuals. While the primary objective of the scheme appears to be to raise currency for the North Korean regime, the scheme—which sees remote IT workers performing routine tasks in corporate roles such as software development—also enables access by these remote workers to potentially sensitive data, including source code and export-controlled data. There have been reports of data exfiltration and extortion in connection with this scheme, in addition to collection of salaries.

In June 2025, DOJ announced nation-wide, coordinated law enforcement actions against the North Korean IT worker scheme, resulting in the indictment of 13 individuals (including two U.S. nationals, who have both pleaded guilty), and the seizure of 29 financial accounts and approximately 200 laptops used to facilitate remote access to U.S. company systems. The next month, in July 2025, an Arizona woman was sentenced to 8.5 years in prison for her role in helping North Korean IT workers obtain jobs at over 300 U.S. companies. And in November 2025, DOJ announced five further IT worker-related guilty pleas and over $15 million in civil forfeiture actions. OFAC complemented DOJ’s efforts on multiple occasions designating non-U.S. parties implicated in the scheme. In light of North Korea’s decades-long isolation from the mainstream global economy, further attempts to penetrate U.S. businesses, along with associated prosecutions and sanctions designations, are likely to persist in the months ahead. Although the U.S. government has so far been treating victim companies as partners in these enforcement efforts, businesses reliant on remote IT workers are on notice of the red flags consistent with the scheme and should ensure appropriate diligence throughout hiring and employment processes to mitigate risk.

II. U.S. EXPORT CONTROLS

U.S. export controls have further cemented their place alongside sanctions as key tools in furthering U.S. national security and foreign policy objectives, particularly as the United States seeks to restrict access to certain advanced technologies by perceived geopolitical competitors like China. Yet, the role of export controls in 2025 has been complicated by political tides that ushered in significant institutional changes at the U.S. Department of Commerce’s Bureau of Industry and Security, the agency primarily responsible for administration of U.S. export controls on goods, software, and technology that have both military and civilian uses (commonly known as “dual-use” items).

A number of longtime BIS officials departed the agency, known for its technically complex regulations, which has led to a lull in new rules and a spike in export licensing wait times. At the same time, the second Trump administration has increasingly reached for export controls as a bargaining chip at the diplomatic negotiating table, both with China and with U.S. industry. The result was a year of starts and stops, where landmark new rules were paused or walked back not long after they were announced, creating uncertainty among industry about compliance expectations.

Despite these institutional challenges, export enforcement showed no signs of slowing down. With significant enforcement actions from both BIS and DOJ, the new administration seemed to follow through on Commerce Secretary Howard Lutnick’s assurances during his confirmation hearings that aggressive export enforcement would be a priority. As BIS has now received a 23 percent funding increase from Congress for fiscal year 2026, continued robust enforcement is expected, even if the longer-term impact of personnel turnover remains to be seen.

A. Artificial Intelligence

1. AI Diffusion Rule Rescission and Shift in Semiconductor Export Control Strategy

In its closing days, the Biden administration issued the Artificial Intelligence (AI) Diffusion Rule, a sweeping interim final rule to control access to advanced AI capabilities by establishing chokepoints over three key exports: advanced integrated circuits (ICs); compute power; and model weights. On May 13, 2025, two days before the AI Diffusion Rule’s effective date, the Trump administration announced its rescission of the rule, citing concerns that its burdensome regulatory requirements could undermine innovation and that its tiered licensing system could generate adverse diplomatic consequences.

The policy shift is consistent with a broader trend in U.S. export control strategy toward pairing restrictive measures with affirmative efforts to shape global technology ecosystems around U.S. supply chains, standards, and compliance expectations—particularly in strategically significant regions such as the Middle East. China’s continued development of advanced AI models despite extensive U.S. export controls appears to have informed this approach. Against this backdrop, the rescission of the AI Diffusion Rule—together with approvals conditionally permitting additional exports of advanced semiconductors to the United Arab Emirates and a series of AI initiatives involving the United Arab Emirates and Saudi Arabia—reflects an effort to expand the reach of U.S.-aligned AI infrastructure and governance. Consistent with this trend, the White House’s July 2025 AI Action Plan calls for the United States to “meet global demand for AI by exporting its full AI technology stack (hardware, models, software, applications, and standards) to all countries willing to join America’s AI alliance.” The plan was paired with a July 2025 Executive Order promoting the export of the American AI technology stack, which is in turn implemented through the October launch of the American AI Exports Program, though details of this program remain scant at present.

Despite the Trump administration’s stated intent to replace the prior AI Diffusion Rule with a “stronger but simpler” framework, BIS has not yet issued replacement regulations. And although BIS recently loosened restrictions on the export of certain advanced chips to China, the manufacturing equipment used to build them and most AI-capable hardware remain subject to significant licensing constraints. As discussed in a prior client alert, we believe that any replacement framework is likely to retain core elements of the rescinded rule, including differentiated treatment for trusted jurisdictions, some form of validated end-user or equivalent authorization for data centers, enhanced customer diligence and reporting obligations, and controls on certain proprietary AI models. Indeed, many of these elements have been central parts of the Trump administration’s partial lifting of controls on the UAE, Saudi Arabia, and China.

2. New Guidance Regarding Advanced Computing ICs

On the same day BIS announced the rescission of the AI Diffusion Rule, the agency issued new guidance underscoring its intent to continue tightening export controls targeting China. In particular, BIS invoked the Export Administration Regulations’ expansive General Prohibition 10 (GP 10) to caution against transactions involving advanced Chinese ICs that meet or exceed the performance thresholds set forth in Export Control Classification Number (ECCN) 3A090. GP 10 generally prohibits dealings in items subject to the EAR where a known violation of the EAR has occurred, is about to occur, or is intended to occur in connection with the item.

According to BIS, due to the application of one or more foreign direct product rules—rules which bring within U.S. export control jurisdiction foreign-made items that incorporate, or are the direct product of, certain software and technology, or components made from U.S. inputs—there is a high likelihood that the design or production of certain advanced Chinese ICs involved violations of the EAR. As a result, BIS warned that dealings in such ICs, including through their purchase or use without authorization, could create enforcement risk. This guidance illustrates how GP 10 can extend export controls beyond export transactions to reach downstream commercial activity, including certain services and financial dealings.

BIS also issued a policy statement aimed at parties seeking to avoid hardware export controls by purchasing remote access to compute capacity, through Infrastructure-as-a-Service (IaaS) or GPU-as-a-Service arrangements, rather than acquiring such hardware directly. The policy statement indicates that a license requirement applies to the export, reexport, or transfer of advanced computing ICs, and commodities containing them, where the exporter has knowledge that they will be used to provide compute power for AI model training for or on behalf of a weapons of mass destruction or military-intelligence end users headquartered or operating in a country subject to a U.S. arms embargo (including China). BIS further indicated that U.S.-person support for such cloud-based activities may also require a license. While the contours of these restrictions have not yet been tested publicly through BIS enforcement actions, nor clarified through further guidance, they raise significant compliance considerations for cloud service providers, data center operators, and other participants in the AI infrastructure ecosystem.

Finally, BIS published accompanying red flags guidance identifying transactional and behavioral indicators of diversion risk and recommended enhanced due diligence measures for exporters of advanced computing ICs.

3. Revoked VEU Status for Certain Chipmakers in China

In the latter half of 2025, BIS revoked validated end-user (VEU) status—an authorization for pre-vetted end users to receive covered items without obtaining an otherwise-required license for each export—of several foreign-owned semiconductor fabrication facilities based in China.

Reports further suggest that, shortly before the revocations took effect around December 31, 2025, the U.S. government approved time-limited export licenses permitting continued exports of certain controlled items to the affected facilities. These developments underscore both BIS’s continued willingness to tighten end-user controls targeting China’s semiconductor sector, and its use of licensing as a mechanism to manage economic and diplomatic consequences. Further, Commerce’s framing of the action as closing a “loophole” harkens back to the America First Trade Policy’s directive to “eliminate loopholes in existing export controls—especially those that enable the transfer of strategic goods, software, services, and technology” to strategic rivals.

4. Bargaining Chips

Unlike the first Trump administration and the Biden administration, which generally viewed export controls, especially those targeting semiconductors, as specialized national security tools, the second Trump administration has increasingly deployed export controls to gain leverage in broader trade negotiations. In May 2025, BIS reportedly sent letters to three major software companies imposing new license requirements for the export of chip design software to China. These requirements were later removed in July 2025 as part of a negotiated trade deal with Beijing, which Commerce Secretary Lutnick publicly linked to China’s agreement to loosen restrictions on exports of rare earth materials.

Export controls were also used as leverage in the White House’s negotiations with U.S.-headquartered chip manufacturers, which reportedly made economic concessions to the U.S. government to secure the ability to re-establish sales of certain chip lines to China. As detailed in our recent client alert, BIS issued limited relief for these products in January 2026.

Even with the partial resumption of sales of certain U.S.-made advanced chips to China, BIS enforcement actions in 2025 serve as a reminder that controlling access to AI-capable computing power remains a strategic priority for the United States. The Trump administration’s greenlighting of advanced chip sales to China in late 2025 was reported around the same time the U.S. government brought two significant criminal enforcement actions, targeting the illegal export of advanced U.S.-origin chips to China. In November 2025, DOJ announced the arrest and indictment of four individuals who, from September 2023 through November 2025, allegedly transshipped approximately 800 advanced GPUs to China through Malaysia and Thailand without a required export license. In December 2025, DOJ announced that it had successfully dismantled a separate, sophisticated chip-smuggling network exporting advanced GPUs to China and other restricted destinations.

B. End-User Controls

1. Affiliates Rule Issuance and Suspension

In a year marked by significant policy shifts, one of the most consequential developments out of BIS was its issuance and quick suspension of its so-called “Affiliates Rule.” Issued as an interim rule on September 29, 2025 with immediate effect, the Affiliates Rule briefly extended certain export controls to foreign affiliates that are 50 percent or more owned by one or more entities on the Entity List, Military End-User (MEU) List, or subject to SDN end-user controls under section 744.8 of the EAR. By some measures, the Affiliates Rule brought another 20,000 unlisted Chinese companies onto restricted lists. On November 12, 2025, however, BIS published a final rule suspending the Affiliates Rule for one year, effective through November 9, 2026.

The promulgation and subsequent suspension of the Affiliates Rule is yet another example of the Trump administration’s evolving stance toward China, and its willingness to allow export controls to be included as potential bargaining chips in broader trade negotiations. The Affiliates Rule was intended to address BIS’s longstanding “whack-a-mole” problem, under which listed entities often establish “legally distinct” affiliates to evade U.S. export controls. Unlike OFAC’s restricted party lists, which have long been interpreted to include affiliates under OFAC’s 50 Percent Rule, prior to the BIS Affiliates Rule’s issuance, Commerce’s restricted party lists generally applied only to specifically enumerated entities and not to their subsidiaries or affiliates. Given the concentration of China-based entities on BIS’s restricted party lists, the Affiliates Rule contributed to heightened U.S.–China trade tensions. The rule’s one-year suspension occurred against the backdrop of broader U.S.–China trade negotiations, concluded during the Asia-Pacific Economic Cooperation (APEC) Summit in South Korea.

The Affiliates Rule represents one of the most far-reaching changes to BIS regulations in years. As detailed in our prior alert, the rule:

Extends licensing requirements, exceptions, and review policies to any foreign affiliate owned 50 percent or more by one or more listed entities, whether directly or indirectly, individually or in the aggregate. Conceptually similar to OFAC’s 50 Percent Rule, this approach departs from BIS’s traditional list-based framework;
Imposes the most restrictive license requirements, license exception eligibility, and license review policy applicable to any of the affiliate’s listed owners under the EAR;
Imposes heightened due diligence obligations for exporters, reexporters, and transferors who have “knowledge,” including “reason to know,” that a foreign counterparty is directly or indirectly owned by a listed entity; and
Expands end user-based foreign direct product rules to restrict transactions with newly “constructively listed” affiliates.

Importantly, the Affiliates Rule has not been repealed. Absent further regulatory action or broader policy changes, the rule will automatically come back into effect on November 10, 2026. The current suspension should therefore be viewed as temporary relief rather than a permanent resolution; affected industries should use this window to prepare for its reinstatement. Many exporters subject to the EAR had already made significant investments to comply with the rule prior to its suspension and have continued to maintain those compliance measures to avoid being unprepared in the event of a snapback.

2. Notable Entity List Designations

BIS continued to prioritize China-related Entity List designations in 2025, adding approximately one hundred entities over the course of the year. Although the overall number of China-related designations was lower than in 2024, the 2025 actions appear to have been more targeted, potentially reflecting BIS’s ability to more finely calibrate Entity List additions in light of the far-reaching implications of the Affiliates Rule. Targeted industries and activities included:

Advanced chips, quantum, and AI: BIS designated multiple China-based firms for supporting the development of China’s quantum technology sector, warning that such technologies could significantly enhance Chinese military capabilities. In addition, 19 China-based entities, two Singapore-based entities and one Taiwan-based entity were listed for activities related to AI, supercomputing, and high-performance chip development closely tied to Chinese military end users. BIS also designated several Chinese academic and research institutions for their roles in developing large AI models, quantum technologies, and advanced computing chips contributing to China’s military and surveillance capabilities.

Hypersonic technology: BIS designated 34 Chinese entities for acquiring, or attempting to acquire, U.S.-origin items in support of China’s development of hypersonic weapons and flight technologies.
Russian diversion: BIS designated at least one Chinese entity for supplying otherwise-prohibited technology to Russian military end users.

BIS also targeted supply chains supporting Iran’s UAV programs. In March and October, BIS added 17 China-based entities to the Entity List for providing U.S.-origin components to Iran’s defense sector, particularly for use in UAV programs operated by Iranian proxies such as the Houthis and Hamas. In addition, BIS designated three PRC addresses associated with a Chinese individual previously designated by OFAC for supporting a sanctioned supplier of the Iranian military.

3. Military, Intelligence, and Security End-Use and End-User Controls

BIS also appears to be continuing its internal review of proposed military end-user rules issued in 2024 (the Proposed MEU Rules). If adopted, the Proposed MEU Rules would significantly expand the scope of existing military end-user and end-use restrictions to cover all items subject to the EAR, including lesser-controlled EAR99 items, and to apply to all countries specified in Country Group D:5 (which includes countries subject to U.S. arms embargoes) as well as Macau.

The Proposed MEU Rules would also prohibit U.S. persons from providing “support” to military end users, intelligence end users, and foreign-security end users as defined or redefined in the proposed rules. If implemented, these provisions would materially alter the treatment of services under the EAR. In particular, cloud-based services—such as IaaS, platform as a service (PaaS), and software as a service (SaaS)—which have traditionally fallen outside the scope of the EAR, could become subject to licensing requirements when provided to covered end users.

C. ITAR Updates

Notable developments in U.S. export controls were not limited to the Commerce Department. Whereas BIS is responsible for overseeing and administering the EAR, controls over the movement of defense articles remain within the purview of the U.S. Department of State, which has responsibility for the International Traffic in Arms Regulations. Through updates to the ITAR, in 2025 the State Department office that administers the regulations, the Directorate of Defense Trade Controls (DDTC), adjusted the items subject to its jurisdiction, implemented U.S. foreign policy goals through both the easing and tightening of license requirements, and took procedural steps to streamline the export licensing process across the U.S. government.

1. ITAR and USML Revisions

DDTC continued to expand coverage of emerging and automated warfare technologies under the United States Munitions List (USML) in 2025, while further offloading civilian munitions and commercially oriented technologies to the EAR. In particular, the State Department issued a final rule, effective September 15, 2025, revising and expanding USML Categories III–V, VII–XIV, XVIII, and XIX–XXI.

This rule represents one of the more significant expansions of the USML in recent years. Among other changes, it added the F-47 (a planned sixth-generation fighter jet) and several other aircraft platforms, certain chemical agents and precursors, uncrewed and untethered vessels, and a broad range of related components and parts to the USML. At the same time, DDTC sought to preserve licensing flexibility for systems with legitimate scientific or commercial applications. For example, the rule excluded from ITAR jurisdiction or provided license availability for certain Global Navigation Satellite System anti-jamming and anti-spoofing systems and Airborne Collision Avoidance Systems antennas. DDTC also introduced a license exemption for qualifying Unmanned Underwater Vehicles designed for commercial uses, such as seabed exploration and the installation and maintenance of undersea infrastructure.

Separately, the State Department updated the licensing policy in ITAR Section 126.1—country-based restrictions that stem from United Nations actions, terrorism-related designations, and arms embargoes—to reflect recent UN Security Council resolutions. This rule revised the licensing policy applicable to the Democratic Republic of Congo, Haiti, Libya, Somalia, the Central African Republic, Sudan, and South Sudan—tightening restrictions in certain cases while easing them in others, in response to the latest developments in conflicts throughout these jurisdictions.

2. Continued AUKUS Adjustments

On December 30, 2025, DDTC further amended the ITAR to streamline defense trade and government-to-government cooperation under the Australia–United Kingdom–United States (AUKUS) partnership. The final rule eliminates the requirement to identify Australian or UK governmental authorities as Authorized Users when relying on the AUKUS-specific license exemption under ITAR Section 126.7.

The rule also introduces a new exemption permitting certain reexports, retransfers, and temporary imports among authorized parties in support of Australian, UK, or U.S. armed forces operating outside of those three jurisdictions. These changes are intended to reduce administrative friction and facilitate closer operational and industrial collaboration among AUKUS partners.

3. Suspended and Lifted Arms Embargoes: Cyprus & Cambodia

In 2025, the United States continued to use the suspension and revocation of arms embargoes as foreign policy tools. On November 7, 2025, DDTC permanently and unconditionally lifted the arms embargo on Cambodia. The embargo had been imposed in 2021 amid concerns regarding rising Chinese influence within the Cambodian military, and its removal marked a notable shift in U.S. policy toward Phnom Penh.

This development contrasts with the more cautious approach taken with respect to Cyprus. In recognition of Cyprus’s continued efforts to combat money laundering and restrict Russian naval access to its ports, DDTC suspended the arms embargo on Cyprus for the fourth consecutive year, rather than lifting it outright.

4. Introducing USXPORTS.gov

In November 2025, the Department of State launched USXPORTS.gov, a unified portal for navigating export license applications submitted to both BIS and DDTC. The platform was developed pursuant to Executive Order 14268, which directs those two agencies to reform foreign defense sales to improve speed and accountability.

USXPORTS.gov replaces the two former tracking systems used for DDTC and BIS license applications and provides centralized tracking and visibility across the defense export licensing lifecycle. The portal represents a step toward greater transparency and coordination between the Commerce and State Departments in administering U.S. export control regimes.

D. Licensing Trends

In contrast to efforts to facilitate licensing for foreign military sales, at the outset of his term, President Trump directed BIS to undertake a comprehensive review of the U.S. export control system and imposed a regulatory freeze on a range of Biden-era rules. As part of this review, BIS suspended certain license requirements applicable to advanced computing chips and temporarily paused the acceptance or processing of new license applications, resulting in a significant licensing backlog.

This review process led to several notable adjustments to prior licensing practices. Most prominently, BIS rescinded the AI Diffusion Rule (as discussed above) and revoked a firearms-related licensing rule issued during the Biden administration. The review also coincided with the August 2025 enactment of the Maintaining American Superiority by Improving Export Control Transparency Act, which requires Commerce to submit annual reports to Congress detailing license applications that involve certain restricted end users located in certain jurisdictions (including China, Russia, and other arms-embargoed countries).

Although these developments signal a reassessment of the scope and administration of U.S. export controls, it remains unclear how this sweeping review will ultimately affect BIS’s licensing policies and practices. Notably, these changes are occurring against the backdrop of broader agency turnover and loss of institutional memory, driving 2025 processing times for BIS license applications to their highest level in more than 30 years. In particular, questions remain regarding whether licensing timelines, review standards, and approval rates will stabilize or continue to fluctuate as BIS balances national security objectives, economic competitiveness concerns, and foreign policy considerations. As we discussed recently, although these changes have created uncertainty and presented exporters with day-to-day challenges, this inflection point at BIS also brings potential opportunities for industry to advocate for new approaches.

E. Enforcement Trends

Despite personnel changes and a shifting regulatory environment, BIS maintained a robust export enforcement posture in 2025, as the agency entered into eight settlement agreements with businesses and affiliated individuals, resulting in civil penalties totaling approximately $104 million. Enforcement actions spanned a range of industries, including freight forwarding, aviation, and semiconductor technology, and continued to focus heavily on exports involving China and Russia.

BIS also brought multiple enforcement actions involving unauthorized exports of low-sensitivity EAR99 items, underscoring that export control compliance risks are not limited to highly controlled technologies. These cases reflect BIS’s continued emphasis on strict adherence to the EAR’s end-use, end-user, and destination-based restrictions, regardless of an item’s classification. In addition to civil enforcement actions, BIS continued to deny export privileges to individuals and entities found to have violated U.S. export control laws, or where such denials were deemed necessary to prevent imminent violations.

BIS’s $95 million settlement with California-based Cadence Design Systems (Cadence) was the largest penalty of 2025. Acting through its Chinese subsidiary, Cadence sent EAR-controlled Electronic Design Automation technology for semiconductors to an Entity-Listed Chinese university, without the requisite BIS authorization. The BIS settlement was significantly larger than normal and may represent a warning shot for other companies in the semiconductor industry. Additionally, the penalty amount likely reflects BIS’s findings that employees had reason to know the recipient of the controlled technology was a listed entity and that prohibited sales spanned over five years and totaled over $45 million.

The BIS settlement was announced alongside a coordinated resolution with DOJ, as Cadence also became the first company to agree to a corporate guilty plea for a national security offense during the second Trump administration. The more than $140 million in combined criminal and administrative penalties are among the highest ever in an export enforcement case. The multi-agency resolution reflects continued close interagency cooperation in enforcing export controls. Even as other areas of corporate enforcement may see deprioritization, national security-related enforcement, particularly involving sensitive technologies and exports to China and other countries of concern, continues to accelerate.

The Cadence matter stands in contrast to two other DOJ resolutions this year, which emphasize the potential benefits of voluntary self-disclosure, cooperation, and remediation under the National Security Division’s (NSD) enforcement policies:

In April 2025, pursuant to its Enforcement Policy for Business Organizations, NSD declined to prosecute Universities Space Research Association, a nonprofit research organization and NASA contractor, after the company promptly disclosed misconduct by a former employee who had willfully provided EAR99 flight control software to an Entity List party in China. NSD cited the organization’s timely and voluntary disclosure, exceptional cooperation, and meaningful remediation as key factors supporting the declination.
A second declination, announced in June 2025, involved White Deer Management’s (White Deer) acquisition of Unicat Catalyst Technologies (Unicat). Following the acquisition, White Deer discovered chemical catalyst sales by Unicat to customers in Iran, Syria, Venezuela, and Cuba in violation of U.S. export control and sanctions laws. NSD declined to prosecute White Deer under its Voluntary Self-Disclosures in Connection with Acquisitions Policy (its first-ever declination under this policy), citing White Deer’s prompt disclosure, proactive cooperation, and remediation within a year of discovering the misconduct. Notably, NSD reached this outcome despite aggravating factors at Unicat, including senior management involvement. Unicat itself entered into a non-prosecution agreement with DOJ, receiving credit for White Deer’s actions, while Unicat’s former CEO pleaded guilty.

Looking ahead to 2026, BIS is expected to continue expanding enforcement efforts to advance U.S. national security objectives, with a particular focus on exports to U.S. adversaries—especially China—and on sensitive technologies such as AI, quantum computing, hypersonics, and semiconductors. Signaling its concerns regarding these risks, Congress has increased BIS’s budget by 23 percent, or approximately $44 million, in 2026, with the majority of that funding earmarked to support additional enforcement personnel. DOJ is similarly expected to continue prioritizing the criminal enforcement of export control and other national security-related offenses, with U.S. Attorney’s Offices and DOJ’s Criminal Division supplementing NSD’s efforts.

F. Other BIS Regulatory Regimes

Separate from U.S. export controls administration, other offices within BIS sought to innovate in their enforcement of long-standing prohibitions, and to address emerging threats through the implementation of new regimes.

1. Antiboycott Compliance

BIS’s Office of Antiboycott Compliance (OAC) continued to publish updates to its Boycott Requester List in 2025. First announced in March 2024 to facilitate compliance with U.S. antiboycott requirements, the Boycott Requester List serves as a public repository of entities that have made reportable boycott-related requests—including requests to comply with the Arab League boycott of Israel—that have been submitted to BIS. The list is intended to provide U.S. persons, as well as foreign persons subject to the reporting requirements of Part 760 of the EAR, with notice that identified counterparties may present an elevated risk of making reportable boycott-related requests.

Importantly, inclusion on the Boycott Requester List does not prohibit U.S. persons from engaging in transactions with listed entities. Rather, the list functions as a compliance aid, highlighting the need for heightened vigilance and internal controls when dealing with identified parties. Entities may be removed from the list by submitting an attestation to OAC confirming that they have eliminated boycott-related language from purchase orders, contracts, letters of credit, and other commercial communications with U.S. persons and their foreign subsidiaries.

OAC has indicated that the Boycott Requester List is updated quarterly. BIS’s press release in April 2025 followed the practice of the Biden administration, identifying the number of additions to and removals from the list during the prior quarter. BIS stated that, since the introduction of the list, more than 65 entities have agreed to discontinue the inclusion of boycott-related terms in their transactions with U.S. persons, underscoring the list’s role as both a compliance tool and an enforcement-adjacent mechanism incentivizing voluntary remediation. Although the current version of the Boycott Requester List—which includes 181 parties as of this writing—indicates that OAC made further additions across 2025, BIS appears to have ceased its public releases regarding the quarterly updates.

BIS brought one antiboycott enforcement action in 2025, assessing a $44,750 civil penalty against a Florida-based defense contractor. The company voluntarily disclosed and agreed to settle charges relating to three alleged violations arising from a 2019 transaction, including furnishing information about business relationships with a blacklisted party, and failing to report receipt of two boycott-related requests as part of the same transaction (specifically, a certification stating that “no labor, capital, parts, or raw materials of Israeli origin have been used” in connection with the goods, and stating that certain parties were not included “on the Israeli Boycott Blacklist”).

As in other corners of BIS, OAC experienced significant leadership changes in 2025, with the departure of longstanding office leader Cathleen Ryan. Given the small size of BIS’s antiboycott team and the high level of engagement Director Ryan had in its activities, this change may have a significant impact on how the agency reviews boycott reports, approaches disclosures and enforcement, and on its willingness to provide industry guidance via its hotline, which was often staffed directly by Director Ryan.

2. ICTS Regulations

BIS’s Office of Information and Communications Technology and Services (OICTS) continued its efforts to address national security concerns in ICTS supply chains. Most notably, in 2025, OICTS issued a final rule prohibiting certain transactions involving “connected vehicles” and related components with a sufficient nexus to China or Russia (the Connected Vehicles Regulations). With some of these prohibitions impacting Model Year 2027 vehicles, 2026 will be a critical year for importers and manufacturers involved in the connected vehicles supply chain to review and potentially enhance their policies and procedures to ensure ongoing compliance.

OICTS also issued an advance notice of proposed rulemaking (ANPRM) soliciting comments on efforts to restrict the use of Chinese- and Russian-origin unmanned aerial systems and related components, though additional regulatory action by OICTS has not yet occurred. Any future efforts will likely complement the U.S. Federal Communications Commission’s (FCC) December 2025 addition of most foreign-made uncrewed aircraft systems and related critical components to the FCC’s Covered List—which prohibits such items from receiving FCC equipment authorization and thus effectively restricts their entry into, or sale or marketing within, the United States. In the coming year, we expect OICTS to continue its rulemaking efforts in the drone space and potentially in other sectors, including IaaS transactions. However, recent leadership flux, including the January 2026 departure of inaugural OICTS Director Elizabeth Cannon, may result in new regulatory priorities.

a) Connected Vehicles Regulations

As discussed in detail in our previous client alert, the Connected Vehicles Regulations prohibit the import and sale in the United States of certain “connected vehicles” and key components, including Vehicle Connectivity Systems (VCS) and Automated Driving Systems (ADS) linked to Chinese-affiliated or Russian-affiliated companies. Broad prohibitions on the sale of “connected vehicles” by manufacturers with a sufficient nexus to China or Russia, even if manufactured in the United States, apply to Model Year 2027 vehicles. Although these regulations currently only apply to passenger vehicles under 10,001 pounds, a similar rule for commercial vehicles is expected. Additional software-related prohibitions will also take effect for Model Year 2027 vehicles, and hardware-related prohibitions will take effect for Model Year 2030 vehicles, or on January 1, 2029 for units without a model year.

Importantly, the Connected Vehicles Regulations require VCS hardware importers and connected vehicle manufacturers to submit declarations of conformity to BIS at least 60 days prior to the first import or sale of items associated with a particular vehicle model or calendar year beginning with Model Year 2027 vehicles. These declarations require detailed descriptions of supply chains, country of origin, associated foreign interests—including non-Chinese and non-Russian foreign interests—and due diligence steps relating to the covered items. These declarations can be submitted through BIS’s Compliance Application and Reporting System (CARS) webpage. In the coming years, affected companies will similarly need to submit declarations of conformity at least annually, conduct supply chain due diligence to ensure compliance with the Connected Vehicles Regulations, and keep records of relevant transactions for up to 10 years.

BIS is empowered to issue general and specific authorizations to allow transactions otherwise prohibited by the Connected Vehicle Regulations, and parties may also request guidance as to whether a prospective transaction is prohibited through an advisory opinion process. Additional information can be found on BIS’s dedicated Connected Vehicles webpage.

Despite the staggered implementation dates, 2026 will be a watershed year for connected vehicle manufacturers and associated companies, which will have to review (and possibly modify) their software and hardware in order to ensure their vehicles and ADS and VCS systems, parts, and components remain in compliance for import into the United States.

b) Other Possible OICTS Rulemaking Efforts

As noted above, OICTS also issued a separate ANPRM involving unmanned aerial systems and related components in 2025. Unlike a notice of proposed rulemaking (NPRM), ANPRMs generally do not propose specific regulatory solutions, but instead solicit comments on the scope of an issue and how to address it. This ANPRM solicited public comments on how to address national security risks related to drone systems, including which forms of Russian- and Chinese-origin ICTS pose the greatest vulnerabilities and which ICTS functionalities are most integral to the functionality of these systems. The ANPRM generated substantial interest from a wide range of stakeholders, including over 600 public comments. Given recent and ongoing efforts by BIS and the FCC to regulate drone system technology linked to China, we expect OICTS to continue its focus on this area and potentially engage in further rulemaking activities. Such efforts could have potentially wide-ranging impact on drone users—ranging from photographers to farmers to local government and emergency response agencies—and stakeholders should continue to monitor this space carefully for possible further action in 2026.

The regulation of IaaS and training of large AI models is yet another area of potential OICTS rulemaking activity in the coming year. In 2024, OICTS issued a notice of proposed rulemaking aimed at the activities of U.S. IaaS providers, including the training of large AI models. As discussed in our client alert, if unchanged, the rule would require U.S. IaaS providers (1) to report certain transactions involving foreign persons and large AI models and (2) to implement extensive compliance measures, including establishing customer identification programs to collect, verify, and maintain information about their foreign customers, among other compliance steps. Over 500 public comments were submitted in response to this NPRM, though no further rulemaking activity has occurred to date. The regulation of AI and IaaS were previously identified as key priorities for OICTS, and further actions in this space are possible this year, though the organizational priorities of the new OICTS leadership remain to be seen.

III. U.S. FOREIGN INVESTMENT RESTRICTIONS

Review of foreign direct investment in the United States and stricter controls on U.S. capital outflows to certain destinations remained key priorities throughout 2025. As an early signal of the second Trump administration’s investment policy objectives, in February 2025, the White House issued a National Security Presidential Memorandum, the “America First Investment Policy,” proposing changes to the regulations for the Committee on Foreign Investment in the United States (CFIUS or the Committee) and the nascent Outbound Investment Security Program (OISP). Drawing a connection between economic security and national security, the America First Investment Policy envisions a “strong, open investment environment,” which is backed by an unprecedented CFIUS “fast track” to facilitate greater investment from allies and partners, while simultaneously heightening protections against national security threats posed by “foreign adversaries”—most notably, China. The Assistant Secretary of the Treasury for Investment Security’s recent confirmation hearing indicates that CFIUS and OISP enforcement will continue to remain key priorities for the second Trump administration.

A. Inbound Investment

1. Release of CFIUS Annual Report for 2024

CFIUS—the interagency panel tasked with reviewing the national security risks associated with foreign investment in U.S. companies—celebrated its 50th anniversary in 2025. Before turning to the year just ended, we note a few key trends from CFIUS’s 2024 annual report (the CFIUS Annual Report), which was released in August 2025 and outlines the Committee’s activity during the final year of the Biden administration:

There was a slight decline in CFIUS’s overall caseload, paired with a small increase in the use of short-form declarations: The Committee reviewed or assessed a total of 325 “covered transactions”—CFIUS’s jurisdiction extends to transactions that result in a foreign person obtaining “control” of a U.S. business, as well as certain non-controlling but non-passive covered investments in a “TID U.S. business” that performs certain activities involving critical technologies, critical infrastructure, or sensitive personal data. 2024 marked the second consecutive decline in overall filings, as the global mergers and acquisitions (M&A) market only slowly began to recover from the lows of 2023. The 116 declarations (i.e., a short-form CFIUS filing that is intended to ease the administrative burden on transaction parties, as compared to the long-form CFIUS filings known as notices) represent a modest increase from the 109 declarations submitted to the Committee in 2023. The declarations included six real estate filings and 36 mandatory filings, with 17 declarations ultimately resulting in a request for a notice. Looking ahead, the Trump administration’s stated emphasis on streamlining CFIUS review, as reflected in the America First Investment Policy, is likely to reinforce the continued use of declarations for lower-risk transactions, particularly those involving investors from allied countries and routine filers.
CFIUS’s enforcement activity took center stage (but perhaps not for long): The Committee assessed a record five monetary penalties in 2024, as reported in the CFIUS Annual Report, including the largest penalty issued to date: $60 million for breach of a mitigation agreement (i.e., deal-specific restrictive covenants to mitigate national security risk upon which CFIUS often conditions its approval of transactions). These enforcement efforts coincided with the Treasury Department’s November 2024 final rule that expanded CFIUS’s penalty and subpoena authorities and formalized strict timelines for parties to negotiate mitigation agreements. However, despite a blockbuster enforcement year in 2024, 2025 saw no public announcements from the Committee regarding new penalties in connection with enforcement actions—though the recently-confirmed Assistant Secretary of the Treasury for Investment Security stated in his confirmation hearing that reviews of non-notified transactions will remain a priority for the Trump administration.
New mitigation agreements are in decline: As of the end of 2024, CFIUS was monitoring 242 ongoing mitigation agreements and conditions. Throughout 2024, however, CFIUS required mitigation in 16 transactions, a significant decline from the 35 transactions in 2023. This downward trend may continue considering the America First Investment Policy, which notes that the Trump administration will “cease the use of overly bureaucratic, complex, and open-ended ‘mitigation’ agreements for United States investments from foreign adversary countries,” in order to “reduce uncertainty for investors, reduce administrative burden, and increase Government efficiency.”
Non-notified reviews remain a central focus and growing risk: CFIUS’s investigative engine remained active and well-resourced in identifying “non-notified transactions” (i.e., transactions that are potentially within CFIUS jurisdiction for which the parties did not file a notice or declaration). In 2024, CFIUS conducted preliminary review of thousands of transactions, investigated 98 non-notified transactions, and ultimately opened 76 formal inquiries—an increase from 60 such inquiries in 2023. From these inquiries, CFIUS requested filings in 12 cases, and in five additional instances parties received non-notified outreach from CFIUS and voluntarily filed a declaration or notice before receiving a formal request. The May 2024 presidential order prohibiting and ordering the unwinding of the MineOne Partners real estate transaction, which originated through the non-notified review process, provides a stark example of the risks of forgoing even voluntary CFIUS filings when transactions raise U.S. national security concerns.
France, Japan, and the United Arab Emirates were frequent filers: When measured by individual, distinct transactions, the top notice filers in 2024 were France, Japan, and the United Arab Emirates. Although Chinese investments were the subject of 26 notices, China does not rank among the top notice filers once the data is adjusted to account for double counting (i.e., counting each transaction only once where a transaction was initially submitted as a declaration and later re-filed as a notice, or where a notice was re-filed one or more times). As CFIUS continues to subject Chinese investments to heightened scrutiny, the result appears to be relatively few approvals and a decreasing appetite by parties to submit Chinese-investor transactions for Committee review.2. Fast-Track Pilot Program

Among the most notable procedural changes to CFIUS by the Trump administration in 2025, the America First Investment Policy previewed a new “fast-track” program to expedite the CFIUS review process for certain filers, through the use of a “Known Investor” portal (KIP). A KIP pilot program, announced in May 2025, is currently collecting pre-filing information from certain foreign investors to establish baseline relationships between parties who make filings frequently with the Committee. The KIP and its eligibility criteria are still being developed, but, as noted in the Treasury Department’s Frequently Asked Questions (FAQs), CFIUS anticipates that eligibility will depend on the foreign investor’s filing frequency and “certain questions related to its business and activities.” As noted in our prior client alert, we anticipate the KIP program could be particularly valuable for European and Middle Eastern investors, particularly for transactions with minimal national security risks.

3. Lessons Learned from Nippon Steel and HieFo

After an eighteen-month-long legal battle, President Trump approved Japan-based Nippon Steel’s acquisition of U.S. Steel. The $15 billion deal was first signed over two years ago and faced scrutiny from the United Steelworkers and bipartisan opposition, as both President Trump and President Biden made clear their intent to block the acquisition, in a potentially paradigm-shifting politicization of the CFIUS process. In January 2025, during his final few weeks in office, former President Biden prohibited the deal. Then, in April 2025, President Trump publicly directed the Committee to conduct a first-ever de novo review of the transaction.

In June 2025, President Trump ultimately approved the acquisition, subject to a mitigation agreement. The most noteworthy detail from the mitigation agreement that has emerged is a so-called “golden share” to be held by the U.S. government. Golden shares, which provide governments with (typically non-economic) stakeholder rights in companies, have previously been used outside of the United States, particularly in the defense industry and with respect to the privatization of “national champions.” To our knowledge, this is the first time that CFIUS has included a golden share in a mitigation agreement, but the requirement is in accord with the Trump administration’s more forward-leaning approach with respect to taking stakes in private enterprises. Considering the new guidelines for mitigation agreements announced in the America First Investment Policy, the Nippon Steel–U.S. Steel agreement could foreshadow what other new mitigation agreements might look like under the second Trump administration.

Despite the novel approach to Nippon Steel, the Trump administration continues to heavily scrutinize transactions that it determines may pose significant national security risks, including ordering HieFo Corporation, a Delaware-incorporated entity controlled by Chinese investors, to completely divest its acquisition of the digital chips and related wafer design, fabrication, and processing businesses of EMCORE Corporation, a transaction that closed in April 2024. Only nine such divestiture orders have occurred in the past decade, three of which have occurred in the past two years alone.

4. Lingering Impact of the U.S. Government Shutdown

The longest government shutdown in U.S. history, lasting a total of 43 days in late 2025, had widespread impacts across the operations of the U.S. government, and the Treasury Department was no exception. The acceptance and adjudication of CFIUS filings in 2025 was formally stalled during the shutdown, resulting in delays in CFIUS reviews and clearances. Most external-facing CFIUS deadlines are tolled during a shutdown, leaving transaction parties with extended deal timelines and sometimes the need to close over required approvals.

B. Outbound Investment

2025 marked the inaugural year of the Outbound Investment Security Program, a set of regulations issued by the U.S. Department of the Treasury under the Biden administration, which restricts certain U.S. investments in critical technology sectors in China. As 2025 came to a close and President Trump signed into law the National Defense Authorization Act (NDAA) for Fiscal Year 2026, the OISP is now codified and statutory changes to the scope of the restrictions are set to be implemented by March 2027. Over the next year, U.S. investors will continue to seek clarity on the coverage of the current regime, while preparing for future changes to take effect.

1. Initial Implementation and Compliance Standards

Effective January 2, 2025, the OISP restricts outbound investments (covered transactions) by U.S. persons into certain companies in or with operations in China (including Hong Kong and Macau), or owned by or affiliated with, Chinese persons (such companies, covered foreign persons), in the semiconductors and microelectronics, quantum information technology, and AI sectors. As described in prior client alerts, certain covered transactions are outright prohibited, while others merely require a notification to the Treasury Department providing details of the investment. The OISP does not review and then approve or deny transactions, as in the CFIUS context. Rather, the obligation is on U.S. persons to avoid engaging in prohibited transactions or file notifications with Treasury where required, and to discern the difference. The OISP is administered by a newly established Office of Global Transactions within Treasury (and sits within the same Office of Investment Security that houses CFIUS). The Office has released several rounds of FAQs regarding the OISP over the past year as industry has sought greater clarity on the new regime.

The top-line impact of the OISP is that U.S. persons must now contend with new compliance challenges in considering investments involving some of the highest-growth sectors of China’s economy. For example, covered activity includes the development of AI systems intended to control robotic systems. Given the ubiquity of automation across Chinese industry and the increasing use of AI to guide such systems, potential investments in sectors once considered outside of the OISP’s scope (e.g., autonomous vehicles or manufacturing) may now, or could soon, constitute covered investments.

We observed a trend towards overcompliance in the first half of 2025, as industry wrestled with the scope and impact of the OISP regulations. This included a general reluctance to engage in investments in the covered sectors, whether or not the transaction would be notifiable or prohibited, as well as the inclusion of OISP-related representations and warranties in investment structures seemingly far removed from OISP jurisdiction. Over the course of the year, however, these growing pains appeared to ease.

Commercial opportunities, at least in the initial public offering (IPO) space, appear to be a major driving force in U.S. persons testing the waters with notifiable or exempted transactions. The IPO market in Hong Kong, a preferred destination for Chinese companies seeking international investors, experienced a significant rebound this past year. 2026 appears poised to be another blockbuster year, with over 300 IPO applications currently in the pipeline to be listed on the Hong Kong exchange. Given the potential for investment returns and fees in connection with such listings, U.S. persons are increasingly either filing notifications or getting more comfortable relying on the “publicly traded securities” exception, which generally excepts transactions from the OISP regulations where the U.S. person is acquiring publicly traded securities. FAQs published by the Treasury Department in December 2025 indicate that the Treasury Department is interpreting the availability of the publicly traded securities exception more favorably.

Yet, with a lack of public enforcement actions or major trade association guidance to serve as a benchmark for due diligence expectations, many questions remain. As more notifications are filed and more U.S. investors engage with the Treasury Department on the contours of the rules, we could expect additional OISP-related FAQs and guidance in 2026, perhaps in conjunction with promulgation of the regulatory amendments called for under the NDAA.

2. Codification and Future Expansion

President Trump’s America First Investment Policy foreshadowed a potential expansion of the OISP, directing that covered sectors be “reviewed and updated regularly” and indicating that certain exceptions may be narrowed. The U.S. Congress, which has been trying to pass more restrictive outbound requirements for several years, finally got across the finish line with the inclusion of the Comprehensive Outbound Investment National Security Act of 2025 (the COINS Act) as part of the NDAA for Fiscal Year 2026. The COINS Act codifies essential elements of the current OISP, but empowers, and, in some cases requires, the Treasury Department to expand the OISP’s scope.

These changes in the COINS Act are not self-executing—rather, the Secretary of the Treasury is directed to issue implementing regulations within 450 days (i.e., by March 2027), though such regulations could be issued sooner and possibly as a final rule with immediate effect. Among the COINS Act’s notable changes to the current OISP regime are:

Expanded geographic and technological scope: The COINS Act looks beyond the PRC (including Hong Kong and Macau), adding Russia, Iran, North Korea, Cuba, and Venezuela “under the regime of” Nicolás Maduro to the list of “countries of concern” within the scope of the regulations. This expanded list is consistent with the approach taken in other recent regulations, notably the DOJ’s Data Security Program that came into effect in April 2025. The list of covered technologies is also broadened to add high-performance computing/supercomputing and hypersonic systems, and the act grants the Secretary of the Treasury authority to identify additional types of prohibited or notifiable technologies going forward.
Changes to covered foreign persons definition: The COINS Act amends the definition of covered foreign persons to include a person “subject to the direction and control” of: foreign persons incorporated in, with a principal place of business in, or organized under the laws of a country of concern, or the governments or political leadership of countries of concern (including members of the Central Committee of the Chinese Communist Party with respect to China). This definitional change could ultimately expand the scope of entities to which the OISP applies, but the impact will likely hinge on Treasury’s interpretation of “direction” and “control.” In this case, the Office of Global Transactions could turn to its Treasury sister agency—OFAC—and that agency’s experience in assessing similar terms in the sanctions context.
Additional exemptions from OISP jurisdiction, including allowing full underwriting services to covered foreign persons: The current regulations prohibit U.S. persons from providing underwriting services for IPOs if the U.S. person also acquires equity as part of the process. This is in part because Treasury would consider such services to provide the covered foreign person with market making benefits, or what the Treasury Department describes as “intangible benefits,” such as “enhanced standing and prominence, managerial assistance, access to investment and talent networks, market access, and enhanced access to additional financing.” The COINS Act will explicitly exempt such underwriting services even with the temporary acquisition of equity. If implemented without amendment or other qualification, this underwriting exemption would provide an even more expansive exemption for U.S. persons to participate in covered foreign person IPOs and would call into question the continuing viability of the “intangible benefits” concept as a restrictive element.
New channels of communication with Treasury: The COINS Act directs Treasury to create a framework for OISP voluntary self-disclosures, similar to other U.S. regulatory regimes, and authorizes Treasury to institute a system to provide non-binding feedback to requesting parties as to whether a potential transaction would constitute a covered transaction.

With the recent confirmation of the Assistant Secretary of the Treasury for Investment Security, we expect the Treasury Department to move swiftly to implement the COINS Act and potentially increase its monitoring and enforcement of the OISP.

IV. U.S. IMPORT RESTRICTIONS

A. Tariffs

In 2025, the second Trump administration fundamentally reoriented U.S. tariff policy, which had been largely static for decades. The first Trump administration accepted existing, often very low, tariff rates, and even signed the United States–Mexico–Canada Free Trade Agreement (USMCA), providing for duty-free treatment for the majority of trade involving the three countries. Exceptional tariffs were imposed by the administration on top of those low rates through specific, long-standing tariff authorities that provide for increased tariffs when the administration determines that the authority’s criteria have been met, after lengthy investigations, notice-and-comment periods, and hearings. In short, although the first Trump administration demonstrated an aggressive trade policy, this policy was based on the use of traditional trade authority that limited executive action.

The second Trump administration took the unprecedented step of invoking the International Emergency Economic Powers Act (IEEPA)—the principal statutory basis for modern U.S. sanctions—to impose tariffs on partners and adversaries alike, without any need for prior notice, investigation, or public comment. In order to trigger IEEPA’s authorities, the administration must simply declare a “national emergency” that involves, among other things, an “unusual and extraordinary threat” to the “national security, foreign policy, or economy” of the United States. Once such a national emergency is declared, the President may, among other actions, “regulate . . . importation or exportation of . . . any property in which any foreign country or a national thereof has any interest.” IEEPA makes no reference to tariffs or duties and had never previously been deployed as a basis for imposing additional import duties.

What began shortly after President Trump’s return to office with “trafficking tariffs” tied to declared fentanyl and border-security national emergencies involving Canada, Mexico, and China, evolved into a flexible, executive-driven tariff toolkit that would eventually be used on virtually the entire world (through the declaration of various national emergencies). Thereafter, the administration used IEEPA to impose, modify, and leverage tariff rates at a speed and scale not seen in modern U.S. trade policy, and with profound consequences for global trade and international relations—triggering numerous legal challenges which, as of this writing, are pending before the U.S. Supreme Court.

1. IEEPA-Based Tariffs and U.S. Supreme Court Challenge

From trafficking tariffs to worldwide reciprocal tariffs. Beginning in early February 2025, the United States imposed IEEPA-based duties on imports from China, Canada, and Mexico—generally 10 to 25 percent at inception, subject to limited exceptions—based on the declaration of national emergencies tied to fentanyl imports and immigration concerns, with multiple rounds of pauses, increases, and other adjustments tied to negotiations (or the lack thereof).

On April 2, 2025—so-called “Liberation Day”—President Trump issued Executive Order 14257, declaring a separate national emergency under IEEPA tied to persistent U.S. goods trade deficits. Pursuant to this emergency, the United States then imposed “reciprocal tariffs” on virtually all U.S. trading partners, even those with which the United States did not maintain a trade deficit. The reciprocal tariff regime established a 10 percent baseline duty on most imports (stacking on top of the existing tariff rate applicable to any given good, sometimes referred to as the “normal” or “most favored nation” rate) from most countries, with dozens of higher, country-specific rates (ranging from 11 to 50 percent). Although the Trump administration soon suspended the country-specific rates for most jurisdictions (while retaining the 10 percent baseline, and maintaining heightened duties for China) and invited trading partners to seek negotiated relief, the breadth and speed of the initial rollout—and the persistence of the baseline duty—generated significant cost shock and uncertainty. Those effects quickly rippled through pricing, contracting, and supply-chain planning.

Rapid rate changes and deal-making leverage. IEEPA tariff rates remained volatile thrughout 2025, with China providing the clearest illustration. Following “Liberation Day,” reciprocal tariffs escalated rapidly amid tit-for-tat retaliation between Washington and Beijing—reaching a peak of 125 percent (with the effective rate for many goods substantially higher)—before a partial reset in May 2025, when a joint statement and related executive actions moved tariffs back toward the “baseline,” while leaving separate IEEPA-based trafficking duties in place. A later round of talks in the fall produced additional adjustments, including reductions to fentanyl-related IEEPA duties and further suspension of heightened China-specific reciprocal rates.

At the time of this writing, all imports from China are subject to a 10 percent reciprocal tariff and a 10 percent fentanyl tariff, stacking together for a combined 20 percent tariff rate, which applies on top of the normal tariff rate for merchandise in the U.S. tariff schedule, as well as any item-specific Section 301 or 232 tariffs. Consequently, many items from China are presently subject to an effective U.S. tariff rate of 45 percent or more.

More broadly, the Trump administration has used the President’s asserted authority to impose and adjust IEEPA-based tariffs essentially at will, as negotiating leverage with a wide range of trading partners, resulting in trade deals we discuss further below.

The Supreme Court challenge. The Trump administration’s unprecedented use of IEEPA to impose the trafficking tariffs and worldwide reciprocal tariffs promptly invited statutory and constitutional challenges in U.S. courts.

Importers and states filed suits in the U.S. Court of International Trade (CIT) and in the U.S. District Court for the District of Columbia (among other venues). In May 2025, both courts found the IEEPA tariffs unlawful, and in August 2025, the U.S. Court of Appeals for the Federal Circuit affirmed the CIT decision in a seven-to-four vote. The U.S. Supreme Court granted expedited review on September 9, 2025, consolidated the cases, and heard oral argument on November 5, 2025.

Petitioners make three principal arguments in support of their claim that the President’s authority under IEEPA to “regulate . . . importation” does not authorize the President to impose duties. First, as a matter of statutory construction, the asserted “national emergencies” (particularly decades-long U.S. trade deficits) do not constitute the “unusual and extraordinary threat” that IEEPA requires, and further the authority to “regulate” importation does not encompass the ability to collect duties, as opposed to the non-tariff actions that have historically been taken under IEEPA. Second, as a form of taxation, duties are within the exclusive constitutional purview of Congress, unless specifically “delegated.” And although Congress can and has chosen to delegate some tariffing authority to the Executive, it must do so through more specific and procedurally bounded statutes—as it has historically. Third, under the “major questions doctrine,” Petitioners argue that the administration improperly resolved an issue of “vast economic and political significance” without clear, explicit authorization from Congress.

The government’s counter-arguments include claims that the authority to regulate importation in declared national emergencies naturally and reasonably encompasses setting tariffs, that earlier courts had confirmed that other laws with the same language as IEEPA authorized Executive-promulgated tariffs in addition to the statutory trade authorization that Congress has granted (discussed further below), and that IEEPA’s statutory safeguards are sufficient to address non-delegation concerns.

A decision from the Supreme Court could be issued any time between February 2026 and the end of the Court’s term in June 2026. In the event the Supreme Court rules the IEEPA-based tariffs impermissible, importers are expected to seek an estimated $150 billion in tariff refunds (an amount that grows with each passing day), although the process for doing so (if at all) is yet to be determined. As importers seek to address uncertainty regarding how to qualify for a refund, hundreds of CIT cases have already been filed by importers seeking to preserve their rights. A victory for President Trump, on the other hand, has the potential to greatly expand Executive emergency powers.

2. Other Tariff Authorities (Section 232, Section 301, Section 122)

Even if IEEPA-based tariffs are curtailed or struck down, traditional tariff authorities—particularly Section 232 of the Trade Expansion Act of 1962 and Section 301 of the Trade Act of 1974—would remain durable, congressionally delegated, and judicially affirmed tools capable of delivering substantial, targeted tariff outcomes. These authorities have been used to advance focused trade and industrial policy objectives across strategic sectors, and courts have repeatedly upheld their use and the Executive’s flexibility to adjust related tariff measures over time. As actions over the last few months underscore, while these tools are narrower than sweeping IEEPA-based duties, they can still yield meaningful leverage over foreign governments and firms. Moreover, as we described in a prior client alert, we assess that if IEEPA tariffs become unavailable, the Trump administration could quickly leverage these other statutory authorities to increase duties on a substantial proportion of U.S. imports, replacing all or a portion of the IEEPA tariffs.

Section 232 of the Trade Expansion Act of 1962 authorizes the U.S. Department of Commerce, on its own initiative or at the President’s direction, to investigate whether imports of particular products threaten to impair U.S. national security and to recommend action, including tariffs. The Commerce Department has 270 days to complete its investigation and deliver findings and recommendation for action, following which the President has 90 days to determine the action to be taken, which must then be implemented within 15 days. However, all steps can be completed more quickly than this if the administration desires; there is no statutory delay period.

In 2025, the Trump administration directed Section 232 investigations of, and ultimately imposed sector-specific tariffs on: (1) copper derivatives (50 percent on covered products), (2) softwood lumber and derivative products (10 percent global tariff on softwood lumber, with higher tariffs scheduled on upholstered furniture, kitchen cabinets, and vanities that were later terminated), (3) medium- and heavy-duty vehicles and parts (25 percent, plus 10 percent on buses), and (4) semiconductors (25 percent, unless intended for specific U.S.-based end uses). In addition, the White House threatened—and then walked back—100 percent tariffs on branded, patented pharmaceuticals, after extracting commitments related to U.S. investment, domestic capacity, and pricing from at least nine companies. A broad pipeline of Section 232 investigations remains pending.

Section 301 of the Trade Act of 1974 authorizes the U.S. Trade Representative (USTR) to investigate whether a foreign government’s trade practices violate trade agreements with the United States or are unjustifiable, unreasonable, or discriminatory and burden or restrict U.S. commerce—following which the President may impose tariffs or take other action to eliminate the practice.

In 2025, USTR used Section 301 to investigate China’s maritime, logistics, and shipbuilding practices. In April 2025, USTR issued affirmative findings and proposed countermeasures, including port-service fees and duties on ship-to-shore cranes. The Trump administration later offered Section 301 relief as part of a broader U.S.–China détente that included Chinese commitments to resume or expand purchases of U.S.-origin goods and approve export license applications for certain critical minerals.

In addition to these measures, Section 122 of the Trade Act of 1974, while never used to date, would allow the President to impose up to 15 percent additional tariffs on imports from any source for a period of 150 days, extendable by act of Congress. This express authority for tariff increases to deal with “balance of payments deficits,” the ostensible aim of the IEEPA reciprocal tariffs, has been among the arguments that IEEPA was not intended to provide such authority.

3. End of the De Minimis Rule

The Trump administration’s reshaping of the U.S. tariff framework has extended beyond rates to regulatory procedures. Of note, President Trump issued Executive Order 14324 suspending duty-free de minimis treatment for low-value imports from all countries as of August 29, 2025. This followed the Trump administration’s April 2025 targeted removal of de minimis treatment for Chinese-origin goods.

The de minimis exemption has roots in the Tariff Act of 1930 and historically was intended to “avoid inconvenience and administrative expenses disproportionate to the amount of revenue the government was collecting on imports.” Over time, bipartisan concern about the de minimis rule emerged, particularly after the threshold to receive duty-free treatment was increased from $200 to $800 per shipment in 2016, resulting in increasing reliance on the exemption by direct-to-customer e-commerce platforms (including China-based “fast fashion” businesses facing forced labor-related allegations). In September 2024, the Biden administration acknowledged an “exponential increase” in de minimis shipments over the prior decade, from approximately $140 million to more than $1 billion annually.

Since the suspension took effect, U.S. Customs and Border Protection (CBP) has reportedly collected approximately $1 billion in duties across roughly 246 million low-value shipments. Effective July 1, 2027, as required by the “One Big Beautiful Bill,” passed by Congress and signed by President Trump in July 2025, the de minimis rule will be formally repealed (not merely suspended).

4. Tariff Evasion Enforcement and the Trade Fraud Task Force

The emergence of tariffs as the central tool of the America First Trade Policy has been complemented by DOJ’s identification of tariff evasion as one of its top criminal enforcement priorities. As we noted in a webcast and an earlier client alert, DOJ and the U.S. Department of Homeland Security (DHS) jointly launched a Trade Fraud Task Force in August 2025, designed to streamline investigations of customs-related misclassification, undervaluation, and false country-of-origin claims.

To uncover tariff evasion schemes, the government relies heavily on tips from DOJ’s Corporate Whistleblower Awards Pilot Program (expanded in May 2025 to include trade, tariff, and customs fraud), CBP’s e-Allegations Program, and companies’ voluntary self-disclosures and prior disclosures. Moreover, the government may intervene in qui tam lawsuits filed by private citizens (relators) under the False Claims Act, which provides for treble damages and financial awards to relators. For example, in December 2025, DOJ resolved a case under that statute for $54.4 million, after joining a qui tam lawsuit in which a relator alleged the company misclassified Chinese products as originating from Taiwan.

5. Notable Trade Deals

Since “Liberation Day” in April 2025, the Trump administration has announced a series of trade deals with multiple countries. In a departure from traditional trade negotiations, none of these deals were pre-authorized or formally ratified by the U.S. Congress, nor does Congress appear to have played a meaningful role in their negotiation.

As of December 2025, the Trump administration had reportedly concluded or is in the process of reaching trade deals (often styled as a Framework for an Agreement) with Argentina, Ecuador, El Salvador, Guatemala, Cambodia, the EU, Indonesia, Japan, Malaysia, South Korea, Thailand, Switzerland and Liechtenstein, the United Kingdom, and Vietnam. While specific terms vary, these deals generally involve commitments by the foreign counterparty to (1) invest in the U.S. economy, (2) purchase U.S.-origin goods (often energy or agricultural products), and/or (3) eliminate or adjust domestic regulations or policies viewed as impeding U.S. exports or business operations. In return, the Trump administration has offered reductions in country-specific IEEPA tariff rates and/or preferential treatment with respect to existing or forthcoming Section 232 tariffs.

Some agreements go beyond traditional market-access and investment commitments and include commitments to align with the United States on restrictions targeting third countries, including sanctions and export controls. For example, Cambodia appears to have agreed to take “similar measures“ where the United States imposes sanctions or duties on a third country, while Malaysia agreed to adopt “measure[s] with equivalent restrictive effect.”

The durability of these trade deals remains to be seen. With IEEPA-based tariffs acting as a primary negotiating point in these deals, a potential ruling by the Supreme Court striking down some or all of President Trump’s IEEPA-based tariffs could motivate some U.S. counterparties to seek more favorable terms. Further, President Trump’s tariff threats against European nations opposing his efforts to acquire Greenland called into question the future of the U.S.–EU trade deal, although the President has since walked back a tariff increase after reaching an apparent framework of a deal concerning use of the Danish overseas territory.

B. Uyghur Forced Labor Prevention Act

With tariffs taking precedence and U.S.–China trade relations stabilizing by mid-2025, CBP’s enforcement of the Uyghur Forced Labor Prevention Act (UFLPA) has seemingly received less public attention and emphasis from the White House than in prior years. As discussed previously, the UFLPA—enacted with broad bipartisan support in 2021—establishes a rebuttable presumption that all goods mined, produced, or manufactured even partially within China’s Xinjiang Uyghur Autonomous Region (Xinjiang), or by entities identified on the UFLPA Entity List, are the product of forced labor and are prohibited from entry into the United States.

Notably, the outgoing Biden administration’s addition of several dozen entities to the UFLPA Entity List in January was the only such expansion of that list in 2025. Still, under the second Trump administration, CBP’s detentions under the UFLPA at U.S. ports have continued, with a particular focus on the automotive and aerospace industries. Moreover, in its annual strategy update report to Congress, DHS (in its role as chair of the interagency Forced Labor Enforcement Task Force) identified new “high-priority” sectors for enforcement, adding caustic soda, copper, jujubes, lithium, and steel to a list that already included aluminum, seafood, polyvinyl chloride, apparel, cotton and cotton products, silica-based products, and tomatoes.

Although the monetary value of goods detained under the UFLPA in 2025 was down from prior years, the most significant change in enforcement was the much lower percentage of detained shipments that were ultimately released. During fiscal years 2023 and 2024, approximately half of detained shipments were eventually released by CBP—apparently the result of successful “applicability review” submissions, a process whereby importers can seek the release of goods by demonstrating that they are not within the scope of the law’s prohibitions (i.e., they were not produced in Xinjiang or by UFLPA Entity List parties). In fiscal year 2025, approximately 8 percent of detained shipments were released (592 released out of over 7,000 total shipments detained). As CBP continues to hone its expertise in targeting goods for detention under the UFLPA, importers face an uphill battle in challenging detention.

V. EUROPEAN UNION

A. Sanctions

1. Progress and Challenges in Harmonization

In 2025, sanctions policy confirmed its evolution from crisis instrument to a structural pillar of European Union strategy. The December 2025 Joint Communication by the European Parliament and the Council on Strengthening EU Economic Security made this shift explicit, positioning sanctions within a “proactive and systematic” framework to anticipate, deter, and respond to external threats. In Brussels’ words, EU sanctions have moved “from a reactive posture towards a more proactive and systematic deployment of our toolbox.”

The operational reality matched the rhetoric. The European Union’s commitment to monthly rolling designations of Russia’s shadow fleet vessels and their enabling ecosystem exemplified continuous pressure, rather than episodic crisis response. Simultaneously, the September 2025 Iran sanctions snapback demonstrated sanctions as an anticipatory instrument integrated within broader diplomatic and national security frameworks. This institutional maturation was also reflected by Brussels’ integration of sanctions within a comprehensive economic security architecture spanning investment screening, export controls, and trade defense instruments.

Sanctions harmonization across the European Union remained a defining theme of 2025. In order to address long-standing disparities in Member State sanctions regimes, Directive (EU) 2024/1226 on the definition of criminal offenses and penalties for the violation of Union restrictive measures entered into force in May 2024. Sanctions enforcement in the European Union is done at the Member State level and consequently the Directive required Member States to incorporate its terms into national law by May 20, 2025. Crucially, the Directive establishes minimum rules criminalizing intentional sanctions violations and mandates maximum penalties of at least five years’ imprisonment for natural persons and the higher of €40 million or 5 percent of total worldwide turnover for legal persons. Despite the May 20, 2025 deadline, as of late last year, 18 EU Member States—including major economies Germany, Spain, and France (which collectively account for nearly 50 percent of the bloc’s gross domestic product)—had failed to adopt the measures into national law, prompting European Commission infringement procedures. However, the picture was not uniformly bleak: Sweden transposed the Directive, effective June 10, 2025, establishing imprisonment of two to six years for aggravated violations; the Netherlands notified existing legislative compliance; several Baltic and Nordic states demonstrated early adoption; Italy completed transposition on December 30, 2025, with Legislative Decree No. 211/2025 published in the Gazzetta Ufficiale on January 9, 2026, introducing new Criminal Code provisions that frame sanctions violations as crimes; and, in January 2026, the German government finally adopted the directive into domestic law (as discussed more fully below).

This disparity between EU Member States exposed tensions inherent in harmonization efforts. While the Directive provides common minimum standards for what conduct constitutes an offense and baseline penalties, critical implementation details—including the precise mental element required (e.g., intent, recklessness, negligence), procedural rules for investigation and prosecution, and evidentiary thresholds—remain governed by divergent national criminal law traditions. This means that even if all Member States had adopted the Directive, a transaction violating EU asset freeze obligations could face materially different treatment depending on the jurisdiction involved: what qualifies as “intentional” violation in one Member State’s legal framework may differ from another’s, and investigative tools available to prosecutors vary substantially across civil law and common law systems. Nevertheless, the Directive represents meaningful progress toward reducing forum shopping and regulatory arbitrage across the bloc. The establishment of minimum standards creates a baseline deterrent effect that, while imperfectly harmonized, marks significant evolution from the pre-2024 landscape where some EU Member States imposed only administrative fines (if that) for serious sanctions violations.

Enforcement activity intensified throughout 2025, but revealed persistent operational asymmetries across Member States, underscoring the challenge of translating unified policy into coordinated action. Finnish Customs reported initiating more than 900 investigations into sanctions violations since the start of the Ukraine war, with approximately 130 cases investigated as aggravated offenses—a dramatic increase from the two to ten regulatory offenses investigated annually before February 2022. Estonia’s courts delivered multiple criminal convictions, with sentences ranging from suspended fines to five years’ imprisonment, including convictions against companies and individuals for exporting luxury goods, dual-use items, and sanctioned products to Russia. Germany delivered notably severe custodial sentences, with a German court sentencing a businessman to five years in prison for arranging the export of 71 high-value vehicles to Russia through third countries to disguise their final destination, alongside asset seizures of approximately €5 million. Meanwhile, numerous EU Member States reported minimal or no public enforcement. These disparities reflect fundamental differences in enforcement architecture, prosecutorial priorities, resource allocation, investigative capacity, and, at times, political will, across the Union.

Against this fragmented backdrop, multilateral coordination mechanisms emerged as critical force multipliers. In November 2025, the European Anti-Fraud Office (OLAF) and Europol launched Project Transporter, a joint initiative targeting vehicle exports to third countries for possible onward transfer to Russia and Belarus. By combining Europol’s analytical capabilities (through its Target Group Sanctions unit) with OLAF’s expertise in customs and EU expenditure fraud, the initiative provided coordinated support to Member States investigating sanctions breaches involving forged paperwork, complex diversion routes, and money laundering indicators. The partnership represents a recognition that commercially driven circumvention networks operating across multiple jurisdictions could not be effectively countered through isolated national enforcement alone. While enforcement statistics still show uneven commitment across the European Union, initiatives like Project Transporter signaled an institutional shift toward treating sanctions enforcement as a collective security imperative requiring integrated investigative efforts.

2. Russia

2025 marked a watershed in EU sanctions strategy against Russia. What began in February 2022 as reactive crisis management crystallized into the systematic deployment of economic restrictions. The four EU sanctions packages announced in 2025 reveal a deliberate escalation strategy: first broadening the net (16th package, in February), then sharpening anti-circumvention tools (17th package, in May), followed by direct targeting of key revenue sources (18th package, in July), and culminating in the financial targeting of Russia’s largest oil companies (19th package, in October). This progression was carefully calibrated. Each package built on the weaknesses exposed by its predecessor, as Moscow’s adaptive evasion tactics forced Brussels to shift from attacking Russian assets to dismantling the international ecosystem that enables their monetization.

The 16th package, unveiled on February 24, 2025 to mark the third anniversary of Russia’s full-scale invasion of Ukraine, expanded traditional designations (48 individuals, 35 entities, 74 shadow fleet vessels, 8 media outlets, 13 financial institutions excluded from the Society for Worldwide Interbank Financial Telecommunication (SWIFT)) while establishing crucial regulatory architecture. Most significant was the extension of the “best efforts” obligation (which requires EU parent companies to ensure their foreign subsidiaries do not undermine sanctions) from trade restrictions under Council Regulation (EU) No 833/2014 to asset freezes under Council Regulation (EU) No 269/2014, demonstrating Brussels’ focus on structural accountability mechanisms. The package extended transaction bans to enable listing of financial institutions and crypto asset providers participating in Russian oil price cap circumvention and facilitating transactions with shadow fleet vessels, directly targeting the payment infrastructure enabling evasion. Further, the European Union introduced a new designation criterion for individuals and entities that are part of Russia’s military-industrial complex, support it, or benefit from it, broadening the net to the commercial ecosystem sustaining Russia’s war effort. Previously, these companies could only be subject to stricter export restrictions (a tool the European Union continues to use extensively).

If the 16th sanctions package laid institutional groundwork, the 17th package (May 20, 2025) delivered an operational punch. Nearly 200 shadow fleet vessels were designated, more than doubling the total sanctioned tanker count and marking the most aggressive single-package targeting of Russia’s maritime export infrastructure to date. The significance of this package, however, extended beyond vessel counts. By designating Surgutneftegas, Russia’s third-largest oil producer providing substantial government revenue, Brussels crossed a threshold it had carefully avoided for three years. The 17th package tightened the noose on Russia’s military-industrial supply chain by designating over 45 Russian companies providing drones, weapons, ammunition, and military equipment, plus, in a notable expansion, Chinese entities supplying machine tools to Russia’s military and industrial sectors. This development underscored Brussels’ willingness to impose costs on third-country enablers, not just Russian entities directly.

The shadow fleet campaign intensified further as the year progressed. By December 2025, the European Union had sanctioned an additional 50 vessels through rolling monthly designations, bringing the total to nearly 600, and shifted strategy from vessels alone to their enabling networks. Nine “shadow fleet enablers” (shipping companies in the United Arab Emirates, Vietnam, and Russia) were sanctioned in mid-December, followed by 41 more vessels days later. This pivot reflected hard-won operational insights. Sanctioning ships proved insufficient when new vessels could be rapidly recruited; dismantling the management, insurance, and brokerage networks proved far more effective.

The revenue impact validated the approach: EU data showed Russian oil revenues in March 2025 running 13.7 percent below March 2023 levels and 20.3 percent below March 2022. The 18th package (July 18, 2025) made the revenue pressure more acute by lowering the Russian crude oil price cap—the price of Russian-origin oil, above which certain services have been prohibited by the European Union, the United States, the United Kingdom, and other members of the Price Cap Coalition—from $60 to $47.60 per barrel and introducing a dynamic pricing mechanism designed to keep the cap below the average market price for Russian crude oil. The package simultaneously closed a crucial loophole by banning imports of petroleum products manufactured in third countries from Russian crude. Under customs rules, Russian crude exported to refineries in India, Turkey, and other non-sanctioning countries loses its Russian origin once substantially transformed into refined products. Previously, these products could then be legally reexported into EU markets, allowing Russia to monetize its crude indirectly, while third-country refineries captured the value-added margin. Early EU sanctions regulations, drafted with reference to customs principles, inadvertently created this easily exploitable gap. The new ban closed it by making the original Russian provenance of the crude determinative, regardless of where refining occurred. In line with Brussels’ focus on the energy sector, the European Union additionally banned all transactions with the Nord Stream 1 and 2 pipelines.

The 18th sanctions package also demonstrated Brussels’ willingness to issue sanctions in ways very similar to OFAC’s practice of designating actors for providing “material support” to sanctioned persons. The European Union imposed asset freezes on Russian and international ship managers, individual vessel captains, and operators of open flag registries, targeting actors throughout the shadow fleet value chain. Most notably, the package designated an Indian refinery majority-owned by Rosneft on grounds that it constituted a major Russian customer whose purchases sustained the shadow fleet’s commercial viability. The European Union lacks OFAC’s “material support” sanctions authority in the formal sense—that is, a designation basis in most U.S. Executive Orders that authorizes OFAC to sanction parties found to have provided material assistance or support to other sanctioned persons. However, these designations showed Brussels adopting a U.S.-style approach of targeting third-country entities whose conduct, though not in violation of EU primary sanctions prohibitions, materially enables activities which do not align with EU foreign policy interests.

The 19th sanctions package (October 23, 2025) represented the year’s culmination of trade restrictions against Moscow. Targeting Russian energy and finance with unprecedented directness, it imposed transaction bans on Rosneft and Gazprom Neft, removing even the limited exemptions these major energy companies had previously enjoyed for certain products exported into the European Union. The package introduced a pathway toward a full Russian liquified natural gas (LNG) ban, sanctioned third-country entities facilitating circumvention, and significantly expanded restrictions on services provision to Russia. Perhaps most notably, it codified specific definitions for “ownership” and “control” concepts in Council Regulation (EU) No 269/2014, resolving years of interpretative ambiguity that had challenged compliance and enforcement. These definitions, which aligned with the non-legally binding EU Best Practices for Effective Implementation, provided welcomed legal clarity to regulators and the regulated across EU Member States.

By year end, the strategic sanctions calculus was clear: Russia faced a multi-pronged campaign targeting revenue generation (energy sector sanctions), transaction facilitation (shadow fleet elimination), financial system access (bank sanctions and services bans), and technology acquisition (export controls and catch-all provisions).

In parallel to sanctions escalation, the European Union advanced a broader policy effort to eliminate Russian energy dependence under the REPowerEU roadmap. The Commission’s legislative proposal to phase out Russian LNG and pipeline gas imports—with full bans targeted for end-2026 and autumn 2027, respectively—represented a merger between sanctions policy and energy security strategy. The phasing process includes transition periods for existing supply contracts and mandatory national gas supply diversification plans, acknowledging that sanctions effectiveness requires viable alternative energy sources. This dual-track approach—punitive measures, combined with systemic restructuring—distinguishes the European Union’s 2025 Russia strategy from the bloc’s earlier attempts to pressure the Kremlin.

Another notable development saw Brussels do what the inter-governmental Financial Action Task Force (FATF) did not: add Russia to the European Union’s own list of high-risk jurisdictions for money laundering and terrorist financing. The FATF—the global watchdog providing guidance and recommendations for combatting money laundering and terrorist finance—had suspended Russia’s membership after the full-scale invasion of Ukraine but declined to blacklist it, prevented from doing so by opposition from the so-called BRICS countries—Brazil, Russia, India, China, and South Africa. The European Union’s unilateral move hardwires Russia-related risks into European financial regulation, treating the Russian Federation not merely as a heavily sanctioned state but as a structural money laundering threat on par with Iran and North Korea. For EU regulated entities, the designation triggers mandatory enhanced due diligence on any relationship with a Russian nexus, which Brussels hopes that, for many market participants, will make Russian business too uneconomic and risky to retain.

3. Iran

The dominant development in EU–Iran sanctions was the September 2025 “snapback” of nuclear-related restrictions. On August 28, 2025, the E3 (France, Germany, and the United Kingdom) notified the UN Security Council that Iran was in “significant non-performance” of its JCPOA commitments, triggering a Security Council mechanism that, uniquely, operates without the opportunity for a veto by the Council’s permanent members. On September 29, 2025, the European Union reimposed the full suite of EU nuclear-related economic and financial sanctions that had been lifted in 2016: bans on Iranian crude oil, natural gas, and petrochemical imports; prohibitions on energy sector equipment and technology transfers; asset freezes on the Central Bank of Iran and major Iranian financial institutions; and restrictions on specialized financial messaging services. The snapback transformed the Iran compliance landscape overnight, requiring companies with any Iranian exposure to reassess counterparties, supply chains, and contractual obligations against a sanctions framework not seen since before the JCPOA’s implementation.

Parallel to the nuclear regime, the European Union continued to renew the implementation of its dedicated framework targeting Iran’s UAV and missile programs. Currently listing a range of individuals and entities—including drone component manufacturers, propellant producers, shipping companies, the Islamic Revolutionary Guard Corps Navy, Islamic Republic of Iran Shipping Lines, Iranian airlines, and Iran’s Defense Minister and Deputy Minister—the regime reflects the evolution of EU–Iran sanctions beyond their traditional nuclear focus. New designations have targeted transnational procurement networks supplying UAV components to Russia and armed groups destabilizing the Middle East and Red Sea region, while export bans now prohibit EU transfers of components used in drone and missile development to Iran.

As outlined in our detailed alert, the reinstatement of the European Union’s nuclear-related sanctions did not trigger any amendment to Council Regulation (EC) No 2271/96 (the EU Blocking Statute). EU operators therefore remain prohibited from complying with certain extraterritorial U.S. sanctions targeting Iran that conflict with EU measures. In practice, however, the Blocking Statute’s relevance in the Iran context has diminished following the reimposition of substantive EU sanctions on Iran.

Early actions in January 2026 signal continued pressure on Iran, as the European Council announced additional human rights-related designations in response to Tehran’s violent repression of peaceful protests, and further sanctions targeting Iran’s UAV program to counter Iranian military support to Russia. In a notable shift, the European Union also decided to list the Islamic Revolutionary Guard Corps as a terrorist organization.

4. Syria

The past year delivered an unexpected sanctions pivot on Syria. Following the sudden collapse of the Assad regime in December 2024 and the establishment of a transitional authority, the European Union suspended, and ultimately lifted, its Syria sanctions regime to facilitate humanitarian access and economic reconstruction. This shift represented a cautious policy bet: working in accord with similar U.S. sanctions relief (discussed above), Brussels sought to support Syria’s transition while retaining the ability to reimpose measures if the security situation deteriorates or designated individuals from the previous regime resurface in positions of influence.

EU asset freezes on designated individuals and entities were lifted, trade restrictions on oil, luxury goods, and controlled items were suspended, and sectoral restrictions on finance, transport, and telecommunications were removed. However, the underlying legal framework remains in place, allowing rapid reimposition if conditions warrant. Indeed, the European Union characterized its actions with respect to Syria as reversible, if necessary.

Crucially, as with the U.S. relief, certain sanctions and export control measures remain in place, such as those targeting the Assad regime, chemical weapons, and illicit drug trade, as well as a number of sectoral measures relating to arms, dual-use goods, equipment for internal repression, software for interception and surveillance, and the import and export of Syrian cultural heritage goods. In light of the security risks involved, it is unlikely that the European Union will lift these measures in the near future.

5. Case Law and Referrals to the CJEU

The rapid succession of the European Union’s Russia sanctions packages in 2025, in addition to new measures responding to geopolitical tensions, has created a highly complex legal landscape, susceptible to interpretative divergence and fraught with compliance and implementation challenges. Consequently, 2025 saw an unprecedented rise in referrals from national courts of EU Member States to the Court of Justice of the European Union (CJEU).

a) Interpretation of “Freezing of Funds” in Russia Regulations

In response to a Dutch Supreme Court request for a preliminary ruling, in C-465/24, the Advocate General of the CJEU addressed a question with significant practical implications: whether “freezing of funds” within the meaning of EU asset freeze legislation extends to voting rights attached to securities, or applies only to monetary transactions. The Advocate General advised the CJEU that “freezing of funds” should be interpreted broadly to encompass voting rights and meeting participation. Permitting sanctioned persons to exercise corporate governance rights would enable them to influence decisions affecting the economic value of their holdings, an outcome incompatible with the sanctions regime’s objectives. If the CJEU follows this opinion, the court would unequivocally confirm the long-held position in practice that asset freezes neutralize not just a sanctioned party’s ability to transact, but also their capacity to exert corporate influence.

Although not binding, Advocate General opinions carry significant persuasive authority and frequently shape the development of EU law. The CJEU’s eventual judgment, expected in early 2026, could bring the European Union into line with U.S. interpretations of the prohibitions that accompany asset freeze measures.

b) Asset Freeze Measures and Trusts

In C-483/23, the Advocate General provided an opinion clarifying how Article 2(1) of Council Regulation (EU) No 269/2014 applies to assets held in trusts established by sanctioned persons. The case, referred by the Regional Administrative Court of Lazio, Italy, concerned a Bermuda trust whose settlor had been designated under EU sanctions. The opinion confirms that substance prevails over form: even where legal title has passed to a trustee, a sanctioned settlor may still be deemed to “own, hold, or control” trust assets for sanctions purposes if they retain significant powers, such as the ability to revoke the trust, appoint or remove trustees, or influence distributions to beneficiaries. The opinion is very similar to a recent line of OFAC enforcement cases concerning continued sanctioned-party control over trusts nominally held by non-sanctioned parties.

Although non-binding, the Advocate General opinion signals increased scrutiny of trust structures used by sanctioned individuals, particularly offshore trusts with flexible terms that preserve settlor influence. It aligns with the purposive interpretation adopted by the English Commercial Court in EuroChem v. Société Générale (discussed below), reinforcing that sanctions compliance requires looking beyond formal legal arrangements to the underlying reality of control.

c) Interpretation of “Control”

In C-84/24, the Supreme Court of Lithuania referred to the CJEU questions concerning whether a 50 percent shareholding by a designated person creates a presumption that the company’s assets are “controlled” within the meaning of Article 2(1) of Council Regulation (EC) No 765/2006, the Belarus Sanctions Regulation. Advocate General Ćapeta advised that, while the asset freeze does not automatically extend to non-listed companies, a 50 percent shareholding creates a rebuttable presumption of control over that company’s funds and economic resources, obliging banks to freeze immediately while preserving the company’s right to challenge.

Critically, the Advocate General distinguished the Article 2(1) freezing obligation from the Article 2(2) prohibition on making funds available: these are “autonomous and distinct” measures, meaning a company cannot rebut the presumption of control merely by showing its assets are not used “for the benefit of” the designated shareholder. Factors such as separation of company and shareholder assets, management by non-designated persons, and/or restricted account access may be relevant but are individually insufficient to overcome the presumption. The opinion confirms that “control” in sanctions law differs from corporate law; the question is not whether the designated person can freely dispose of assets, but whether they can influence how the company’s funds are used.

d) Interpretation of “Acting on Behalf or at the Direction of”

In C-313/24, the Council of State (Italy) referred a question concerning whether Article 5k(1)(c) of Council Regulation (EU) No 833/2014—which prohibits awarding public contracts to persons “acting on behalf or at the direction of” Russian nationals or Russian-established entities—applies where two of three board members of an Italian company are Russian nationals, one of whom serves as chairman, chief executive officer, and sole director of the 90 percent-owning parent company. Advocate General Spielmann advised that the prohibition does not apply automatically based solely on the Russian nationality of company directors. Rather, the concept of “acting on behalf or at the direction of” requires a substantive, fact-specific assessment of whether the tenderer is under the de facto control of Russian nationals or entities. While the presence of Russian nationals in key management positions is not determinative, such circumstances, particularly nationality combined with roles, ownership links, and governance responsibilities, “may serve as relevant indicators requiring further scrutiny by the contracting authority.”

The Advocate General emphasized that the relevance of a director’s nationality should be limited to scenarios where the director holds powers beyond day-to-day management, exercising strategic decision-making authority or control over the company’s broader objectives. The assessment should consider all relevant circumstances, including the role and influence of the ultimate beneficial owner. The Advocate General left it to the referring court to determine whether such an assessment is required in the specific case. Although that opinion arises in the public procurement context, its reasoning has broader significance: the phrase “acting on behalf or at the direction of” appears throughout the EU sanctions framework—including in the transaction ban—and the emphasis on substance over form suggests that authorities and operators must look beyond corporate formalities to assess whether de facto control exists whenever that formulation is invoked.

e) Exception Mechanism under the EU Blocking Statute

In Case T-518/23, the General Court addressed the Commission’s power to grant retroactive authorizations under the EU Blocking Statute. The Blocking Statute generally prohibits EU operators from adjusting their conduct to comply with, or avoid the consequences threatened by, specified extraterritorial U.S. sanctions measures, but the Commission may grant an exception where it would seriously harm the interests of the operator or the European Union.

An Iranian bank on the U.S. SDN List challenged European Commission decisions granting Clearstream Banking AG an exception to the Blocking Statute to freeze the Iranian bank’s securities in order to avoid exposure to U.S. sanctions-related risks. The Court confirmed that, while retroactive effect is exceptional, such authorizations may be granted retroactively where two conditions are satisfied: the purpose to be achieved so demands, and the legitimate expectations of those concerned are duly respected. The General Court rejected the argument that the Commission’s Guidance Note precluded retroactivity. The judgment—only the second substantive General Court ruling on the Blocking Statute after IFIC Holding, and the third major EU court decision on that subject, following the CJEU’s 2021 ruling in Bank Melli Iran—confirms that the exception mechanism in the legislation is a flexible tool capable of accommodating the practical realities of protracted administrative procedures, while reaffirming that third parties targeted by U.S. sanctions enjoy no procedural rights under the Blocking Statute framework.

6. Member State Perspective: Germany

Germany has cemented its position as the European Union’s most zealous enforcer of sanctions. With over one hundred Public Prosecutor’s Offices pursuing cases, criminal enforcement has surged following Russia’s full-scale invasion of Ukraine, and shows no signs of slowing.

The scale of activity is striking. In April and September 2025, Germany’s Federal Economic Ministry (formerly Bundesministerium für Wirtschaft und Klimaschutz, and now rebranded as Bundesministerium für Wirtschaft und Energie) (BMWE) published two official digests cataloging criminal enforcement actions tied to Russia sanctions. Four cases stood out: courts handed down multi-year prison sentences for covertly supplying sanctioned goods to Russia, often using circuitous routes via Hong Kong, Kyrgyzstan, Kazakhstan, the United Arab Emirates, Turkey, Switzerland, Lithuania, and Belarus. The contraband ranged from electronic components for use in drones, to dual-use machine tools for use by an arms manufacturer, to passenger cars. Asset confiscations in these cases ran from €880,000 to €30 million. Customs offices from Berlin to Stuttgart and prosecutors in Munich are reportedly pursuing dozens more investigations into similar export violations and illicit imports of Russian caviar substitutes.

German regulators have been busy issuing guidance to match. BMWE updated its Russia sanctions FAQs and published new guidance targeting circumvention schemes involving computer-programmed milling machines and lathes. Germany’s Federal Office for Economic Affairs and Export Controls (Bundesamt für Wirtschaft und Ausfuhrkontrolle) (BAFA) refreshed its Russia trade leaflet and added new circumvention-prevention materials. The German Federal Bank (Deutsche Bundesbank) updated its FAQs on EU financial sanctions, while the domestic intelligence service (Bundesamt für Verfassungsschutz) (BfV), released an information sheet on procurement tactics used by state actors to evade both proliferation controls and sanctions.

When the European Union triggered the snapback of EU nuclear-related sanctions on Iran in late September 2025, German agencies moved swiftly. BAFA overhauled its Iran trade guidance, covering both the restored restrictions and its general licensing framework. The Bundesbank published guidance on the authorization procedure for Iran-related transfers of funds restricted under the restored EU sanctions regime, as well as its authorization and notification forms related to this procedure.

BAFA also continued issuing general licenses (i.e., regulatory carve-outs within the EU sanctions framework). In July 2025, it extended General License No. 42 until March 2027, permitting eligible parties to provide otherwise-restricted services and software to non-sensitive Russian recipients, such as EU subsidiaries. In December 2025, it reissued General License No. 30, adapting it to the restored Iran sanctions but declining, for now, to extend its validity beyond March 2026.

Meanwhile, Germany’s sanctions criminal law has undergone its most significant overhaul in years. Although Berlin initially missed the May 2025 deadline to adopt EU Directive 2024/1226 into German law, prompting the European Commission to open infringement proceedings, the new government led by Chancellor Friedrich Merz ultimately revived the legislation, which the Bundestag passed in January 2026.

This reform sharpens the law’s teeth considerably. The reform amends the core criminal and administrative offense provisions of Sections 18 and 19 of the Foreign Trade and Payments Act (Außenwirtschaftsgesetz) (AWG) and Section 82 of the Foreign Trade and Payments Ordinance (Außenwirtschaftsverordnung) (AWV). Conduct previously punishable only as administrative infractions now constitutes a criminal offense under German law if committed intentionally. Even negligent violations involving dual-use items can be qualified as a crime if reckless. Practically any breach of EU sanctions may now warrant a German criminal investigation. While Germany did not link statutory fines for companies to global turnover, it quadrupled the maximum fixed fine amount contemplated by the Directive from €10 million to €40 million. New offenses target circumvention tactics, including asset concealment through third parties, and a fresh provision in the Residence Act (Aufenthaltsgesetz) criminalizes facilitating sanctioned persons’ entry into the country. German prosecutors were already aggressive; the tightened framework will only intensify their efforts.

As part of the same legislative package, Germany also introduced a new instrument of public fiduciary administration under Sections 6a through 6f of AWG. The provision authorizes the BMWE to place EU-based subsidiaries of certain designated Russian entities under a public trusteeship to the extent required to avert a threat to public order or security. The appointed trustee may assume control over the company by exercising shareholder rights and taking the measures necessary to ensure the continued lawful operation of the business. According to the legislative materials, the instrument is intended to enable the continued participation of affected EU subsidiaries in economic activity while ensuring compliance with the EU sanctions.

Looking ahead, the coalition agreement of the new government, which took office in May 2025, signals a broader overhaul of German foreign trade law. Export licensing is expected to be streamlined and accelerated, with comprehensive prior checks giving way to targeted, random inspections backed by stiff penalties. Within the scope of this system, the need for individual licensing may be reduced significantly. Yet, the coalition agreement also emphasizes that rigorous enforcement of Russia-related sanctions will continue unabated.

B. Export Controls

The European Commission’s and High Representative’s 2025 Joint Communication to the European Parliament and the Council on the European Economic Security Strategy confirmed export controls’ position alongside sanctions and investment screening as core tools for protecting European national security interests, including technological sovereignty. In recent years, EU institutions have been reflecting on the effectiveness of current tools, and the European Commission’s January 2024 White Paper on export controls had identified areas for improvement.

This past year, the European Union took tangible steps in the direction of increasing the impact of these controls. The European Union maintains a centralized regime governing the export of dual-use goods through Regulation (EU) 2021/821, which directly applies across all Member States and aligns with multilateral agreements to which EU Member States are party, most notably the Wassenaar Arrangement. Historically, this multilateral framework ensured that European controls kept pace with technological developments through consensus-based updates to control lists agreed at annual Wassenaar plenary meetings. That mechanism has broken down since Russia’s full-scale invasion of Ukraine, as Russia, like any other Wassenaar member, holds veto power over any initiative to amend the control lists and used it to block the adoption of important controls on emerging technologies. This dysfunction prompted several EU Member States—including the Netherlands, Germany, Italy, France, and Finland—to adopt unilateral controls, giving rise to a complex compliance patchwork across the European Union.

To address this fragmentation, in 2025 the European Commission took the unprecedented step of independently adding controls for technologies not regulated at the multilateral level. The updated EU control list adds new categories, including quantum technology and quantum computers, semiconductor manufacturing and testing equipment, advanced computing integrated circuits, additive manufacturing machines and related materials, and peptide synthesizers. In April 2025, the European Commission also issued a Recommendation aimed at enhancing coordination of national control lists of dual-use items, which was a key focus of the Commission’s January 2024 White Paper on export controls. The Recommendation introduces a coordination mechanism, which allows Member States to share draft lists with the Commission and other Member States, inviting feedback before their formal adoption, and foreshadowing potential future EU-wide controls where national divergence proves untenable.

C. Foreign Direct Investment

Five years after the European Union established a cooperation mechanism for investment screening, the system’s limitations have become as visible as its achievements. National regimes now cover nearly all EU Member States, but divergent rules and procedures persist, prompting a reform agreement in December 2025 aimed at greater harmonization.

In December 2025, representatives of the European Council and the European Parliament reached a provisional political agreement on the revision of the foreign direct investment (FDI) screening regulation, with application expected approximately 18 months after entry into force. The revisions strengthen the current system, mandating screening mechanisms to be carried out by all Member States, and covering foreign investments through EU subsidiaries as well. The reform introduces a harmonized minimum scope covering defined sensitive areas (including dual-use items, critical raw materials, hyper-critical technologies such as AI, quantum and semiconductors, and specific categories of financial service providers), mandatory prior authorization for investments in these areas, strengthened cooperation obligations between Member States, and streamlined procedures with standardized two-phase review and aligned definitions. EU institutions are also considering the introduction of a power to screen unnotified transactions retroactively. If adopted, the reform will require all Member States to update their FDI screening regimes and will result in more rigorous scrutiny, tighter timelines, and enhanced EU-level coordination.

The agreement comes as the European Commission’s fifth annual report on the application of the EU Foreign Direct Investment Screening Regulation, published in October 2025 and covering data gathered in 2024, reveals both the regime’s growing maturity and the continued fragmentation it seeks to address. The European Union saw a continued slowdown in FDI inflows in 2024, with an 8.4 percent decline, following a 23 percent drop in 2023. The decrease was driven primarily by a 19 percent fall in greenfield investments, while M&A activity experienced a modest year-on-year recovery of 2.7 percent. The United States and the United Kingdom remained the largest sources of foreign investment into the European Union, together accounting for approximately 60 percent of both M&A and greenfield activity. Within the Union, Germany was the preferred destination for M&A transactions (21 percent), while Spain received the most greenfield investments (24 percent).

Despite the decline in inflows, screening activity across Member States continued to intensify. In 2024, EU Member States notified 477 investments to the European Union’s cooperation mechanism, broadly in line with the 488 notifications in 2023. The number of notifications to the EU cooperation mechanism has increased by 15 percent since 2021, a sign of maturation. Most cases (92 percent) were closed within two weeks, with only eight percent requiring an in-depth security risk assessment. The Commission issued opinions in less than two percent of cases. At the national level, the vast majority of screened investments (86 percent) were cleared unconditionally, with only nine percent cleared subject to conditions and one percent ultimately blocked (and the remaining four percent of filings were withdrawn by the parties before a formal decision was made), confirming that while screening volumes are rising, the proportion of investments identified as posing serious security concerns remains low. Sectors triggering the largest share of notifications remained consistent with previous years: manufacturing, information and communications technology, wholesale and retail, financial activities, and professional services. The most common ultimate origin of investors remained the United States and the United Kingdom, while the share of transactions involving Chinese ultimate investors rose from six percent in 2023 to nine percent in 2024.

Across the European Union, many Member States maintained stable frameworks while others introduced targeted amendments. France revised its list of critical research and development technologies, Lithuania expanded its regime to cover crypto assets, and Sweden broadened the scope of “essential services” into the digital sphere. Energy infrastructure, particularly offshore wind, faced increased scrutiny. Other reforms focused on coordination and transparency, including enhanced cooperation between screening and competition authorities (Czechia), mandatory digital filings (Germany), and expanded public reporting practices.

All 27 EU Member States have now enacted FDI screening regimes, although those in Croatia and Cyprus are not yet fully operational. Croatia’s regime, adopted under a designation-based model, will require authorities to identify “obliged entities” by April 2026, while Cyprus’s regime will enter into force in April 2026 for non-European Economic Area (i.e., outside of the European Union, Iceland, Liechtenstein, and Norway) and non-Swiss investments in sensitive sectors.

VI. UNITED KINGDOM

A. Sanctions

The United Kingdom’s National Security Strategy 2025, published in June, positions economic statecraft—sanctions, export controls, and investment screening—as central to protecting British interests in an era of heightened geopolitical competition. The December 2025 Anti-Corruption Strategy extends this logic further, deploying sanctions not merely to constrain adversaries but to dismantle kleptocratic networks and the professional enablers who service them. Much as with the European Union, the message is clear: sanctions are no longer a reactive diplomatic instrument but a proactive tool of state power.

The past year’s developments reflected this duality of policy aggression and institutional build-out. UK sanctions designation volumes remained high, with continued pressure on Russia, expanded measures against Iran following the JCPOA snapback, and a new standalone sanctions regime targeting irregular migration. UK sanctions enforcement matured in parallel. The Office of Trade Sanctions Implementation (OTSI) completed its first full year of operation, while the Office of Financial Sanctions Implementation (OFSI) launched a comprehensive consultation proposing substantial penalty increases and procedural reforms, signaling that implementation firepower is finally catching up with policymakers’ ambitions.

Coordination with UK allies has deepened despite broader strains on multilateralism. An OFAC-OFSI Memorandum of Understanding, published in January 2025, formalizes information-sharing arrangements that had operated informally since Russia’s invasion of Ukraine. Visiting officers from OFSI and OFAC now walk each other’s halls, and joint designations with Washington, including coordinated action against Gazprom Neft and Surgutneftegas, and continued alignment with EU and Group of Seven (G7) partners on initiatives such as the Russian oil price cap, demonstrate that London remains committed to collective economic pressure even as transatlantic relations face new uncertainties. The United Kingdom also sought to extend its reach beyond formal alliances: the Foreign, Commonwealth & Development Office published guidance specifically aimed at non-UK businesses operating in third countries, outlining circumvention risks and practical compliance steps—a clear signal that the United Kingdom (like the United States) expects its sanctions to cast a long shadow beyond its own jurisdiction.

Domestically, UK sanctions enforcement has become embedded in a whole-of-government economic crime framework. The Economic Plan 2: System Priorities – 2025 coordinates efforts across OFSI, the National Crime Agency (NCA), and other enforcement bodies, while OFSI’s increasingly intelligence-led approach (supported by over 210 international engagements across 44 jurisdictions in 2024-25) suggests a regulator moving from passive compliance monitoring toward active threat disruption.

1. Russia

The United Kingdom’s Russia sanctions strategy in 2025 moved decisively from incrementalism to escalation, marked by three inflection points that fundamentally reshaped the compliance landscape. First, the designation of Russia’s energy giants Rosneft and Lukoil—a week ahead of OFAC’s parallel designations to the SDN List—ended years of calculated restraint on oil majors, signaling that no Russian company, regardless of revenue contribution or market significance, remained too systemically important to sanction. Second, the reduction of the oil price cap from $60 to $47.60 per barrel represented the sharpest single adjustment since the cap’s introduction, deliberately squeezing Russia’s export margins. Third, the sustained monthly designations of shadow fleet participants, that by October 2025 exceeded 500 vessels, demonstrated the United Kingdom’s commitment to systematically dismantling Russia’s maritime export infrastructure.

What emerged was not simply “more sanctions,” but an overarching theory of economic pressure: constrict revenue at the source (oil company sanctions), raise transaction costs (price cap reduction), and systematically dismantle enabling infrastructure (targeting the shadow fleet and the surrounding maritime ecosystem, such as ship owners and managers). The operational tempo reinforced these themes. Major packages in February (marking the invasion’s third anniversary with 67 individuals, entities, and 40 shadow fleet vessels), May (a wide-ranging package targeting military operations, energy exports, weapons supply chains, and 46 financial institutions), and rolling monthly shadow fleet additions created continuous pressure designed to close gaps exposed by Moscow’s previous evasion attempts.

The cumulative impact by year-end was substantial: 1,816 individuals, 562 entities, and more than 500 shadow fleet vessels sanctioned under the United Kingdom’s Russia regime alone, with £28.7 billion in Russian-linked assets frozen since February 2022. These figures are notable not only in volume but also in strategic coverage: the individual designations target beneficial owners and facilitators; the entity designations covered energy, finance, military-industrial, and circumvention nodes; and the vessel designations aimed to make Russian oil exports increasingly expensive and difficult to insure and transport.

Direct vessel designations, an authority only introduced in July 2024, became a core enforcement tool during 2025, bringing the UK regime into closer alignment with U.S. practice and demonstrating London’s willingness to move aggressively against maritime infrastructure. The United Kingdom’s November 2025 issuance of a “Red Alert” on Russia’s shadow fleet codified the compliance expectations accompanying this designation surge. The alert highlighted specific typologies warranting enhanced due diligence: Automatic Identification System manipulation, opaque ownership and management structures, ship-to-ship transfers, frequent flag changes, and irregular insurance arrangements. These were not mere risk indicators but actionable red flags requiring escalation from maritime, insurance, finance, and logistics actors.

The technology and software controls introduced in April 2025 represented a crucial new development in UK Russia sanctions. The measures, which operate independently from the software’s export control classification, target business enterprise, industrial design, and oil and gas-related software, and expand technology transfer restrictions. The restrictions are supported by new OTSI guidance clarifying scope, compliance expectations, and license application requirements. The General Trade License (Russia Sanctions – Sectoral Software and Technology) provides a limited pathway for certain legacy contractual obligations, subject to eligibility verification, condition compliance, and registration.

Finally, circumvention risk remained top of mind for UK policymakers throughout 2025. OTSI’s business guidance detailed practical steps to identify and mitigate evasion—including third-country routing, intermediary chains, complex ownership structures, and “no-Russia” clause diversions—thereby helping develop a benchmark for risk-based compliance design. The NCA’s “Operation Destabilise” publicly connected Russian-linked money-laundering networks to drugs, ransomware, and hostile-state activity, highlighting how sanctions evasion increasingly embeds within broader criminal ecosystems. For businesses, this points toward greater convergence of sanctions compliance, anti-money laundering controls, and cyber incident response. Enhanced beneficial ownership diligence, controls on crypto exposure, clear red-flag escalation, and coordinated cross-functional case management are emerging as best practices for managing risk effectively, particularly in higher-risk corridors or where opaque payment and logistics structures are involved.

2. Iran

UK policy toward Iran in 2025 reflected a strategic hardening across multiple fronts. Parliament’s Intelligence and Security Committee published an impactful report characterizing Iran as a “wide-ranging, persistent and sophisticated threat” to UK national security, concluding that Iranian state threat activity had been historically under-recognized and that the physical threat to UK-based dissidents was now comparable to that posed by Russia. The government responded by placing Iran (alongside Russia) on the enhanced tier of the Foreign Influence Registration Scheme, requiring anyone directed by the Iranian state to conduct activities in the United Kingdom to register or face imprisonment.

The sanctions response was equally muscular. Following the UN sanctions snapback, the United Kingdom reinstated its pre-JCPOA sanctions framework, reactivating expansive restrictions across petroleum, petrochemicals, shipping, financial services, and industrial sectors. The United Kingdom went further, and designated an additional 71 individuals and entities beyond those caught by the snapback, targeting procurement networks, front companies, and facilitators supporting Iran’s nuclear program and regional military activities. London’s approach reflects several strategic calculations: maintaining pressure on Iran’s nuclear program while preserving space for future diplomacy; targeting drone and missile capabilities flowing to Moscow and Tehran’s regional proxies, thereby connecting Iran sanctions to broader Russia and Middle East policy; and closing gaps in previous iterations of its sanctions regime.

The legislative toolkit expanded in parallel. The Independent Reviewer of Terrorism and State Threat Legislation published recommendations in May 2025 supporting the introduction of bespoke tools to address hostile state activity falling short of traditional terrorism, including sanctions-like mechanisms for state-linked entities, which the UK government led by Prime Minister Keir Starmer has committed to develop. The National Security Act 2023 also received its first Iran-related test when three Iranian nationals were charged with offenses relating to surveillance targeting UK-based journalists, prompting the summoning of the Iranian ambassador. Parliamentary debate revealed broad cross-party consensus supporting the government’s layered approach combining sanctions, criminal enforcement, and counter-state-threat legislation.

The cumulative effect is a UK posture toward Iran that now operates across multiple vectors simultaneously—sanctions, criminal enforcement, counter-state-threat legislation, and registration requirements—with broad political consensus behind further escalation. The direction of travel points toward continued tightening, particularly if Iranian domestic instability or regional confrontation intensifies.

3. Syria

The United Kingdom followed Brussels and Washington in lifting a substantial portion of its Syria sanctions following the Assad regime’s collapse. Amendments to the UK Syria sanctions regulations announced in April 2025 removed restrictions across Syria’s finance, banking, energy, and transport sectors, enabling the country to reconnect to the SWIFT messaging system in June after decades of exclusion and to export oil for the first time in 14 years. In October 2025, the government removed Hay’at Tahrir al-Sham from the list of proscribed terrorist organizations under the Terrorism Act 2000, enabling closer engagement with President Ahmed al-Sharaa’s fledgling government. With the World Bank estimating reconstruction costs at over $216 billion, the United Kingdom has positioned Syria as a “potentially high return market” despite its challenging context, issuing new industry guidance in December 2025 to support commercial engagement.

Notwithstanding these developments, significant UK prohibitions remain in force. Measures targeting Assad-era actors, chemical weapons, dual-use and military goods, goods used for internal repression, interception and monitoring software, and the import and export of gold, precious metals, diamonds, and luxury goods continue to apply. Asset freezes remain in place against approximately 350 Syrian individuals and entities. The United Kingdom has also made clear it will continue to deploy targeted sanctions against Syria-related parties responsible for repression and human rights abuses: in December 2025, six individuals and three organizations were designated in connection with the March coastal violence in Latakia and Tartous and Assad-era atrocities. Engagements involving Syria should therefore continue to be subjected to scrutiny, as sanctions relief has opened commercial pathways, but not all UK restrictions have been lifted.

4. Enforcement Trends

a) Recent OFSI Actions

UK sanctions enforcement in 2025 marked a turning point. OFSI imposed four monetary penalties, more than in any previous year and more than half its cumulative total since acquiring penalty powers in 2017. The message is clear: the era of cautionary letters is ending.

A £300,000 penalty against Markom Management Limited (Markom) (a UK-based financial services company) set the tone. Beyond the substantial penalty amount for a single violative transaction, the action is noteworthy as the conduct at issue occurred under pre-Brexit sanctions regulations, demonstrating OFSI’s willingness to pursue historic breaches rather than confine enforcement efforts to recent violations. Aggravating factors included Markom’s alleged absence of sanctions controls for informal intra-group transactions and an eight-month delay before disclosure. Governance shortcomings and slow engagement now function as penalty multipliers, and the passage of time offers no safe harbor.

In a rare action against a sophisticated player, the global law firm Herbert Smith Freehills was fined £465,000 for payments made by its former Moscow office to sanctioned Russian banks during a hasty wind-down in May 2022. OFSI also imposed a £152,750 penalty on Colorcon Limited (Colorcon) (the UK subsidiary of a global pharmaceutical company) for similar failures involving its Moscow representative office, reinforcing that even exiting from heavily sanctioned jurisdictions can carry substantial compliance risks. The Colorcon case is also noteworthy because the company’s voluntary disclosure discount was reduced from 50 to 35 percent due to a four-month delay between discovering the breaches and notifying OFSI, a surprising outcome given the time and resource commitment required to adequately investigate and document compliance shortcomings.

Two further actions underscored OFSI’s expanding enforcement toolkit. A £5,000 penalty against Svarog Shipping & Trading Company Limited—OFSI’s first enforcement action based solely on an “information” offense (i.e., failing to respond to an OFSI request for information)—signaled that procedural non-compliance and poor engagement with regulators can, in themselves, trigger penalties. By contrast, a disclosure notice (but no monetary penalty) issued to Vanquis Bank Limited for an eight-day delay in freezing a designated person’s account demonstrated that a timely voluntary self-disclosure and cooperative engagement can materially mitigate consequences.

The direction of travel for OFSI sanctions enforcement is unmistakable: greater frequency, broader sectoral reach, and a willingness to penalize process failures, not just substantive breaches.

b) FCA Sanctions Enforcement and Implementation

The UK Financial Conduct Authority’s (FCA) £29 million fine against Starling Bank in October 2024 cast a long shadow over 2025 and crystallized the FCA’s enforcement philosophy on sanctions. The regulator’s focus is not on policies as written but on controls as operated, including: data quality, timely identification and interdiction of matches; documented scenario coverage for higher-risk products and corridors; testing regimes; governance that challenges performance rather than rubber-stamps it; and clear, well-documented escalation and remediation where potential breaches are identified. The FCA’s evolving enforcement posture, with higher fines and a streamlined enforcement pipeline, indicated lower tolerance for weaknesses in first- and second-line ownership of sanctions risk, with expectations that firms could demonstrate effective adaptation to frequent designation updates, complex ownership/control analyses, and evolving circumvention typologies.

In line with its wider financial crime mandate, the FCA conducted 266 sanctions compliance assessments in 2024-2025, with particular attention to payments and trade finance touchpoints where circumvention risk is highest. The FCA’s 2025 supervisory work remained tightly focused on whether firms’ sanctions screening and associated governance functioned effectively in practice, with particular attention to data quality, model calibration, testing, and assurance. While cross-government coordination on sanctions evolved over the year, the FCA’s lens remained supervisory: translating external typologies and intelligence into testing of firms’ end-to-end controls and ensuring timely remediation where weaknesses were identified.

Supervisory testing through 2025 concentrated on higher-risk products and corridors, including payments and trade finance touchpoints, where robust end-to-end screening, counterparty diligence, and alert handling were expected to promptly detect and interdict sanctions exposure. As circumvention typologies evolved, the FCA increasingly scrutinized firms’ risk assessments, data lineage, model risk management, and the responsiveness of tuning and triage to frequent designation changes.

Looking ahead to 2026, firms should expect continued, data-led scrutiny of screening calibration and governance, increased use of multi-firm reviews and skilled-person work where systemic issues persist, and sustained testing of end-to-end sanctions controls across payments, trade finance, and higher-risk correspondent relationships. The FCA is also likely to maintain focus on third-country circumvention risks and rigorous escalation and disclosure practices where potential breaches are identified.

c) The Maturing UK Enforcement Landscape: HMRC, OFSI, and OTSI

Three developments in 2025 signaled ongoing structural shifts in UK sanctions enforcement: the emergence of a criminal pipeline, a proposed overhaul of civil penalties, and the operationalization of a new trade sanctions authority.

In February 2025, His Majesty’s Revenue and Customs (HMRC) provided a rare quantitative snapshot of its enforcement operations to the Treasury Select Committee: it reported 30 live criminal investigations into potential sanctions offenses, up from zero in 2021, with 27 of those inquiries relating to Russia. HMRC has recruited 40 additional investigators, enhanced overseas intelligence gathering, and formalized an enforcement partnership with the newly established OTSI under which serious civil cases are referred for criminal consideration. Six compound settlements (i.e., civil penalties) totaling £1.36 million have been concluded for Russia-related trade sanctions breaches, including the largest single penalty of £1.16 million in May 2025. The practical implication is that self-disclosure and engagement decisions must now account for a more mature UK enforcement landscape, featuring cross-referrals between civil and criminal pathways.

In parallel, OFSI’s 2025 consultation on civil enforcement reform signals a material elevation in UK financial sanctions risk. As set out in a prior client alert, the proposals include:

Increasing statutory maximum penalties from £1 million or 50 percent of breach value, to £2 million or 100 percent;
Capping voluntary disclosure discounts at 30 percent (down from 50 percent) and tightening eligibility criteria;
Introducing a formal settlement scheme modelled on the Prudential Regulation Authority’s approach;
Creating an “Early Account Scheme” to expedite investigations in exchange for enhanced discounts; and
Streamlining penalties for information, licensing, and reporting breaches.

2025 marked the end of OTSI’s inaugural year as the dedicated UK civil enforcement authority for trade sanctions. The figures in OTSI’s “One Year” update reflect a regime in build-out mode: 60 license applications received (predominantly Russia-related professional and business services); over 140 suspected breach reports triaged for investigation, referral to HMRC, or information-sharing with international partners; and no civil monetary penalties yet imposed, presumably a function of phased prioritization rather than enforcement appetite. Looking ahead, OTSI has signaled a shift toward more proactive use of its civil powers, expansion of its licensing remit, and more detailed guidance on breach reporting, the license application process, and compliance expectations.

The cumulative effect is a UK enforcement system that now operates across financial sanctions (OFSI), trade sanctions (OTSI and HMRC), and regulated-firm supervision (FCA)—with increasingly formalized civil-criminal escalation processes.

5. Case Law Interpreting UK Sanctions

UK courts hold final authority to interpret legal texts, including UK sanctions regulations, and are being called upon with growing frequency to resolve disputes and provide clarity on matters related to sanctions implementation.

a) Contractual Performance and U.S. Sanctions Risks

In Ceto Shipping Corporation v. Savory Shipping Inc, the Commercial Court considered when a party may refuse contractual performance on sanctions grounds under a “reasonable judgment” clause. The Court confirmed that such clauses do not require proof that performance would certainly result in sanctions; a serious possibility of exposure suffices. The judgment must be made in good faith and be objectively reasonable, but the process of reaching it need not be optimal; what matters is whether the conclusion was reasonable, not whether the enquiries were exhaustive.

Importantly, sanctions risk is assessed prospectively: the absence of prior designations against comparable actors does not preclude a reasonable judgment that risk exists, particularly where enforcement priorities are evolving. The Court also held that where two sanctions risks intersect (here, Iranian-origin cargo destined for Venezuela) the combined effect may intensify the overall risk, even if neither alone would be determinative. For parties operating in sanctions-sensitive trades, the decision confirms that a well-founded risk assessment, grounded in market intelligence and contemporaneous enforcement trends, can justify non-performance even without formal legal advice, provided the judgment is genuine and objectively defensible.

The judgment is also notable for its treatment of U.S. sanctions risk in an English law context. The vessel, its owners, and its managers had no connections to the United States, and the proposed voyage would not have violated UK sanctions law. Nevertheless, the Court accepted that the risk of being designated to the U.S. SDN List, and the catastrophic commercial consequences that would follow, was a legitimate basis for invoking the contractual protection. The Court preferred the evidence of Savory Shipping’s expert, who testified that the risk of designation was “high” given OFAC’s enforcement priorities during the relevant period, over that of Ceto Shipping’s expert, who characterized the risk as “low” based on the absence of prior designations against comparable European operators. In reaching that conclusion, the Court emphasized that U.S. secondary sanctions operate by threatening designation rather than direct prohibition, and that English courts will give weight to a party’s reasonable assessment of that threat when considering whether contractual non-performance was justified. The practical implication is significant: a party to an English law contract may lawfully decline to perform where it reasonably judges that performance would expose it to U.S. secondary sanctions, even if performance would be lawful under English and EU law.

b) Ownership and Control in the Context of Trust Structures

LLC EuroChem North-West-2 v. Société Générale is the most significant English court decision to date on the application of Council Regulation (EU) No 269/2014’s asset freeze measures to complex corporate and trust structures. The claimants, Russian subsidiaries of the EuroChem fertilizer group, sought payment under English law for on-demand bonds totaling over €280 million. The issuing banks refused payment on the grounds that the claimants were owned or controlled by a designated person, such that the bonds were frozen and payment was prohibited. The Court dismissed the claims.

On ownership, the Court held that a beneficiary under a discretionary trust is to be treated as the owner of the trust assets for the purposes of Council Regulation (EU) No 269/2014, even though a discretionary beneficiary has no proprietary interest under English or Bermudian trust law. The regulation must be given an autonomous, purposive interpretation; domestic trust law concepts are not determinative. The Court further held that the trust in question was not a “true” discretionary trust because its terms allowed the designated person to retain effective control (here, through his ability to secure the appointment of a trusted deputy as protector, with powers to remove trustees and influence decision-making).

On control, the Court confirmed that de facto control is sufficient. No legal relationship between the designated person and the entity is required. A person may be said to control an entity where they are able to influence its decisions, even in the absence of any legal tie, ownership link, or equity participation. Evidence that employees continued to regard the designated person as “the man at the top,” and that corporate decisions were made by reference to the designated person’s wishes, was sufficient to establish control, notwithstanding formal structural changes made after designation. The Court also emphasized that where a designated person’s spouse was appointed as successor beneficiary of a discretionary trust immediately upon designation, the Court would scrutinize whether they were acting as a mere proxy, particularly where a trusted deputy of the designated person was simultaneously appointed as protector.

The judgment is notable for its treatment of corporate firewalls as a mechanism for entities to escape the reach of Article 2 of Council Regulation (EU) No 269/2014. The Court accepted that the Swiss parent company had implemented effective firewall measures which satisfied the relevant national competent authorities—in Switzerland, France, Cyprus, and the Netherlands—that it was no longer subject to an asset freeze. However, the Court held that firewalls protect only the entity that implements them and its EU subsidiaries: subsidiaries outside the European Union that have not implemented equivalent measures remain frozen, even if their parent has been released. As the French national competent authority (the Direction Générale du Trésor) made clear, “in the absence of an adequate measure to verify the activities of subsidiaries established outside the European Union, these remain subject to the asset freezing measures.”

The Court also held that a determination by a national competent authority that an entity is owned or controlled by a designated person is determinative for purposes of the domestic law of that Member State. Where such a determination has been made, an English court will treat the question of ownership or control as settled for the purposes of assessing foreign illegality, rather than conducting its own independent assessment. This has significant implications for the enforcement of English law obligations where performance would occur in an EU Member State.

c) Illegality and the UK Blocking Regulation

Beneathco DMCC v. R.J. O’Brien Limited provides important guidance on the interaction between the Ralli Brothers principle and U.S. sanctions, and on the scope of the UK Blocking Regulation (the UK equivalent of the EU Blocking Statute, discussed above). The Ralli Brothers principle provides that a contract governed by English law is unenforceable insofar as performance would require an act to be done in a place where that act would be unlawful.

The claimant, a Dubai company designated by OFAC as an SDN, sought payment of approximately $16.5 million held for it by a UK broker. The Court held that the claimant’s payment instructions were not ones with which the broker was contractually obliged to comply, because the contract required payment in U.S. dollars to the claimant itself, whereas the instructions sought payment in a different currency or to a third party. In the alternative, the Court held that even if such an obligation existed, it would be suspended by the Ralli Brothers principle. On the evidence, any transfer of U.S. dollars from the broker’s UK banks to Dubai would necessarily involve U.S. correspondent banks, and the use of such banks to effect payment to a designated person would be prohibited under U.S. law. The Court confirmed that the Ralli Brothers principle extends to unlawful acts by third parties, such as correspondent banks, where those acts form part of contractually required performance, not merely preparatory steps.

The claimant argued that the UK Blocking Regulation precluded reliance on the Ralli Brothers principle, on the basis that compliance with OFAC’s prohibitions would itself be a criminal offense under UK law. The Court rejected this argument. It held that the UK Blocking Regulation targets only the extraterritorial application of the listed U.S. laws—it does not apply where the relevant unlawful conduct (here, the correspondent bank’s participation in the transfer) would occur within U.S. territory. Moreover, the relevant provisions of the Executive Order under which the claimant was designated derived from IEEPA, which is not among the statutes listed in the annex to the UK Blocking Regulation.

B. Export Controls

1. UK Accedes to the Agreement on Defence Export Controls

The United Kingdom’s accession to the Agreement on Defence Export Control (ADEC) in December 2025—joining France, Germany, and Spain—marks another significant step in British defense export policy, complementing the AUKUS export control exemptions that took effect in September 2024. While AUKUS eliminated licensing requirements for the vast majority of defense trade with Australia and the United States, the ADEC addresses a different challenge: the procedural friction that has historically complicated multinational defense programs with tightly integrated European supply chains. For qualifying collaborative programs, ADEC streamlines licensing through enhanced inter-authority consultation. Where supply chain transactions involve less than 20 percent of the value of components from another signatory, export authorizations are to be issued “without delay.”

Crucially, the ADEC does not override international obligations or relax substantive controls. The UK Export Control Act 2002 and the Strategic Export Licensing Criteria remain fully applicable, and the Export Control Joint Unit (ECJU) will continue to assess each license application on its merits. What the treaty provides is procedural alignment, reducing administrative friction while leaving the underlying legal requirements intact. The ECJU has indicated that implementing guidance and an open general export license (OGEL) to support the treaty will follow in due course.

2. Regulatory Amendments and Licensing

The Export Control (Amendment) (No. 2) Regulations 2025 removed the United Kingdom’s standalone national controls on sensitive emerging technologies (control entries PL9013, 9014, and 9015) from Schedule 3 of the Export Control Order 2008 and incorporated them into the assimilated Dual-Use Regulation as new “500 series” entries. This mirrors the EU amendments that took effect in November 2025 and ensures that UK controls on quantum computing, semiconductor manufacturing equipment, and advanced materials remain current and interoperable with both EU and U.S. regimes, while avoiding regulatory divergence between Great Britain and Northern Ireland. The amendments also update the assimilated Torture Goods Regulation and revise Schedule 4 to reflect the lifting of the UK arms embargo on Armenia and Azerbaijan (while retaining transit controls). As the ECJU has revised relevant OGELs, companies should reassess eligibility and update screening tools accordingly.

The ECJU’s licensing statistics for the second quarter of 2025 underscore the increasing complexity of the UK export control environment. License refusals remain elevated, exceeding 100 per quarter consistently since the third quarter of 2022, well above the long-term quarterly average of 77. China continues to account for the majority of refusals, driven predominantly by the military end-use controls introduced in recent years and the addition of China to the list of destinations subject to those controls. Processing times have been affected by a combination of factors: the transition from the legacy SPIRE system to the new LITE platform, the expanding scope of sanctions measures, and the growing complexity of dual-use casework.

3. Enforcement Trends

HMRC’s export control enforcement in 2025 showed increased activity, though the United Kingdom continues to lag behind the United States in the scale and visibility of its export enforcement actions.

In the first quarter of 2025, HMRC concluded compound settlements totaling £3.7 million with three exporters for unlicensed exports of military-listed goods under the Export Control Order 2008, including a single settlement of £3.2 million. These did not relate to sanctions offenses. In May 2025, HMRC concluded its largest-ever compound settlement for a Russia sanctions breach: a £1.16 million fine for making goods available to Russia in violation of the Russia (Sanctions) (EU Exit) Regulations 2019. A further £620,000 settlement followed in September 2025 for unlicensed exports of military goods.

Compound settlements are typically offered where a breach appears inadvertent or stems from control weaknesses and the exporter has voluntarily disclosed the issue. HMRC generally withholds the identities of businesses found in violation, which limits the market’s ability to derive detailed compliance lessons from individual cases. Even so, the available data reinforces the value of prompt voluntary disclosure and demonstrable remediation, particularly given the cross-referral pathway now established between OTSI (for civil trade sanctions) and HMRC (for criminal consideration of serious cases).

The increase in maximum summary fines, while modest in absolute terms, signals a clearer policy intent to make a wider range of export control offenses (particularly those involving brokering, technical assistance, and intangible transfers) more readily prosecutable. The direction of travel is toward greater enforcement activity, even if the United Kingdom has not yet matched the frequency or transparency of U.S. actions by BIS and its sister agencies.

C. Foreign Direct Investment

The UK National Security and Investment Act 2021 (NSI Act) remained in active operation in 2025, with notification volumes continuing to rise. During the reporting period from April 2024 to March 2025, the Investment Security Unit (ISU) received 1,143 notifications—over 25 percent more than the prior year—though the regime continued to quickly clear the vast majority of transactions: 95.5 percent were approved at Phase 1, with only 4.5 percent called in for in-depth review. Final orders were issued in just 17 cases, of which 16 involved the imposition of conditions and only one required divestment. This low intervention rate confirms that the NSI Act operates as a targeted filter rather than a barrier to investment in the United Kingdom.

That said, increased volumes have modestly affected processing times. It now takes a median of seven working days to accept a mandatory notification (up from six) and 20 days to reject a notification (up from 13). Defense-related transactions continued to predominate, accounting for 56 percent of all notifications and 36 percent of call-ins. Notably, the regime remains nationality-agnostic in design: among called-in transactions, 48 percent involved UK acquirers, 32 percent Chinese, and 20 percent American, reinforcing that scrutiny turns principally on the target’s activities within the NSI Act’s sensitive sectors, rather than the acquirer’s national origin.

In parallel, the UK government launched a consultation, which closed in October 2025, proposing the first significant amendments to the Notifiable Acquisition Regulations since 2022. The proposals would create three new standalone sectors (critical minerals, semiconductors, and water), while narrowing others, such as AI (to exclude low-risk internal use of consumer tools) and data infrastructure (to focus on third-party data centers). The government has also announced an intention to exclude purely internal corporate reorganizations and the appointment of insolvency practitioners from mandatory notification, though no draft legislation has yet been published. On the government’s estimates, the net impact would be modest, ranging from 10 fewer to 35 additional notifications per year, but the reforms signal a maturing regime calibrated to reduce compliance burdens while focusing resources on transactions that present genuine national security risks.

2025 also brought important legal precedent in FDI screening. In R (FTDI Holding Limited) v. Chancellor of the Duchy of Lancaster (FTDI), the High Court in July 2025 upheld a final order requiring divestment of an 80.2 percent stake in a UK semiconductor business acquired by Chinese-backed investors before the NSI Act came into force. The Court confirmed that “awareness” for the purposes of the six-month call-in clock is not limited to the relevant minister but can be met by ISU staff, a finding that provides useful clarity on when time begins to run. On proportionality, the Court conducted its own assessment but afforded a high degree of deference to the government’s evaluation of national security risks, accepting that the Secretary of State’s view on what measures were necessary and proportionate was entitled to “great respect.” The Court further held that procedural shortcomings, including insufficient reasoning in the final order itself, were not sufficient to invalidate the order where the decision-maker was found to have had good reasons for the decision.

This judicial deference was reinforced by the Court of Appeal in L1T FM Holdings v. Chancellor of the Duchy of Lancaster (LetterOne), which dismissed a challenge to the lack of compensation following a compelled divestment. The Court held that there is no absolute right to “fair market value” compensation under Article 1 of the First Protocol to the European Convention on Human Rights. Where the investor conducted a sale in the open market, selected a buyer subject only to national security suitability, and retained the proceeds, this satisfied the requisite “reasonable relationship of proportionality,” even though timing and compulsion affected bargaining dynamics.

The combined effect of FTDI and LetterOne is to confirm that, while judicial review remains available, UK courts will afford substantial deference to the executive on national security matters. Investors should note that national security measures can result in financial losses without compensation even where, as the Court of Appeal observed, “there is no suggestion that the investor entities have done anything wrong.” Outside the courtroom, the Versarien Plc prohibition in August 2025, blocking the transfer of graphene-related intellectual property and know-how to a proposed joint venture with China’s Anhui Boundary Innovative Materials Technology, served as a reminder that the NSI Act captures not only share acquisitions but also asset transactions, including intangible know-how, licensing arrangements, and collaboration access. Where dual-use technology is at stake, structuring a transaction as a joint venture or technical-assistance arrangement will not avoid scrutiny.

* * *

The second Trump administration entered office with a clear vision that the tools of international trade—tariffs, sanctions, export and investment controls—can be used to further a wide range of the White House’s foreign policy, national security, and domestic economic goals. The result has been an unprecedented application of these tools, which has been met by judicial challenges in the United States and an increasingly robust response from the European Union, the United Kingdom, China, and others—all of whom have increasingly resorted to similar old and novel instruments as they have pursued and protected their own interests.

For companies on the front lines of these trade wars, 2025 was an introduction to a new, highly complex, fluid, and increasingly disaggregated trading and regulatory landscape. Even so, if one steps back from the day-to-day noise and discerns the broader policy interests that are animating so many states to pursue their interests via coercive economic measures, opportunities may emerge.

The following Gibson Dunn lawyers prepared this update: Anna Searcey, Irene Polieri, Adam M. Smith, Stephenie Gosnell Handler, Christopher T. Timura, Matthew S. Axelrod, Ronald Kirk, Donald Harrison, Benno Schwarz, David Wolber, Claire Shepherd, Alana Tinkler, Attila Borsos, Michelle Kirschner, Samantha Sewall, Roxana Akbari, Jason Bae, Karsten Ball, Dharak Bhavsar, Sarah Burns, Soo-Min Chae, Alex Chiang, Justin duRivage, Hui Fang, Erika Suh Holmberg, Janice Jiang, Neringa Juodkunaite, Saad Khan, Zach Kosbie, Maria Kosmopoulou, Josephine Kroneberger, Melina Kronester, Vanessa Ludwig, Nikita Malevanny, Dorkas Medina, Chris Mullen, Mason Pazhwak, Nick Rawlinson, Layla Reynolds*, Dominic Solari, Audi Syarief, Scott Toussaint, and Lindsay Bernsen Wardlaw.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these issues. For additional information about how we may assist you, please contact the Gibson Dunn lawyer with whom you usually work, the authors, or the following leaders and members of the firm’s International Trade Advisory & Enforcement or Sanctions & Export Enforcement practice groups:

*Indicates a recent law graduate who is not admitted to practice law.

Managing third-party risk is a central challenge for global companies. This webinar looks at how organizations can identify and address risks that arise through suppliers, contractors, distributors, and other partners. The discussion covers due diligence, contract terms, monitoring processes, and internal controls. It also considers how different jurisdictions set expectations for companies, and how enforcement agencies view the management of third parties. Examples show how disputes often arise when business units seek to pursue opportunities while compliance teams seek to protect the company from exposure.

This session highlights the importance of striking a balance between commercial aims and legal obligations. Presenters discuss how companies can design risk-based approaches, ensure compliance functions have real authority, and avoid blind spots that allow misconduct to go unnoticed.

MCLE CREDIT INFORMATION:

This program has been approved for credit in accordance with the requirements of the New York State Continuing Legal Education Board for a maximum of 1.0 credit hour, of which 1.0 credit hour may be applied toward the areas of professional practice requirement. This course is approved for transitional/non-transitional credit.

Attorneys seeking New York credit must obtain an Affirmation Form prior to watching the archived version of this webcast. Please contact CLE@gibsondunn.com to request the MCLE form.

Gibson, Dunn & Crutcher LLP certifies that this activity has been approved for MCLE credit by the State Bar of California in the amount of 1.0 hour in the General category.

California attorneys may claim “self-study” credit for viewing the archived version of this webcast. No certificate of attendance is required for California “self-study” credit.

PANELISTS:

Oleh Vretsona, partner in Gibson Dunn’s Washington, D.C. office, focuses on investigations and compliance. His work includes designing third-party controls, conducting due diligence reviews, and advising on enforcement risks in high-risk regions.

Victor Tong is an English-qualified solicitor in Gibson Dunn’s London office whose practice includes commercial dispute resolution, financial services litigation, and internal and regulatory investigations. He previously practiced at a Magic Circle firm and completed a secondment with Nomura’s litigation and investigations group.

Michele Wiener, partner at Control Risks, leads investigations and compliance reviews w orldwide. She has helped companies strengthen anti-fraud and anti-corruption programs in more than 30 countries and is recognized for her work under major international anti-bribery laws.

Ulla Pentinpuro, Principal at Control Risks, leads the firm’s Compliance, Forensics and Intelligence practice for Mexico, Central America and the Caribbean. She has more than 20 years of experience overseeing complex fraud, corruption, and money-laundering investigations across the region.

‘2025 Takeaways (brought to you by Doordash and Deliveroo) – an “alreet” (all REIT) year‘

2025 selected highlights

Basepoint Capital’s £543m cash offer for International Personal Finance plc on 29 December, together with Jiangxi Copper Company’s £867m cash offer for SolGold plc on Christmas Eve, ended an up-and-down year on a high. Basepoint’s offer coming more than 12 months after talks first started and five PUSU extensions.
May, though, was the stand-out month in the rollercoaster ride that was 2025 with:
- Two reverse transactions within a day of each other: Primary Health Properties plc’s £1.79bn cash and share offer for Assura plc and Greencore Group plc’s £1.2bn cash and share offer for Bakkavor Group plc (which successfully closed on 16 January 2026 after the CMA accepted various disposal and other undertakings).
- DoorDash, Inc. announcing its bid for Deliveroo plc, ultimately delivering and collecting on a “final” £2.9bn cash offer.
- The Panel establishing two auction processes for the first time since the battle for WM Morrissons in 2021 (although neither were ultimately used). First in relation to Harmony Energy Income Trust plc with Foresight Group’s £209m cash offer winning through ahead of Drax Group. Then, three months later, for Warehouse REIT plc. This time with Blackstone’s £489m cash offer seeing off Tritax Big Box REIT plc (August).

The January Data

Offers Announced

Offers by Sector (YTD)

Bid Premia	Financial Advisor Fees (% deal value)

What’s Happened

An active year for interventionist shareholders

Some may “look back in anger” – but not various strategic investors who played a decisive role in both bringing about – and blocking – a number of mid-market bids.
It is unusual for a recommended scheme to be voted down, but this happened in both Natarra’s offer for Treatt (after Döhler amassed a 28% blocking stake) and Cicor Technologies offer for TT Electronics (after dissenting shareholder DBAY Advisors increased its holding to 24%).
It may happen again in February, as the recommended consortium offer for Inspecs Group faces the challenge of trade rival Safilo Group having acquired 25%.
Inspired plc’s largest shareholder, Gresham House (29%), was instrumental in resisting Regent International’s hostile bid and then supporting HGGC plc’s ultimately successful competing offer.
WSP Global Inc’s bid for Ricardo plc followed after Science Group made a strategic investment in Ricardo (20%), requisitioned a shareholder meeting and then agreed to sell out to WSP.

Might we see bidders and boards seeking to engage earlier with shareholders in 2026?

The return of the contractual offer (no MACs allowed)

Switching from a scheme to a contractual offer – and, in particular, a contractual offer with an acceptance condition of 50% +1 – reemerged as a tool in the arsenal of more bullish bidders. A roll of the dice in which bidders have to weigh up the chances of closing their offer at a lower threshold than a scheme with the possibility of not being able to delist (75%) or squeeze our the minority (90%):

In the case of Blackstone Inc.’s offer for Warehouse REIT plc and KKR/Stonepeak’s unsuccessful offer for Assura plc, this was in the context of a competing bid situation. Blackstone originally launched its bid as a scheme, but then switched to an offer after the Warehouse REIT board withdrew their recommendation in favour of Tritax Big Box REIT plc.
Similarly, KKR/Stonepeak’s intial offer for Assura was originally structured as a scheme but then switched to an offer once Primary Health Properties plc launched its competing offer (which was a contractual offer from the start).
Notably both Blackstone and Primary Health were able to get above 90% and “squeeze-out” the minorities. Blackstone was aided by its 30.25% share buying spree which flipped it into making a Rule 9 mandatory offer.
More unusually, Long Path originally launched its offer for Idox plc as a scheme and, despite remaining uncontested, it has nonetheless switched to a 50%+1 offer citing that it would “increase the certainty of completing acquisition. Whether this particular roll of the dice will pay off will soon be known, as the earliest date Lone Path’s offer can be declared unconditional is today (5 February).

Looking Ahead

February – Multiple big ticket PUSU deadlines

Two potential offers were announced in January which could eclipse KKR’s £4.2bn offer for Spectris plc which took the crown as 2025’s largest deal.

The combination of Rio Tinto and Glencore – “GlenTinto” – would create the world’s largest mining company (currently BHP). The press has zeroed in on this particular statement from Rio Tinto’s announcement – “possible combination of some or all of their businesses” – leading to speculation that the deal could involve spin-offs and carve-outs. The current PUSU deadline is 5 February, which may need to be extended.

More is likely to become clear about Zurich’s advances on Beazley plc. Zurich’s latest £8.4bn proposal on 19 January was rejected and Zurich is now facing a PUSU deadline on 16 February.

The spotlight will also be on the outcome of EQT’s discussions with FTSE 250 Oxford Biomedica, with EQT similarly having to navigate an initial PUSU deadline of 11 February.

…. And beyond

To be seen if recent regulatory changes will result in the emergence of more UK listed bidders. The UK Listing Rules no longer require shareholder approval for, what were, Class 1 transactions, nor do they require a prospectus for the admission of consideration shares to trading (unless it is a reverse transaction). This could open the way for UK listed bidders to readily differentiate themselves with a cash and share bid which offers both a partial exit and upside potential which can readily be realised in the future. An approach which, as we saw, worked for Primary Health Properties plc in its bidding battle for Assura plc.

Although, one thing is assured, the interest in REITs looks set to continue.

P2P Financing

Debt financing was not a limiting factor for those bidding for UK public companies in 2025. In fact, the year was the busiest in European leveraged finance history with over €350 billion issued across loans and high yield bonds. Approximately two thirds of that volume consisted of refinancings and repricings of existing debt and, since many lenders were sitting on large amounts of new money which they needed to deploy, there was keen interest in new money issuance, including loans to back public bids.

Public bidders also benefited from the resurgence of the syndicated loan markets, which (after a short pause following the initial US tariff announcements in April) provided strong competition for the private credit funds which had backed 80% of debt financed UK take privates in 2023 and 60% in 2024. In recent years bidders have increasingly turned to private credit funds because of the confidentiality and speed of execution which they can offer for public bids. However, in 2025 only 40% of debt-financed bids in the UK went to private credit, as buyers on larger deals took advantage of discounted interest rates in the syndicated market. KKR’s successful bid for Spectris was backed by a £1.5 billion senior loan priced at just 3.75% over SONIA.

However, the continuing fall in syndicated pricing led private credit funds to compete by offering well priced loans in an effort to retain market share. Permira’s bid for JTC in November was backed by a group of funds led by Blackstone. They provided around £1.1 billion of senior debt, split across euro, dollar and sterling tranches and priced between 4.50%-4.75% over the relevant benchmarks. Credit funds continued to step up for smaller deals too, with Guggenheim Partners backing Long Path Partners in their bid for Idox with a combination of unitranche and PIK debt. A key advantage of private credit loans is their ability to offer the option of PIK interest, enabling borrowers to minimise their debt service burden during challenging periods while maintaining the necessary leverage for competitive bids. The percentage of private credit loans featuring a PIK option has doubled since the start of 2022.

Documentation terms remained mostly borrower friendly. The spectre of distressed borrowers carrying out ‘Liability Management Exercises’ to cram-down or ‘prime’ their existing lenders using permissive covenants led some lenders to focus on ‘blockers’ to close relevant loopholes. However, fierce competition for deals allowed borrowers to resist most lender pushback on documentation. While lenders on some deals managed to amend particularly aggressive features, such as uncapped adjustments to EBITDA or flexibility to incur new debt outside the guarantor group, covenant packages largely remained as flexible as they have been since 2021.

As we go into 2026, the technical background looks very positive for potential bidders. With a vast amount of dry powder ready for deployment and ongoing competition between syndicated markets and private credit, it seems unlikely that debt pricing will rise in the near future. The impact of further geopolitical shocks can never be ruled out, but the determined ‘business as usual’ attitude from debt providers despite the challenges of 2025 bodes well for both sellers and bidders looking to enhance M&A valuations through the use of debt.

Equity Capital Markets

In 2025, the London IPO market delivered its strongest year since 2021, primarily due to Q4 activity, which saw the Main Market IPOs of The Beauty Tech Group, Shawbrook and Princes Group. In addition, in December, The Magnum Ice Cream Company was admitted to the ESCC category of the Official List, in a simultaneous triple listing with New York and Amsterdam. There is optimism that the stronger IPO market will continue into 2026, with additional listings being mooted, particularly in the financial services and technology sectors.

The block trade market also showed strength, as demonstrated in particular by Pfizer’s £5 billion sell-down of its remaining Haleon shares in Q1. The standout secondary issuance was SSE’s £2 billion placing in November to fund a £33 billion investment plan. The FTSE 100 index had its strongest performance since 2009, rising approximately 21.5%.

News from the Gibson Dunn Team

We’re delighted to announce that Peter Usher has secured a coveted two year secondment to the Takeover Panel, lasting from 2026 to 2028, further deepening Gibson Dunn’s UK public M&A and regulatory expertise within the London office.

As Will McDonald and Jonathan Griffin have previously completed secondments with the Takeover Panel, Gibson Dunn is now one of very few firms with a number of secondees at the Panel, offering unparalleled coverage for our clients on UK P2Ps across both M&A and investigations & disputes.

Key Contacts:

Will McDonald Partner, Corporate	Chris Haynes Partner, Corporate	David Irvine Partner, Finance	Kavita Davis Partner, Finance
James Addison Of Counsel, Corporate	Thomas Barker Of Counsel, Corporate	Sarah Leiper-Jennings Of Counsel, Corporate	Pete Usher Associate, Corporate

The SEC’s 2025 enforcement agenda reflected sweeping changes in leadership, priorities, and personnel, yielding dismissals, process reforms, and a new leadership structure within the Enforcement Division.

In 2026, with Chairman Paul Atkins’s team in place and the new Enforcement Director’s senior staff appointed, the year will test how they lead a smaller workforce to advance the Commission’s mission to protect investors, facilitate capital formation, and maintain fair, orderly markets.

New Leadership

As with last year, 2026 opens with a newly constituted three-member Commission—this time, all three from the President’s party and generally aligned, especially on enforcement.[1] As set forth in our Securities Enforcement 2025 Mid-Year Update, Chairman Atkins arrived with a wealth of experience at the Commission. Since taking office on April 21, 2025, he has assembled his executive team and publicly set out his priorities. In September 2025, he named Judge Margaret Ryan as Enforcement Director. Her career includes service as a senior judge on the U.S. Court of Appeals for the Armed Forces and as a judge advocate in the U.S. Marine Corps, as well as roles as a law firm partner and U.S. Supreme Court clerk. In the press release announcing her appointment, she emphasized addressing investor harm and combating fraud and manipulation in the financial markets.

Judge Ryan’s leadership team includes several senior staff with decades of experience at the SEC.[2] She joined a very experienced Commission, led by an exceptionally knowledgeable Chairman, and brings deep legal and analytical skills in addition to leadership and experience working in large organizations with significant missions that affect the public.

Rounding out the Enforcement Division’s national leadership team, on January 12, 2026, the Commission announced two new Deputy Directors from private practice: one to oversee enforcement in the Chicago, Atlanta, and Miami Regional Offices, and the other in the New York, Boston, and Philadelphia Regional Offices. Both are returning to public service, and Judge Ryan noted their “wealth of experience as trial, litigation, and appellate lawyers.” In the press release announcing their appointments, the appointees said they look forward to “identifying and pursuing sensible enforcement actions” and the “proper enforcement of U.S. securities laws,” echoing themes articulated by Chairman Atkins and Director Ryan.

Staff Reductions

The beginning of 2025 and the new administration brought sweeping changes to federal agencies, and the SEC experienced a significant reduction in its workforce. In a May 2025, SEC Town Hall speech, Chairman Atkins noted that departures from October 2024 to May 2025 had reduced the SEC’s headcount by approximately 15%, to approximately 4,200 employees and 1,700 contractors, down from May 2024 staffing levels of approximately 5,000 employees and 2,000 contractors.[3]

The SEC’s FY 2026 Budget Request to Congress referenced “a focus on returning to the core mission that Congress set for the agency” and requested $2.149 billion in support of 4,101 full-time equivalents (FTEs). The budget request was flat as compared to budgets for FY 2025 and FY 2024 but reflects a net reduction of 447 FTEs as compared to FTE levels for FY 2025 due to attrition from early retirement and buyout offers. For the Enforcement Division, the SEC’s largest division by headcount, the SEC requested budget for 1,178 FTE for FY 2026, down almost 17% from 1,424 actual FTE in FY 2024.

ENF Statistics

In October 2025, only a week after the close of FY 2025, Chairman Atkins signaled his perspective on tracking enforcement statistics: “If we reward the staff only for bringing enforcement actions, then we have discouraged the staff from determining not to recommend an enforcement action. A basic tenet of management is, ‘You get what you measure.’ The wrong incentives make it more difficult for the staff to follow the evidence and the law wherever it leads and instead encourage the staff to stretch the boundaries of existing law.”[4]

It may not come as a surprise, then, that the SEC has not yet publicly announced enforcement statistics for FY 2025. However, publicly available analysis by economists at The Brattle Group shows 506 enforcement actions in FY 2025, a 13% decline from FY 2024 levels. Enforcement actions brought in the second half of FY25 – which would coincide with Chairman Atkin’s arrival at the SEC – marked “an unprecedented decline in enforcement activity.”[5]

Frequently-brought enforcement actions in FY2025 involved investment advisers, insider trading and private placement offering frauds. Under Chairman Atkins’ tenure, enforcement actions involving offering frauds have doubled while those involving public company reporting is down by half. Perhaps unsurprisingly, the Commission instituted no new FCPA enforcement actions in the second half of FY 2025.[6]

Case Dismissals – Commission Exercises Its Discretion

Perhaps the most notable enforcement actions in 2025 were those that resulted in a wave of case dismissals of actions initiated by prior administrations – notably those involving crypto, FCPA, and cyberbreach disclosure. Our 2025 Mid-Year Update covered dismissals of several enforcement actions against certain digital asset and crypto platforms citing the Commission’s exercise of its “discretion” and “its judgment that the dismissal will facilitate the Commission’s ongoing efforts to reform and renew its regulatory approach to the crypto industry not on any assessment of the merits of the claims alleged in the action.”[7]

But crypto was not the only area in which the Commission exercised its discretion to dismiss cases it had previously announced and litigated.

Similar language referencing the SEC’s “exercise of its discretion” accompanied the dismissal of the SolarWinds lawsuit after two years of litigation that arose from the SUNBURST cyberattack. In July 2024, the court dismissed most of the SEC’s claims, except for a securities fraud claim based on a Security Statement on the company’s website. Defendants moved for summary judgment in April 2025, and, before there was any decision, on November 20, 2025, the Commission sought dismissal of the remaining claims with prejudice.

In the second half of 2025, the SEC also dismissed ongoing civil enforcement actions against executives who were charged in parallel criminal actions, had gone to trial, been convicted and were granted Presidential clemency. The oldest of the cases was against Devon Archer who was charged by the SEC in 2016 for defrauding investors in a Native American tribal bond scheme. Archer was convicted in June 2018 in a parallel criminal action brought by the U.S. Attorney’s Office for the SDNY. He received a presidential pardon on March 25, 2025 and the SEC announced dismissal of its civil enforcement action on September 18, 2025 “in the exercise of its discretion.”

In July 2021, the Commission announced charges against Trevor Milton, the founder of Nikola Corporation, for securities fraud; the U.S. Attorney’s Office for the SDNY brought parallel criminal charges. In December 2023, Milton was found guilty after a criminal trial of making false and misleading statements to investors and on March 27, 2025, he was granted a full and unconditional pardon. On September 11, 2025, the Commission dismissed its civil enforcement action against Milton “in the exercise of its discretion.”

Similarly, in February 2023, the SEC charged Ozy Media and its CEO Carlos Watson with securities fraud and a parallel criminal action was brought by the U.S. Attorney’s Office for the EDNY on the same day. In July 2024, Watson and Ozy Media were convicted after an eight-week trial and on March 28, 2025, they were granted commutations of their sentences with no further fines, restitution, probation, or other conditions. On September 18, 2025, the Commission dismissed its case against both defendants.

In August, the SEC filed a Joint Stipulation of Dismissal together with Ripple, a cryptocurrency company, its co-founder and chairman, and its CEO, dismissing the SEC’s appeals and company’s cross-appeal.[8] The SEC had alleged the defendants failed to register offers and sales of digital assets, including personal unregistered sales of approximately $600 million by the two individual defendants. The Joint Stipulation resolves the action against defendants and leaves the final judgment in effect, which imposed a civil penalty of over $125 million against the company.

The Commission’s exercise of its discretion to dismiss cases has continued into 2026. In early January, the SEC dismissed an enforcement action against the former CFO of a mining company who had been charged in 2017 with fraud for inflating the value of coals assets.[9] After eight years of litigation and despite surviving a summary judgment motion in February 2025 the Commission dismissed the case with prejudice.

Process Changes – Wells Process, Formal Orders

In his initial remarks to the staff in May 2025, Chairman Atkins highlighted the values of “[p]redictability, due process, rule of law, integrity” and “project[ing] a sense that one can get a fair shake without vindictiveness or ulterior motives.”[10] This sentiment underlies process changes during Chairman Atkins’ tenure, including announced modifications to the Wells process and coordination of waiver requests when a company seeks to settle an enforcement action with potential collateral consequences, such as on its ability to raise capital efficiently.

In a statement on September 26, 2025, Chairman Atkins announced the return to simultaneous consideration of settlement offers and related requests for waivers from collateral consequences (e.g., losing well-known seasoned issuer (WKSI) status, statutory safe harbors for forward-looking statements, and Regulation D exemptions).[11] He stated that the return to simultaneous consideration provides certainty to settling parties and efficiencies for the Commission and its staff.

In remarks delivered on October 7, 2025, Chairman Atkins announced that enforcement staff, in giving a Wells notice, will provide sufficient information for potential respondents or defendants to understand the potential charges and evidentiary basis for the charges, including testimony transcripts and key documents. Chairman Atkins stated that staff “must be forthcoming about material in the investigative file . . . and the staff must make every effort to share information it has gathered” subject to statutory and programmatic limitations.[12] The Chairman also extended the Wells submission period to at least four weeks for potential respondents and defendants. However, in the months since the Chairman’s speech, our experience is that staff willingness to share the investigative record during the Wells process remains inconsistent.

In articulating values for the enforcement program, the Chairman stated “when the Commission exercises its enforcement authority, it does so fairly, transparently, and with the procedural rigor that engenders confidence in our work.”[13]

Looking Forward

The Enforcement Division under Chairman Atkins and Enforcement Director Judge Ryan, will bring cases to “hold[] accountable those who lie, cheat and steal.”[14] With a reduced headcount and loss of experienced staff, we anticipate the Commission will focus on “cases of genuine harm and bad acts” and back-to-basics enforcement actions in traditional areas: large-scale offering frauds, insider trading, investment adviser and broker-dealer regulatory compliance violations, and public company reporting and disclosure violations. The Commission is unlikely to tout creative or first-in-kind enforcement actions.

Two areas of note include the Commission’s most recent actions against investment advisers and the establishment of the Cross-Border Task Force:

Investment Advisers

Registrants should be aware that the Commission has brought several cases in the last six months against investment advisers where the conduct does not appear to have involved genuine investor harm or outright fraud. These cases include instances of alleged misrepresentations made in Forms ADV,[15] failure to disclose conflicts of interest,[16] and failing to comply with specific rules relating to marketing, recordkeeping, and the implementation of an effective compliance program.[17]

Foreign Issuers

Another likely enforcement focus is foreign issuers that the Commission views as exploiting U.S. capital markets and the gatekeepers who enable their access. In line with the Administration’s America First Investment Policy, in September 2025 the Commission formed a Cross-Border Task Force to investigate foreign-based issuers for potential market manipulation—such as pump-and-dump schemes—and to increase scrutiny of gatekeepers, particularly auditors and underwriters, who facilitate foreign issuers’ access to the U.S. capital markets. See our Client Alert on the Cross-Border Task Force.

Since the announcement of the Cross Border Task Force, the SEC has issued over a dozen orders for trading suspensions against Asia-based companies because of “potential manipulation” of the foreign issuers’ securities made to investors by unknown persons via social media. The thirteen trading suspensions announced in the last four months is almost twice the number of trading suspensions instituted in the three years – 2022-2024 – combined.

Personnel

Significant changes occurred at the senior staff level and in regional leadership this year:

Appointments

Enforcement Division

In August, Judge Margaret Ryan was named Director of the Division of Enforcement, effective September 2, 2025.[18] Judge Ryan was previously a senior judge of the United States Court of Appeals for the Armed Forces.

With the appointment of Judge Ryan as Director, Sam Waldon, who had been serving as Acting Director, returned, temporarily, to his role as Chief Counsel, only to transition once again to take on his current role as Deputy Director of the Enforcement Division.
Mark Cave has moved from his prior role as an Associate Director to become Chief Counsel of the Enforcement Division.
In January 2026, Paul H. Tzur and David M. Morrel were named as Deputy Directors of the Division of Enforcement.[19] Tzur joined the Commission on January 6, 2026, as the Deputy Director overseeing the agency’s enforcement program in the Chicago, Atlanta, and Miami Regional Offices. Mr. Morrell joined the Commission on January 12, 2026, as the Deputy Director overseeing the agency’s enforcement program in the New York, Boston, and Philadelphia Regional Offices, replacing the position previously held by Antonia Apps.

Other Divisions and Senior Leadership

In September, James J. Moloney was named Director of the Division of Corporation Finance with Acting Director Cicely LaMothe returning to her role as Deputy Director of the Division.[20] Moloney served at the SEC as an attorney-advisor and later special counsel in the Division of Corporation Finance’s Office of Mergers & Acquisitions between 1994 and 2000, and then as a partner at Gibson, Dunn & Crutcher LLP, including as co-chair of the firm’s securities regulation and corporate governance practice group.
On January 20, 2026, Christina M. Thomas was named as deputy director and chief advisor on disclosure, policy, and rulemaking in the Division of Corporation Finance. Ms. Thomas previously served as counsel to SEC Commissioner Elad L. Roisman and began her legal career as an attorney-adviser in the Division of Corporation Finance, where she worked with Mr. Moloney.
In September, the Jon Kroeper was named Deputy Director of the Division of Trading and Markets.[21] Kroeper previously served twice at the Commission, including from 1994 to 2000 as an attorney-advisor, senior counsel, and counselor to a commissioner, and from 2005 to 2007 as counselor to a commissioner and to the Chairman. Mr. Kroeper also spent 17 years at the Financial Industry Regulatory Authority, from 2007 to 2024, where he served as an executive vice president in the market regulation department. Most recently, Mr. Kroeper served as a senior consultant at Patomak Global Partners.
In December, the SEC announced that Dr. Joshua T. White would return to the agency beginning the week of January 5, 2026, to serve as Chief Economist and Director of the Division of Economic and Risk Analysis.[22] White previously served at the SEC in multiple economic roles, including as a financial economist, visiting academic scholar, and expert consultant, where he contributed to economic and cost-benefit analysis supporting Commission rulemaking and enforcement initiatives. Most recently, Dr. White occupied the role of senior advisor and acting chief economist at the PCAOB.
In July, George R. Botic was designated to serve as Acting Chair of the Public Company Accounting Oversight Board (PCAOB), following the resignation of PCAOB Chair Erica Y. Williams.[23] Botic, a Certified Public Accountant, served as a PCAOB Board Member since October 2023, and previously held several senior leadership roles at the PCAOB, including Director of the Division of Registration and Inspections, Director of the Office of International Affairs, Special Advisor to a former PCAOB Chair, and Deputy Director of the Registration and Inspections Division.

Investment Advisers

Breach of Duty, Misleading Disclosures

In June, the SEC settled an ongoing lawsuit against two affiliated investment advisers, and two associated persons (the portfolio managers) for allegedly misrepresenting the risks of a “net short” options strategy and their risk management.[24] The SEC alleged breaches of fiduciary duty and material misstatements about worst-case loss estimates and fund risks, which helped grow assets under management and generate millions in compensation even as losses at one point exceeded $1 billion. Without admitting or denying, the defendants consented to permanent injunctions and agreed to pay more than $4.5 million in penalties and disgorgement. The two portfolio managers also accepted conduct-based injunctions, one for three years and the other for one.

In July, the SEC announced settled charges against an investment adviser for allegedly breaching its fiduciary duty by failing to disclose broker-dealer conflicts that generated additional fees, and for overbilling and backdating documents by its former chief compliance officer and former president.[25] The adviser allegedly led clients to believe an unaffiliated clearing broker set their fees while failing to disclose that client bills included an affiliated broker-dealer’s markups. The SEC also alleged that: the adviser overbilled clients on certain alternative investments; failed to return prepaid advisory fees on terminated accounts; and produced to Exam staff backdated materials purporting to memorialize annual compliance reviews over three years. Without admitting or denying the allegations, the adviser agreed to pay $1,750,000; the former chief compliance officer, $10,000; and the former president, $20,000. The SEC noted the adviser’s remedial efforts, including reimbursing clients.

In August, the SEC settled charges with two investment advisers for allegedly failing to adequately disclose conflicts when recommending an affiliated managed account service.[26] The SEC alleged the advisers misled clients by recommending enrollment without disclosing financial incentives—bonuses and raises—to steer clients into the service, and that the advisers lacked adequate policies and procedures for such recommendations. Without admitting or denying, each adviser agreed to a $750,000 civil penalty, and one also agreed to approximately $4.5 million in disgorgement.

Also in August, the SEC settled charges with another adviser for allegedly failing to adequately disclose conflicts when recommending the managed account service.[27] The SEC alleged the firm did not adequately disclose that it incentivized its advisors—through bonuses, salary increases, and sometimes promotions—to enroll and keep clients in the service, and failed to adopt and implement reasonably designed policies and procedures. Without admitting or denying, the adviser agreed to a $19.5 million civil penalty.

In September, the SEC announced a settled district court action against two investment advisers and the person who controlled both for fiduciary breaches and material misrepresentations to private funds and their investors between 2017 and 2022.[28] The SEC alleged three categories of misconduct: (i) causing funds to make short-term, below-market loans to one of the advisers—including to cover shortfalls at other funds—in violation of partnership agreements and without disclosure; (ii) sending misleading investor letters during an attempted buyout of limited partnership interests that failed to disclose conflicts or obtain consent; and (iii) making material misstatements in marketing and offering materials for a multi-strategy fund regarding the auditor’s existence, assets under management, investment strategy, and the adviser’s regulatory filing status. Without admitting or denying the allegations, the defendants consented to injunctions and agreed to pay more than $9.5 million in penalties and disgorgement.

In November, the SEC filed litigated district court actions against six purported investment advisers, alleging material misrepresentations and unsubstantiated statements in Forms ADV regarding, among other things, their organizations, office locations, assets under management, and clients.[29] The SEC alleged that the entities made various claims in ADV filings submitted in 2023 and 2024 that it has been able to substantiate. The claims include that the funds managed between $1 million and $10 million in assets in the United States, advised private funds, and that a separate registered investment adviser reported information about the private funds. The SEC states that each registrant has failed to respond to requests for books and records to substantiate information on the Forms ADV. The SEC’s complaints seek injunctive relief and civil penalties.

Specific Rules – Custody, Marketing, Reg SP, Reg M

In August, the SEC announced settled charges against an investment adviser for allegedly:

Violating the Custody Rule by failing to comply with the independent verification requirement for client funds and securities over which it had custody.[30] The SEC alleged that the adviser violated the Custody Rule by failing to arrange for the required surprise examinations from at least 2018 through 2024. Without admitting or denying the SEC’s findings, the adviser agreed to pay a $50,000 civil penalty.

Violating Rule 105 of Regulation M by purchasing equity during the restricted period. The SEC alleged the adviser shorted securities and then purchased the same securities in a covered offering for six private fund clients, outside any Rule 105 exception, obtaining shares at a discount to market.[31] Without admitting or denying the SEC’s findings, the investment adviser agreed to pay a civil penalty of $250,000. The SEC noted the adviser’s cooperation and remedial efforts.

Breaching its fiduciary duty to its private fund clients when it failed to credit certain transaction fees to reduce the cost of management fees, as agreed to under the applicable limited partnership agreements.[32] The SEC alleged that the adviser’s failure to offset the management fees resulted in more than $500,000 in excess fees. Without admitting or denying the SEC’s findings, the investment adviser agreed to pay a penalty and disgorgement totally more than $680,000, and to distribute funds to affected limited partners.

In September, the SEC filed a district court action against an individual and his newly-formed advisory firm with breaches of fiduciary duties and violations of Reg SP relating to the individual defendant’s in launching the new advisory firm while still employed at another investment adviser.[33] The complaint alleges that by spring 2023 the defendant had misappropriated his then-employer’s clients’ nonpublic personal information (PPI)—including names, contact details, account balances/values, fees, and other data—emailing it to himself and to his future business partner. He also allegedly breached his fiduciary duty at his prior firm by placing a client in investments contrary to the client’s instructions, leading to his termination. Shortly thereafter, he launched his own advisory firm and allegedly fraudulently induced prospective advisory clients to hire his new firm by misrepresenting his disciplinary history and prior termination on the firm’s website and in the adviser’s brochure. The complaint seeks permanent injunctions, disgorgement, and civil penalties.

Also in September, the SEC announced a settled action against an investment adviser for alleged violations of the marketing, recordkeeping, and compliance program rules.[34] The SEC alleged that the adviser disseminated marketing claims stating “it refused all conflicts of interest” while recognizing various conflicts of interest in its Form ADV Part 2A brochure and, therefore, lacked a reasonable basis for believing it would be able to substantiate the claim in its advertisement. The SEC also alleged that the adviser failed to retain copies of advertisements for the required periods and violated the Compliance Rule by failing to implement and annually review its recordkeeping compliance policies and procedures. Without admitting or denying the findings, the adviser agreed to comply with remedial undertakings including conducting a compliance review and providing certifications, and to pay a $75,000 civil penalty. The SEC noted remedial efforts undertaken by the adviser and its cooperation, including removal of the advertisement and retention of compliance consultants and a third-party firm to assist with books and records preservation.

In November, the SEC instituted settled actions against:

An investment adviser and its principal for allegedly failing to annually review the adequacy of its compliance policies and procedures and to implement those policies.[35] The SEC alleged that the adviser repeatedly failed to conduct annual compliance reviews, to maintain accurate fee disclosures, to obtain written advisory agreements with clients, and to maintain required records of brochure delivery, and that the principal caused certain of the firm’s violations despite prior SEC enforcement actions and examination findings. Without admitting or denying the findings, the firm agreed to certain undertakings, including retaining an independent compliance consultant, and to pay a $150,000 civil penalty.

A dual registered broker-dealer and investment adviser for alleged violations of Reg S-ID and Reg SP. Specifically, the SEC alleged the firm failed, between 2019 and 2024, to adopt and implement written policies and procedures reasonably designed to protect customer records and information and protect against identity theft.[36] The SEC alleged that inadequate policies and controls contributed to email account takeovers at several branch offices exposing records and customer information and affecting thousands of individuals. Without admitting or denying the findings, the firm agreed to pay a $325,000 civil penalty. The SEC noted extensive remedial measures undertaken by the firm, including enhancements to information security and cybersecurity programs.

An investment adviser for allegedly causing a registered investment company to violate the requirement that its financial statements be certified by an independent public accountant.[37] The SEC alleged that the accountant hired to audit the fund violated the independence rules set by the Commission and the Public Company Accounting Oversight Board because the auditor’s wife held investments in the fund, which the adviser was allegedly aware of. Without admitting or denying the findings, the adviser agreed to pay a $10,000 civil penalty.

Fraud Actions

The SEC filed a number of enforcement actions alleging fraud by investment advisers, or purported advisers. Many of these cases alleged Ponzi schemes and other offering frauds not catalogued here. Below we note cases alleging more particularized fraud.

In July, the SEC commenced an unsettled district court action against an investment adviser and its CEO alleging fraudulent billing practices.[38] The complaint alleged that the defendants charged unauthorized and undisclosed fees totaling more than $2.4 million, including circumventing their brokerage firm’s requirement for direct client authorization of additional fees by logging into client’s accounts without consent. The SEC seeks disgorgement, civil penalties, and permanent injunctions against both defendants, as well as a permanent bar from acting as or being associated with a broker, dealer, or investment adviser.

An investment adviser, its CEO, and its largest sub-adviser for allegedly engaging in a multi-year fraud to conceal losses from investors.[39] The SEC’s complaint says that the defendants (1) concealed losses of over $350 million for hedge funds they advised, including by fabricating documents to deceive the funds’ auditor and administrator; (2) misled investors that dozens of sub-advisers were allocated funds to trade in securities after posting cash collateral to offset losses when in fact the majority of the capital went to the large sub-adviser, which incurred massive trading losses while collecting management and incentive fees. The SEC seeks permanent injunctions, civil penalties, disgorgement, and officer and director bars. The U.S. Attorney’s Office for the District of New Jersey also brought criminal charges against the CEO in a parallel action. The SEC previously charged the investment adviser’s president and CCO with fraud in connection with the same scheme.[40]

Broker Dealers

In September, the SEC filed charges against a Russian national for his alleged role in a multi-year fraudulent scheme to hack U.S. retail brokerage accounts and manipulate the price and trading volume of hundreds of securities listed on multiple U.S. markets.[41] The SEC alleged that, between 2014 and 2019, the individual used over 20 fake identities to open over 100 foreign and domestic bank and brokerage accounts to trade in securities that were simultaneously manipulated by hackers through forced trades in compromised U.S. brokerage accounts. The SEC alleged that the Russian national generated approximately $31 million in gross proceeds from his trades, and approximately $1.5 million in net profits. The complaint seeks a permanent injunction, disgorgement, and civil penalties.

In September, the SEC announced settled charges against a broker-dealer that provides market data to paying customers. Per the complaint, marketing material distributed between September 2018 and June 2019 stated that U.S. options market data was delivered “in fractions of seconds,” when the broker-dealer knew the data was regularly delayed—sometimes by several minutes during high-volume periods, with average delays of about 23 seconds. The SEC alleged that by failing to adequately inform all customers or correct its ongoing marketing claims, the broker-dealer led some customers to place options orders based on untimely information. Without admitting or denying the allegations, the broker-dealer agreed to a settled order finding a negligence-based violation and ordered a civil penalty of $5 million. The SEC took into consideration certain remedial acts by the company, including notifying certain customers of the delays and publishing a clarifying disclosure on various screens that display U.S. options market data.

In December, the SEC reached a settlement of previously filed litigation with a market maker concerning its representations to customers regarding its policies and procedures reasonably designed to prevent the misuse of material, nonpublic information (MNPI).[42] Allegedly, for a 15-month period ending in April 2019, the broker-dealer lacked barriers to prevent its proprietary traders from potentially accessing information concerning retail customer orders submitted to its trade execution business. Without admitting or denying the allegations, the broker-dealer consented to the entry of a final judgment on a negligence-based violation, including a permanent injunction and a civil monetary penalty of $2.5 million. In all other respects, the SEC’s complaint was dismissed.

Municipal Offerings

In December, the SEC resolved a litigated action filed in 2022 against a middle-market investment bank and municipal advisor for allegedly selling municipal bond offerings in reliance on a “limited offering exemption” despite not meeting the criteria for the exemption. When satisfied, the exemption exempts certain municipal securities offerings from the general requirement of providing disclosures to investors. The complaint alleged that the firm: (1) did not satisfy the exemption requirements for the offerings; (2) inaccurately represented to issuers that it had satisfied the requirements; and (3) did not have policies and procedures reasonably designed to ensure that it complied with the limited offering exemption when acting as underwriter in these municipal bond offerings.[43] Without admitting or denying the allegations, the company agreed to permanent injunctions from violations of Rule 15c2-12 of the Securities Exchange Act (Municipal Securities Disclosures), MSRB Rules G-17 (Fair Dealing) and G-27 (Supervision), and Exchange Act Section 15B(c)1 (which makes a violation of MSRB rules a violation of the Exchange Act) and a civil penalty of $1.2 million.

Reg BI

In August, the SEC announced a settled action against a dual registered broker-dealer and investment adviser for the broker-dealer’s alleged violations of Regulation Best Interest.[44] The SEC alleged that the firm failed to comply with its Care Obligation by recommending bonds to retail customers without exercising reasonable diligence, care, and skill to have a reasonable basis to believe the recommendations were in the best interest of each particular client. The SEC further alleged that the firm willfully violated its Compliance Obligation by failing to establish, maintain, and enforce written policies and procedures designed to achieve compliance with Regulation Best Interest. Without admitting or denying the allegations, the company agreed to pay a penalty and disgorgement totaling more than $100,000.

Global Research Analyst Settlement Modification

In December, the SEC consented to modify the remaining restrictions imposed on certain bulge bracket broker-dealers under a court-approved settlement from the early 2000s (the Global Research Analyst Settlement).[45] The SEC acted in response to motions by several settling firms arguing that the restrictions are unnecessary because comprehensive, industry-wide regulation—particularly FINRA Rule 2241, adopted in 2015—fully address the conflicts of interest that the settlement provisions were intended to target. Commissioner Uyeda said the modification is “the kind of good government reform that will better serve investors, issuers, and the integrity of our U.S. capital markets.”[46] The proposed modifications remain subject to court approval.

Securities Based Swaps Dealer

Substituted Compliance

In August, the SEC announced settled charges against a United Kingdom-based security-based swap dealer for allegedly violating the requirements of a substituted compliance order.[47] The SEC alleged that the dealer violated capital recordkeeping, financial reporting, compliance, internal supervision, and internal risk management requirements with which it was required to comply pursuant to an SEC-issued substituted compliance order for UK-regulated firms. The SEC further alleged that the dealer made untrue statements concerning its policies and procedures in its registration with the SEC. Without admitting or denying the SEC’s allegations, the dealer agreed to pay a $9.8 million penalty and engage a compliance consultant for a comprehensive review of its program.

Public Accountants

In August, the SEC announced settled charges against an accounting firm and its managing partner.[48] The SEC alleged that the partner and his firm failed to take action upon learning that an individual and three related companies created and filed with the SEC multiple fake audit reports bearing the partner’s signature as though they were made by the accounting firm. The SEC also alleged that the partner and the firm helped conceal the fake reports and enabled a scheme to inflate the performance of the three companies and thereby defraud investors. Without admitting or denying the allegations, the partner and the accounting firm agreed to permanent injunctions, civil penalties over $100,000, and suspension from practice as accountants before the SEC for at least six years.

Public Companies

In September, the SEC filed a litigated action against the former chief medical officer of a biopharmaceutical company for allegedly making false and misleading statements about the cardiovascular safety of the company’s then-primary drug candidate.[49] The SEC alleged that from November 2019 to March 2021, the CMO misled investors by claiming that the new drug candidate was safer than the primary existing alternative without disclosing that she had directed changes to test results in an effort to make the drug appear superior. The SEC further alleged that the CMO made these claims in a variety of forums, including a high-profile industry presentation, SEC filings, an earnings call, and a published article in a leading industry journal. The SEC is seeking permanent injunctive relief, a permanent officer-and-director bar, disgorgement and civil penalties.

In December, the SEC announced a settled action against a company that operates an online firearms and outdoor gear marketplace and unsettled actions against three former executives of the company.[50] According to the settled SEC order, the company failed to disclose (i) that an accountant sanctioned by the SEC and barred from serving as a director or officer of a public company served as an undisclosed officer of the company and (ii) two related-party transactions involving the accountant. The SEC further alleged that the company made misleading statements with respect to its adjusted EBITDA. The SEC noted the company’s remedial efforts, including hiring a compliance consultant to conduct a comprehensive review and assist with its remediation of material weaknesses in internal control over financial reporting. Without admitting or denying the allegations, the company agreed to undertakings to adopt and implement all the compliance consultant’s recommendations within two years of the settlement.

In the litigated complaint against the three former executives,[51] the SEC alleged that the executives, including the accountant who was barred from serving as a director or officer and allegedly served as an undisclosed officer, made misleading statements in the company’s public SEC filings and financial statements for the general purpose of obfuscating unfavorable information about the management and operations of the company. The SEC is seeking permanent injunctions, civil penalties, officer and director bars, disgorgement, and reimbursement.

Insider Trading

The SEC instituted a number of insider trading actions against individual, retail traders during the latter half of 2025. The cases often were accompanied by parallel criminal actions, including cases with relatively modest trading profits.

In July, the SEC announced settled charges against:

A former senior director at an publicly traded animal health company and her friend for allegedly misappropriating and trading on material nonpublic information (MNPI) concerning the company’s then-confidential acquisition of a publicly traded pet therapeutics company.[52] The SEC alleged the employee participated in the acquirer’s due diligence process, purchased 500 shares of the target’s stock, and later tipped her friend, who purchased 38,000 shares the day before the deal announcement. The target’s stock price rose by about 46% following the announcement. Both defendants admitted the allegations set forth in the SEC’s complaint and consented to the entry of judgments including permanent injunctions, officer-and-director bars, and civil penalties and disgorgement, if any, to be determined by the court. Each defendant also pleaded guilty in parallel criminal actions brought by the U.S. Attorney’s Office for the Southern District of New York.

A long-time banking supervisor and examiner at the Federal Reserve Bank of Richmond for insider trading based on MNPI concerning financial institutions under his oversight.[53] The SEC’s complaint alleged that, on one occasion, the supervisor received advance knowledge of a positive earnings announcement for one supervised bank and used that information to purchase the bank’s stock hours before the announcement. On a second occasion, he allegedly learned of unexpected loan losses at a different supervised bank and purchased put options two days before the related earnings announcement. The supervisor agreed to permanent injunctions and more than $650,000 in disgorgement, which was deemed satisfied by a forfeiture order entered in a parallel criminal proceeding brought by the U.S. Attorney’s Office for the Eastern District of Virginia, in which he pleaded guilty and was sentenced to 24 months in prison.

An individual for allegedly trading on MNPI about a potential acquisition of a publicly traded trucking company that he learned from a friend who held a senior position at the potential acquirer.[54] The SEC alleged that the defendant purchased shares of the target after learning that negotiations for the acquisition were ongoing and sold them after the target announced the acquirer had made an offer and its stock price rose nearly 300%. Without admitting or denying the allegations, the defendant consented to entry of a final judgment imposing a permanent injunction and agreed to pay a penalty and disgorgement totaling more than $167,000.

An employee of a biopharmaceutical company for allegedly trading on MNPI about his employer’s intention to acquire a publicly traded biotechnology company.[55] The SEC alleged that the defendant became aware of his employer’s interest in acquiring the target, purchased shares of the target over the course of approximately three months preceding the anticipated transaction, and sold the shares after the acquisition was announced, realizing approximately $260,000 in illicit profits. The defendant consented to entry of a final judgment imposing a permanent injunction, a permanent officer-and-director bar, and disgorgement of more than $290,000. A portion of the defendant’s disgorgement obligation was deemed offset by a forfeiture order entered in a parallel criminal proceeding brought by the U.S. Attorney’s Office for the District of Massachusetts, in which he pleaded guilty and was sentenced to two months in prison.

In August, the SEC announced settled charges against:

A former executive of a publicly traded medical-robotics company for alleged insider trading in advance of an announcement that the company would be acquired.[56] The SEC alleged that, while involved in internal discussions regarding the potential acquisition, the executive tipped MNPI to a close friend, who then tipped another friend. The two tippees allegedly made multiple purchases of the company’s securities and realized approximately $500,000 in combined trading profits, and the first tippee later allegedly provided the executive with a $25,000 kickback in exchange for the MNPI. The executive consented to entry of a final judgment imposing a permanent injunction and a permanent officer-and-director bar, and disgorgement of more than $32,000.

A finance professional and his father-in-law for alleged insider trading in relation to the upcoming acquisition of a mattress company by a private equity firm.[57] The finance professional allegedly received MNPI from his employer regarding the acquisition and tipped that information to his father-in-law. Between August and November 2021, ahead of the acquisition’s public announcement on November 15, 2021, both respondents made multiple purchases of stock in the mattress company. On the day of the announcement, the stock price rose by 88%. Without admitting or denying the SEC’s findings, the respondents agreed to pay a total of approximately $55,000 in disgorgement and civil penalties.

An individual who, in 2023, allegedly misappropriated MNPI about the acquisition of a publicly traded meal-kit company from an immediate family member who was a senior executive at the meal-kit company.[58] The individual traded while in possession of that MNPI for a realized profit of more than $500,000. Without admitting or denying the SEC’s findings, the individual consented to the issuance of a cease-and-desist order and agreed to pay disgorgement and a civil penalty totaling more than $1.1 million.

Also in August, the SEC filed charges against:

A Texas resident for alleged insider trading relating to the merger of a privately held biotechnology company with a publicly traded biotechnology company.[59] In the complaint, the SEC alleged that the individual received MNPI in July 2020 about the merger from employees of an investment advisory firm who recommended an investment in the private company. Between July and August 2020, shortly after investing in the private company, the individual allegedly purchased shares in the public merger target across fifteen personal and family-associated trading accounts. On the day of the merger announcement, the public biotechnology company’s stock price rose by 215%. The SEC seeks injunctive relief, disgorgement, and civil penalties.

A managing director at an investor relations consulting firm and two of his friends.[60] The SEC’s complaint alleged that between 2019 and 2024, the director, whose firm’s clients included publicly traded pharmaceutical and biotechnology companies, repeatedly tipped his friends MNPI about those clients, including drug test results, financial results, and upcoming mergers and acquisitions. His friends then allegedly purchased stocks and options and short-sold stocks based on that information and shared some of the resulting profits with the director. All three individuals consented to an order imposing a permanent injunction and, for the director, a conduct-based injunction barring him from associating with a broker or dealer and an officer-and-director bar but reserving the issues of disgorgement and civil penalties for determination by the court. All three defendants pled guilty in a parallel criminal action by the U.S. Attorney’s Office for the Southern District of New York.

An executive and two friends for alleged insider trading relating to the acquisition of the publicly traded parent company of the executive’s employer.[61] The SEC’s complaint alleged that in December 2023, the executive received MNPI from the parent company of a planned sale, and that he proceeded to tip his friend with the intent of having someone trade on his behalf. The friend then allegedly tipped another friend, who in turn tipped a fourth individual who was not charged. Both friends, as well as the fourth individual, allegedly purchased stocks and options on the tipped information. Upon the announcement of a private equity firm’s acquisition of the parent company in January 2024, stock in the parent company rose by 101%. In September and October, both friends consented to orders imposing permanent injunctions but reserving the issues of disgorgement and civil penalties for determination by the court. Against the executive, the SEC seeks injunctive relief, civil penalties, and an officer-and-director bar. All three defendants pled guilty in a parallel criminal action by the U.S. Attorney’s Office for the Southern District of New York.

Two employees of a firm providing EDGAR filing services to clients, who from January 2025 to June 2025, repeatedly traded on MNPI obtained from client SEC filings sent to the firm for processing.[62] On at least thirteen occasions, both employees accessed client-submitted filings containing disclosures such as financial results or merger information, purchased client shares, and then sold those shares immediately following each public announcement, realizing combined profits of over $2.2 million. The SEC seeks injunctive relief, disgorgement, and civil penalties. Both defendants pled guilty in a parallel criminal action brought by the U.S. Attorney’s Office for the Eastern District of New York.

The former director of a biopharmaceutical company and four of the director’s friends and family members.[63] The SEC’s complaint alleged that the director received MNPI about a proposed acquisition of the biopharmaceutical company, then tipped that information to his friends and family members, after which each of them, including the director, purchased stock and/or options in the biopharmaceutical company ahead of the announcement of the acquisition. Collectively, all five made over $500,000 in trading profits. The SEC seeks injunctive relief, disgorgement, and civil monetary penalties as to all defendants, and an officer-and-director bar as to the former director. In December, the director and three of the director’s friends and family members were convicted by a federal jury in a parallel criminal action brought by the DOJ, with sentencing to occur later in 2026.[64]

In September, the SEC filed and settled insider-trading charges against an individual who allegedly used MNPI that he obtained, in 2022 and 2023, in his capacity as head of Equity Trading at an investment firm to trade in the securities of at least ten different publicly traded companies.[65] Without admitting or denying the SEC’s allegations, the individual consented to the entry of a final judgment imposing permanent injunctions and agreed to pay approximately $240,000 in disgorgement. In a related DOJ action in the United States District Court for the District of Connecticut, the individual pleaded guilty to securities fraud, based on the same conduct.[66] In October, the individual was sentenced to two months’ imprisonment, 18 months’ supervised release, and a fine of more than $300,000.

[1] U.S. Sec. & Exch. Comm’n, Commission Votes (2026), available at https://www.sec.gov/about/commission-votes/2026/commission-votes-2026-01.xml

[2] U.S. Sec. & Exch. Comm’n, Division of Enforcement, Staff Directory (as of February 2, 2026), https://www.sec.gov/about/divisions-offices/division-enforcement/division-enforcement-staff-directory

[3] https://www.sec.gov/newsroom/speeches-statements/atkins-townhall-05062025.

[4] Paul S. Atkins, Chairman, U.S. Securities and Exchange Commission, “Keynote Address at the 25th Annual A.A. Sommer, Jr. Lecture on Corporate Securities and Financial Law,” October 7, 2025. (Sommer Address)

[5] The Brattle Group, “SEC Enforcement Activity for Fiscal Year 2025: A Tale of Two Halves, (October 28, 2025) available at https://www.brattle.com/insights-events/publications/sec-enforcement-activity-for-fiscal-year-2025-a-tale-of-two-halves.

[6] Id.

[7] U.S. Sec. & Exch. Comm’n Press Release, SEC Announces Dismissal of Civil Enforcement Action Against Coinbase (Feb. 27, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-47; SEC Litigation Release, SEC Announces Dismissal of Civil Enforcement Action Against Cumberland (Mar. 27, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26276; SEC Litigation Release, SEC Announces Dismissal of Civil Enforcement Action Against Consensys Software Inc. (Mar. 27, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26277; SEC Litigation Release, SEC Announces Dismissal of Civil Enforcement Action Against Kraken (Mar. 27, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26278.

[8] U.S. Sec. & Exch. Comm’n Litigation Release, SEC Announces Joint Stipulation to Dismiss Appeals, Resolving Civil Enforcement Action Against Ripple and Two of Its Executives (Aug. 7, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26369.

[9] U.S. Sec. & Exch. Comm’n Litigation Release, SEC Announces Dismissal of Civil Enforcement Action Against Former Rio Tinto Executive Guy Elliott (January 9, 2026), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26459.

[10] Chairman Paul S. Atkins, Opening Remarks at the SEC Town Hall (May 6, 2025), available at https://www.sec.gov/newsroom/speeches-statements/atkins-townhall-05062025.

[11] Chairman Paul S. Atkins, Statement on Simultaneous Commission Consideration of Settlement Offers and Related Waiver Requests (Sept. 26, 2025) available at https://www.sec.gov/newsroom/speeches-statements/atkins-2025-simultaneous-consideration-settlement.

[12] Sommer Address.

[13] Id.

[14] Chairman Paul S. Atkins, Opening Remarks at the SEC Town Hall (May 6, 2025), available at https://www.sec.gov/newsroom/speeches-statements/atkins-townhall-05062025.

[15] U.S. Sec. & Exch. Comm’n Litigation Release, Bluesky Eagle Capital Management Ltd., Supreme Power Capital Management Ltd., AI Financial Education Foundation Ltd., AI Investment Education Foundation Ltd., Invesco Alpha Inc., Adamant Stone Limited (Nov. 17, 2025) available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26416.

[16] U.S. Sec. & Exch. Comm’n, Administrative Proceeding, SEC Charges Vanguard Advisers for Failing to Adequately Disclose Conflicts of Interest to Clients (Aug. 29, 2025) available at https://www.sec.gov/enforcement-litigation/administrative-proceedings/ia-6912-s; U.S. Sec. & Exch. Comm’n, Administrative Proceeding, Engaged Capital LLC (June 16, 2026) available at https://www.sec.gov/files/litigation/admin/2026/ia-6940.

[17] U.S. Sec. & Exch. Comm’n, Administrative Proceeding, Meridian Financial, LLC (Sept. 4, 2025) available at https://www.sec.gov/enforcement-litigation/administrative-proceedings/ia-6916-s.

[18] SEC Press Release, SEC Names Judge Margaret Ryan as Director of the Division of Enforcement (Aug. 21, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-108-sec-names-judge-margaret-ryan-director-division-enforcement.

[19] U.S. Sec. & Exch. Comm’n Press Release, Paul Tzur and David Morrell Named Deputy Directors of the Division of Enforcement (January 12, 2026), available at https://www.sec.gov/newsroom/press-releases/2026-4-paul-tzur-david-morrell-named-deputy-directors-division-enforcement.

[20] U.S. Sec. & Exch. Comm’n Press Release, SEC Names James Moloney Director of Division of Corporation Finance (Sept. 10, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-115-james-moloney-named-director-division-corporation-finance.

[21] U.S. Sec. & Exch. Comm’n Press Release, Jon Kroeper Named Deputy Director of the Division of Trading and Markets (Sept. 24, 2025), available at https://www.sec.gov/news/press-release/2025-123.

[22] U.S. Sec. & Exch. Comm’n Press Release, Joshua T. White Named SEC Chief Economist (Dec. 17, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-143-joshua-t-white-named-sec-chief-economist.

[23] U.S. Sec. & Exch. Comm’n Press Release, SEC Announces George Botic to Serve as Acting Chair of the Public Company Accounting Oversight Board (July 21, 2025), available at https://www.sec.gov/newsroom/press-releases/2025-100-sec-announces-george-botic-serve-acting-chair-public-company-accounting-oversight-board.

[24] U.S. Sec. & Exch. Comm’n Litigation Release, SEC Settles Charges Against Advisers and Portfolio Managers in Lawsuit Alleging Misrepresentations About Risks in Funds That Lost More than $1 Billion (July 1, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26338.

[25] U.S. Sec. & Exch. Comm’n Press Release, SEC Charges Former Investment Adviser for Failing to Adequately Disclose Conflicts of Interest, Overbilling, and Producing Compliance Documents Backdated by its CCO and President (July 11, 2025), available at https://www.sec.gov/enforcement-litigation/administrative-proceedings/ia-6893-s.

[26] U.S. Sec. & Exch. Comm’n Press Release, SEC Charges Empower Advisory Group, LLC and Empower Financial Services, Inc. for Failing to Adequately Disclose Conflicts of Interest to Retirement Plan Participants (Aug. 29, 2025), available at https://www.sec.gov/enforcement-litigation/administrative-proceedings/34-103809-s.

[27] U.S. Sec. & Exch. Comm’n Press Release, SEC Charges Vanguard Advisers for Failing to Adequately Disclose Conflicts of Interest to Clients (Aug. 29, 2025), available at https://www.sec.gov/enforcement-litigation/administrative-proceedings/ia-6912-s.

[28] U.S. Sec. & Exch. Comm’n Litigation Release, Tomislav Vukota and His Two Advisory Firms Settle Charges for Breaches of Fiduciary Duty and Misrepresentations (Sept. 9, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26393.

[29] U.S. Sec. & Exch. Comm’n Litigation Release, SEC Charges Six Investment Advisers with Making Misrepresentations in Forms Filed with the Agency (Nov. 17, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26416.

[30] U.S. Sec. & Exch. Comm’n Press Release, SEC Charges Investment Adviser for Custody Rule Violations (Aug. 1, 2025), available at https://www.sec.gov/enforcement-litigation/administrative-proceedings/ia-6901-s.

[31] U.S. Sec. & Exch. Comm’n Press Release, SEC Charges Colorado-Based Investment Adviser with Violating Trading Rule (Aug. 4, 2025), available at https://www.sec.gov/enforcement-litigation/administrative-proceedings/34-103629-s.

[32] U.S. Sec. & Exch. Comm’n Press Release, SEC Charges New York-Based Investment Adviser with Breaching Fiduciary Duty by Overcharging Management Fees to Private Funds (Aug. 15, 2025), available at https://www.sec.gov/enforcement-litigation/administrative-proceedings/ia-6908-s.

[33] U.S. Sec. & Exch. Comm’n Litigation Release, SEC Charges California Investment Adviser and His Advisory Firm with Fraud and Improper Disclosure of Client Nonpublic Personal Information (Sept. 11, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26395.

[34] U.S. Sec. & Exch. Comm’n Press Release, SEC Charges Massachusetts-Based Investment Adviser with Marketing, Books and Records, and Compliance Rule Violations (Sept. 4, 2025), available at https://www.sec.gov/enforcement-litigation/administrative-proceedings/ia-6916-s.

[35] U.S. Sec. & Exch. Comm’n Administrative Proceedings Order, In re Rudney Associates, Inc. and Eric A. Rudney (Nov. 24, 2025), available at https://www.sec.gov/files/litigation/admin/2025/ia-6927.pdf.

[36] U.S. Sec. & Exch. Comm’n Press Release, SEC Charges Oregon Firm for its Deficient Cybersecurity and Identity Theft Prevention Programs (Nov. 25, 2025), available at https://www.sec.gov/enforcement-litigation/administrative-proceedings/34-104255-s.

[37] U.S. Sec. & Exch. Comm’n Administrative Proceedings Order, In re MH Investment Management, Inc., (Nov. 21, 2025), available at https://www.sec.gov/files/litigation/admin/2025/ic-35810.pdf.

[38] U.S. Sec. & Exch. Comm’n Litigation Release, SEC Charges Chicago-Based Investment Adviser with Charging Improper Fees (July 3, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26339.

[39] U.S. Sec. & Exch. Comm’n Litigation Release, SEC Charges Prophecy Asset Management, its CEO/CIO, and Largest Sub-Adviser in $500 Million Advisory Fraud (Sept. 29, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26414.

[40] U.S. Sec. & Exch. Comm’n Press Release, SEC Charges President/CCO of Prophecy Asset Management Advisory Firm with Multi-Year Fraud (Nov. 2, 2023), available at https://www.sec.gov/newsroom/press-releases/2023-231.

[41] U.S. Sec. & Exch. Comm’n Press Release, SEC Charges Russian National in Account Takeover Scheme Involving U.S. Brokerage Accounts (Sept. 24, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26410.

[42] U.S. Sec. & Exch. Comm’n Press Release, SEC Obtains Final Consent Judgment as to Virtu Broker-Dealer Regarding Alleged Failure to Establish, Maintain, and Enforce Policies and Procedures Reasonably Designed to Prevent Misuse of Its Customers’ Material Nonpublic Information (Dec. 3, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26427.

[43] U.S. Sec. & Exch. Comm’n Litigation Release, SEC Obtains Final Consent Judgment as to Oppenheimer & Co. Inc. Regarding Alleged Failure to Comply with Municipal Bond Offering Disclosure Requirements (Dec. 12, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26435.

[44] U.S. Sec. & Exch. Comm’n Administrative Proceedings Order, In re Emerson Equity, LLC (Aug. 11, 2025), available at https://www.sec.gov/files/litigation/admin/2025/34-103674.pdf.

[45] U.S. Sec. & Exch. Comm’n Litigation Release, SEC Consents to Termination of Undertakings in Global Research Analyst Settlement (Dec. 5, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26434.

[46] Statement of Commissioner Mark T. Uyeda, Statement on the Global Research Analyst Settlement (Dec. 5, 2025), available at https://www.sec.gov/newsroom/speeches-statements/uyeda-statement-global-research-analyst-settlement-120525.

[47] U.S. Sec. & Exch. Comm’n Administrative Proceeding Release, SEC Charges UK Security-Based Swap Dealer with Violating Laws for Dealing in U.S. Markets (Aug. 6, 2025), available at https://www.sec.gov/enforcement-litigation/administrative-proceedings/34-103646-s.

[48] U.S. Sec. & Exch. Comm’n Litigation Release, SEC Obtains Final Judgment Against Accounting Firm and Managing Partner Charged with Aiding and Abetting Massive Fraud (Aug. 13, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26373.

[49] U.S. Sec. & Exch. Comm’n Litigation Release, SEC Charges Former FibroGen Chief Medical Officer for False and Misleading Claims about Clinical Trial Results (Sept. 10, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26394.

[50] U.S. Sec. & Exch. Comm’n Administrative Proceeding Order, In re Ammo, Inc. n/k/a Outdoor Holding Company (Dec. 15, 2025), available at https://www.sec.gov/files/litigation/admin/2025/33-11397.pdf.

[51] U.S. Sec. & Exch. Comm’n Litigation Release, SEC Sues Former Executives of Arizona-Based Company for Accounting and Disclosure Fraud (Dec. 15, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26446.

[52] U.S. Sec. & Exch. Comm’n Litigation Release, SEC Charges Former Animal Health Company Senior Director and Tippee with Insider Trading (July 11, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26348.

[53] U.S. Sec. & Exch. Comm’n Litigation Release, SEC Obtains Final Judgment against Richmond Federal Reserve Banking Supervisor Charged with Insider Trading (July 21, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26356.

[54] U.S. Sec. & Exch. Comm’n Litigation Release, SEC Charges Scottsdale Resident with Insider Trading (July 22, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26359.

[55] U.S. Sec. & Exch. Comm’n Litigation Release, SEC Obtains Final Judgment Against Former Pharmaceutical Employee Charged with Insider Trading (July 30, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26364.

[56] U.S. Sec. & Exch. Comm’n Litigation Release, SEC Obtains Final Judgment in Insider Trading Case Against Doron Tavlin (Aug. 6, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26367.

[57] U.S. Sec. & Exch. Comm’n Administrative Proceedings Order, In re Vincent Barbuto (Aug. 1, 2025), available at https://www.sec.gov/files/litigation/admin/2025/34-103615.pdf; SEC Administrative Proceedings Order, In re Anthony Finale (Aug. 1, 2025), available at https://www.sec.gov/files/litigation/admin/2025/34-103614.pdf.

[58] U.S. Sec. & Exch. Comm’n Press Release, SEC Settles Insider Trading Charges Related to Blue Apron Acquisition (Aug. 22, 2025), available at https://www.sec.gov/enforcement-litigation/administrative-proceedings/34-103764-s.

[59] U.S. Sec. & Exch. Comm’n Litigation Release, SEC Charges Texas Resident with Insider Trading (Aug. 11, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26370.

[60] U.S. Sec. & Exch. Comm’n Litigation Release, SEC Charges Former Investor Relations Executive and Two Friends with Insider Trading (Aug. 18, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26376.

[61] U.S. Sec. & Exch. Comm’n Litigation Release, SEC Charges Former Executive and Friends in Insider Trading Scheme (Aug. 18, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26378.

[62] U.S. Sec. & Exch. Comm’n Litigation Release, SEC Charges Two Brooklyn Men with $2 Million Insider Trading Scheme (Aug. 21, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26380.

[63] U.S. Sec. & Exch. Comm’n Litigation Release, SEC Charges Former Director and Four Others with Insider Trading (Aug. 22, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26383.

[64] U.S. Attorney’s Office Press Release, Four Individuals Convicted of Insider Trading Scheme (Dec. 17, 2025), available at https://www.justice.gov/opa/pr/four-individuals-convicted-insider-trading-scheme.

[65] U.S. Sec. & Exch. Comm’n Litigation Release, SEC Charges Connecticut Resident with Insider Trading in Multiple Securities (Sept. 5, 2025), available at https://www.sec.gov/enforcement-litigation/litigation-releases/lr-26388.

[66] U.S. Attorney’s Office Press Release, Weston Man Sentenced to Prison for Insider Trading (Sept. 23, 2025), available at https://www.justice.gov/usao-ct/pr/weston-man-sentenced-prison-insider-trading.

The following Gibson Dunn lawyers prepared this update: Mark Schonfeld, David Woodcock, Jina Choi, Osman Nawaz, Tina Samanta, and Lauren Jackson.

Gibson Dunn lawyers are available to assist in addressing any questions you may have about these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any leader or member of the firm’s Securities Enforcement practice group, or the authors:

Mark K. Schonfeld – New York (+1 212.351.2433, mschonfeld@gibsondunn.com)
David Woodcock – Dallas (+1 214.698.3211, dwoodcock@gibsondunn.com)
Jina L. Choi – San Francisco (+1 415.393.8221, jchoi@gibsondunn.com)
Osman Nawaz – New York (+1 212.351.3940, onawaz@gibsondunn.com)
Tina Samanta – New York (+1 212.351.2469, tsamanta@gibsondunn.com)
Lauren Cook Jackson – Washington, D.C. (+1 202.955.8293, ljackson@gibsondunn.com)

Gibson Dunn announces release of the International Comparative Legal Guide – Corporate Investigations 2026

Gibson Dunn is pleased to announce with Global Legal Group the release of the International Comparative Legal Guide – Corporate Investigations 2026. Gibson Dunn partner Michael Diamant is the Contributing Editor of the publication, which covers common issues in corporate investigations laws and regulations – including internal investigation, self-disclosure to enforcement authorities, investigation process, confidentiality and attorney-client privileges. The Guide, comprised of 2 expert analysis chapters and 13 jurisdiction chapters, is live and FREE to access HERE.

Mr. Diamant, Gibson Dunn partner Melissa Farrar, and associates Monica Limeng Woolley and Ben Schlichting jointly authored the expert analysis chapter on “Corporate Investigations Laws and Regulations – Navigating Attorney-Client Privilege and Work Product Protection in Corporate Investigations 2026.”

In addition, Mr. Diamant, Ms. Farrar, of counsel Lora MacDonald, and associate Todd Truesdale co-authored the jurisdiction chapter on “Corporate Investigations Laws and Regulations USA 2026.”

You can view these informative and comprehensive chapters via the links below:

CLICK HERE to view Corporate Investigations Laws and Regulations – Navigating Attorney-Client Privilege and Work Product Protection in Corporate Investigations 2026

CLICK HERE to view Corporate Investigations Laws and Regulations USA 2026

The following Gibson Dunn lawyers contributed to this publication: Michael Diamant, Melissa Farrar, Monica Limeng Woolley, Ben Schlichting, Lora MacDonald, and Todd Truesdale.

For assistance navigating these issues, please contact the Gibson Dunn lawyer with whom you usually work, the leaders or members of the firm’s White Collar Defense & Investigations practice group, or the authors:

Michael S. Diamant – Washington, D.C. (+1 202.887.3604, mdiamant@gibsondunn.com)

Melissa Farrar – Washington, D.C. (+1 202.887.3579, mfarrar@gibsondunn.com)

Monica Limeng Woolley – Washington, D.C. (+1 202.887.3758, mwoolley@gibsondunn.com)

Ben Schlichting – Washington, D.C. (+1 202.777.9442, bschlichting@gibsondunn.com)

Lora MacDonald – Washington, D.C. (+1 202.887.3738, lmacdonald@gibsondunn.com)

Todd Truesdale – Washington, D.C. (+1 202.887.3619, ttruesdale@gibsondunn.com)

Join our panelists as they survey developments in the shifting U.S. criminal legal and corporate enforcement landscape. Topics covered include Department of Justice corporate enforcement policies and priorities in the Trump administration, recent corporate criminal enforcement case studies, and key Supreme Court criminal law decisions in 2025.

MCLE CREDIT INFORMATION:

This program has been approved for credit in accordance with the requirements of the New York State Continuing Legal Education Board for a maximum of 1.5 credit hours, of which 1.5 credit hours may be applied toward the areas of professional practice requirement. This course is approved for transitional/non-transitional credit.

Gibson, Dunn & Crutcher LLP certifies that this activity has been approved for MCLE credit by the State Bar of California in the amount of 1.5 hours.

Gibson, Dunn & Crutcher LLP is authorized by the Solicitors Regulation Authority to provide in-house CPD training. This program is approved for CPD credit in the amount of 1.5 hours. Regulated by the Solicitors Regulation Authority (Number 324652).

Neither the Connecticut Judicial Branch nor the Commission on Minimum Continuing Legal Education approve or accredit CLE providers or activities. It is the opinion of this provider that this activity qualifies for up to 1.5 hours toward your annual CLE requirement in Connecticut, including 0 hour(s) of ethics/professionalism.

Application for approval is pending with the Colorado, Illinois, Texas, Virginia, and Washington State Bars.

PANELISTS:

Stephanie Brooker is a partner in Gibson Dunn’s Washington, D.C. office and Co-Chair of the firm’s White Collar Defense and Investigations Practice Group. She handles a wide range of white collar matters, including internal investigations, regulatory enforcement defense, white collar criminal defense, complex cross-border investigations and compliance counseling. She regularly advises boards, financial institutions, global companies, and individuals in interactions with regulators and in navigating sensitive enforcement exposures. Prior to joining Gibson Dunn, Stephanie served as a prosecutor at the U.S. Department of Justice.

John Chesley is a litigation partner in Gibson Dunn’s Washington, D.C. office whose practice focuses on white collar enforcement, internal investigations, and government‑facing litigation. He represents corporations, board committees, and executives in matters involving the FCPA, procurement fraud, sanctions enforcement, securities issues, antitrust, whistleblower claims, and other government enforcement priorities. John has significant trial experience in federal and state courts and has served as the Interim Chief Ethics & Compliance Officer of a public multinational company, giving him first-hand insight into global compliance program challenges and practical risk mitigation.

Stuart F. Delery is a partner in Gibson Dunn’s Washington, D.C. office and a member of the firm’s Litigation, Crisis Management, and White Collar Defense & Investigations practice groups. He previously served as Acting Associate Attorney General of the United States, overseeing the civil and criminal work of multiple DOJ divisions, and now represents corporations and individuals in complex regulatory litigation and government investigations, including matters involving contractors and grant recipients.

Michael S. Diamant is a partner in Gibson Dunn’s Washington, D.C. office and a member of the firm’s White Collar Defense and Investigations practice. He leads internal investigations, defends corporations and executives in criminal and regulatory matters (including FCPA work), and advises on compliance program design and privilege strategy in high-stakes environments.

Melissa Farrar is a partner in Gibson Dunn’s Washington, D.C. office and a member of the White Collar Defense and Investigations group. Her practice is concentrated in white-collar defense, internal investigations, and corporate compliance. She advises multinational clients on matters such as the FCPA, False Claims Act, anti-money laundering, export controls, and securities and accounting fraud, and also supports organizations in structuring privilege strategy and compliance program assessments.

Dani R. James is a partner in Gibson Dunn’s New York office and a member of the firm’s White Collar Defense and Investigations Practice Group. A former federal prosecutor in the Southern District of New York, she represents companies and executives in complex criminal, regulatory, and civil matters involving allegations such as insider trading, corruption, and FCPA violations. She also has extensive experience conducting internal investigations and advising boards and committees on compliance and litigation strategy.

Gibson Dunn’s Workplace DEI Task Force aims to help our clients navigate the evolving legal and policy landscape following recent Executive Branch actions and the Supreme Court’s decision in SFFA v. Harvard. Prior issues of our DEI Task Force Update can be found in our DEI Resource Center.

Key Developments

On January 23, Vice President JD Vance announced at the March for Life rally that the Trump Administration will expand the “Mexico City Policy” to include “woke ideologies.” The policy, first enacted by President Ronald Reagan in 1984, bans the use of foreign aid for abortion services, including the discussion of abortion as part of family planning services. Vice President Vance stated that the new policy will extend that prohibition to include “woke ideologies,” such as “gender ideology” and “discriminatory equity ideology.” The Department of State is expected to release rules implementing this policy change.

On January 22, the U.S. Equal Employment Opportunity Commission (“EEOC”) voted 2-1 to withdraw a 2024 guidance document establishing a comprehensive framework for analyzing claims of workplace harassment. The 2024 guidance, issued by the EEOC under former President Joe Biden, included instruction related to sexual orientation-based harassment and gender identity-based harassment, which the EEOC said at the time qualified as discrimination on the basis of sex in violation of Title VII pursuant to the Supreme Court’s 2020 ruling in Bostock v. Clayton County. EEOC Chair Andrea Lucas voted to rescind the guidance. She has previously taken the position that the guidance is overbroad because the expanded definition of sex articulated in Bostock applied only to hiring and firing decisions, not to harassment. Lucas was joined by Commissioner Brittany Bull Panuccio, who also voted to withdraw the guidance. According to reporting from Law360, Panuccio took the position that eliminating the guidance comports with President Trump’s directives and noting that there are private-sector resources that can fill the gap left by the recission. Because the five-member EEOC currently has two vacancies, Lucas and Panuccio’s votes were sufficient to overturn the guidance. The rescission does not by itself change applicable federal anti-harassment law, nor does it bear on state-specific laws prohibiting harassment in the workplace. Lucas stated that the EEOC would continue to aggressively enforce harassment claims under Title VII and other applicable federal laws.

Commissioner Kalpana Kotagal voted against the recission, expressing concern that employers and employees would be left without clear guidelines on what constitutes unlawful harassment. Kotagal also noted that the EEOC had already removed from the guidance language relating to sexual orientation-based harassment and gender identity-based harassment, after a U.S. District Court ordered that portions of the EEOC’s guidance be vacated; Kotagal argued that the total recission of the guidance was therefore unnecessary, even under Lucas and Panuccio’s reading of the law.

On January 22, the Tenth Circuit heard oral argument in an appeal brought by Joshua Young, a white former Colorado Department of Corrections officer, who alleged that the Department of Corrections’ mandatory annual DEI trainings created a racially hostile work environment in violation of Title VII and Section 1981. According to Young, the trainings, which addressed the historical effects of white supremacy, racial inequality, and the discomfort white employees may experience when confronting those topics, amounted to unlawful racial harassment. A three-judge panel—Judges Robert E. Bacharach and Nancy L. Moritz, joined by U.S. District Judge Robert J. Shelby sitting by designation—considered whether the case should be revived after being dismissed twice previously. At oral argument, Young’s counsel cited the Supreme Court’s June 2025 decision in Ames v. Ohio Department of Youth Services, arguing that the judges must be “agnostic as to the race of the plaintiff.” Young’s counsel also claimed that using historical circumstances to assess the offensiveness of the conduct should only be considered later in the case, not at the motion to dismiss stage. Judge Moritz questioned whether Young alleged any objectively hostile conduct “beyond a single … online training.” Judge Bacharach observed, however, that the case is “unlike a lot of hostile work environment cases” and questioned why the challenged policies, when liberally construed, would not “survive the very low” motion to dismiss standard.

On January 19, 2026, Texas Attorney General Ken Paxton issued Opinion No. KP-0505 entitled, “Re: ‘Diversity, Equity, and Inclusion’ in Texas.” In the Opinion, Paxton opined on the legality of two categories of DEI initiatives: public-sector programs operated by the state of Texas, and corporate DEI practices common in the private sector. While this Opinion lacks the force of law, Texas courts consider opinions of the Attorney General as persuasive authority when interpreting state law. The seven categories of private-sector DEI initiatives discussed in the Opinion include (i) demographically based workforce representation goals, (ii) diverse slate policies, (iii) diversity fellowships or other race- or gender-based hiring programs, (iv) tying compensation to DEI-related metrics, (v) identity-based employee resource groups, mentoring, and training, (vi) supplier diversity programs, and (vii) diversity-related governance, including Chief Diversity Officers, Diversity offices, and Board committees overseeing DEI programs. The Attorney General’s Opinion does not characterize these programs as categorically unlawful but states that these DEI practices may violate state and federal antidiscrimination law in certain circumstances. For more information on the Texas Attorney General’s Opinion, please see our January 20 client alert.

On January 14, the U.S. Department of Justice filed a lawsuit against the State of Minnesota, challenging the State’s affirmative action hiring policies for state civil service. According to the complaint, Minnesota has implemented statutes, rules, and policies that require state agencies to give “preferences to employees or prospective employees because of their race, color, national origin, and sex” in violation of Title VII of the Civil Rights Act of 1964. As an example, the complaint points to Minnesota law requiring the Commissioner of the Minnesota Management and Budget agency to “establish statewide affirmative action goals” based on “the percentage of members of each protected class in the recruiting area population who have the necessary skills” and “the availability for promotion or transfer of current employees who are members of protected classes.” Under Minnesota law, protected classes include “females, persons with disabilities, and members of the following minorities: Black, Hispanic, Asian or Pacific Islander, and American Indian or Alaskan native.” The Justice Department seeks, among other relief, a declaratory judgment that Minnesota is engaging in a pattern of unlawful discrimination in violation of Title VII, a permanent injunction prohibiting the state and its agents from any future hiring conduct in violation of Title VII, and equitable relief to any employees and prospective employees who were discriminated against as a result of the affirmative action hiring policies. “Making hiring decisions based on immutable characteristics like race and sex is simple discrimination,” said Attorney General Pamela Bondi in the official press release, “and the Trump Administration has no tolerance for such DEI policies.” (Among other things, the Trump Administration previously withdrew Executive Order 11,246, which had required federal government contractors to adopt affirmative action plans.)

When the U.S. Supreme Court ended race-conscious admissions in higher education in 2023, it did not overrule precedents authorizing some form of workplace affirmative action under Title VII. But those precedents—United Steelworkers of America v. Weber, 443 U.S. 193 (1979) and Johnson v. Transportation Agency, Santa Clara County, 480 U.S. 616 (1987)—are now being challenged in the Justice Department’s complaint. David Glasgow, Executive Director of the Meltzer Center for Diversity, Inclusion, and Belonging, highlighted this lawsuit as one to watch for potentially significant developments, noting that the legality of workplace DEI practices could end up in front of the Supreme Court as a result. The case is U.S. v. State of Minnesota, No. 26-cv-00273 (D. Minn. 2026).

On January 21, the U.S. Department of Education withdrew its appeal of a federal district court ruling that blocked implementation of the Education Department’s February 14, 2025 “Dear Colleague” letter, which was pending before the United States Court of Appeals for the Fourth Circuit. The letter required higher education institutions to “(1) ensure that their policies and actions comply with existing civil rights law; (2) cease all efforts to circumvent prohibitions on the use of race by relying on proxies or other indirect means to accomplish such ends; and (3) cease all reliance on third-party contractors, clearinghouses, or aggregators that are being used by institutions in an effort to circumvent prohibited uses of race,” or else lose federal funding. A group of plaintiffs, comprised of the American Federation of Teachers, the American Sociological Association, and a school district in Eugene, Oregon, challenged the letter as violating the Free Speech Clause of the First Amendment, the Due Process Clause of the Fifth Amendment, and the Administrative Procedure Act. In a joint stipulation signed by both parties, the government summarily stated that the parties have agreed to dismiss the appeal with each side bearing its own costs and fees. No reason was provided for the government’s decision to drop the appeal. Prior to the dismissal of the appeal, the case had been seen as a potential vehicle for testing the legality of race-based education programs in the U.S. Supreme Court. The case is American Federal of Teachers, et al., v. U.S. Department of Education, et al., No. 0:25-2228 (4th Cir. 2025).

Media Coverage and Commentary:

Below is a selection of recent media coverage and commentary on these issues:

The New York Times, “Should Any Programs Help Minority Groups? In Lawsuits, Conservatives Say No” (Jan. 31): Anemona Hartocollis of the New York Times reports on the dozens of lawsuits brought by conservative groups in the two years since the Supreme Court’s decision in Students for Fair Admission v. Harvard. Hartocollis reports that the aim of these conservative groups is to extend SFFA’s reach “beyond universities into other areas of American life, including corporations, law firms, health care, the arts and private nonprofits offering scholarships intended to help people of a certain race or ethnicity.” Notably, some of these groups are harnessing laws passed in the Reconstruction Era to ensure the rights of newly-freed slaves to target DEI programs they assert violate the civil rights of white Americans. In discussing the use of Section 1981, a civil rights act intended to give formerly enslaved African Americans the same right to contract as white citizens, the article quotes Jason Schwartz of Gibson Dunn as stating, “Ironically, they’re using that statute as a way to dismantle programs designed to assist racial minorities.” The article specifically highlights the efforts of active litigants, including the American Alliance for Equal Rights, the Pacific Legal Foundation, and the Wisconsin Institute for Law and Liberty, which together have represented over 100 clients in recent challenges to affirmative action programs.
The New York Times, “Employment Commission Chair Recasts Workplace Discrimination in Trump’s Image” (Jan. 27): Rebecca Davis O’Brien of the New York Times reports on the changing priorities of the EEOC under Chair Andrea Lucas. The author references a recent interview in which Lucas stated that the agency’s current mission “is to restore a focus on equality as opposed to equity” and to return “to the concept of equal treatment as opposed to equal outcomes.” She also cites to a recent LinkedIn post from Lucas, calling on “white male[s]” who have experienced discrimination at work based on their race or sex to report the discrimination to the EEOC, and informing them that they “may have a claim to recover money under federal civil rights laws.” Lucas’s opponents said that the video sent the message “that white Americans would receive preferential consideration under the Trump administration.” O’Brien describes the ways in which Lucas’s EEOC has acted to accomplish its policy priorities during the first several months of the Administration, when a lack of quorum prevented the agency from pursuing major rule changes. The article quotes Jason Schwartz of Gibson Dunn, who says, “Andrea has done an effective job of making the E.E.O.C., and the chair of the E.E.O.C., an important policymaking position.”
The Washington Post, “Why Trump’s EEOC wants to talk to White men about discrimination” (December 30): Taylor Telford of the Washington Post reports on shifting enforcement priorities at the EEOC following changes in leadership during President Trump’s second term. According to Telford, EEOC Chair Andrea Lucas is publicly soliciting complaints from white men who believe they have experienced workplace discrimination based on race or sex. Telford further reports that Lucas has stated that the agency will prioritize enforcement against what it characterizes as illegal discrimination related to DEI, emphasize individual rights over group-based protections, and increase focus on pregnancy and religious accommodation claims, while moving away from disparate impact cases. Critics, Telford reports, argue that this shift diverts resources from addressing systemic discrimination, whereas supporters contend that it corrects overreach by prior administrations. Telford also notes a decline in race-based enforcement actions in 2025 and increased EEOC scrutiny of DEI-related workplace practices.
Forbes, “How Disney Navigated DEI Backlash: A Masterclass for CEOs” (December 29): Tima Bansal of Forbes reports on Disney’s changing approach to DEI in recent years. As Bansal reports, after Florida ratified the Parental Rights in Education Act in March 2022, which prohibited classroom instruction on sexual orientation and gender identity through third grade, Disney called for the Act to be repealed, while pausing political contributions in Florida. Bansal explains that Florida Governor Ron DeSantis responded by dissolving the Reedy Creek Improvement District, a special taxing district that had granted Disney significant self-governance authority for more than five decades. Disney then unsuccessfully challenged the state’s actions in federal court. In November 2024, Disney removed references to “diversity,” “inclusion,” and “DEI” from its annual report for the first time since 2019, but Disney shareholders overwhelmingly rejected a proposal to discontinue participation in the Human Rights Campaign’s Corporate Equality Index. Bansal reports that Disney’s subsequent public messaging has emphasized concepts such as “belonging” and “inclusion” rather than DEI, reflecting a broader corporate trend toward reframing public disclosures.
Bloomberg, “DEI Is Still a Priority Abroad. Global GCs Must Walk a Tightrope” (December 17): Paula Boggs, writing in Bloomberg Law, asks how US-based corporations with sizable operations outside the U.S. can implement a “real, not performative, commitment to [DEI].” Drawing on her experience as Chief Legal Officer of Starbucks and General Counsel of Dell, Boggs contrasts Canada’s and the EU’s approaches to DEI with the backlash surrounding DEI in the United States. She notes that while Canada and the EU do not always mandate DEI programs, their legal frameworks and public commitments support nondiscrimination and inclusion, creating expectations that differ from those in the U.S. Boggs also underscores the business stakes for multinational companies, many of which derive a large share of revenue from outside the U.S. She observes that some companies have scaled back DEI initiatives to align with U.S. trends, while others have maintained or strengthened global commitments despite scrutiny.

Case Updates:

Below is a list of updates in new and pending cases:

1. Contracting claims under Section 1981, the U.S. Constitution, and other statutes:

City of Seattle v. Trump et al., No. 2:25-cv-01435 (W.D. Wash. 2025): On July 31, 2025, the City of Seattle sued the Trump Administration, challenging Executive Orders 14173 and 14168. Seattle alleges that the EOs violate principles of separation of powers, the Fifth and Tenth Amendments, and the Spending Clause of the U.S. Constitution, and that they are arbitrary and capricious in violation of the Administrative Procedure Act. Seattle asserts that enforcement of the EOs will result in the loss of “committed federal grants and contracts if” it does not abide by “improperly imposed (and impossibly vague) funding conditions.” On October 31, 2025, the court granted Seattle’s motion for a preliminary injunction, finding that Seattle was likely to succeed on the merits because EOs 14173 and 14168 likely violate the separation of powers doctrine. Additionally, the court found that the harm to Seattle in the absence of a preliminary injunction would be irreparable and certain because Seattle would lose government grants that support a wide array of public safety, law enforcement, and other services.
- Latest update: On December 29, 2025, the defendants filed a notice of appeal of the district court’s order granting a preliminary injunction.

2. Employment discrimination and related claims:

Brandon Cooper, et. al. v. The Office of the Commissioner of Baseball et al., No. 1:24-cv-03118 (S.D.N.Y. 2024): On April 24, 2024, Brandon Cooper, an Arizona-based former minor league baseball umpire sued Major League Baseball (“MLB”), claiming that his employment was retaliatorily terminated after he accused a female umpire of harassing him and using homophobic slurs. The complaint further alleges that MLB implemented an “illegal diversity quota requiring that women be promoted regardless of merit,” which Cooper contends emboldened the female umpire to believe she could “get away with anything” because she was a woman, and that “MLB ha[d] to hire females” and would not terminate her employment. Cooper later filed an amended complaint adding Alexander Lawrie, a Florida-based former minor league baseball umpire, as co-plaintiff, raising claims under state, local, and federal law for hostile work environment, wrongful termination, failure to promote, and retaliation. The defendants moved to dismiss or in the alternative, to transfer Cooper’s claims to the District of Arizona and Lawrie’s to the Middle District of Florida.
- Latest update: On December 17, 2025, the parties submitted a joint letter informing the court that the defendants had reached a settlement in principle with Lawrie and were in the process of finalizing the settlement agreement. The parties further noted that the motions to dismiss and to transfer would remain pending only as to Cooper.
Robert M. Fuzi v. Worthington Steel Company, No. 3:24-cv-01855 (N.D. Oh. 2024): A former employee sued Worthington Steel for religious discrimination and retaliation in violation of Title VII, claiming he was fired for opposing Worthington’s DEI initiative, which required employees to use each other’s preferred gender pronouns. The plaintiff claims that the pronoun policy violated his Christian beliefs, and that he was fired in retaliation for filing an EEOC charge relating to his complaints.
- Latest update: On December 11, 2025, the plaintiff filed a notice of settlement notifying the court that the parties had reached an agreement and intended to file a stipulation of dismissal with prejudice. On January 14, 2026, the parties filed a stipulated notice of dismissal with prejudice, and on January 15, 2026, the Court dismissed the case.

3. Challenges to statutes, agency rules, executive orders, and regulatory decisions:

Glass, Lewis & Co., LLC v. Ken Paxton,1:25-cv-01153 (W.D. Tex. 2025): On July 24, 2025, Glass, Lewis & Co., LLC sued Texas Attorney General Ken Paxton to enjoin Texas Senate Bill 2337, which, starting September 1, 2025, requires proxy advisory services like Glass Lewis to “conspicuously disclose” that their advice or recommendations are “not provided solely in the financial interest of the shareholders of a company” if the advice or recommendations are based wholly or in part on ESG, DEI, social credit, or sustainability factors. Glass Lewis alleges that the law unconstitutionally discriminates based on viewpoint and infringes on its freedom of association in violation of the First Amendment. Glass Lewis also contends that the law is unconstitutionally vague under the First and Fourteenth Amendments and is preempted by ERISA. On August 29, 2025, the court granted Glass Lewis a preliminary injunction preventing the law from going into effect. The district court set trial for February 2, 2026. On September 18, 2025, the Attorney General appealed the preliminary injunction order.
- Latest update: On November 24, 2025, the Texas Attorney General filed an unopposed motion to voluntarily dismiss his interlocutory appeal on the ground that it was “highly unlikely to be fully briefed, argued, and disposed of” by the Fifth Circuit before the February 2, 2026 trial date, which would render the preliminary injunction appeal moot. On December 5, 2025, the Attorney General filed an answer to the second amended complaint. The answer generally denies all of Glass Lewis’s allegations and asserts affirmative defenses.
Mid-America Milling Company v. U.S. Department of Transportation, No. 3:23-cv-00072-GFVT (E.D. Ky. 2023): On October 26, 2023, two plaintiff construction companies sued the U.S. Department of Transportation (“DOT”), asking the court to enjoin the DOT’s Disadvantaged Business Enterprise Program, an affirmative action program that awards contracts to minority- and women-owned small businesses in DOT-funded construction projects, with the statutory aim of granting 10% of certain DOT-funded contracts to these businesses nationally. The plaintiffs alleged that the program constitutes unconstitutional race discrimination in violation of the Fifth Amendment. On September 23, 2024, the court granted the plaintiffs’ motion for a preliminary injunction, holding that the plaintiffs were likely to succeed on the merits because the program is not sufficiently tailored to the government’s purported interest and lacks a “logical end point.” The court also held that the plaintiffs have standing based on their allegations that they are “able and ready” to bid on a government contract in the near future. The court denied the defendants’ motion to dismiss pending the resolution of any interlocutory appeal of the injunction order. The parties filed a joint motion to stay the proceedings on February 10, 2025, due to the change in the presidential administration.
- Latest update: On December 23, 2025, intervenor Disadvantaged Business Enterprise (“DBE”) filed a motion to dismiss all the plaintiffs’ claims for lack of subject matter jurisdiction and to vacate the existing preliminary injunction. DBE argued that the plaintiffs’ claims were moot because the DOT issued an Interim Final Rule after the litigation was filed, eliminating the race- and sex-based presumptions in the Disadvantaged Business Enterprise Program. DBE also asked the court to vacate the preliminary injunction, arguing that the injunction was based on “now-stale facts” since it was issued before DOT issued the Interim Final Rule.On January 13, 2026, the plaintiffs opposed DBE’s motion to dismiss, arguing that the case was not moot because the “voluntary cessation” exception to the mootness doctrine applied. Also on January 13, another intervenor, Central Seal Company, filed an opposition to the motion to dismiss, raising the same argument.
Strickland et al. v. United States Department of Agriculture et al., No. 2:24-cv-00060 (N.D. Tex. 2024): On March 3, 2024, the plaintiff farm owners sued the U.S. Department of Agriculture over the administration of financial relief programs that allegedly allocated funds based on race or sex. The plaintiffs alleged that only a limited class of socially disadvantaged farmers, including certain races and women, qualify for funds under these programs. On June 7, 2024, the court granted in part the plaintiff’s motion for a preliminary injunction. The court enjoined the defendants from making payment decisions based directly on race or sex. However, the court allowed the defendants to continue to apply their method of appropriating money, if done without regard to the race or sex of the relief recipient. On February 11, 2025, the court stayed proceedings to determine how President Trump’s Executive Order No. 14148 would affect the disposition of the case. The court extended the stay on March 19 and March 31. On May 9, 2025, the parties submitted a joint motion for voluntary remand, which indicated that the Agriculture Department would revise the challenged programs “to cure the race and sex discrimination that the agency no longer defends.” The court granted the remand motion on May 15, 2025, retaining jurisdiction and ordering the Agriculture Department to finalize its reconsideration of the programs by September 30, 2025. The court extended the stay on October 16, 2025.
- Latest update: On December 5, 2025, the court lifted the stay. On January 16, 2026, the plaintiffs filed a renewed motion for summary judgment, arguing that their claims are not moot because the Agriculture Department continues to make decisions motivated by discriminatory intent and with discriminatory effect, and because they continue to suffer harm. Also on January 16, the defendants filed a combined motion to dismiss and motion for summary judgment, arguing that their current policy is race neutral. Each party’s opposition is due on February 3.
Withrow v. United States et al., No. 1:25-cv-04073 (D.D.C. 2025): On November 20, 2025, LeAnne Withrow, a transgender woman who was an Illinois Army National Guard staff sergeant and now works as a civilian employee for the Illinois National Guard, filed a putative class action against numerous United States officials, alleging that the Trump Administration’s policy of prohibiting transgender employees from using restrooms that align with their gender identity violates the Administrative Procedure Act and Title VII. The plaintiff alleges that she has tried to work around the policy by using single-use restrooms, but that such facilities are often inconvenient or nonexistent.
- Latest Update: On November 21, 2025, the plaintiff moved to certify a class of “current or future employees of the Executive Branch of the federal government whose gender identity differs from their ‘biological classification as either male or female,’ as defined in Executive Order 14168 [], and who have been or will be prohibited from using restrooms that align with their gender identity.” On January 15, 2026, the parties moved to stay briefing on the motion for class certification pending resolution of the defendants’ forthcoming dispositive motion. The parties propose that the defendants will file their dispositive motion on February 26, 2026; the plaintiff will respond on March 30, 2026, and the defendants will reply on April 23, 2026. On January 16, 2026, the court entered the parties’ proposed briefing schedule and stayed briefing on class certification pending further order by the court.

4. Actions against educational institutions:

Colin Wright v. Cornell University, No. 3:26-cv-127 (N.D.N.Y. 2026): An evolutionary biologist has sued Cornell University, raising claims of employment discrimination under state and federal law, claiming that Cornell failed to make an open position public and instead offered it only to diverse candidates. The complaint cites internal emails from the University’s evolutionary biology department stating that they intended to make a “diversity hire,” and would invite only candidates from a list of “underrepresented minority scholars” to apply for the position. Wright claims he was “banned” from applying, but had he been able to apply, he would have applied for, been qualified for, and accepted the role.
- Latest update: The docket does not reflect that Cornell has yet been served.
Do No Harm et al., v. University of California et al., 2:25-cv-4131(C.D. Cal 2025): On May 8, 2025, Do No Harm, Students for Fair Admissions, and a rejected applicant filed a class action complaint against the David Geffen School of Medicine at UCLA, UCLA, and the Regents of the University of California, along with numerous individual defendants including regents, university administrators, and admissions committee members. The plaintiffs allege that UCLA Medical School unlawfully uses race as a factor in admissions decisions in violation of Section 1983, Title VI, Section 1981, and California’s Unruh Civil Rights Act. The complaint also alleges that the university effectively shut down an internal investigation into its admissions practices by requiring admissions committee members to sign nondisclosure agreements and refusing to assure cooperating witnesses they would not face retaliation. The plaintiffs seek declaratory and injunctive relief, compensatory and punitive damages, and disgorgement of federal financial assistance. They are seeking class certification.
- Latest update: On December 23, 2025, the plaintiffs filed a second amended complaint, omitting claims under the Unruh Act and instead raising only federal claims under Title VI, Section 1981, and Section 1983.
Hooley v. Regents of the University of California et al, No. 3:25-cv-01399 (N.D. Cal. 2025): On February 11, 2025, the mother of a minor high school student sued the Regents of the University of California (“UC”), alleging that UC San Francisco Benioff Children’s Hospital Oakland discriminates against white students by offering its Community Health and Adolescent Mentoring Program for Success (“CHAMPS”) internship only to “underrepresented minority students.” The plaintiff alleges that her daughter applied for CHAMPS and was rejected based on her race. The plaintiff challenges the CHAMPS program as violating the Fourteenth Amendment of the United States Constitution, Title VI, Section 1981, and the California Constitution.
- Latest update: On November 26, 2025, the parties filed a notice of conditional settlement and joint stipulation to vacate all upcoming deadlines. On December 1, 2025, the court entered the stipulation as an order.
Kleinschmit v. University of Illinois Chicago, 1:25-cv-01400 (N.D. Ill. 2025): On February 10, 2025, a former professor at the University of Illinois Chicago sued the university, alleging that it unlawfully discriminated against white male faculty candidates and discriminated and retaliated against the plaintiff by firing him after he objected to the school’s “racial hiring programs.” The plaintiff raises claims under Sections 1981 and 1983. On May 6, 2025, the university filed a motion to dismiss. The motion contends, among other things, that (1) the plaintiff lacks standing because the harms he claims to have experienced, including not having his contract renewed, are not redressable through the injunctive remedies he seeks, (2) the plaintiff cannot maintain his action because the Board of Directors of the University of Illinois enjoys sovereign immunity under the Eleventh Amendment, (3) Sections 1981 and 1983 do not apply to the university, as it is an alter ego of the state and not a “person” under the meaning of the statutes, (4) the Eleventh Amendment bars monetary damages against the individual defendants in their official capacities as employees of the university, and (5) the individual defendants lacked involvement in the alleged adverse employment actions. On May 27, 2025, the plaintiff filed an amended complaint, adding new defendants from the university’s administration and adding allegations that the university, as a recipient of federal funds, violated Title VI of the Civil Rights Act of 1964 by intentionally discriminating against the plaintiff on the basis of his race, color, and ethnicity. On July 25, 2025, the defendants again moved to dismiss.
- Latest update: On December 17, 2025, the court granted in part and denied in part the motion to dismiss. The court dismissed the plaintiff’s request for injunctive relief, holding that the plaintiff lacks standing because he is a former university employee who does not seek reinstatement or otherwise express a desire to return to work at the university and therefore would not benefit from an injunction. The court further dismissed the plaintiff’s Section 1981 and 1983 damages claims as barred by the Eleventh Amendment, which prohibits suits for damages in federal court against states and their agencies. The court, however, allowed the discrimination claim under Title VI to proceed, explaining that sovereign immunity does not bar that claim. On January 12, 2026, the defendant filed its answer, in which it denied the plaintiff’s substantive allegations and asserts two affirmative defenses: (1) that the plaintiff failed to reasonably mitigate his alleged damages, and (2) that the defendant had a legitimate, non-discriminatory reason for any alleged adverse employment action.
Paul Fowler v. Emory University, No. 1:24-cv-05353 (N.D. Ga. 2024): On November 21, 2024, a former Emory University employee sued the university alleging that the Vice Provost for Career and Professional Development discriminated against white employees in investigations, discipline, hiring, and promotions. The plaintiff asserts employment discrimination claims arising from “unlawful race, gender, and age discrimination and retaliation” in violation of Title VII, the Age Discrimination in Employment Act, and Section 1981.
- Latest update: On December 3, 2025, Emory moved for summary judgment, arguing that the plaintiff failed to adduce any evidence, direct or circumstantial, that Emory acted with discriminatory intent, that Emory presented sufficient evidence in support of its legitimate, nondiscriminatory, and nonretaliatory reason for terminating the plaintiff—specifically, that the plaintiff violated Emory policy by circumventing hiring protocols—and that the plaintiff failed to present evidence creating a genuine issue of material fact as to whether the non-discriminatory reason for his termination was pretextual. On January 21, 2026, the plaintiff filed an opposition, arguing that the record supports a prima facie case of discrimination because he was treated less well than Black colleagues and his supervisor had a stated preference for employees of color. He also asserted that the record suggests his firing was pretextual because it was not done according to policy. Emory’s reply brief is due on February 11.
Students Against Racial Discrimination v. Regents of the University of California et al., No. 8:25-cv-00192 (C.D. Cal 2025): On February 3, 2025, Students Against Racial Discrimination (“SARD”) sued the Regents of the University of California, alleging that UC schools discriminate against Asian American and white applicants by using “racial preferences” in admissions in violation of Title VI and the Fourteenth Amendment of the U.S. Constitution. SARD alleged it has student members who are ready and able to apply to UC schools but are “unable to compete on an equal basis” because of their race. On August 14, 2025, the defendants moved to dismiss the complaint. The defendants argued that the plaintiffs lacked standing and that the complaint makes, at most, indiscriminate “barebones allegations” as to “every undergraduate, law, and medical school across all UC campuses.” The defendants also argued that the chancellor of each UC campus is entitled to sovereign immunity under the Eleventh Amendment.
- Latest update: On December 16, 2025, the court granted in part and denied in part defendants’ motion to dismiss. The court dismissed all claims to the extent they challenge UC medical school admissions because the plaintiffs failed to identify a member who had taken the medical entrance exam (i.e., the MCATs) and therefore was “able and ready” to apply. The court also dismissed claims for damages under Section 1981 and the Equal Protection Clause against the chancellors in their official capacities because California has not waived its sovereign immunity. On January 7, 2026, the plaintiffs filed an amended complaint, narrowing the scope of the case and expressly challenging only undergraduate and law school admissions and disclaiming any challenge to transfer, graduate, or medical school admissions. Defendants’ response is due January 30, 2026.

Legislative Updates

Missouri House and Senate Bills: Republicans in the Missouri legislature pre-filed several bills this past December, seeking to prohibit and restrict DEI initiatives across a range of public institutions, including schools, public bodies, and state agencies. House Bill 1998, referred to as the “Defunding Diversity, Equity, and Inclusion in Elementary and Secondary Education Act” would prohibit educational institutions from using state funding to implement, teach, or otherwise support DEI programs or initiatives. Additionally, Senate Bill 1316 would prohibit various DEI-related requirements in public school districts and public charter schools. The bill would also allow the Attorney General, local prosecuting attorney, or any parent of a student enrolled in a school district or charter school to bring a civil action against the school district or charter school for violating the act. House Bill 2417, referred to as the “Parents’ Bill of Rights Act of 2026,” aims to provide parents or guardians of minor children within the school district with several rights, including the right to prevent schools from requiring their children to attend school assemblies, field trips, or other extracurricular activities that pertain to DEI initiatives without their affirmative consent. Senate Bill 1192 would prohibit higher education accrediting agencies from considering DEI practices, including procedures, initiatives, or statistics, when making accreditation decisions. House Bill 1744 seeks to establish the “Quality Control Committee for Oversight” tasked with defining and monitoring key performance indicators for educational entities and developing processes for educational entities to meet obligations. The bill would permit funds formerly designated for DEI initiatives to be redirected solely toward implementing new procedures established by the Quality Control Committee for Oversight. Furthermore, Senate Bills 1031 and 1199 seek to prohibit the use of state funds by any department, division, or other state entity for DEI initiatives. Additionally, the bills would prevent any department, division, or other state entity from mandating, requiring, or incentivizing private-sector employers to implement DEI programs or initiatives as a condition of receiving a state contract. Senate Bill 1193 includes similar prohibitions on the use of state funds by any department, division, or state entity, and further expands these restrictions to bar gifts or other expenditures for intradepartmental programs or staffing related to DEI practices.

The following Gibson Dunn attorneys assisted in preparing this client update: Jason Schwartz, Mylan Denerstein, Anna McKenzie, Cynthia Chen McTernan, Zakiyyah Salim-Williams, Molly Senger, Katherine Smith, Cate McCaffrey, Sameera Ripley, Anna Ziv, Emma Eisendrath, Benjamin Saul, Simon Moskovitz, Teddy Okechukwu, Beshoy Shokrolla, Angelle Henderson, Lauren Meyer, Kameron Mitchell, Taylor Bernstein, Jerry Blevins, Chelsea Clayton, Sonia Ghura, Samarah Jackson, Shanelle Jones, Elvyz Morales, Allonna Nordhavn, Felicia Reyes, Eric Thompson, Laura Wang, Daniela De La Cruz, Taylor-Ryan Duncan, Sam Moan, Shreya Sarin, and Rachel Schwartz.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, any member of the firm’s Labor and Employment practice group, or the following practice leaders and authors:

Jason C. Schwartz – Partner & Co-Chair, Labor & Employment Group
Washington, D.C. (+1 202-955-8242, jschwartz@gibsondunn.com)

Katherine V.A. Smith – Partner & Co-Chair, Labor & Employment Group
Los Angeles (+1 213-229-7107, ksmith@gibsondunn.com)

Mylan L. Denerstein – Partner & Co-Chair, Public Policy Group
New York (+1 212-351-3850, mdenerstein@gibsondunn.com)

Zakiyyah T. Salim-Williams – Partner & Chief Diversity Officer
Washington, D.C. (+1 202-955-8503, zswilliams@gibsondunn.com)

Molly T. Senger – Partner, Labor & Employment Group
Washington, D.C. (+1 202-955-8571, msenger@gibsondunn.com)

Leading practitioners from our Los Angeles, Orange County, San Francisco, and Palo Alto offices hosted Gibson Dunn’s annual complimentary MCLE briefing, offering seven hours of CLE credit, including specialty subjects such as Ethics, Elimination of Bias, Technology, and Civility.

This comprehensive multi-day program covered a variety of timely and critical topics, including recent developments from the U.S. Supreme Court and SEC, hot topics in technology involving AI, arbitration agreement enforceability, and free speech in employment, amongst others.

Recordings, materials, and CLE details are available below.

For any questions regarding the program, please contact LRichland@gibsondunn.com. For inquiries about CLE accreditation, please reach out to cle@gibsondunn.com.

MCLE CREDIT INFORMATION:

This program is CLE approved in accordance with the requirements of the California MCLE Board for a maximum of 7.0 credit hours, of which 1.0 may be applied toward the area of Civility, 1.0 toward Elimination of Bias, 1.0 to the area of Ethics, and 1.0 to Technology.

This program is also pending approval in the amount of 7.0 CLE credits for the following jurisdictions:

New York
Colorado
Florida
Illinois
Texas
Virginia
Washington

Gibson, Dunn & Crutcher LLP is authorized by the Solicitors Regulation Authority to provide in-house CPD training. This program is accredited for CPD credit in the amount of 7.0 hours. Regulated by the Solicitors Regulation Authority (Number 324652).

Neither the Connecticut Judicial Branch nor the Commission on Minimum Continuing Legal Education approve or accredit CLE providers or activities. It is the opinion of this provider that this activity qualifies for up to 7 hours toward your annual CLE requirement in Connecticut, including 3.0 hour(s) of ethics/professionalism.

SEC & Other Developments for Public Companies & Investment Advisers

PANELISTS:

Aaron Briggs
Kevin Bettsteller
Lauren Assaf-Holmes
Clinton Eastman

Why Can’t We Be Friends? Overcoming Incivility in the Legal Practice

PANELISTS:

George Hazel
Poonam Kumar
Carissa Zidell

Attorney-Client Privilege for in House Counsel: Ethical and Practical Considerations

PANELISTS:

Michael Kahn
Colin Davis
Casey McCraken
Diana Feinstein

AI Hallucinations: Policies & Practice

PANELISTS:

Frances Waldmann
Abbey Barrera
Tim Biché

Free Speech in the Workplace: Understanding The Framework of Constitutional Protections, Practical Guidance for Employers, and Emerging Challenges and Caselaw

PANELISTS:

Lauren Blas
Megan Cooney
Katie Townsend
Michael Dore

Supreme Court: Cases to Watch

PANELISTS:

Patrick Fuster
Elizabeth Kiernan
Daniel Adler

Arbitration Agreement Enforceability and Mass Arbitration

PANELISTS:

Jesse Cripps
Michael Holecek
Wesley Sze
Dione Garlick

This update analyzes corporate criminal enforcement in 2025 by the numbers and in context of the new United States Presidential Administration’s priorities and policy initiatives.

The change in United States Presidential Administrations in early 2025 involved immediate and significant pronouncements regarding a re-orientation of the U.S. government’s corporate criminal and civil enforcement priorities. Many commentators projected that these policy statements would result in dramatic changes in how the government pursues criminal and civil investigations, and in how corporate subjects and defendants might approach resolving those investigations. Many also raised questions whether corporate enforcement overall would sharply decline. Given the timelines of investigations and corporate enforcement actions, it is too early to comprehensively assess the impact of these changes. The incubation of complicated criminal investigations is quite extended and always slows in Administration changes. By the numbers and consistent with our experience handling government investigations for a wide range of clients, total corporate resolutions in 2025 notably did not dramatically depart from prior years—although overall recoveries were lower than in recent years.

Gibson Dunn’s tally closed out the year in corporate enforcement with 74 public declinations, declinations with disgorgement, non-prosecution agreements (NPAs), deferred prosecution agreements (DPAs), and corporate guilty pleas from the U.S. Department of Justice (DOJ), as compared to 2024’s 104, and 2023’s 83, total corporate agreements. This is also sufficient data for us to at least begin to place enforcement actions in the context of the Administration’s early policy pronouncements, and we offer some preliminary observations along these lines in the sections that follow.

In particular, in this client alert, we: (1) report key statistics regarding corporate resolutions, including an analysis of NPAs, DPAs, and Corporate Enforcement and Voluntary Self-Disclosure Policy (CEP or Corporate Enforcement Policy) declinations from 2000 through 2025 and of corporate guilty pleas between 2022 and 2025, based on data compiled by Gibson Dunn; (2) assess developments in DOJ enforcement policy and priorities in 2025, as well as how completed enforcement actions fit within those priorities; and (3) survey recent developments in DPA- and plea agreement-like regimes in select international jurisdictions. We conclude this update with a table describing key information from the 74 corporate agreements executed in 2025, and attach an Appendix summarizing them in greater detail.

Key Statistics

Chart 1 reflects the relative mix of NPAs, DPAs, declinations and declinations-with-disgorgement, and guilty pleas since we began tracking plea agreements in 2022. As a reminder, declination-with-disgorgement is a rather new resolution vehicle that falls between a traditional declination and an NPA.

Charts 2 and 3 below focus on 2022 through 2025, and show the numbers of DPAs, NPAs, plea agreements, and declinations with disgorgement in those years, as well as recoveries associated with each category of agreement.^{^[1]} These charts illustrate that while DOJ has used all forms of resolution, the relative proportion of guilty pleas to other forms of resolution has not changed significantly in the three years, with 2–3% movement in each category. Consistent with the higher number of plea agreements relative to other forms of resolution, recoveries associated with guilty pleas also have always been highest. At $3.1 billion, recoveries associated with plea agreements in 2025 more than doubled those associated with NPAs, DPAs, and declinations with disgorgement, at a ratio of 2.4. Overall recoveries across categories, at $4.4 billion, are down since 2024, when they totaled approximately $8.5 billion, continuing an overall downward trajectory since we began tracking all categories in 2022.

[Values shown on a logarithmic scale.]

[Values shown on a logarithmic scale.]

Chart 4 below reflects the NPAs and DPAs that Gibson Dunn has identified through public-source research from 2000 through the end of 2025. Of the 14 total agreements in 2025, there were eight DPAs and six NPAs. The SEC, consistent with its trend since 2016, did not enter any NPAs or DPAs in 2025.

Chart 5 reflects total monetary recoveries related to publicly available NPAs and DPAs from 2000 through the end of 2025. At approximately $1.3 billion, 2025 recoveries associated with DPAs and NPAs are lower than those in 2023 and 2024 and continue their overall downward trend, ranking as the 19th lowest of our 26 years of annual totals.

Although it would be impossible to determine with certainty the root cause of the relative decline in NPAs and DPAs that began around 2022, the shift coincided with significant updates announced in the September 2022 Monaco Memorandum (which we analyzed in depth in our October 3, 2022 publication) that broadened policies on voluntary self-disclosure and signaled a meaningful pivot in prosecutors’ charging assessments and continued with remarks earlier this year by then-Head of the Criminal Division, Matthew Galeotti.

We note a few statistics and possible trends, although it is difficult to say whether they reflect any shift in focus, standards, or priorities of the current administration. Indeed, the flat line of some of these statistics remaining constant may prove just as informative as other increasing or decreasing trends. In addition, the continued substantial corporate investment from the last 25 years pays dividends of fewer systemic investigations.

Since 2022, all “blockbuster” resolutions involving criminal penalties and forfeiture totaling $1 billion or more across parallel criminal and civil settlements involved plea agreements—with three in that category in 2022, one in 2023, three in 2024, and one in 2025. Looking back over time, we note six NPAs and DPAs involving criminal penalties of $1 billion or more, between 2009 and 2020, although two of these resolutions involved ancillary guilty pleas by subsidiaries or affiliated companies.
Six resolutions in 2025 cited voluntary disclosure. They were pursued by a broader group of prosecuting offices than the prior year, and present a more complex range of results, ranging from a declination and declinations with disgorgement (three) to NPAs (two). Insofar as these cases almost certainly involved voluntary self-disclosures during the prior administration, it is difficult to read too much into these outcomes, and time will tell whether there is any shift in this Administration’s approach to voluntary self-disclosure.
Historically, corporate declinations or declinations with disgorgement publicly announced pursuant to DOJ Criminal Division’s Corporate Enforcement and Voluntary Self-Disclosure Policy (“CEP”) since 2016 involved the Fraud Section. While this technically remained true in 2025, with the Fraud Section announcing three declinations under the CEP, DOJ’s National Security Division (“NSD”) also issued two declinations in 2024 and one declination in 2025 under its parallel NSD Enforcement Policy for Business Organizations, which NSD revised in 2024. While the number of announced declinations with disgorgement has remained fairly constant over the past four years, the three traditional declinations (i.e., without disgorgement) announced in 2024–2025 reflect an increase from prior years, which had not featured such declinations since 2019.
The Criminal Division of Main Justice has continued to feature heavily in DPAs, NPAs, and declinations with disgorgement following DOJ’s underscoring in 2023 that the CEP applied to all corporate criminal matters. Since 2018, when DOJ expanded the predecessor to the CEP to reach beyond the Foreign Corrupt Practices Act (“FCPA”), the Criminal Division’s Fraud Section has been involved in approximately one-third (75) of all announced (215) DPAs, NPAs, and declinations with disgorgement (35%). Since 2023, it has been involved in 33 of all 261 corporate resolutions of any type, resulting in total resolution amounts of $6.9 billion. For its part, the Money Laundering, Narcotics and Forfeiture Section (“MNF,” previously known as the Money Laundering and Asset Recovery Section, “MLARS”) of DOJ’s Criminal Division has participated in five resolutions from 2022 through 2025, resulting in total resolution amounts of $6.4 billion.
For plea agreements, a similar distinction goes to environmental-related prosecutions. Of the 248 corporate guilty pleas publicly announced from 2022–2025, 87 (35%) involved DOJ’s Environmental Natural Resources Division and/or the Environmental Protection Agency.
DOJ’s Antitrust Division had eight public NPAs and DPAs in 2020-21, three in 2023, and none in 2022, 2024, and 2025. But in 2022–2025, it also entered 17 plea agreements—adding two in 2025. Of these plea agreements, 12 were tied to schemes publicly disclosed in years prior.
Approximately 51% (362) of all 709 corporate DPAs, NPAs, and public declinations in our 26 years of data involve an allegation or charge of fraud of some sort, ranging from bank or mail fraud to FCPA violations. Since we began tracking plea agreements in 2022, the percentage is slightly lower at 30%, i.e., 100 of the total 331 negotiated corporate resolutions—55 of which were guilty pleas.
U.S. Attorneys’ Offices continue to play an important role in corporate prosecutions, which were historically concentrated in the biggest DOJ offices or Main Justice units. 85% of 2025’s 74 corporate negotiated resolutions involved a U.S. Attorney’s Office.
Monitoring obligations, whether in the form of an independent monitor or self-reporting, have continued to feature in corporate resolutions at approximately the same rate for three of the past four years. As a percentage, 23–52% of all publicly reported DPAs, NPAs, and declinations for which data is available for each year between 2022 and 2025 included a monitoring obligation: 25% in 2022, 23% in 2023, 52% in 2024, and 39% in 2025. While these percentages reflect a steep decline from the prior three years, which ranged from 59–73% (59% in 2019, 73% in 2020, and 69% in 2021), monitorships and self-reporting are not extinct. That said, as discussed in more detail below, in 2025, DOJ terminated several monitorships early and also instituted policy to reduce and narrow the imposition of monitorships.

Gibson Dunn negotiated one of the first DPAs by Main Justice on December 30, 2001 – almost 25 years ago. In the last 25 years, the template forms remain varied and it remains that there is no DOJ-required template across divisions and U.S. Attorneys’ Offices. The evolution in form, structure, and elements of corporate resolutions will no doubt continue. As noted, more than 20 years ago, Gibson Dunn led the dramatic shift toward increased use of NPAs and DPAs in corporate cases and has recently been at the forefront of convincing DOJ to allow more self-monitoring and addressing the apparent shift back toward plea agreements.

2025 Developments in DOJ Corporate Enforcement Policy, in Context

2025 saw a significant overhaul in DOJ’s approach to corporate enforcement, with new stated focuses on immigration, anti-cartel operations, and preventing and punishing harms to ordinary consumers and investors. At the same time, DOJ announced an intent to reduce the impact of government investigations on law-abiding companies and to reward voluntary disclosures and cooperation with well-defined benefits earned according to objective criteria.

This new approach was foreshadowed in two policy memoranda issued by Attorney General Pamela Bondi on February 5, 2025. The first of these rescinded a prior memorandum from the former Attorney General entitled Issuance and Use of Guidance Documents by the Department of Justice (July 1, 2021).[2] The second memorandum, titled Total Elimination of Cartels and Transnational Criminal Organizations, directed DOJ to “work urgently” to “eliminat[e] these threats to U.S. sovereignty,” and signaled the Attorney General’s intent to empower U.S. Attorneys’ Offices to investigate and prosecute cases with less direct involvement by Main Justice.[3] These memoranda were followed, on May 12, 2025, by an announcement from DOJ’s Criminal Division that it was “turning a new page” in its approach to white collar and corporate enforcement.

The Criminal Division in parallel issued four foundational guidance documents:

A memorandum[4] outlining the new White-Collar Enforcement Plan (“Enforcement Plan”);
An update[5] to the Criminal Division Corporate Enforcement and Voluntary Self-Disclosure Policy (“Corporate Enforcement Policy”);
An update[6] to the Department of Justice Corporate Whistleblower Awards Pilot program, and;
An updated memorandum[7] describing the process for implementing monitorships and selecting monitors (collectively, the “May 12, 2025 Guidance Documents”), which we reported on in a client alert issued on May 19, 2025.

The Enforcement Plan memorandum identified three principles of criminal enforcement that would guide DOJ’s efforts, “focus, fairness, and efficiency,” for which we provide additional details, and which we analyze in the context of 2025’s enforcement actions, below.

Focus – Enforcement Priorities in Context

The Enforcement Plan stated that the Criminal Division will be “laser-focused on the most urgent criminal threats to the country,” and listed ten high-impact areas that the Criminal Division will prioritize investigating and prosecuting to combat those harms.[8] Given some thematic overlap in the ten areas, for purposes of analysis, we have reduced these priorities to nine key topics: (1) Healthcare, Procurement, Investor, and Consumer Fraud, (2) Foreign Bribery Enforcement, (3) National Security Offenses, (4) Tariffs and Customs Enforcement, (5) Money Laundering Enforcement, (6) Fraud Cases with Individual Victim Losses, (7) Federal Food, Drug, and Cosmetic Act Enforcement, (8) Focus on China, and (9) Digital Assets.[9] We address each below, noting how these enforcement areas have fared in view of publicly announced corporate criminal resolutions in 2025.

Overall, across the criminal resolutions we have tracked this year, enforcement activity has partially aligned with DOJ’s stated priorities, with certain areas showing more activity than others. The strongest follow-through is seen in national security and China-related matters, where DOJ has brought multiple export control and sanctions cases, a number of which have involved Chinese-affiliated entities. We also have noted a strong follow-through in bringing cases relating to healthcare fraud, with multiple resolutions focused on Medicare and Medicaid fraud.

By contrast, other areas of priority have not resulted in notable shifts in the numbers of related corporate resolutions. For example, the DOJ has brought forth a limited number of corporate criminal prosecutions relating to transnational criminal organizations, immigration, controlled substances, and fraud harming individual victims. Most prosecutions in these priority areas have targeted individuals rather than corporations. Overall, enforcement in 2025 did not greatly shift in light of DOJ’s new priorities, but it is the early days in the new Administration, and we will continue to monitor these areas to see how they evolve, over the coming months and years.

Healthcare, Procurement, Investor, and Consumer Fraud

To address “[r]ampant health care fraud and program and procurement fraud,” the Enforcement Plan stated that the “Criminal Division will lead the fight in holding accountable those who exploit these programs and harm the public fisc for personal gain.”[10] The focus on health care and procurement fraud aligns with recent Executive Orders of President Trump on these topics,[11] and we have indeed seen criminal enforcement activity consistent with a prioritization of the healthcare fraud space. 2025’s public enforcement actions included seven criminal resolutions targeting misconduct in this space.[12]

This demonstrates an increase in enforcement activity relating to healthcare fraud compared to previous years. In 2024, we identified four criminal resolutions relating to healthcare fraud, and in 2023, we identified one. In 2025, almost all corporate resolutions in this area involved allegations that companies engaged in fraud related to Medicare and Medicaid, such as submitting fraudulent claims and thereby improperly diverting federal funds.[13]

As a further enhancement of its healthcare enforcement capabilities, the Criminal Division announced on September 23, 2025, that it would be expanding its Health Care Fraud Unit’s New England Strike Force, to include resources in the District of Massachusetts.[14] The move was intended to bring more enforcement resources to Massachusetts, “accelerat[ing] the detection, investigation, and prosecution of complex fraud crimes.”[15] Boston is a prominent hub for healthcare institutions, life sciences companies, and startups, and the U.S. Attorney’s Office for the District of Massachusetts already has an elite reputation in health care fraud enforcement.[16] The U.S. Attorney’s Office there has been a leader for more than a decade, charging a wide variety of healthcare fraud cases. At the time of the press release for the Strike Force expansion, its Health Care Fraud Unit and Affirmative Civil Enforcement Unit had already recovered over $450 million in fraudulently obtained funds in FY 2025.[17] The Administration’s sharp focus on fraud has continued into 2026, with the White House announcing formation of a new DOJ Division for National Fraud Enforcement—a development that we are following closely.[18]

Foreign Bribery Enforcement

Following President Trump’s February 10, 2025 Executive Order[19] pausing enforcement of the Foreign Corrupt Practices Act,[20] on May 12, 2025, the Criminal Division released Guidance Documents resuming the prosecution of cases involving foreign bribery. On June 9, 2025, DOJ rolled out updated guidance for FCPA enforcement in the form of a memorandum to the Head of the Criminal Division, issued by Deputy Attorney General Todd Blanche (the “June 9 Blanche Memo”).[21] The Enforcement Plan asserted that the Criminal Division would take a targeted approach to protect American interests, prioritizing offenses that include “[b]ribery and associated money laundering that impact U.S. national interests, undermine U.S. national security, harm the competitiveness of U.S. businesses, and enrich corrupt foreign officials.”[22] The June 9 Blanche Memo expanded upon this framing, laying out a “non-exhaustive” list of factors that the Criminal Division will balance in deciding whether to prosecute FCPA offenses, with no single factor being “necessary or dispositive.”[23] The list includes whether the alleged misconduct: (1) “is associated with the criminal operations of a Cartel or TCOs (Transnational Criminal Organizations),” “utilitizes money launderers or shell companies that engage in money laundering for Cartels or TCOs,” or “is linked to employees of state-owned entities or other foreign officials who have received bribes from Cartels or TCOs;” (2) “deprived specific and identifiable U.S. entities of fair access to compete”; (3) “involves key infrastructure or assets”; or (4) “bears strong indicia of corrupt intent tied to particular individuals and serious misconduct.”[24]

As discussed further in our 2025 FCPA Year-End Update, despite the FCPA enforcement “pause,” other indicators, including the guidance discussed directly above and individual FCPA charges, suggest that FCPA enforcement is shifting but not gone altogether. There were only two corporate criminal FCPA resolutions in 2025 from which to draw conclusions about how the new FCPA Guidelines will be implemented going forward. For the first, a declination with disgorgement, the facts in the declination letter (as is typical of such documents) were too brief to identify which (if any) of the four FCPA Guideline factors apply. The second and final corporate FCPA resolution, a DPA with Comunicaciones Celulares S.A., d/b/a TIGO Guatemala (“TIGO”), highlighted an alleged connection between the conduct and a cartel or TCO. According to the criminal information, TIGO used the services of a banker who also allegedly laundered money for narcotraffickers and who used cash from illegal drug sales to pay bribes. Thus far, there have not been any concluded corporate FCPA enforcement actions highlighting any of the other three factors.

National Security Offenses

In a memorandum[25] issued on her first day in office, Attorney General Bondi temporarily suspended requirements that the NSD approve most terrorism and International Emergency Economic Powers Act (“IEEPA”) charges brought by U.S. Attorney’s Offices, for the express purpose of promoting “aggressive” prosecution of such offenses.[26] (That 90-day suspension has since elapsed.) The May 12, 2025 Guidance Documents prioritized criminal enforcement of national security offenses, including terrorism and sanctions evasion.[27] They also emphasized that terrorism includes a focus on “recently designated Cartels and TCOs,”[28] a theme on which Mr. Galeotti expanded during remarks on September 17, 2025, in which he referenced cartels and TCOs, particularly those operating in “Mexico and the Western Hemisphere” as among the “key threats to the United States.”[29] In this same speech, Mr. Galeotti further emphasized an enforcement focus on the national security threats presented by “rogue nation-states like North Korea and Iran.”[30]

Recognizing that complex investigations and enforcement actions can take years to complete so investigations initiated in 2025 may not become public for some time, we note that several public cases this year have included a national security focus, with two declinations and three guilty pleas announced that involved companies admitting to violating U.S. export controls and sanctions laws such as the International Emergency Economic Powers Act, the Trading with the Enemy Act, and the Export Control Reform Act (“ECRA”). Another notable example is the November 2025 Comunicaciones Celulares S.A. DPA relating to an alleged government bribery scheme involving the proceeds of narcotrafficking (although we note that this matter was under investigation for many years preceding the DPA).[31]

Tariffs and Customs Enforcement

The May 12, 2025 Guidance Documents also made clear that the Criminal Division will prioritize violations of tariff and customs laws.[32] Investigations of such violations were listed as priorities in the Enforcement Plan, and the updated whistleblower program added such violations as express subject areas for whistleblower rewards.[33] These updates added to other indications by the Trump Administration that tariff enforcement would be heavily emphasized, as Gibson Dunn previously covered in client alerts here and here.

Consistent with this focus, on August 29, 2025, DOJ announced a new “Trade Fraud Task Force” to increase enforcement actions against parties who unlawfully import prohibited goods or seek to evade tariffs and other duties.[34] The announcement contained few specifics about the membership or authority of the task force, but as reported by Civil Division Deputy Assistant Attorney General Brenna Jenny, it aims to “enhance[] coordination and information sharing with [the Division’s] law enforcement colleagues.”[35] The announcement indicated that the task force is in furtherance of the administration’s “America First Trade Policy,” and it will encompass civil claims under the Tariff Act of 1930 and the False Claims Act as well as criminal prosecutions under Title 18’s trade fraud and conspiracy provisions.[36]

The announcement also welcomed referrals by those in industries harmed by unfair trade practices and encouraged cooperation through use of the Criminal Division’s Corporate Whistleblower Program.[37] We discussed several other potential implications of the program in a September 8, 2025 client alert. Thus far, it appears that no criminal enforcement actions have been taken against corporate entities that involve alleged violations of tariffs or customs laws; corporate resolutions involving alleged customs and tariffs evasion have been limited to civil settlements.

Money Laundering Enforcement

Under the principles of the May 12, 2025 Guidance Documents, the Criminal Division will continue to prosecute cases involving violations of applicable money laundering laws, with a particular focus on complex money laundering and offenses that implicate U.S. sanctions.[38] The Enforcement Plan decried “exploitation of our financial system” that can “enable underlying criminal conduct,” and warned that “[f]inancial institutions, shadow bankers, and other intermediaries aid U.S. adversaries by processing transactions that evade sanctions.”[39] The updated whistleblower program also maintains the Department’s focus on violations by financial institutions or their employees for schemes involving money laundering and violations of the Bank Secrecy Act.[40]

In 2025, the US government resolved four money laundering-related corporate investigations, of which three were concluded before issuance of the May 12, 2025 Guidance Documents.[41] After May 12, 2025, the DOJ Criminal Division secured a guilty plea for violations related to effective AML programs, operating an unlicensed money transmitting business, and violating the Travel Act.[42] Given the limited data points, it is too early to tell how DOJ’s express focus on money laundering enforcement will play out as compared to historical practice.

Fraud Cases with Individual Victim Losses

In line with the Criminal Division’s focus on vindicating the rights of victims impacted by white collar and corporate crime, the Enforcement Plan also tasked the Criminal Division with seeking forfeiture to compensate victims,[43] along with “prioritiz[ing] schemes involving senior-level personnel or other culpable actors, demonstrable loss, and efforts to obstruct justice.”[44] The Enforcement Plan focused on certain crimes that defraud victims, including Ponzi schemes, investment fraud, elder fraud, market manipulation, and “fraud that threatens the health and safety of consumers.”[45]

In 2025, the number of criminal corporate resolutions in this space does not appear to have increased compared to prior years. Instead, fraud cases involving individual victim losses have overwhelmingly targeted individual defendants, with corporations involved only in a minority of cases.

Among the limited corporate cases identified, two involve cryptocurrency-related schemes in which companies manipulated markets by artificially inflating the value of crypto assets, resulting in demonstrable investor losses and ultimately guilty pleas.[46] In addition, DOJ issued a declination to an investment bank following the firm’s voluntary self-disclosure of misconduct by two employees who manipulated the secondary and futures markets. Consistent with the Enforcement Plan’s emphasis on compensating victims, the declination involved disgorgement and establishment of a victim compensation fund.[47]

Federal Food, Drug, and Cosmetic Act Enforcement

As part of a broader reorganization of the Department—and as explained in this Gibson Dunn May 16, 2025 client alert—the criminal enforcement work (and most prosecutors) of Civil Division’s Consumer Protection Branch has now moved to the Criminal Division to become a new consumer protection unit of the Fraud Section. Through that move, the Criminal Division is now positioned to lead criminal enforcement of the Federal Food, Drug, and Cosmetic Act (“FDCA”), and the Enforcement Plan made clear that the Criminal Division will exercise that authority and pursue corporate violations of the Controlled Substances Act. This focal area includes an express focus on the unlawful manufacture and distribution of chemicals and equipment used to create counterfeit pills laced with fentanyl and unlawful distribution of opioids.

Perhaps due to the DOJ adjusting to the reorganization of the prior Consumer Protection Branch, enforcement in the FDCA space appears to have dropped significantly since 2024, with four criminal resolutions involving FDCA violations in 2025,[48] only one of which was a guilty plea, compared to approximately 14 in 2024, all but one of which were guilty pleas. Similarly, corporate criminal enforcement involving controlled substances has been comparatively limited thus far, with most cases being brought against individual defendants or resulting in a civil settlement. There have, however, been recent criminal indictments in this space that we will watch for future reporting.[49]

Focus on China

The Criminal Division outlined a renewed focus on criminal conduct related to China. The Enforcement Plan, for example, made multiple references to criminal conduct involving Chinese-connected companies and entities, including variable interest entities and sophisticated money laundering operations connected to China,[50] and on September 17, 2025, Mr. Galeotti again emphasized an enforcement focus on “Chinese money laundering organizations” during a speech at ACAMS, the Association of Certified Anti-Money Laundering Specialists conference.[51]

Amid this heightened focus on China, our review shows a modest rise in enforcement actions targeting Chinese companies and China‑affiliated entities or involving China relative to 2024. Export control violations dominated these cases, with four of the five export control resolutions involving some form of improper export activity involving China. Several of these cases involved the export of highly sensitive software or hardware to Chinese universities or entities with military affiliation, underscoring heightened scrutiny of transactions involving China-based end users.[52]

Digital Assets

The Enforcement Plan outlined an emphasis on crimes involving digital assets, including (1) those involving digital assets that victimize investors and consumers, (2) those that use digital assets in furtherance of other crimes, and (3) those that involve willful violates that facilitate significant criminal activity.[53]

Additionally, as discussed in more detail in a separate client alert, in April 2025, Deputy Attorney General Blanche issued a memorandum entitled “Ending Regulation by Prosecution” focused on the digital assets space, stating in relevant part that DOJ “will no longer pursue litigation or enforcement actions that have the effect of superimposing regulatory frameworks on digital assets while President Trump’s actual regulators do this work outside the punitive criminal justice framework.”[54] The memorandum included a specific directive that DOJ would not pursue “regulatory violations in cases involving digital assets —including but not limited to unlicensed money transmitting under 18 U.S.C. §1960(b)(1)(A) and (B) [or] violations of the Bank Secrecy Act, [or other registration-related charges]—unless there is evidence that the defendant knew of the licensing or registration requirement at issue and violated such a requirement willfully.”[55] Consistent with the April 2025 memorandum, on August 21, 2025, Mr. Galeotti clarified in delivered remarks that the DOJ will not charge regulatory violations as crimes in cases involving digital assets “in the absence of evidence that a defendant knew of the specific legal requirement and willfully violated it.”[56]

Fairness

Additional Paths to Avoid or Mitigate Corporate Criminal Enforcement

The Criminal Division’s Enforcement Plan created additional opportunities for white collar defense attorneys to advocate for non-criminal resolutions for their corporate clients.[57] In particular, while it reiterated foundational principles for corporate charging decisions identified in the Justice Manual, such as whether the company self-reported, the company’s willingness to cooperate with the government, and the company’s actions to remediate the misconduct, the Enforcement Plan also emphasized that, in many cases, prosecution of individuals will suffice to “vindicate U.S. interests,” leaving civil or administrative remedies to address misconduct at the corporate level.[58]

The Enforcement Plan also directed the Fraud Section and the Money Laundering and Asset Recovery Section to re-review all existing agreements between the Criminal Division and companies and determine whether to terminate those agreements early based on a number of factors.[59] And indeed, the Criminal Division has publicly terminated several agreements early as a result of the new policy. In particular, the Criminal Division filed motions to dismiss criminal cases against ABB Ltd., Honeywell, and Stericycle, Inc. months before their respective expirations because the companies had complied with their obligations under their deferred prosecution agreements.[60] The Division also terminated its non-prosecution agreement with Albemarle Corporation more than a year early, concluding that the terms of the agreement had been satisfied, and it cut short two monitorships placed on Glencore, using its “sole discretion” after having “assessed the facts and circumstances.”[61]

For future resolutions, the Enforcement Plan suggested that the duration of resolutions will be shorter than before, directing that prosecutors “must impose a term that is appropriate and necessary in light of, among other things, the severity of the misconduct, the company’s degree of cooperation and remediation, and the effectiveness of the company’s compliance program at the time of resolution.”[62] The Enforcement Plan stated that these terms usually should not exceed three years and should be regularly reviewed for the possibility of early termination.[63] Factors such as those described in the Enforcement Plan have always been considerations in setting resolution terms, and in 2025, perhaps beginning to reflect the Enforcement Plan’s prioritization of shorter resolution terms, it appears that prosecutors have reached slightly lower terms of agreement as were made in immediately preceding years. Indeed, the average term length of 2025 resolutions with set term lengths (approximately 28.2 months) is lower than the average for 2024’s resolutions (33.0 months) and 2023’s (32.0 months). DOJ has also leaned into early termination, notably bringing agreements with ABB Ltd., Albemarle Corp., Glencore, Honeywell, and Stericycle, to early conclusion, as described above.

Recognition of Compliance and Law-Abiding Companies

In a May 12 speech, Mr. Galeotti stated that the Criminal Division recognizes “that law-abiding companies are key to a prosperous America [and] [e]conomic security is national security.”[64] He added: “[m]ost corporations and financial institutions want to play by the rules and provide value for their shareholders and their customers. And that is what we want them to remain focused on. Excessive enforcement and unfocused corporate investigations stymie innovation, limit[] prosperity, and reduce[] efficiency.”[65] The Enforcement Plan similarly recognized that “it is critical to American prosperity to promote policies that acknowledge law-abiding companies and companies that are willing to learn from their mistakes.”[66]

These messages underscored the importance of corporate compliance and appropriate remediation. In line with this message, the CEP was revised in May 2025 “[t]o ensure fairness and individualized assessments,” with a focus on benefits for companies that self-disclose and cooperate.[67] Mr. Galeotti stated that under the updated CEP, “[s]elf-disclosure is key to receiving the most generous benefits the Criminal Division can offer.”[68] The CEP updates notably preserved prior compliance components in the definition of appropriate remediation, again signaling the importance of compliance.[69]

More Certain Paths to Specific Results

Mr. Galeotti also stated that the CEP was simplified to allow companies to better anticipate outcomes when self-reporting. Under the updated CEP, the Criminal Division will publicly decline to prosecute a company for criminal conduct when all of the following four criteria are met:[70]

The company voluntarily self-disclosed the misconduct to the Criminal Division. These disclosures qualify so long as “the company had no preexisting obligation to disclose the misconduct to the Department of Justice,” which seems to allow for self-disclosures that were undertaken out of obligation to agencies other than DOJ.
The company fully cooperates with the Criminal Division’s investigation.
The company timely and appropriately remediated the conduct.
There are no aggravating circumstances (which involve “the nature and seriousness of the offense, egregiousness or pervasiveness of the misconduct within the company, severity of harm caused by the misconduct, or criminal adjudication or resolution within the last five years based on similar misconduct by the entity engaged in the current misconduct.”). This definition suggests that only criminal resolutions by the same corporation for “similar misconduct” will be considered an aggravating factor, rather than any prior misconduct or by an affiliated entity.[71] Where there are aggravating circumstances, prosecutors can still recommend declination after weighing the severity of the circumstances. In the MGI International, LLC matter resolved in 2025, for example, DOJ issued a declination letter despite the involvement of a member of senior management in the alleged misconduct, noting that none of the aggravating factors outweighed MGI’s cooperation and remediation.[72]

In instances of “near miss self-disclosures” or where there are aggravating circumstances, the guidance requires the Criminal Division to provide an NPA (absent egregious or multiple aggravating factors) for a term of less than three years and without a monitorship, and a 75% reduction off of the low end of the U.S. Sentencing Guidelines fine range.[73] In a June 2025 speech, Mr. Galeotti notably stated that to receive a penalty more severe than a declination for a voluntarily self-disclosing company, the circumstances would have to be “truly aggravating” and “sufficient to outweigh the fact that the company voluntarily came forward.”[74]

For resolutions in other cases involving voluntary disclosure, there is a presumption that any sentencing reduction will be taken from the low end of the Guidelines.

Efficiency

Streamlined Investigations

In his May 12, 2025 remarks, Mr. Galeotti stated that businesses have been deterred from utilizing benefits of self-reporting misconduct to governmental authorities by the possibility of “lengthy drawn-out investigations that are ultimately detrimental to companies[.]”[75] He argued that this deterrence of self-reporting diverts Department resources away from “tackling the most significant threats facing our country.”[76] The Enforcement Plan instructed the Criminal Division to take all reasonable steps to minimize the length and collateral impact of its investigations and to ensure that “bad actors” are quickly brought to justice.[77] While framed as a shift in approach, prior Administrations have included similar language in guidance documents; any meaningful change will depend on Criminal Division supervisors driving more efficient investigations.

In a June 2025 speech, Mr. Galeotti notably maintained that the Criminal Division is committed to making quick charging decisions, and that companies can do their part to promote efficiency by working closely with Criminal Division teams to narrow disagreements and exhaust discussions before reaching out to DOJ leadership.[78]

Limited Use of Monitors

In addition to taking reasonable steps to minimize length and impact of investigations, the Enforcement Plan instructed the Criminal Division to utilize independent compliance monitors only when necessary and that use of those monitors should be narrowly tailored.[79]

The Criminal Division also released a memorandum on May 12, 2025, entitled “Memorandum on Selection of Monitors in Criminal Division Matters,” which requires prosecutors to consider four factors when weighing the possibility of imposing a monitorship:

Risk of recurrence of criminal conduct that significantly impacts U.S. interests.
Availability and efficacy of other independent government oversight.
Efficacy of the compliance program and culture of compliance at the time of the resolution.
Maturity of the company’s controls and its ability to independently test and update its compliance program.[80]

In subsequent remarks in June 2025, Mr. Galeotti referred to monitors as a “temporary bridge and accountability measure,” emphasizing the Criminal Division’s express intent to reduce its use of monitorships where alternatives can achieve compliance more efficiently.[81]

Even if a monitor is appropriate, the May memorandum requires that prosecutors tailor the monitorship to be cost efficient and effective. The company’s counsel must present three to five monitor candidates for consideration, which is an increase from previous guidance.[82] After a monitor is approved, the Criminal Division must ensure the costs are proportionate to the severity of the underlying conduct, the company’s profits, and the company’s size and risk profile.[83] There will be a cap on hourly rates, and the monitor will be required to submit a budget for the entire monitorship at the time it submits its first work plan to the Criminal Division and company for review.[84] The monitor will also attend at least two additional meetings a year with the company and the government to ensure alignment.[85]

Consistent with the Enforcement Plan’s stated policy of imposing fewer monitors, DOJ’s Criminal Division has not imposed a monitorship in any criminal corporate resolution in 2025. Additionally, DOJ dismissed two pre-existing monitorships: Glencore International AG / Glencore Ltd. on March 19, 2025,[86] and NatWest Markets Plc on September 4, 2025.[87] U.S. Attorneys’ Offices, which are not held to Criminal Division policies, also did not impose monitorships in 2025, although one “independent consultant” arrangement imposed by the U.S. Attorney’s Office for the District of New Hampshire imposes similar requirements to a more traditional monitorship, as discussed in detail below.

Criminal Division Monitoring

The closest term to a monitorship imposed in a resolution with a Criminal Division component in 2025 was an “independent compliance consultant” required by DOJ’s renegotiated resolution in United States v. The Boeing Co.[88] By way of background, Boeing negotiated a DPA with DOJ in 2021, stemming from Boeing’s alleged concealment of software failures from the FAA.[89] The DPA did not impose a monitor and had a term of three years, to end in January 2024.[90] Before the expiration of the DPA’s term, DOJ alleged that Boeing had breached the DPA.[91] In 2025, DOJ agreed with withdrawing the charge and the parties entered into a negotiated NPA that required Boeing to retain an “independent compliance consultant.”[92]

Upon analysis of the terms applicable to the consultancy, the “independent compliance consultant” is not a monitor by another name; the consultant’s selection will not follow the same process required for monitor selection, and the terms of engagement are more deferential to the company.[93] In particular, we analyze below the terms of Boeing’s compliance obligations against recently imposed Criminal Division monitorships (Glencore (2022), Raytheon (2024), and TD Bank (2024)).

Term	*“Independent Compliance Consultant” (Boeing)*	“Compliance Monitor”(Glencore, Raytheon, TD Bank)
Selection	Company selects a consultant, subject to DOJ approval	Company proposes three candidates for a monitor, DOJ can either select a monitor from those three candidates or reject all of them and require the company to propose additional candidates
Duration	Two years	Three years
Workplan	Company and consultant jointly prepare and submit a work plan to DOJ	Monitor prepares and submits a work plan to DOJ, and Company has the ability to comment on the workplan
Scope	Assist Company in assessing its program, including by observing Company’s self-testing protocols	Wide-ranging mandate to assess and monitor compliance with terms of the settlement and relevant laws, and evaluate effectiveness of compliance program; monitor typically conducts its own testing
Reports	Consultant, with Company’s input, submits reports to DOJ	Monitor drafts and submits the reports to the company and DOJ at the same time; monitor may, but is not required to, share drafts with the company
Access	The agreement does not address scope of access to company resources and information	Comprehensive access to information, including Company’s facilities, policies and procedures, processes, internal systems, employees, and records; generally likely to be more disruptive to Company’s day-to-day operations
Recommendations	Consultant makes recommendations, but Company retains ultimate decision making over implementing any particular recommendation (subject to providing a reason)	Company must adopt all recommendations within a specified timeframe, unless successfully contested with DOJ; DOJ retains ultimate decision authority on implementation

Consistent with historical practice, self-reporting was by far the most common method of continued monitoring imposed in connection with corporate resolutions in 2025. For example, DOJ imposed ongoing compliance reporting requirements on both Paxful Holdings, Inc. (“Paxful”) and Comunicaciones Celulares S.A., d/b/a TIGO Guatemala (“TIGO”) in their respective plea agreement[94] and DPA.[95] Both resolution agreements require each company to prepare and submit to DOJ annual reports (two for Paxful and three for TIGO) detailing compliance and remediation efforts.[96] These reporting obligations appear similar to those imposed in agreements under the prior Administration, if perhaps slightly less burdensome in some cases. For example, we noted that while two 2024 DPAs and plea agreements included “at least quarterly” meetings between the company and DOJ to discuss the company’s compliance efforts on top of annual reports,[97] no such requirement was included in the Paxful or TIGO resolutions, or any other resolutions, in 2025. By way of background, many of the earliest agreements had an annual reporting requirement.

U.S. Attorney’s Office Monitoring Practices

As for U.S. Attorney’s Office resolutions, we identified no resolutions imposing a “monitor,” but at least two resolutions with U.S. Attorney’s Offices that imposed independent consultants: United States v. Aux Cayes Fintech Co. Ltd. d/b/a “OKEx,” d/b/a “OKX”[98] and United States v. Old Dutch Mustard Co., Inc. d/b/a Pilgrim Foods, Inc.[99] The “external compliance consultant” in the OKX agreement imposed by the U.S. Attorney for the Southern District of New York is similar in construction to that described in Boeing’s NPA, but it is different in a few respects.[100] Like Boeing, OKX is only required to retain a compliance consultant for a term of two years.[101] Further, the plea agreement provides that the consultant will prepare the work plan for two annual assessments “with cooperation from OKX,” suggesting OKX may have greater ability to shape the work plan than companies with traditional monitors.[102] On the other hand, OKX’s plea agreement devotes more discussion to the scope of the consultant’s work than does the Boeing NPA, including specific aspects of the OKX’s compliance program that must be annually tested for reasonableness of design and implementation.[103]

The Old Dutch independent consultant imposed by the U.S. Attorney for the District of New Hampshire even more closely resembles a traditional monitorship. In particular, the selection process detailed by the Old Dutch DPA resembles the traditional selection process of monitors, with the company nominating three candidates from which the government can choose or, in the event there is no consensus on a candidate, reject and require new nominees.[104] Further, Old Dutch’s consultant, who will serve a five-year term, is entitled to “full access to all records, personnel, and other information,” and provides binding recommendations that Old Dutch must implement.[105]

There are several possible explanations as to why these compliance consultants do not more closely mirror the one imposed by Boeing’s NPA. First, these resolutions did not include a Criminal Division component. U.S. Attorney’s Offices generally have more flexibility to impose terms of resolutions than Main Justice components, because Criminal Division policies do not typically bind U.S. Attorney’s Offices. Second, the underlying facts of each resolution could reasonably warrant different treatment than Boeing. Specifically, each agreement provides specific goals for each consultant rather than broad compliance monitoring: OKX’s external consultant is geared toward ensuring U.S. users cannot access the cryptocurrency exchange,[106] and Old Dutch’s independent consultant must ensure that the company is implementing an Environmental Compliance Program to remediate and prevent Clean Water Act violations.[107] Third, with respect to Old Dutch, it is possible that EPA’s involvement in the resolution resulted in a different formulation that is more specific to environmental resolutions. All said, we would expect that resolutions that do not include a Main Justice component to be more variable.

Other DOJ Enforcement Developments in 2025

Criminal Division Crediting Policy

As we previously reported in a client alert on June 17, 2025, on June 5, 2025, Mr. Galeotti released guidance to Criminal Division prosecutors focusing on victim compensation when deciding whether and how to credit penalties in multi-agency and multi-jurisdiction resolutions.[108] The memorandum, titled Guidance on Coordinating Corporate Resolution Penalties in Parallel Criminal, Civil, Regulatory, and Administrative Proceedings, asserted that the goal of the Criminal Division was to “vindicate victims’ rights when resolving such cases” and that “prosecutors must seek to maximize recoveries for and assistance to victims of crime.”[109]

As an initial matter, the memorandum notes that “Criminal Division prosecutors will not credit payments to other authorities when a company does not meaningfully attempt to coordinate resolutions.”[110] When such an effort is made, however, in making crediting decisions the memorandum instructs prosecutors to: (1) “not credit penalties imposed by other domestic authorities by forgoing either (a) restitution or (b) forfeiture that could be used for remission to compensate those victims, unless other authorities have an effective mechanism to compensate victims of the underlying crime”; and (2) “not credit penalties imposed by other domestic authorities from criminal penalties that would otherwise be used for general victim support through mechanisms such as the CVF, unless those other authorities use their penalties to similarly support victims.”[111]

The calculus for determining whether to credit payments to foreign authorities is somewhat complex. In particular, the memorandum asserts that in situation where “the only payments available for crediting are criminal penalties that would otherwise be used to provide general victim assistance through deposit in the CVF,” then “prosecutors must seek to balance” three key considerations: (1) “the interest in providing general assistance to victims of crime through such deposits”; (2) “the interests of jurisdictions where the misconduct occurred, where the effects of the misconduct are most acutely felt, or who have other equities in the investigation”; and (3) “the advancement of other critical Department and Division goals.”[112] The memorandum further recommends that prosecutors also consider a number of additional factors in balancing those interests.[113]

As we reported last June, it is unclear how significantly this guidance will impact future corporate resolutions, given that most past corporate resolutions have not involved identifiable victims, but also in light of the Criminal Division’s stated focus on prosecuting cases with individual victim losses, as described above. The memorandum at least implicitly suggests that the Department may be less inclined to credit payments to other agencies or regulators in individual victim cases, resulting in greater overall penalties and reduced flexibility in negotiating resolution payment offsets.[114]

Antitrust Division Signals Commitment to Robust Enforcement

In remarks delivered to the Global Competition Review on March 11, 2025, the then-Director Emma Burnham of the Antitrust Division’s Criminal Enforcement Section confirmed that the Antitrust Division’s robust criminal enforcement would continue across a “wide array of sectors and all levels of the economy” despite transitions at the Division.[115] Emphasizing that the Antitrust Division was continuing to deploy resources aggressively and that cartel enforcement would be no exception, she noted that the Division had charged 15 defendants since the start of the calendar year (one company, 14 individuals) and that 24 guilty pleas had been entered (two companies, 22 individuals).[116] At the time of her remarks, recent guilty pleas included defendants charged with monopolization crimes, conspiracies targeting government procurement, bid rigging and fraud targeting sports equipment for schools, and bid rigging and collusion in construction and infrastructure industries.[117]

Ms. Burnham noted that the Antitrust Division remains “deeply committed” to individual accountability, and that its charges will “continue to expose individuals to real prison sentences.”[118] She also explained that, where warranted, the Antitrust Division will continue to follow its recent trend of charging using Section 2 of the Sherman Act for monopolization crimes.[119]

Ms. Burnham further noted that the Antitrust Division had more than twice as many open grand jury investigations as it had a decade prior.[120] In terms of concluded enforcement actions in 2025, the Antitrust Division was involved in three corporate resolutions (all guilty pleas), which is generally consistent with its corporate enforcement track record over the past several years.[121]

Antitrust Division Announces Whistleblower Rewards Program

As we discussed in more detail in a client alert on July 31, 2025, the Antitrust Division announced a new program to incentivize reporting of antitrust violations.[122] In partnership with the United States Postal Service, the program will allow individuals who provide information about price fixing or other antitrust violations to recover between 15% and 30% of any criminal fines secured by the Division.[123]

To be eligible for a reward, the anticompetitive conduct reported must “affect[] the Postal Service, its revenues, or property,” which requires there be an “identifiable”–but not necessarily a “material” or “substantial[ly] detriment[al]”–impact on the Postal Service.[124] The total fines recovered must also be over $1,000,000, and the whistleblower must provide “original” information that is derived from their independent knowledge and not already known to the Antitrust Division, USPIS, or USPS OIG from other sources.[125] Individuals who benefited from or participated in the activity are eligible to recover the reward, provided they did not “coerce[] another party to participate in the illegal activity” and were not “clearly the leader or originator of that activity.”[126]

The program aims to “create a new pipeline of leads from individuals with firsthand knowledge of criminal antitrust and related offenses,”[127] and it has similarities with whistleblower systems available for the SEC, CFTC, and FinCEN, which have proven successful in increasing whistleblower activity.[128] The Antitrust Division announced its first reward on January 29, 2026, a $1 million reward for a whistleblower who referred an alleged bid-rigging scheme in the used vehicle market. [129]

International Developments

In 2025, the importance of negotiated corporate outcomes was clear across several key non-U.S. jurisdictions. Such outcomes were achieved through a variety of legal vehicles, including DPAs in Singapore, statutory settlement vehicles such as France’s convention judiciaire d’intérêt public (“CJIP”), and prosecutor‑imposed penalty orders in the Netherlands. At the same time, several jurisdictions made meaningful efforts in 2025 to refine (and, in some cases, expand) the frameworks that govern corporate criminal exposure, self‑reporting and cooperation expectations, and the availability or attractiveness of resolutions for companies. Below we discuss several example jurisdictions that exemplified these trends.

United Kingdom

In the United Kingdom, 2025 was notable less for the volume of newly announced corporate DPAs than for guidance and statutory developments that are likely to influence charging decisions and compliance expectations applied by prosecutors when assessing cooperation and remediation.

In April 2025, the Serious Fraud Office (“SFO”) issued new Corporate Co‑Operation Guidance that is expressly designed to incentivize self‑reporting and cooperation.[129a] Among other things, the guidance states that a company that promptly self‑reports and cooperates will, in the ordinary course, be invited to enter into DPA negotiations absent exceptional circumstances, and it also outlines expected cooperation behaviors and indicative engagement timelines (including early responsiveness to incoming self‑reports).[130] For instance, the guidance commits the SFO to responding to self-reports within 48 hours, deciding whether to open an investigation within six months, and endeavoring to conclude DPA negotiations within a further six months.[131]

In August 2025, the SFO and Crown Prosecution Service (“CPS”) published updated joint guidance on corporate prosecutions, replacing the 2021 guidance.[132] The update signals the CPS’s intent to sit alongside the SFO as a corporate crime enforcer and provides detailed guidance on charging strategy and other issues relevant to corporate prosecutions. UK corporate criminal exposure should therefore be assessed with an eye toward both agencies’ enforcement footprints, rather than treating the SFO as the sole UK gatekeeper for complex corporate criminal matters.

On September 1, 2025, a new “failure to prevent fraud” offence came into force.[133] As a result, large organizations are now strictly liable where an associated person commits a specified fraud offence intended to benefit the organization, unless reasonable fraud prevention procedures were in place. Notably, the offence has been added to Schedule 17 of the Crime and Courts Act 2013, meaning that DPAs are available as a resolution mechanism for such offenses.

Finally, in November 2025, the SFO issued further guidance regarding how it evaluates corporate compliance programs, which provides a clearer view of the factors the SFO will consider when assessing the effectiveness of controls, remediation efforts, and (by extension) the credibility of future‑looking compliance undertakings commonly seen in negotiated outcomes.[134]

Netherlands

The Dutch Public Prosecution Service (Openbaar Ministerie, “OM”) continued to use prosecutor‑driven mechanisms—particularly penalty orders (strafbeschikking)—to resolve matters without full trials in 2025. Specifically, OM’s enforcement focus was on complex tax‑related misconduct such as dividend tax evasion. For example, in May 2025, OM imposed a €14 million penalty order on ABN AMRO in connection with alleged complicity in dividend tax evasion by another bank through incorrect tax filings.[135] In November 2025, the OM imposed penalty orders totaling €101 million on two Morgan Stanley entities (in London and Amsterdam) for alleged dividend tax evasion, with the OM describing the sanction as approaching the statutory maximum and separate from amounts paid to the Dutch tax authorities in late 2024.[136] These resolutions emphasize that Dutch prosecutors remain active with regards to dividend‑tax matters and that negotiated, non‑trial outcomes may still carry substantial financial consequences in this jurisdiction.

Brazil

Brazil remained a significant jurisdiction for negotiated resolutions in 2025, with federal leniency agreements continuing to serve as a primary vehicle for resolving corporate exposure. Public announcements by the Controladoria‑Geral da União (“CGU”) and Advocacia‑Geral da União (“AGU”) reflect multiple sizeable leniency agreements in 2025, including agreements with Qualicorp (exceeding R$ 44 million in fines and restitution), Trafigura (exceeding R$ 435 million), and Minerva (exceeding R$ 22 million) in the first half of 2025.[137] In July 2025, CGU and AGU announced a multi‑entity leniency agreement involving Seatrium Limited, Jurong Shipyard Pte. Ltd., and Estaleiro Jurong Aracruz, described as exceeding R$ 728 million and tied to conduct occurring between 2007 and 2014.[138]

In December 2025, CGU and AGU announced a new ordinance that reorganizes the rules for negotiation, signing, and monitoring of leniency agreements.[139] The key innovation is the introduction of a mechanism that allows a company to signal its intent to cooperate and reserve leniency benefits while completing internal investigations, with protections if no agreement is finalized. The ordinance also establishes objective methodologies for calculating financial obligations, including assessment of unlawful gains, loss of those amounts, and structured payment options based on ability to pay.[140] The ordinance does not affect leniency agreements negotiated in the criminal context by the Ministério Público Federal, however.

Singapore

2025 saw the first DPA entered by Singaporean law enforcement. On July 30, 2025, Singapore’s Public Prosecutor entered into a DPA with Seatrium to resolve alleged corruption offenses arising from conduct in Brazil (see also discussion of Brazil enforcement above).[141] Singapore’s Attorney‑General’s Chambers stated that the DPA includes a $110 million financial penalty and compliance program improvement obligations.[142] The DPA is subject to High Court approval before it comes into force.[143]

Cross-Border Cooperation and Coordinated Enforcement

Cross‑border cooperation continued to be a defining feature of corporate enforcement in 2025. For example, in March 2025, the UK SFO, France’s Parquet national financier (“PNF”), and Switzerland’s Office of the Attorney General (“OAG”) announced the creation of an International Anti‑Corruption Prosecutorial Taskforce aimed at strengthening cooperation through increased information‑sharing, case collaboration, and best‑practice exchange.[144] For multinational companies, this development underscores the need to manage investigation strategy, privilege, data, and settlement sequencing with the understanding that European authorities may pursue more structured and closely coordinated cooperation, particularly in international bribery and corruption cases.

TABLE: 2025 U.S. RESOLUTIONS

The chart below summarizes the U.S. agreements concluded from January through December 2025. The complete text of each publicly available agreement is hyperlinked in the chart. It is notable that there are very few Fortune 1,000 companies charged in 2025.

The figures for “Monetary Recoveries” may include amounts not strictly limited to an NPA, DPA, or guilty plea, such as fines, penalties, forfeitures, and restitution requirements imposed by other regulators and enforcement agencies, as well as amounts from related settlement agreements, all of which may be part of a global resolution in connection with the NPA, DPA, or plea agreement paid by the named entity and/or subsidiaries. The term “Monitoring & Reporting” includes traditional compliance monitors, self-reporting arrangements, and other monitorship arrangements found in resolution agreements, but does not include probation.

U.S. DPAs, NPAs, Declinations, and Plea Agreements January-December 2025
Company	Agency	Alleged Violation	Type	Monetary Recoveries	Monitoring & Reporting	Term of Agreement (Months) [146]
Abda Moving, LLC	D.N.J.	Conspiracy to commit wire fraud	Guilty Plea	$1,908,486	None	60
Able Groupe, Inc.	DOJ Civil; DOJ CPB; N.D. Tex.	FDCA	Guilty Plea	$304,640	None	36
Advanced Inventory Management, Inc.	N.D. Ill.	Misbranding of a medical device with intent to defraud	DPA	$1,000,000	Self-reporting	36
Aesculap Implant Systems, LLC	E.D. Pa.	FDCA	NPA	$38,500,000	None	0
Aghorn Operating Inc.	DOJ ENRD	Clean Air Act; OSHA	Guilty Plea	$1,000,000	2-year self-reporting	24
Allwaste Onsite (“Onsite Environmental”)	DOJ ENRD; M.D. Tenn.	Clean Water Act	Guilty Plea	$948,592	Compliance with Facility Operating Plan	36
American Express Company	E.D.N.Y.	Wire fraud; Conspiracy to commit wire fraud	NPA	$199,096,000	None	36
American Premium Water Corp.	N.D. Ohio	Conspiracy to Commit Securities Fraud	DPA	$0	None	24
Anderson Pest Control, Inc.	S.D. Fla.	Federal Insecticide, Fungicide, and Rodenticide Act	Guilty Plea	$345,250	None	60
Applied Partners, LLC	DOJ ENRD	Clean Air Act	Guilty Plea	$500,000	None	24
Apprio, Inc.	DOJ Criminal Division; DOJ Fraud; D. Md.	Conspiracy to commit bribery of a public official; Securities fraud	DPA	$500,000	Annual self-reporting	36
ASL Singapore Shipping LTD and Jia Feng Shipping LTD	E.D. La.	Act to Prevent Pollution from Ships violation; Obstruction of Justice	Guilty Plea	$1,850,000	None	48
Aux Cayes Fintech Co. Ltd. (“OKX”)	S.D.N.Y.	Unlicensed Money Transmitting Business	Guilty Plea	$504,811,203	Independent compliance monitor	24
Barlow Herbal Specialties LLC	D. Utah	Lacey Act	DPA	$58,064	Third-party auditor	6
BJS & T Enterprises, Inc.	S.D. Cal.	Hiring individuals unauthorized to work in the U.S.	Guilty Plea	$251,000	None	24
The Boeing Company	N.D. Tex.; DOJ Fraud	Conspiracy to Defraud the United States	NPA	$688,100,000	Independent compliance consultant	24
BofA Securities, Inc.	DOJ Criminal Division; DOJ Fraud	Market manipulation schemes	Declination with Disgorgement	$5,570,142	None	0
Brew City Environmental & Restoration Services, LLC	E.D. Wis.	Clean Air Act	Guilty Plea	Pending	Pending	Pending
Brink’s Global Services USA, Inc.	S.D. Cal.	Bank Secrecy Act	NPA	$42,000,000	None	24
Burns Hunting Club LLC	S.D. Ill.	Lacey Act	Guilty Plea	$35,500	None	24
Cadence Design Systems, Inc.	DOJ National Security; N.D. Cal.	Violation of export control laws	Guilty Plea	$117,793,825	Annual self- reporting	36
Campbell Sales Group, Inc.	E.D.N.C.	Wire fraud (in connection with PPP loans)	DPA	$1,499,165	None	36
Chamness Dirt Works Inc.	D. Or.	Clean Air Act violation	Guilty Plea	$0	None	36
Clark & Garner, LLC	DOJ Antitrust	Sherman Act violation	Guilty Plea	$80,000	None	0
CLS Global FZE LLC	D. Mass.	Wire fraud; Conspiracy to commit market manipulation; conspiracy to commit wire fraud	Guilty Plea	$428,060	None	36
Comunicaciones Celulares S.A. (TIGO Guatemala)	S.D. Fla.; DOJ Fraud	FCPA	DPA	$118,198,343	Annual self-reporting	24
Credit Suisse Services AG	E.D. Va.; DOJ Tax	Tax law	NPA	$138,700,000	None	36
Credit Suisse Services AG	E.D. Va.; DOJ Tax	Tax law	Guilty Plea	$371,908,509	None	36
Dune Medical Supply, LLC	M.D.N.C.	Healthcare fraud	Guilty Plea	$6,875,756	None	0
E&A Auto Cores, LLC	E.D. Mo.	Transportation of Stolen Goods	Guilty Plea	$140,000	None	12
Eagle Ship Management, LLC	E.D. La.; DOJ ENRD	Act to Prevent Pollution from Ships violation	Guilty Plea	$1,750,000	Court-appointed monitor	48
Elecsurf Trading Ltd.	N.D. Ill.	Copyright Infringement	Guilty Plea	$1,700,000	None	0
Eleview International Inc.	E.D. Va.	Export Control Reform Act violation	Guilty Plea	$125,000	None	36
Erie Coke Corporation	W.D. Pa.	Clean Air Act violations; Conspiracy to defraud the United States	Guilty Plea	$700,000	None	0
Eurobulk Ltd.	S.D. Tex.; DOJ ENRD	Act to Prevent Pollution from Ships violation; Falsification of Records	Guilty Plea	$1,500,000	Third-Party External Auditor and Court-Appointed Monitor	48
Exploring Together Therapy LLC	D.P.R.	Stealing federal funds	Guilty Plea	$190,820	None	0
Fabcon Precast LLC	DOJ ENRD	OSHA violation	Guilty Plea	$500,000	None	24
Gadsden, Gaillard and West LLC	S.D.W. Va.	Clean Water Act	Guilty Plea	Pending	Pending	Pending
Gotbit Consulting LLC	D. Miss	Wire fraud; Securities fraud	Guilty Plea	$22,893,675	None	60
Hao Global LLC	S.D. Tex.	Smuggling; Unlawful Export Activities	Guilty Plea	Pending	Pending	Pending
Hino Motors, Ltd.	DOJ ENRD	Clean Air Act; Conspiracy to commit wire fraud; Conspiracy to smuggle goods; Conspiracy to defraud the United States	Guilty Plea	$1,608,760,000	Self-Reporting; Independent Compliance Auditor	60
Horseshoe Grove LLC	D. Or.	Clean Air Act	Guilty Plea	$0	None	36
Hytera Communications Corporation, Ltd.	N.D. Ill.	Conspiracy to steal trade secrets	Guilty Plea	Pending	Pending	Pending
J.H. Baxter & Co., Inc.	DOJ ENRD	Clean Air Act; Resource Conservation and Recovery Act	Guilty Plea	$1,000,000	None	60
KBWB Operations LLC	DOJ CPB; W.D. Wis.	Healthcare Fraud; Tax Conspiracy	Guilty Plea	$154,656,458	None	60
Kimberly-Clark Corporation	DOJ Fraud; DOJ CPB	Violation of FDCA	DPA	$40,400,000	None	12
Kodiak Roustabout, Inc.	DOJ ENRD	Safe Drinking Water Act	Guilty Plea	$400,000	Self-reporting subject to third-party testing requirements	12
Liberty Mutual Insurance Company	D. Mass; DOJ Fraud	FCPA	Declination with Disgorgement	$4,699,088	None	0
Life Touch LLC	E.D.N.C.	Medicaid fraud	Guilty Plea	Pending	Pending	Pending
Mallad Trading, LLC	D.N.J.	Conspiracy to commit wire fraud	Guilty Plea	$314,761	None	60
Mayhem Services, LLC	DOJ ENRD	Lacey Act	Guilty Plea	$75,000	None	36
MGI International, LLC, Global Plastics LLC, Marco Polo International LLC	DOJ Fraud; D.N.H.	Trade fraud	Declination with Disgorgement	$10,801,203	None	0
Millenia Productions, LLC	D. Kan.	Illegal storage of hazardous waste	Guilty Plea	$285,000	Self-reporting; Independent Compliance Consultant and Auditor	36
Mudafort Xtreme Sports and Motorsports, Inc.	D.P.R.	Failure to Maintain Records as an Federal Firearms Dealer	Guilty Plea	$6,000	None	12
Murex Management, Inc.	E.D. La.	Fraudulent Transactions; Aiding & Abetting	Guilty Plea	$15,745,846	None	0
OHM Pharmacy Services, Inc.	D. Mass.	Healthcare fraud	Guilty Plea	$1,100,000	None	12
Old Dutch Mustard Co., Inc.	D.N.H.; DOJ ENRD	Clean Water Act	Guilty Plea	$1,500,000	Independent Compliance Consultant	60
PT Services, Inc.	W.D. Tenn.	Clean Air Act	Guilty Plea	$150,000	None	36
Paxful Holdings, Inc.	E.D. Cal.; DOJ Criminal Division MNF	Bank Secrecy Act; Travel Act	Guilty Plea	Pending	Self-reporting	24
Peken Global Limited (KuCoin)	S.D.N.Y.	Bank Secrecy Act; Unlicensed Money Transmitting Business	Guilty Plea	$297,414,000	None	0
PM Consulting Group LLC (Vistant)	D. Md.	Conspiracy to commit bribery of a public official; Securities fraud	DPA	$100,000	Annual self-reporting	36
Prospect Health Solutions, Inc.	M.D.N.C.	Healthcare fraud	Guilty Plea	$9,503,246	None	0
Quadrant Magnetics LLC	W.D. Ky.; DOJ National Security Division	Arms Export Control Act; International Traffic In Arms Regulations	Guilty Plea	$2,332,515	None	24
Rossy Sport Bar Panoramico, LLC	D.P.R.	Bank Fraud	Guilty Plea	$71,464	None	60
Royal Sovereign International, Inc.	D.N.J.; DOJ CPB	Failure to report consumer product safety defect	Guilty Plea	$495,786	None	0
Servismed, LLC	N.D. Fla.	Conspiracy to violate FIFRA	Guilty Plea	$53,330	None	0
ShotStop Ballistics, LLC	N.D. Ohio	Conspiracy to smuggle goods into the U.S.; Conspiracy to Traffic in Counterfeit Goods; Conspiracy to Commit Mail and Wire Fraud	Guilty Plea	$5,883,896	None	0
Trans World Services, Inc. (“SSAS, Inc.,” “Trans World Services of Texas, Inc.,” “Genuine Parts Planet”)	S.D. Tex.	Trafficking in Counterfeit Goods or Services	Guilty Plea	$102,250	None	12
TranscendBS, LLC	DOJ Antitrust	Bid rigging	Guilty Plea	$141,511	None	24
Troy Health, Inc.	W.D.N.C.; DOJ Fraud	Health Care fraud; Identity theft scheme	NPA	$1,430,008	Self-reporting	18
Universities Space Research Association (USRA)	DOJ NSD; N.D. Cal.	Violation of export control laws	Declination	$0	None	0
V. Ships Norway A.S.	DOJ ENRD; E.D. Tex.	Act to Prevent Pollution from Ships	Guilty Plea	$2,000,000	Third-party auditor	48
Vallmar Studios, LLC	N.D. Ohio	Conspiracy to smuggle goods into the U.S.; Conspiracy to traffic counterfeit goods; Conspiracy to commit mail fraud; Conspiracy to commit wire fraud	Guilty Plea	$0	None	0
Virginia Pump and Motor Company, Inc.	E.D. Va.	Clean Water Act	Guilty Plea	$376,000	None	36

APPENDIX: 2025 Resolutions

This portion of the alert summarizes publicly available corporate resolutions from January 1, 2025 through December 31, 2025. The appendix provides key facts and figures regarding all 74 resolutions,[145] along with links to the resolution documents themselves (where available).

Abda Moving, LLC & Mallad Trading, LLC (Guilty Pleas)

On May 21, 2025, Abda Moving, LLC, d/b/a 11Even Movers & Storage (“11Even Movers”), and Mallad Trading, LLC (“Mallad Trading”) entered into plea agreements with the U.S. Attorney’s Office for the District of New Jersey to resolve charges of conspiracy to commit wire fraud.[146a] According to the plea agreements, these moving companies defrauded customers seeking moving services by securing contracts for moving services via a broker and then demanding significantly higher fees after taking possession of the customers’ goods.[147] The companies allegedly refused to release customers’ goods until they were paid the inflated prices.[148] In October 2025, 11Even Movers and Mallad Trading were each sentenced to five years of probation. The companies were ordered to pay full restitution to victims of the scheme, with 11Even Movers ordered to pay restitution in the amount of $1,908,485.67 and Mallad Trading ordered to pay restitution in the amount of $314,761.06.[149]

Able Groupe, Inc. (Guilty Plea)

On August 15, 2025, Able Groupe, Inc. (“Able”), a Nevada corporation that sold European infant formula to U.S. consumers through LittleBundle.com and related brands, pleaded guilty in the Northern District of Texas to two felony counts arising from its importation and distribution of non-compliant infant formula between 2019 and 2021. The plea agreement states that Able admitted to violating 21 U.S.C. § 331(ee) and 21 U.S.C. § 333(a)(2) of the Federal Food, Drug and Cosmetic Act (“FDCA”) by importing food in violation of the FDA’s Prior Notice requirements with the intent to defraud or mislead, and to smuggling in violation of 18 U.S.C. § 545, by smuggling goods into the United States.[150] DOJ announced that several of Able’s infant formulas failed to meet FDA nutrient or labeling requirements, and that Able attempted to avoid detection by using false commodity descriptions.[151] After an FDA inspection in 2021, Able ceased operations and recalled approximately 76,000 units of formula.[152]

Under the plea agreement, the parties agreed to a binding sentence of three years of corporate probation and forfeiture of $304,640.[153] DOJ stated that this is the first time a defendant has pleaded guilty to a felony violation for failing to provide such notices to the FDA.[154]

Advanced Inventory Management, Inc. (DPA)

On February 14, 2025, Advanced Inventory Management, Inc. (“AIM”), an Illinois-based medical device distributor, entered into a three-year DPA with the U.S. Attorney’s Office for the Northern District of Illinois to resolve a one-count criminal Information charging misbranding of a medical device with intent to defraud in violation of the FDCA, 21 U.S.C. §§ 331(k) and 333(a)(2).[155] According to the Statement of Facts, from 2016 to 2023 AIM purchased medical devices abroad at reduced prices, removed labeling indicating that the products were not authorized for resale outside designated foreign markets, and submitted false statements of intended use to customs authorities to conceal that the products would be resold domestically.[156] The company’s conduct rendered the products misbranded under the FDCA.[157] DOJ stated that AIM resold the imported devices in the U.S. at substantial markups, generating approximately $500,000 in profit margins of 35% to 50%.[158]

Under the DPA, AIM agreed to pay a $1,000,000 criminal penalty.[159] Additional obligations include maintaining and enhancing compliance measures and reporting to the U.S. Attorney’s Office annually on remediation and compliance.[160]

Aesculap Implant Systems (NPA)

On November 19, 2025, DOJ announced that Aesculap Implant Systems, LLC (“Aesculap”), a medical device company, had entered into a non-prosecution agreement with the U.S. Attorney’s Office for the Eastern District of Pennsylvania to resolve a criminal investigation involving alleged violations of the False Claims Act.[161] While the agreement is not available publicly, according to a DOJ press release, the agreement resolved allegations that an Aesculap employee forged documents to suggest that two medical devices were cleared by the FDA to be sold in the United States when they were not, causing the devices to be sold in violation of the FDCA.[162] DOJ’s Enforcement and Affirmative Litigation Branch and the FDA’s Office of Criminal Investigations also participated in the criminal investigation. Additionally, Aesculap entered into a parallel civil settlement of $38.5 million to resolve claims under the False Claims Act.[163]

Aghorn Operating Inc. & Kodiak Roustabout, Inc. (Guilty Pleas)

On April 9, 2025, Aghorn Operating Inc. (“Aghorn”), a Texas-based oilfield company, its vice president, and a support services firm, Kodiak Roustabout, Inc., entered into plea agreements with DOJ’s Environment & Natural Resources Division Environmental Crimes Section.[164] The plea agreements involved criminal violations arising from the 2019 deaths of an employee and his spouse due to exposure to hydrogen sulfide gas at an Aghorn facility.[165] The government alleged that Aghorn willfully violated Occupational Safety and Health Administration (“OSHA”) under 29 U.S.C. § 666(e), and negligently released hydrogen sulfide gas in violation of the Clean Air Act (“CAA”), 42 U.S.C. § 7413(c)(4).[166] Aghorn pleaded guilty to a CAA negligent endangerment charge and an OSHA willful violation charge.[167] Aghorn’s vice president pleaded guilty to one count of negligent endangerment under the CAA, and Kodiak pleaded guilty to falsifying well-integrity test records which are required under the Safe Drinking Water Act, in violation of 18 U.S.C. § 1001.[168] The Environmental Protection Agency’s Criminal Investigation Division also investigated this case.[169]

Pursuant to the plea agreement, Aghorn was sentenced to pay a $1 million criminal fine and implement safety and compliance measures during a two-year probationary period.[170] Kodiak agreed to pay a $400,000 fine without probation, and Aghorn’s vice president was sentenced to five months in prison.[171]

Allwaste Onsite d.b.a. Onsite Environmental (Guilty Plea)

On August 5, 2025, Allwaste Onsite LLC, doing business as Onsite Environmental (“Onsite”), entered into a plea agreement with the U.S. Attorney’s Office for the Middle District of Tennessee and with DOJ’s Environmental and Natural Resources Division’s Environmental Crimes Section for violating the Clean Water Act (“CWA”).[172] Onsite operated a waste treatment facility in Nashville, Tennessee that treated aqueous non-hazardous liquid waste before discharging it into the sewer system.[173] The company had a pretreatment permit issued under a CWA program requiring it to remove pollutants from the wastewater prior to discharging it into the sewer.[174] However, Onsite employees allegedly violated this pretreatment permit by knowingly discharging untreated or partially untreated wastewater into the sewer.[175]

Pursuant to the plea agreement, Onsite will pay a fine of $512,000 and serve a three-year term of probation requiring the company to properly treat industrial waste according to an operating plan.[176]

American Express Company (NPA)

On January 16, 2025, American Express Company (“AMEX”), entered into a three-year NPA with the U.S. Attorney’s Office for the Eastern District of New York.[177] The agreement resolved allegations that, from approximately April 2018 through November 2021, AMEX engaged in fraudulent sales and marketing practices related to two wire products, Payroll Rewards and Premium Wire, by providing inaccurate tax advice to customers and potential customers.[178] The government alleged that AMEX marketed these products as a means to generate tax savings, advising customers that fees were fully deductible and that Membership Rewards points were tax-free, despite these claims being based on incorrect tax advice. The products were primarily marketed to small and mid-size businesses, and AMEX was accused of failing to consult tax professionals to verify the advice.[179]

In connection with the NPA, AMEX agreed to pay a criminal fine of $77,696,000 and forfeit $60,700,000, representing net revenue from the products.[180] The government cited AMEX’s substantial remedial measures, including terminating numerous employees, discontinuing the products, enhancing compliance processes, and improving internal audit and product approval procedures, along with the company’s lack of prior criminal history, as factors supporting the resolution.[181] Separately, AMEX agreed to pay a $60,700,000 civil penalty to resolve related claims with the Fraud Section of DOJ’s Civil Division.[182] Each of the Eastern District of New York and the Civil Division credited $30,350,000 in payments toward each-others’ agreements with AMEX.[183]

American Premium Water Corporation (DPA)

On May 13, 2025, American Premium Water Corporation, trading under the name HIPH (“HIPH”), entered into a two-year DPA with the U.S. Attorney’s Office for the Northern District of Ohio.[184] HIPH was charged with a single-count indictment charging conspiracy to commit securities fraud, in violation of 18 U.S.C. § 371.[185] The indictment alleged misconduct by former HIPH officers and agents between at least October 2013 and October 2019.[186] According to the DPA, former HIPH executives conspired to manipulate HIPH’s stock through fraudulent promotional activity, undisclosed payments to stock promoters, matched trading, and other deceptive practices in violation of federal securities laws.[187]

The DPA imposed no monetary penalty but required cooperation with ongoing investigations, implementation of a corporate compliance and ethics program, advance notice to the USAO of any reverse merger or reverse stock split, and a prohibition on the use of any foreign transfer agent during the DPA term.[188] Under the DPA, prosecution is deferred for a period of 24 months, subject to a potential extension of up to twelve months.[189]

Anderson Pest Control, Inc. (Guilty Plea)

On December 4, 2025, Anderson Pest Control, Inc. (“APC”) and Chris Anderson and entered into a plea agreement with the U.S. Attorney’s Office for the Southern District of Florida for violating the Federal Insecticide, Fungicide, and Rodenticide Act (“FIFRA”).[190] According to the joint factual statement, in conducting a fumigation of a furniture warehouse, APC used Zythor, a registered and restricted use pesticide, in a manner inconsistent with labeling, resulting in the deaths of two employees during a leak.[191]

As part of the agreement, APC will be placed on probation for five years and will establish, implement, and enforce an Environmental Compliance Plan if APC continues to handle pesticides covered by FIFRA.[192] APC is required by the agreement to not engage in fumigations until its Florida Certified Operator in Charge Certificate JF835 is reinstated and a Florida administrative fine of $345,250 is paid.[193] APC and Cris Anderson will be sentenced on February 24, 2026.[194]

Applied Partners, LLC (Guilty Plea)

On December 17, 2025, Applied Partners, LLC (“Applied Partners”) pleaded guilty in the U.S. District Court for the Eastern District of Michigan to one count of knowingly violating asbestos work practice standards under the Clean Air Act, in violation of 42 U.S.C. §§ 7412(h) and 7413(c)(1), and 18 U.S.C. § 2.[195] The charge arose from demolition activities conducted at a former integrated chassis systems facility in Saginaw, Michigan.[196] According to the plea agreement, Applied Partners undertook demolition and scrapping activities despite knowing that multiple structures contained significant quantities of regulated asbestos-containing material.[197] This resulted in the disturbance and dispersal of asbestos-containing material.[198]

Under the plea agreement, the parties agreed to a total criminal fine of $500,000 and a term of two years of organizational probation, subject to court approval.[199] The agreement further provides that the court must order restitution to identifiable victims in amounts to be determined at sentencing, with restitution due immediately upon entry of judgment and subject to immediate enforcement.[200] Sentencing in this case is set for April 9, 2026.[201]

Apprio, Inc. & PM Consulting Group LLC (DPAs)

On June 12, 2025, Apprio, Inc. (“Apprio”) and PM Consulting Group, d/b/a Vistant (“Vistant”), entered into three-year DPAs with the U.S. Attorney’s Office for the District of Maryland.[202] Both Apprio and Vistant admitted to engaging in a conspiracy to commit bribery of a public official and securities fraud.[203] The companies allegedly engaged in a scheme by which they paid bribes to a U.S. Agency for International Development (“USAID”) contracting officer, and in turn, the contracting officer influenced the award of contracts to Apprio and Vistant. Specifically, the officer manipulated the agency’s procurement process by recommending the companies to other USAID decisionmakers for non-competitive contract awards, disclosing sensitive procurement information and source-selection information during the competitive bidding process, and approving decisions on the contracts, such as increased funding. This scheme resulted in the companies winning at least 14 contracts worth over $550 million.[204]

Each DPA requires the respective company to, among other things, engage in ongoing cooperation with and disclosures to DOJ, implement a compliance and ethics program, and periodically report to DOJ regarding remediation and implementation of its compliance measures for the duration of the DPA.[205] Although Apprio agreed in the DPA that the appropriate criminal penalty based on the law and facts was $51,673,185, based on the company’s inability to pay, Apprio was permitted to instead pay a civil penalty of $500,000.[206] Likewise, Vistant agreed in the DPA that the appropriate criminal penalty based on the law and facts was $86,407,740.20, but based on Vistant’s inability to pay, the company was permitted to instead pay a civil penalty of $100,000.[207] Both companies also received credit for cooperating in the Department’s investigation and engaging in timely remedial measures.[208] Apprio and Vistant also agreed to resolve concurrently DOJ’s separate civil False Claims Act investigations relating to the alleged bribery scheme.[209]

ASL Singapore Shipping Limited and Jia Feng Shipping (Fuzhou) Limited (Guilty Plea)

On February 24, 2025, ASL Singapore Shipping Limited and Jia Feng Shipping (Fuzhou) Limited (together, “the Companies”) entered into a plea agreement with the U.S. Attorney’s Office for the Eastern District of Louisiana.[210] The Companies, which owned and operated the bulk carrier M/V ASL Singapore, were charged with violating the Act to Prevent Pollution from Ships (APPS), 33 U.S.C. § 1908(a), and obstruction of justice related to the falsification of required vessel logs, 18 U.S.C. § 1505.[211] During a routine U.S. Coast Guard inspection, investigators discovered that the crew was using a pump to dispose of oily bilge water.[212] This, combined with the crew’s failure to take appropriate pollution prevention measures, constituted a violation of the International Convention for the Prevention of Pollution from Ships (“MARPOL”).[213] Additionally, the crew presented the Coast Guard with fraudulent and falsified records concealing the discharge of the oily bilge water.[214] This case was investigated by the Coast Guard Investigative Service and the Environmental Protection Agency Criminal Investigations Division.[215]

Pursuant to the plea agreement, the Companies were required to pay a total fine of $1.85 million and are banned from operating in the United States.[216] They have also been placed on a four-year probation.[217] The Companies were sentenced during the same proceeding on February 20, 2025.[218] The ship’s Chief Engineer, Fei Wang, also pleaded guilty to related charges.[219]

Aux Cayes Fintech Co. Ltd. d/b/a OKX (Guilty Plea)

On February 24, 2025, Aux Cayes Fintech Co. Ltd., d/b/a OKX (“OKX”), a Seychelles-based cryptocurrency exchange, entered into a two-year plea agreement with the U.S. Attorney’s Office for the Southern District of New York.[220] OKX pleaded guilty to a single count of operating an unlicensed money transmitting business, in violation of 18 U.S.C. § 1960. The information alleged misconduct by OKX and its agents from at least 2018 through early 2024.[221] According to the plea agreement, OKX allowed U.S.-based customers to access its cryptocurrency platform using virtual private networks despite purportedly banning IP addresses from the United States, and U.S.-based institutions conducted transactions worth trillions of dollars on the platform.[222] Per the agreement, OKX also failed to maintain adequate Know Your Customer (KYC) programs.[223]

The agreement imposes a total monetary penalty of approximately $504 million, composed of a $420,353,574 million criminal forfeiture and an $84,457,629 million criminal fine.[224] Under the terms of the plea agreement, OKX is required to retain an independent compliance consultant until at least February 2027 to review its anti-money laundering and KYC programs and must continue to cooperate fully with the government’s ongoing investigations.[225]

Barlow Herbal Specialties LLC (DPA)

Barlow Herbal Specialties LLC (“Barlow”), a Utah-based herbal products company, entered into a six-month deferred prosecution agreement (“DPA”) with the United States Attorney’s Office for the District of Utah to resolve a misdemeanor charge under the Lacey Act.[226] The criminal information appended to the DPA charged Barlow with one misdemeanor count of 16 U.S.C. § 3372(a)(1), with allegations that in or about September 2023, Barlow knowingly received, acquired, and purchased Lomatium dissectum roots that, in the exercise of due care, Barlow should have known were harvested and transported in violation of federal regulations governing plant collection on U.S. Forest Service Lands.[227]

Under the DPA, the United States agreed to defer prosecution for six months for the conduct set forth in the DPA, with the option to extend the term by up to one additional year if Barlow fails to fully perform its obligations.[228] In turn, Barlow admitted and accepted responsibility for the conduct described in the information and the incorporated Statement of Facts.[229] The DPA requires Barlow to pay $30,000 in restitution and $28,064 in remediation within six months, and to forfeit all Lomatium roots and related products.[230] In addition, Barlow must implement and maintain extensive corporate compliance obligations focused on Lacey Act compliance, including: (i) adoption of a Lacey Act Compliance Plan; (ii) policies and procedures to ensure that employees, agents, and third-party suppliers do not source plants or plant parts from federal lands without required permits; (iii) industry and customer communication to promote an industry understanding of the Lacey Act requirements, and applicable permit requirements on federal lands; and (iv) engagement of a third-party consultant to audit compliance with the certain corporate compliance obligations on an annual basis (notwithstanding the agreement’s term of six months), and to provide the audit report to the government.[231]

The DPA notes that this resolution reflects several considerations, including the nature of the offense, Barlow’s cooperation (such as ceasing sales of Lomatium products, quarantining inventory, voluntarily agreeing to forfeiture of unverified product, and providing extensive information to the government), its remedial and compliance enhancements, and the absence of prior criminal or civil resolutions.[232] The District court granted DOJ’s motion for deferral of prosecution on November 5, 2025.[233]

BJS & T Enterprises, Inc. d/b/a San Diego Powder & Protective Coating (Guilty Plea)

On November 17, 2025, BJS & T Enterprises, Inc. d/b/a San Diego Powder & Protective Coating (“BJS”) entered into a plea agreement with the U.S. Attorney’s Office for the Southern District of California.[234] BJS pleaded guilty to engaging in a pattern and practice of hiring, recruiting, and referring for a fee, for employment in the U.S., unauthorized immigrants in violation of 8 U.S.C. § 1324a(a)(1)(A) and (f).[235] DOJ alleged that this included the company’s knowledge that some of its employees were using fraudulent work authorization documents and also that BJS allowed such employees to work in proximity to U.S. military equipment.[236]

As part of the agreement, BJS agreed to participate in the U.S. Immigration and Customs Enforcement’s Mutual Agreement between Government and Employers program, a program designed to ensure employment verification practices.[237] BJS also agreed to a $21,000 criminal penalty and $230,000 in forfeiture.[238]

The Boeing Company (NPA)

On May 29, 2025, the DOJ Fraud Section and the U.S. Attorney’s Office for the Northern District of Texas entered into a two-year NPA with The Boeing Company (“Boeing”) and moved to dismiss, without prejudice, pending criminal charges against Boeing alleging conspiracy to defraud the United States in violation of 18 U.S.C. § 371.[239] DOJ stated that it agreed to dismiss the charges in light of the certainty and immediacy of the financial, compliance, and remedial commitments secured by the NPA, Boeing’s post-breach compliance improvements, enhanced FAA oversight, and the litigation risks associated with proceeding to trial.[240] The court granted the motion to dismiss on November 6, 2025.[241]

Under the NPA’s Statement of Facts, Boeing conspired to obstruct and impede the lawful functions of the FAA Aircraft Evaluation Group (the same charge cited in the original DPA) and to accept responsibility for the conduct underlying the charged offense.[242] The resolution requires Boeing to pay a total criminal penalty of $487.2 million, with credit for the $243.6 million penalty Boeing previously paid under the DPA.[243] Boeing also agreed to allocate an additional $444.5 million to a Crash-Victim Beneficiaries Fund.[244] Boeing also agreed to invest $455 million into its compliance, safety, and quality improvement programs, and to continue enhancing its anti-fraud compliance and ethics program.[245] The NPA further requires Boeing to retain an independent compliance consultant.[246]

BofA Securities, Inc. (Declination with Disgorgement)

On September 17, 2025, DOJ declined to prosecute BofA Securities, Inc. (“BSI”) for market manipulation activity allegedly committed by two former traders on BSI’s U.S. Treasuries desk between November 2014 and April 2020.[247] The declination followed DOJ’s consideration of the factors set forth in the updated Corporate Enforcement Policy.[248] As part of the resolution, BSI agreed to disgorge approximately $1.97 million and to contribute approximately $3.6 million to a victim compensation fund.[249] In exchange, DOJ declined to prosecute, underscoring the value of early self-disclosure and cooperation.[250]

Brew City Environmental & Restoration Services, LLC (Guilty Plea)

On June 20, 2025, Brew City Environmental & Restoration Services, LLC (“Brew City”), a Wisconsin asbestos abatement and demolition contractor, pleaded guilty to one count of making false material statements related to hazardous materials in violation of Clean Air Act provisions 42 U.S.C. § 7413(c)(2)(A) and related Environmental Protection Agency (“EPA”) asbestos regulations at 40 C.F.R. §§ 61.145(b) and 61.150(d).[251] According to the plea agreement, from February 2020 through February 2021 Brew City submitted asbestos waste manifests to the Wisconsin Department of Natural Resources (“WDNR”) that falsely listed the landfill at which regulated asbestos-containing material (“RACM”) was disposed and failed to update those records as required.[252]

Under the plea agreement, Brew City faces a statutory maximum fine of $250,000.[253] The parties jointly recommended a $5,000 fine contingent on Brew City completing cleanup and remediation of an asbestos debris site in Oak Creek, Wisconsin pursuant to a written plan, with a $100,000 fine to be recommended if remediation is not completed before sentencing.[254] Brew City further agreed to bear remediation costs, dissolve following cleanup, and refrain from resuming asbestos abatement or demolition operations.[255] Sentencing is scheduled for March 3, 2026.[256] The EPA Criminal Investigation Division conducted the investigation.[257]

Burns Hunting Club, LLC (Guilty Plea)

On March 27, 2025, Burns Hunting Club, LLC (“Burns”), an Illinois-based waterfowl hunting club, pleaded guilty to one misdemeanor count of unlawful sale of wildlife in violation of the Lacey Act, 16 U.S.C. §§ 3372(a)(1) and 3373(d)(2), and 18 U.S.C. § 2.[258] The offense involved Burns’s involvement in alleged illegal baiting practices and the sale of wildlife taken in violation of federal law.[259] As part of the plea agreement, Burns admitted that it knowingly participated in a conspiracy to take, possess, transport, or sell wildlife in violation of state or federal regulations.[260]

The plea agreement recommended that Burns be sentenced to a 24-month term of probation and pay a $5,500 fine to the Lacey Act Reward Account.[261] Burns also agreed to pay $30,000 in restitution to the Illinois Department of Natural Resources.[262] Additional conditions include a prohibition on operating or guiding hunts at its property for 24 months, surrender of any related licenses or permits, and restrictions on leasing property to individuals previously convicted of wildlife violations.[263] DOJ stated that the penalties imposed—including a $71,500 joint fine for Burns and its owner—reflect the seriousness of illegal baiting and its impact on lawful hunting.[264] On May 19, 2025, Burns was sentenced consistent with the terms of the plea agreement.[265] The U.S. Fish and Wildlife Service and the Illinois Department of Natural Resources conducted this investigation.[266]

Cadence Design Systems, Inc. (Guilty Plea)

On July 28, 2025, Cadence Design Systems, Inc. (“Cadence”), a multinational electronic design automation (“EDA”) technology company, entered into a plea agreement with the Counterintelligence and Export Control Section of DOJ’s National Security Division and the U.S. Attorney’s Office for the Northern District of California.[267] The agreement resolved the government’s allegations regarding export control violations relating to the sale of certain technology to a university in the People’s Republic of China.[268]

Cadence agreed to pay a criminal fine of $72,488,507.86, reflecting a discount for cooperation and remediation, of which DOJ agreed to credit $24,832,507.86 paid to the U.S. Department of Commerce, Bureau of Industry and Security in a parallel civil settlement.[269] Cadence also agreed to a forfeiture of $45,305,317.41[270] and a three-year organizational probation term.[271]

Campbell Sales Group, Inc. (DPA)

On February 25, 2025, Campbell Sales Group, Inc. d/b/a LeatherItaliaUSA (“CSG”), a leather furniture supplier, entered into a three-year DPA with the U.S. Attorney’s Office for the Eastern District of North Carolina to resolve allegations involving a fraudulent Paycheck Protection Program (“PPP”) loan scheme.[272] Specifically, the government alleged that, in April 2020, CSG applied for and received a $257,700 PPP loan and that, in order to meet eligibility requirements for loan forgiveness, CSG artificially inflated its payroll costs by adding fake employees to its payroll and fraudulently manipulating wages of actual employees, thus committing two counts of wire fraud in violation of 18 U.S.C. § 1343.[273] The government alleged that CSG requested and was granted forgiveness of the loan, due to its falsely certifying its payroll figures and provision of false and fraudulent supporting documentation.[274] In March 2021, CSG applied for an additional $213,006 PPP loan, incorporating the same false payroll data that it had used to obtain forgiveness of its first PPP loan.[275] In connection with the DPA, CSG agreed to pay a monetary penalty of $1,000,000 and restitution of $499,164.[276]

Clark & Garner, LLC and TranscendBS, LLC (Guilty Pleas)

On February 24, 2025, Clark & Garner, LLC (“Clark & Garner”), a company providing educational programming to schools and non-profit organizations, entered into a plea agreement with the DOJ Antitrust Division.[277] On March 19, 2025, TranscendBS, LLC, also entered into a plea agreement for alleged bid-rigging as part of the same scheme.[278] The agreements resolved allegations of bid rigging in violation of the Sherman Act.[279] According to its agreement, Clark & Garner rigged bids to win contracts for its consulting services to the New York City Department of Education, between approximately November 2020 and January 2023.[280] Clark & Garner allegedly conspired with TranscendBS, LLC and its owner Victor Garrido, and others, in a scheme whereby Clark & Garner would submit artificially high bids on contracts for services it did not provide to help TranscendBS win the contracts.[281] Likewise, TranscendBS’s plea agreement alleged that its owner, Victor Garrido, and co-conspirator Clark & Garner conspired that Clark & Garner would submit artificially high “competitor” bids to help TranscendBS win contracts for business consulting services to New York City public schools.[282] Through the alleged scheme, TranscendBS won at least $707,555 in contracts from numerous New York City public schools, resulting in estimated losses of $141,511 to NYC DOE.[283]

The agreement states that Clark & Garner’s stipulated Guidelines fine range is $80,000 to $160,000 and recommends that the Court impose a criminal fine recommended by the United States Probation Office that is within the defendant’s ability to pay.[284] On July 31,2025, the Court sentenced Clark & Garner to pay an $80,000 criminal fine.[285] Clark & Garner’s sole owner, Donald Clark Garner II, also entered into a plea agreement for bid rigging and agreed to pay $35,216.70 as restitution for unemployment benefits he received from the New York State Department of Labor and a $4,538.70 monetary penalty.[286] On August 19, 2025, TranscendBS and its owner Victor Garrido were ordered to pay $141,511 in restitution to NYC DOE.[287] In addition, Garrido was sentenced to six months in prison and was ordered to pay $23,100 in restitution to the New York State Department of Labor in connection with his unemployment benefit fraud.[288]

CLS Global FZE LLC (Guilty Plea)

On January 21, 2025, CLS Global FZE (“CLS Global”), a cryptocurrency market making firm, entered into a plea agreement for one count of conspiracy to commit market manipulation and wire fraud and one count of wire fraud with the United States Attorney’s Office for the District of Massachusetts.[289] As part of the plea agreement, CLS Global admitted that it agreed to provide market making services for a cryptocurrency company called NexFundAI that included “wash trading” to attract investors to its token.[290] The government considered as mitigating factors that, upon learning of the charges brought by DOJ and a related civil enforcement action brought by the SEC, CLS Global promptly retained counsel to accept responsibility, make voluntary disclosures, and augment compliance controls.[291] On April 2, 2025, CLS Global was sentenced and agreed to pay a total of $428,060, which included both a fine and seized cryptocurrency, and a three-year term of probation during which it is prohibited from participating in U.S. cryptocurrency markets.[292] CLS Global entered into a separate resolution with the SEC for violations of securities laws related to the same conduct.[293]

Comunicaciones Celulares S.A. d/b/a TIGO Guatemala (DPA)

On November 10, 2025, Comunicaciones Celulares S.A., d/b/a TIGO Guatemala (“TIGO”), a Guatemalan Subsidiary of Millicom, a Luxembourg-based telecommunications company, entered into a two-year DPA with the DOJ Criminal Division, Fraud Section and the U.S. Attorney’s Office for the Southern District of Florida to resolve allegations of bribes paid to Guatemalan officials.[294] Under the DPA, TIGO agreed to pay $118.2 million, consisting of a $60 million criminal fine and forfeiture of $58,198,343 million.[295] TIGO’s criminal fine reflects a 50 percent discount off the low end of the Sentencing Guidelines fine range, the highest penalty discount received under the Criminal Division’s Corporate Enforcement and Voluntary Self-Disclosure Policy, JM § 9-47.120 (“CEP”) in an FCPA resolution to date.[296] Among other things, TIGO and Millicom also were required to engage in annual testing and formal reporting to DOJ regarding the state and sustainability of the companies’ compliance program.[297]

Although Millicom first voluntarily disclosed the relevant conduct to DOJ in 2015, it did not meet the requirements for a Part II resolution under the CEP because it allegedly did not fully cooperate with DOJ’s investigation.[298] TIGO was initially a joint venture, and the DPA states that Millicom’s partner blocked efforts to cooperate with DOJ’s investigation, and DOJ consequently closed its investigation in 2018.[299] However, DOJ independently learned of new information in 2020 that caused it to reopen its investigation, including that the alleged misconduct at issue involved narcotrafficking proceeds that were used to make cash payments for some of the alleged bribes.[300]

Credit Suisse Services AG (Guilty Plea and NPA)

On May 5, 2025, Credit Suisse Services AG (“CSS”) entered into a plea agreement with the DOJ’s Tax Division and the U.S. Attorney’s Office for the Eastern District of Virginia in connection with certain legacy Credit Suisse U.S. taxpayer accounts in Switzerland.[301] CSS entered into a separate NPA relating to accounts opened at the former Credit Suisse AG Singapore.[302] During the 2023 merger with UBS, UBS became aware of these accounts, froze some of them, and voluntarily disclosed information to DOJ within six months of the acquisition.[303] The NPA specifically credited UBS’s extensive cooperation and remedial steps.[304]

CSS was sentenced on May 5, 2025, to pay a criminal fine of $217,261,890 consistent with the plea agreement.[305] CSS also agreed to pay $46,015,674 in restitution to the IRS and a forfeiture amount of $108,630,945.[306] Additionally, CSS separately agreed to pay a penalty of $138,700,000 under the NPA.[307]

Dune Medical Supply, LLC and Prospect Health Solutions, Inc. (Guilty Pleas)

On October 1, 2025, Dune Medical Supply, LLC (“Dune Medical”) and Prospect Health Solutions, Inc. (“Prospect Health”), two durable medical equipment companies under common ownership, entered into plea agreements with the United States Attorney’s Office for the Middle District of North Carolina to resolve allegations of widespread Medicare fraud in violation of 18 U.S.C. § 1347.[308] Specifically, Dune Medical and Prospect Health admitted to having submitted fraudulent claims to Medicare between April and August 2024, for durable medical equipment that beneficiaries never requested, received, or needed, or for equipment that had never been ordered by a medical provider.[309] During this period, the companies collectively submitted more than $100 million in claims to Medicare.[310]

Pursuant to their respective plea agreements, Dune Medical agreed to forfeit $6,875,755.56, and Prospect Health agreed to forfeit $9,503,246.37.[311] A sentencing hearing for both companies was held on January 22, 2026, but as of the time of writing, the court had not yet issued its judgment in either case.[312]

E&A Auto Cores, LLC (Guilty Plea)

On October 24, 2025, E&A Auto Cores, LLC (“E&A”), a Missouri-based company engaged in the purchase and resale of catalytic converters, entered into a plea agreement with the U.S. Attorney’s Office for the Eastern District of Missouri and agreed to one count of interstate transportation of stolen property in violation of 18 U.S.C. § 2314.[313] The plea agreement states that between May 17, 2018, and May 28, 2021, E&A purchased and transported catalytic converters that it knew were stolen, including acquisitions from individuals in Tennessee and Iowa who explicitly advised that the converters were stolen.[314] E&A then allegedly moved those converters across state lines for resale.[315] The agreement further states that approximately five percent of the catalytic converters E&A purchased and later sold to a major recycler were stolen, and that at least $50,000 in proceeds deposited into E&A’s bank account were traceable to the alleged misconduct.[316]

Under the plea agreement, E&A agreed to pay a $90,000 fine, a $50,000 forfeiture money judgment, and to the forfeiture of 269 catalytic converters seized during the government’s investigation.[317] E&A also agreed to a one-year term of organizational probation.[318] Sentencing is scheduled for February 5, 2026.[319]

Eagle Ship Management, LLC (Guilty Plea)

On July 15, 2025, Eagle Ship Management, LLC (“ESM”), a Connecticut-based operator of foreign-flagged bulk carriers, entered into a plea agreement with the U.S. Attorney’s Office for the Eastern District of Louisiana and agreed to plead guilty to one count of violating the Act to Prevent Pollution from Ships (“APPS”), 33 U.S.C. § 1908(a).[320] The charge arose from ESM’s alleged knowing discharge of oil-contaminated bilge water from the M/V Gannet Bulker without required pollution-prevention equipment, and failure to maintain an accurate Oil Record Book while in U.S. waters.[321]

Under the plea agreement, ESM agreed to pay a $1,750,000 criminal fine.[322] ESM will also serve a four-year term of probation, during which it must implement a government-approved Environmental Compliance Plan (“ECP”), undergo external audits by a court-appointed monitor, and ensure that eight covered vessels and associated shore-side operations adopt enhanced environmental training, reporting, and recordkeeping requirements.[323] On October 16, 2025, ESM was sentenced consistent with the plea agreement.[324]

Elecsurf Trading, LTD (Guilty Plea)

On August 1, 2025, Elecsurf Trading Ltd. (“Elecsurf”), an Illinois-based distributor of computer software, entered into a plea agreement with the U.S. Attorney’s Office for the Northern District of Illinois in connection with one count of criminal copyright infringement in violation of 17 U.S.C. § 506(a)(1)(A) and 18 U.S.C. § 2319(b)(1).[325] According to the plea agreement, from at least August 2010 through at least October 2011, Elecsurf and its co-defendants copied, distributed, and sold unauthorized software through multiple websites and email accounts operated by the defendants.[326] Elecsurf fulfilled customer purchases by sending stolen product keys electronically or by shipping unauthorized discs duplicated from originals at defendants’ direction, resulting in over $1.5 million in lost sales to a major software company.[327] Under the plea agreement, the Elecsurf agreed to a $1.7 million criminal fine.[328] On October 1, 2025, Elecsurf was sentenced consistent with its plea agreement.[329]

Eleview International Inc. (Guilty Plea)

On October 22, 2025, Eleview International Inc. (“Eleview”), a Virginia-based freight consolidation and forwarding business, entered into a plea agreement with the United States Attorney’s Office for the Eastern District of Virginia and the Counterintelligence and Export Control Section of DOJ’s National Security Division to resolve allegations of a conspiracy to violate the Export Control Reform Act.[330] According to the statement of facts accompanying the plea agreement, from approximately February 2022 to June 2023, Eleview conspired to illegally export goods and technology from the United States to Russia by transshipping those items through Turkey, Finland, and Kazakhstan to evade U.S. export restrictions imposed after Russia’s invasion of Ukraine.[331] During this period, Eleview allegedly exported 23 shipments through Turkey valued at approximately $1,317,432; 82 shipments through Finland valued at over $3.4 million; and at least 52 shipments through Kazakhstan valued at approximately $1,468,816.[332]

Pursuant to the plea agreement, Eleview agreed to pay a criminal fine of $125,000, forfeit “all interests in any export control-related asset” that it owns or “exercises control over, directly or indirectly,” and serve a three-year term of probation.[333] Sentencing is scheduled for February 13, 2026.[334] Eleview also entered into a parallel settlement agreement with the Bureau of Industry and Security on October 28, 2025.[335]

Erie Coke Corporation (Guilty Plea)

On June 17, 2025, Erie Coke Corporation (“Erie Coke”), a now-defunct company that owned and operated a coke manufacturing plant in Erie, Pennsylvania, entered into a plea agreement with the U.S. Attorney’s Office for the Western District of Pennsylvania regarding two counts of criminal air emissions violations under the Clean Air Act, 18 U.S.C. § 371 and 42 U.S.C. § 7413(c)(1).[336] Specifically, the government alleged that, between October 2015 and December 2019, Erie Coke conspired with its employees to violate the Clean Air Act by removing caps on heating flues to allow combustion gases to vent directly into the air and bypass the plant’s environmental monitoring system.[337] These actions allegedly resulted in emissions that exceeded the limits set forth in Erie Coke’s Title V permit.[338] The government also alleged that Erie Coke knowingly submitted misleading emissions data to regulators.[339] Erie Coke was sentenced to pay a $700,000 criminal monetary fine.[340]

Exploring Together Therapy LLC (Guilty Plea)

On November 24, 2025, Exploring Together Therapy LLC (“Exploring Together”), a Puerto Rico-based provider of therapeutic services for children, entered into a plea agreement with the United States Attorney’s Office for the District of Puerto Rico,[341] regarding one count of theft of federal funds in violation of 18 U.S.C. § 641.[342] The charge stems from an alleged fraudulent invoicing scheme conducted between January 2021 and July 2024, through which Exploring Together knowingly submitted invoices to the U.S. Department of Education for services that it had not rendered.[343]

Under the terms of the plea agreement, Exploring Together agreed to pay $190,820 in restitution to the Puerto Rico Department of Education (“PRDOE”).[344] The plea agreement also requires Exploring together to obtain written approval from the United States before selling, transferring, loaning, assigning, disposing, removing, concealing, wasting, encumbering, destroying, or otherwise devaluing any property or asset worth more than $5,000.[345] The parties agreed to request a sentence of probation between one to five years.[346] Sentencing is scheduled for March 9, 2026.[347]

Eurobulk Ltd. (Guilty Plea)

On January 8, 2025, Eurobulk Ltd. (“Eurobulk”), a Greece-based operator of bulk carriers, entered into a plea agreement with the U.S. Attorney’s Office for the Southern District of Texas and the DOJ Environmental Crimes Section relating to one count of failing to maintain an accurate Oil Record Book in violation of the Act to Prevent Pollution from Ships (“APPS”), 33 U.S.C. § 1908(a), and one count of falsification of records in violation of 18 U.S.C. § 1519.[348] According to the plea agreement, the charges stem from conduct aboard the Good Heart during an April 2023 port call in Corpus Christi, Texas, where Eurobulk admitted that its crew concealed discharges of oil-contaminated waste and falsified related records.[349]

At sentencing, the court ordered Eurobulk to pay a total monetary penalty of $1,500,000, consisting of a $1,125,000 criminal fine and a $375,000 organizational community service payment directed to the National Fish and Wildlife Foundation to support maritime ecological restoration projects.[350] Eurobulk will also serve a four-year term of organizational probation, during which it must implement and fund an Environmental Compliance Plan (“ECP”), including external audits by an independent Third-Party Auditor and oversight by a Court Appointed Monitor.[351] The Plea Agreement also requires Eurobulk to report environmental violations, adopt system-wide engineering and operational controls to prevent improper discharges, and undertake expanded training across all covered vessels.[352] The court notably granted the government’s motion for a whistleblower award in the amount of $281,250 in connection with this case.[353]

Fabcon Precast LLC (Guilty Plea)

On February 26, 2025, Fabcon Precast LLC (“Fabcon”), a Minnesota-based manufacturer of precast concrete panels, entered into a plea agreement with the U.S. Attorney’s Office for the Southern District of Ohio and the NRD Environmental Crimes Section regarding one count of willfully violating an Occupational Safety and Health Administration (“OSHA”) standard causing death, in violation of 29 U.S.C. § 666(e).[354] The charge arose from a June 6, 2020 incident at Fabcon’s Grove City, Ohio facility, where a batch operator was fatally injured by a pneumatic discharge door with a broken valve handle.[355]

Fabcon was sentenced to a $500,000 criminal fine and two years of organizational probation.[356] As a condition of probation, Fabcon must comply with all terms of a Safety Compliance Plan incorporated into the plea agreement.[357]

Gotbit Consulting LLC (Guilty Plea)

On March 19, 2025, Gotbit Consulting LLC (“Gotbit”), a financial services firm known as a market maker in the cryptocurrency industry, and its founder and Chief Executive Officer (“CEO”) entered into plea agreements with the U.S. Attorney’s Office for the District of Massachusetts to resolve charges that the company engaged in manipulative trades to artificially increase the trading price and volume of crypto tokens for clients.[358] Specifically, Gotbit pleaded guilty to one count of conspiracy to commit market manipulation and wire fraud in violation of 18 U.S.C. § 371 and two counts of wire fraud in violation of 18 U.S.C. § 1343.[359] The government alleged that, from 2018 to 2024, Gotbit provided market manipulation services to create artificial trading volume for multiple cryptocurrency companies located in the United States and companies whose cryptocurrencies traded on platforms available to investors located in the United States.[360] The government also charged two of Gotbit’s directors for their alleged participation in the scheme.[361]

Gotbit agreed to forfeit nearly $23 million in cryptocurrency and agreed to a probation period of five years, during which time Gotbit is required to cease all operations.[362] In light of the forfeiture and the monetary relief agreed upon between Gotbit and the SEC in a related case, the government did not impose a fine.[363] Gotbit’s CEO, who also pleaded guilty in March 2025, was sentenced to eight months in prison to be followed by one year of supervised release.[364]

Gadsden, Gaillard and West LLC (Guilty Plea)

On October 9, 2025, Dennis Eugene West, on behalf of himself and his trucking business Gadsden, Gaillard and West LLC (“Gadsden”), entered into a plea agreement with the U.S. Attorney’s Office for the Southern District of West Virginia for the negligent discharge of pollutants into United States waters in violation of 33 U.S.C. §§ 1311(a) and 1319(c)(1)(A).[365] West allegedly crashed a tractor trailer spilling alkyl dimethylamine into a tributary of the Kanawha river.[366] West and Gadsden are scheduled to be sentenced on February 26, 2026.[367] Gadsden faces a maximum penalty of up to five years of federal probation and a $200,000 fine and may owe restitution of up to $1,654,654.01, to the extent financially feasible.[368]

Hao Global LLC (Guilty Plea)

On October 10, 2025, Hao Global LLC (“Hao Global”), a Houston-area company, and its owner and corporate representative, Alan Hao Hsu, entered into plea agreements with the U.S. Attorney’s Office for the Southern District of Texas, pleading guilty in the U.S. District Court for the Southern District of Texas to federal export control and smuggling offenses.[369] Specifically, Hao Global pleaded guilty to one count of smuggling goods from the United States, in violation of 18 U.S.C. § 554(a), and one count of unlawful export activity, in violation of 13 U.S.C. § 305 and 18 U.S.C. § 2.[370]

The charges arose from an alleged scheme to unlawfully export advanced Nvidia graphics processing units (“GPUs”) to the People’s Republic of China (“PRC”).[371] According to DOJ, from at least October 2024 through approximately May 2025, Hao Global and Hsu conspired with others to procure, misclassify, and export U.S.-origin Nvidia H100 and H200 Tensor Core GPUs without the required U.S. government export licenses.[372] These GPUs are items controlled under the Export Administration Regulations (“EAR”) for national security reasons and are integral to building AI technologies and capabilities.[373] Hsu and Hao Global allegedly received more than $50 million in wire transfers originating from the PRC to help fund the scheme, and transferred at least $160 million in GPUs to PRC.[374]

Hao Global faces a criminal fine of not more than $250,000, or twice the gross gain from the offense, a term of probation of up to five years, and mandatory forfeiture of offense proceeds.[375] Sentencing in this case is scheduled for February 18, 2026.[376]

Hino Motors, Ltd. (Guilty Plea)

On March 19, 2025, Hino Motors, Ltd. (“Hino”), a Japanese manufacturer of heavy-duty vehicles, pleaded guilty in the Eastern District of Michigan to one count of conspiracy to violate 18 U.S.C. § 371.[377] Under the plea agreement, Hino will pay a $521,760,000 criminal fine.[378] Hino must also forfeit $1,087,000,000 in proceeds, which will be deemed satisfied if Hino pays the same amount under parallel civil settlements with multiple other state and federal agencies.[379] Hino will serve five years of probation, during which it may not import or sell Hino-manufactured diesel engines in the United States except for replacement engines expressly permitted by the EPA.[380] The plea agreement also imposes compliance and self-reporting obligations, including engagement of an external compliance consultant to test program effectiveness.[381]

Horseshoe Grove LLC and Chamness Dirt Works Inc. (Guilty Plea)

On February 7, 2025, Horseshoe Grove LLC (“Horseshoe”) and Chamness Dirt Works Inc. (“Chamness”) entered into plea agreements with the U.S. Attorney’s Office for the District of Oregon to resolve an investigation relating to alleged asbestos work practice standards in violation of the Clean Air Act.[382] Horseshoe, a real estate company, allegedly contracted with Chamness, a demolition company, to destroy structures on Horseshoe’s property without properly disposing of previously identified asbestos.[383] Horseshoe and Chamness were both sentenced to a three-year term of probation, but neither was required to pay a criminal fine or restitution.[384]

Hytera Communications Corporation, Ltd. (Guilty Plea)

On January 13, 2025, Hytera Communications Corporation, Ltd. (“Hytera”), a China-based telecommunications company, entered into a plea agreement with the U.S. Attorney’s Office for the Northern District of Illinois in relation to a charge of conspiracy to commit theft of trade secrets in violation of 18 U.S.C. § 1832(a)(5).[385] According to the plea agreement, beginning in 2008, Hytera and individuals acting on its behalf conspired to steal at least one trade secret related to Motorola Solutions’ digital mobile radio technology. Hytera allegedly took proprietary documents and source code and used that information to develop competing Hytera products later sold in the United States.[386]

Under the plea agreement, Hytera faces a criminal fine of up to $60 million, the amount to be determined by the court at sentencing.[387] The agreement also requires Hytera to pay full restitution to Motorola Solutions in an amount to be determined at sentencing.[388] Sentencing in this case is set for January 29, 2026.[389]

J.H. Baxter & Co., Inc. and J.H. Baxter & Co. (Guilty Plea)

On January 3, 2025, J.H. Baxter & Co., Inc. and J.H. Baxter & Co., a California Limited Partnership (together “J.H. Baxter”) entered into a plea agreement with the U.S. Attorney’s Office for the District of Oregon relating to charges of treating hazardous waste without a permit, in violation of the Resource Conservation and Recovery Act (“RCRA”), and of violation of the Clean Air Act’s (“CAA”) regulations for hazardous air pollutants.[390] Specifically, DOJ alleged that J.H. Baxter illegally treated hazardous wastewater by boiling it off in wood-treatment “retorts” and venting hazardous emissions into the air without the requisite permits required by RCRA.[391]

In connection with the agreement, J.H. Baxter was ordered to collectively pay a total of $1 million in criminal fines.[392] The companies were sentenced to serve five years of probation and the companies’ president was sentenced to serve 90 days in prison and one year of supervised release.[393]

KBWB Operations LLC (Guilty Plea)

On January 17, 2025, KBWB Operations LLC (“KBWB”), a company that operated skilled nursing facilities (“SNFs”), entered into a plea agreement with the U.S. Attorney’s Office for the Western District of Wisconsin and the Consumer Protection Bureau of DOJ in connection with one count of health care fraud in violation of 18 U.S.C. § 1347 and one count of conspiracy to defraud the United States in violation of 18 U.S.C. § 371.[394] According to the plea agreement, from January 2015 through September 2018, KBWB diverted Medicare and Medicaid funds intended for the operation and care of residents in its Wisconsin SNFs and used those funds instead for unauthorized distributions to owners, personal expenses, and other non-resident purposes.[395]

DOJ alleged that KBWB and its former CEO continued to certify compliance with federal requirements despite chronic vendor non-payment, failure to maintain adequate staffing and services, and the diversion of resident trust funds and payroll withholdings.[396] From October 2016 through August 2018, KBWB also allegedly conspired to defraud the IRS by failing to remit employee income-tax withholdings and employment taxes, while filing Forms 941 and W-2s falsely indicating those taxes had been paid.[397]

On November 20, 2025, KBWB was sentenced to pay forfeiture of $8,462,572 as well as restitution in the amount of $146,193,885.96.[398]

KuCoin / Peken Global Limited (Guilty Plea)

On January 27, 2025, Peken Global Limited – the Seychelles-based entity that operates KuCoin – pleaded guilty to one count of operating an unlicensed money transmitting business. Per the transcript and press release describing the agreement, KuCoin and its affiliates failed to implement effective anti-money laundering and Know Your Customer (“KYC”) programs and failed to report suspicious transactions in violation of the Bank Secrecy Act, and also operated an unlicensed money transmitting business and conspired to do the same.[399] KuCoin allegedly had approximately 1.5 million registered users based in the United States and earned approximately $184.5 million in fees from those users.[400] KuCoin agreed to forfeit $184.5 million and pay a criminal fine of $112,914,000.[401] KuCoin also agreed to cease operations in the United States for two years.[402]

Liberty Mutual Insurance Company (Declination with Disgorgement)

On August 7, 2025, the Fraud Section of DOJ’s Criminal Division and the U.S. Attorney’s Office for the District of Massachusetts issued a declination letter to Liberty Mutual Insurance Company declining to prosecute Liberty Mutual despite alleged evidence of bribery committed by certain employees of the Company’s subsidiary in India between 2017 and 2022.[403]

As is required, Liberty Mutual disgorged $4.7 million in profits from its affected business with the state-owned banks. DOJ praised the company for its voluntary disclosure, cooperation, “thorough and systematic root-cause analysis,” and “separation from personnel involved in the misconduct.”[404]

Life Touch LLC (Guilty Plea)

On July 14, 2025, Life Touch LLC (“Life Touch”), a substance abuse treatment company, entered into a plea agreement with the U.S. Attorney’s Office for the Eastern District of North Carolina in connection with a Medicaid fraud scheme.[405] As of the date of this publication, the plea agreement remains unavailable, even though it was not filed under seal. However, according to the Information filed by the government, Life Touch allegedly participated in a kickback scheme by providing gift cards to Medicaid recipients who attended substance abuse treatment sessions to order to induce patient attendance and generate reimbursable Medicaid claims.[406] The Information further alleges that, even after federal authorities informed Life Touch that providing incentives to Medicaid recipients violates federal law, Life Touch continued to dispense gift cards and falsely represented that the gift cards were provided by third parties rather than by Life Touch itself. Sentencing for Life Touch is scheduled for February 3, 2026.[407]

Mayhem Services, LLC (Guilty Plea)

On July 21, 2025, Branden Trager and his hunting and fishing guide company, Mayhem Services, LLC, entered into a plea agreement with the U.S. Attorney’s Office for the Western District of Washington, which was then amended and supplemented on September 8, 2025.[408] The government alleged that Trager and Mayhem Services violated the Migratory Bird Treaty Act (“MBTA”) during a January 2023 hunting trip in western Washington and then transported the taken birds in violation of the Lacey Act.[409] On December 3, 2025, the court accepted the plea agreement, sentencing Mayhem Services to three years of probation and assessing a fine of $75,000.[410] The U.S. Fish and Wildlife Service and Homeland Security Investigations participated in the investigation.[411]

MGI International, LLC (Declination)

On November 19, 2025, the Fraud Section of DOJ’s Criminal Division and the U.S. Attorney’s Office for the District of New Hampshire issued a declination letter to MGI International, LLC (“MGI”) and its subsidiaries Global Plastics LLC and Marco Polo International LLC (collectively the “Companies”) relating to alleged violations of Conspiracy (18 U.S.C. § 371), Smuggling (18 U.S.C. § 545), Entry of Goods by Means of False Statements (18 U.S.C. § 542), and Entry of Goods Falsely Classified (18 U.S.C. § 541).[412] According to the letter, from approximately March 2021 through April 2024, a senior executive at the Companies engaged in a scheme, directing subordinates to falsify country of origin declarations of Chinese imports to evade Section 301 duties owed on products of Chinese origin.[413]

The letter states that the Fraud Section’s decision to decline prosecution was based on an assessment of factors including: (1) the Companies’ timely and voluntary self-disclosure of the misconduct; (2) the Companies’ full and proactive cooperation in this matter (e.g., providing all known relevant facts about the misconduct, including information about the individuals involved and substantial factual and data analysis of the import records) and its agreement to continue to cooperate with any ongoing government investigations and prosecutions that have resulted or might result in the future; (3) the nature and seriousness of the offense; (4) the Companies’ timely and appropriate remediation, including termination and disciplinary actions against the employees involved in the scheme, an internal review of the misconduct, an internal review of its compliance program and internal controls, a thorough and systematic root-cause analysis, and enhancements to its broader compliance program; and (5) the absence of aggravating factors that, when weighed against MGI’s cooperation and remediation, warrant a disposition other than a resolution under Part I of the CEP.[414] The Companies agreed to disgorge $3,905,108.77, but no additional payment was required, as the letter credited $6,896,094 paid pursuant to an earlier civil settlement with DOJ in July 2025.[415]

Millenia Productions, LLC (Guilty Plea)

On August 13, 2025, Millenia Productions, LLC (“Millenia Productions”), a cosmetics manufacturer, entered into a plea agreement with the U.S. Attorney’s Office for the District of Kansas for Illegal Storage of Hazardous Waste.[416] The government alleged that Millenia Productions transported over 600 containers of hazardous waste paint and solvents from its own facility in Wichita, Kansas to a property owned by Millenia’s owner near a burn pit.[417] According to DOJ, neither of these properties were legally permitted for the storage, treatment, or disposal of hazardous waste, and a fire near the burn pit led to an explosion that injured an employee.[418] Pursuant to the plea agreement, Millenia agreed to pay a $285,000 fine and engage an independent consultant as well as an independent auditor to create and audit an Environmental Compliance Plan to be submitted to the court.[419] On November 3, 2025, the court sentenced Millenia Productions consistent with the agreement and imposed a three-year probation term, during which Millenia Productions must self-report to the court or probation office.[420]

Mudafort Xtreme Sports & Motorsports, Inc. (Guilty Plea)

On January 10, 2025, Mudafort Xtreme Sports & Motorsports, Inc. (“Mudafort”), a licensed firearms dealer, entered into a plea agreement for one count of failing to properly maintain forms and firearms acquisition and disposition book records with the U.S. Attorney’s Office for the District of Puerto Rico.[421] The government alleged that, from 2016 to 2021, Mudafort was a federally licensed dealer of firearms and knowingly failed to make appropriate entries and properly maintain ATF 4473 Forms and Firearms Acquisition Disposition Book records that it was required to keep in violation of 18 U.S.C. §§ 922(m) and 924(a)(3)(B).[422] Pursuant to the plea agreement, Mudafort was sentenced to a $6,000 fine and one year of probation.[423]

Murex Management, Inc. (Guilty Plea)

On July 10, 2025, Murex Management, Inc. (“Murex”), a Texas-based management company affiliated with an ethanol marketing and logistics firm, entered into a plea agreement with the United States Attorney’s Office for the Eastern District of Louisiana to plead guilty in to aiding and abetting a violation of 18 U.S.C. § 1005 for its alleged role in fraudulent transactions involving false ethanol sales.[424] According to the agreement, beginning in 2013, a related company and its parent entities experienced financial strain and engaged in transactions that artificially boosted revenue by falsely reporting ethanol sales to financial institutions.[425] Murex’s actions contributed to millions of dollars of losses to the financial institutions.[426]

Under the plea agreement, Murex agreed to pay a $6,073,049.24 criminal fine and $9,672,796.86 in restitution.[427] The agreement requires that the full fine and restitution amounts be paid on or before sentencing and provides that restitution will be non-dischargeable in bankruptcy.[428] The parties also agreed that no forfeiture will be sought if Murex pays the agreed monetary amounts by the time of sentencing.[429] On the same day, the court sentenced Murex consistent with the plea agreement.[430]

OHM Pharmacy Services, Inc. (Guilty Plea)

On April 8, 2025, OHM Pharmacy Services, Inc. (“OHM”), a pharmacy, entered a plea agreement to resolve allegations of health care fraud with the United States Attorney’s Office for the District of Massachusetts.[431] The government alleged that OHM employed prior authorization specialists who improperly completed prior authorization forms with false clinical information for Evzio in place of prescribing physicians and submitted the forms to insurers as if OHM were the physician.[432] Pursuant to the plea agreement, OHM agreed to pay $82,000 and to a one-year term of probation.[433] Under a separate civil settlement agreement resolving False Claims Act allegations, OHM agreed to civil forfeiture of $1,018,000.[434]

Old Dutch Mustard Co., Inc. (Guilty Plea)

On January 16, 2025, Old Dutch Mustard Co., Inc., d/b/a Pilgrim Foods Company (“Old Dutch”), a mustard and vinegar manufacturing company, and the company’s president, entered into a plea agreement with the U.S. Attorney’s Office for the District of New Hampshire and DOJ’s Environmental and Natural Resources Division for three counts of knowingly discharging a pollutant without a permit in violation of the Clean Water Act (“CWA”), 33 U.S.C. §§ 1311(a) and 1319(c)(2)(A).[435] Specifically, Old Dutch pleaded guilty to knowingly discharging acidic water into the Souhegan River between around April 2015 to August 2023.[436]

In connection with the agreement, Old Dutch agreed to a criminal fine of $1.5 million, an independent compliance consultant, five years of probation, and an order by the court requiring the company to establish an effective environmental compliance program and environmental ethics program.[437] Old Dutch’s president and owner, Charles Santich, also pleaded guilty. Sentencing is currently scheduled to occur on March 10, 2026.

Paxful Holdings, Inc. (Guilty Plea)

On December 9, 2025, Paxful Holdings, Inc. (“Paxful”), an online virtual currency trading platform, pleaded guilty in the U.S. District Court for the Eastern District of California to charges that included conspiracy to willfully fail to maintain an effective AML program, in violation of the Bank Secrecy Act, and conspiracy to operate an unlicensed money transmitting business, in violation of 18 U.S.C. § 1960, pursuant to an October 16, 2025 plea agreement with the U.S. Attorney’s Office for that district and the Money Laundering, Narcotics and Forfeiture Section (“MNF”) of DOJ’s Criminal Division.[438] The platform and its founders allegedly marketed the platform as not requiring know-your-customer (“KYC”) information, allowed customers to use the platform without gathering appropriate KYC information, presented fake AML policies to third parties, and failed to file suspicious activity reports where appropriate. According to the plea agreement, as a result of these alleged failings, the platform was used as a vehicle for money laundering, sanctions violations, and other criminal activity, including fraud, romance scams, extortion schemes, and in particular prostitution.[439]

Under the plea agreement, the platform agreed to pay a criminal penalty of $4 million. This amount reflects a reduction based on inability to pay from an agreed-upon fine of $112.5 million, which, in turn, represented a 25% reduction from the bottom of the applicable sentencing guidelines because of the platform’s cooperation.[440] In addition, Paxful and PXF Global Corp., which acquired Paxful’s assets outside the United States in December 2024, agreed to adopt and enhance their anti-money laundering and terrorist financing compliance programs in the jurisdictions in which they operate. PXF Global further agreed that it will make two self-reports to MLARS regarding its compliance program during the two-year term of the plea agreement. Sentencing is scheduled for February 10, 2026.

In 2024, one of the platform’s co-founders, who acted as chief technology officer, pleaded guilty to conspiracy to willfully fail to maintain an effective AML program, and agreed to pay a $5 million fine over the course of two years, resign, and refrain from future management at the platform.[441] Immigration and Customs Enforcement Homeland Security Investigations and IRS-CI also participated in the investigation.[442] FinCEN also entered into a parallel resolution with Paxful.[443]

PT Services, Inc. (Judgment)

On November 25, 2025, PT Services, Inc. (“PT Services”), a Memphis-based diesel repair and trucking company, was sentenced in the Western District of Tennessee after pleading guilty to six counts of violating the Clean Air Act’s criminal tampering provision, 42 U.S.C. § 7413(c)(2)(C),[444] pursuant to a September 15, 2025 plea agreement with the United States Attorney’s Office for that district.[445] According to DOJ, between June 2023 and August 2024, PT Services modified and deleted emissions-control monitoring devices from diesel engines, conduct that constitutes falsification, tampering, and rendering inaccurate required monitoring components under the Clean Air Act.[446]

The court imposed a $150,000 criminal fine and a three-year term of organizational probation.[447] PT Services must also implement and maintain a comprehensive compliance program that prohibits the manufacture, sale, installation, or transfer of defeat devices; bars the company from engaging in or causing any conduct that modifies or disables emissions-control hardware or onboard diagnostic systems; and requires immediate cessation of operation of any tampered vehicles owned or operated by the company or its affiliates.[448] PT Services must restore tampered vehicles to their certified configuration or scrap or recycle them in accordance with detailed disposal requirements, all within six months of court approval of the plea agreement.[449] The company must also permit federal, state, and local officials to conduct unannounced inspections of its premises and records for potential Clean Air Act violations.[450]

Quadrant Magnetics LLC

On August 12, 2025, Quadrant Magnetics LLC (“Quadrant”), a Kentucky-based manufacturer of rare-earth magnets, entered into a plea agreement with the United States Attorney’s Office for the Western District of Kentucky and the Counterintelligence and Export Control Section of DOJ’s National Security Division (“NSD”), agreeing to plead guilty to one count of conspiracy to violate the Arms Export Control Act (“AECA”) and the International Traffic in Arms Regulations (“ITAR”) and to one count of conspiracy to commit visa fraud.[451] The charges arose from alleged conduct from approximately January 2012 through December 2018 for the export control violations, and September 2014 through November 2021 for the immigration-related misconduct.[452]

According to the plea agreement, Quadrant allegedly conspired to willfully transmit ITAR-controlled technical data drawings related to magnets used in military applications from the United States to China without obtaining required licenses from the U.S. Department of State.[453] Quadrant also pleaded guilty to knowingly causing false statements and documentation to be submitted to U.S. Citizenship and Immigration Services in connection with an L-1 nonimmigrant visa.[454]

Quadrant agreed to pay a total of $2,332,515.25, consisting of a $500,000 criminal penalty and a forfeiture money judgment of $1,332,515.25 for the ITAR conspiracy, as well as a $500,000 criminal fine for the visa fraud conspiracy.[455] Quadrant will be placed on two years of supervised release, during which it is prohibited from knowingly performing services or providing products, including rare-earth magnets, under any contract or subcontract with or for the U.S. Department of Defense.[456] This restriction excludes commercial off-the-shelf sales.[457] The company also agreed to destroy export-controlled technical drawings located in China, implement and certify an export controls and procurement compliance program, and submit annual compliance reports to the government for two years following sentencing.[458] Sentencing in this case is scheduled for March 18, 2026.[459]

Rossy Sport Bar Panoramico, LLC (Guilty Plea)

On September 25, 2025, Rossy Sport Bar Panoramico, LLC (“Rossy”) entered into a plea agreement with the U.S. Attorney’s Office for the District of Puerto Rico for alleged bank fraud in violation of 18 U.S.C. § 1344.[460] The government alleged that Rossy requested fraudulent refunds to a debit card associated with FirstBank Puerto Rico.[461] Pursuant to the plea agreement, Rossy pleaded guilty to ten counts of bank fraud and agreed to five years of probation and to pay $71,463.62 in restitution to FirstBank.[462] Sentencing was scheduled for January 15, 2026, but as of the time of writing, the judgment has not been filed on the docket.

Royal Sovereign International, Inc. (Guilty Plea)

On June 13, 2025, DOJ’s Consumer Protection Branch and the U.S. Attorney’s Office for the District of New Jersey entered into a plea agreement with Royal Sovereign International, Inc. (“Royal Sovereign”), a New Jersey corporation that sold office and home appliances, entered into a plea agreement to resolve alleged violations of Consumer Product Safety Act (“CPSA”) reporting requirements.[463] Specifically, the plea agreement resolved one count alleging that Royal Sovereign knowingly and willfully failed to immediately report defects to the U.S. Consumer Product Safety Commission related to its distribution of portable air conditioners that had been linked to multiple fires and one death.[464] In connection with the agreement, Royal Sovereign agreed to pay $395,786.48 in restitution to victims.[465] Royal Sovereign also agreed to a civil settlement with the United States on June 16, 2025, that included a bar on the manufacture, distribution, or sale of similar products and a $16,025,000 civil penalty judgment, of which DOJ agreed to suspend all but $100,000 due to Royal Sovereign’s inability to pay.[466] Sentencing is scheduled for March 4, 2026.

Servismed, LLC (Guilty Plea)

On August 14, 2025, Servismed, LLC (“Servismed”), a pesticide distribution company, entered into a plea agreement with the U.S. Attorney’s Office for the Northern District of Florida for alleged conspiracy to violate the Federal Insecticide, Fungicide and Rodenticide Act (“FIFRA”).[467] The government alleged that Servismed conspired with others to distribute a pesticide product to combat COVID-19 without registering the product with the EPA.[468] Pursuant to the plea agreement, Servismed agreed to pay $13,330 in restitution and a $40,000 fine, forfeit three shipping containers, and dissolve.[469] The judgment was entered the same day and imposed a sentence consistent with the plea agreement, including that Servismed be dissolved within thirty days of the date the judgment was entered.[470]

ShotStop Ballistics, LLC & Vallmar Studios, LLC (Guilty Plea)

On July 9, 2025, the U.S. District Court for the Northern District of Ohio entered judgment against ShotStop Ballistics, LLC (“ShotStop”), an Ohio-based body-armor company, and co-defendant Vallmar Studios, LLC (“Vallmar”). According to publicly available documents, ShotStop and Vallmar previously pleaded guilty to three counts, of conspiracy to smuggle goods into the United States, conspiracy to traffic in counterfeit goods, and conspiracy to commit mail and wire fraud, in violation of 18 U.S.C. §§ 371, 2320(a)(1), and 1349, respectively.[471] According to DOJ, from approximately 2017 through October 2023 ShotStop and Vallmar imported body-armor plates manufactured in the People’s Republic of China and falsely marketed them as domestically made and certified for law-enforcement use.[472] The plea agreements remain under seal.

The court imposed $5,883,896 in restitution, for which ShotStop is jointly and severally liable with Vallmar and a third, individual co-defendant, Vail Iliev.[473]

Trans World Services, Inc. (Guilty Plea)

On September 5, 2025, Trans World Services, Inc., also known as SSAS, Inc., Trans World Services of Texas, Inc., and Genuine Parts Planet (collectively, “TWS”), entered into a plea agreement in the Southern District of Texas to resolve two counts of trafficking in counterfeit goods or services, in violation of 18 U.S.C. § 2320.[474] TWS admitted that, from on or about April 1, 2018, through July 31, 2022, it knowingly and intentionally trafficked counterfeit automobile parts, including spark plugs, gaskets, coolant tanks, ignition coils, and clips.[475] Homeland Security Investigations seized approximately 12,109 parts later determined to be counterfeit and valued at roughly $200,000, as well as materials used to create counterfeit labels, from TWS’s Houston warehouse.[476] The government also alleged that TWS sold approximately 5,000 counterfeit Toyota gaskets to a Maryland dealership in June 2022.[477]

Under the plea agreement, TWS agreed to plead guilty to both counts, pay a $100,000 criminal fine, forfeit the seized property, and accept a one-year term of corporate probation.[478] Special conditions of probation require TWS and its authorized representative, Mohammad H. Samana, to permanently retire from any business involving the buying or selling of automobile parts.[479] The agreement also requires TWS to pay restitution, including at least $2,250 in losses incurred by Bayside Toyota in Frederick, Maryland.[480] On September 24, 2025, the court sentenced TWS consistent with the plea agreement.[481]

Troy Health, Inc. (NPA)

On August 14, 2025, Troy Health, Inc. d/b/a Troy Medicare (“Troy”), a North Carolina-based Medicare Advantage organization, entered into an 18-month NPA with the Fraud Section of DOJ’s Criminal Division and the U.S. Attorney’s Office for the Western District of North Carolina.[482] The agreement resolved allegations that, from approximately October 2020 through December 2022, Troy defrauded the United States Centers for Medicare & Medicaid Services (“CMS”) by unlawfully enrolling Medicare beneficiaries in its Medicare Advantage plans without their knowledge or consent.[483] The government alleged that Troy, facilitated in part by its proprietary software and artificial intelligence tools, unlawfully accessed beneficiaries’ personal identifying and health information without authorization, conducted misleading and deceptive sales calls, and used automated and batch enrollments to fraudulently enroll large numbers of Medicare beneficiaries in Troy’s Medicare Advantage plans without their consent.[484]

In connection with the NPA, Troy agreed to pay a criminal monetary penalty of $1,430,008, adjusted based on Troy demonstrating its inability to pay the total criminal penalty and forfeiture.[485] DOJ cited Troy’s acceptance of responsibility, provision of relevant facts (including information about individuals involved), self-reporting to CMS of its batch enrollment issues, extensive remedial measures, compliance enhancements, lack of prior criminal or regulatory history, and commitment to cooperation as factors supporting the resolution, while noting that Troy did not receive voluntary self-disclosure credit and that, particularly in the early stages of the investigation, the company failed to timely preserve and produce certain documents and at times acted inconsistently with full cooperation.[486]

Universities Space Research Association (Declination)

On April 23, 2025, the Counterintelligence and Export Control Section (“CES”) of DOJ’s National Security Division (“NSD”) and the U.S. Attorney’s Office for the Northern District of California issued a declination letter to the Universities Space Research Association (“USRA”) after it self-reported violations of U.S. export control laws by former employee Jonathan Soong.[487] Soong allegedly illegally exported aviation software to a Chinese university on the Commerce Department’s Entity List and was sentenced to 20 months in prison.[488] DOJ declined to prosecute USRA for violations of the International Emergency Economic Powers Act (“IEEPA”), 50 U.S.C. §§ 1701-1707, the Export Control Reform Act of 2018 (“ECRA”), 50 U.S.C. §§ 4801-4852, the Export Administration Regulations (“EAR”), 15 C.F.R. Parts 730-774, the False Claims Act, 18 U.S.C. § 287, false statements, 18 U.S.C. § 1001, wire fraud, 18 U.S.C. § 1343, and obstruction of justice, 18 U.S.C. § 1512.[489]

According to the declination letter, DOJ declined to prosecute USRA due to several factors, including USRA’s timely and voluntary self-disclosure of the misconduct; its exceptional and proactive cooperation with the government’s investigation, which materially assisted the prosecution of Mr. Soong; and its timely and appropriate remediation, including terminating Mr. Soong and disciplining a supervisory employee who allegedly failed appropriately to supervise Mr. Soong.[490] The declination letter acknowledged DOJ’s determination that USRA had no unlawful gains from the offenses and had already paid restitution by re-paying $94,000 of Mr. Soong’s salary to NASA and $161,000 in sales embezzled by Mr. Soong to the U.S. Treasury.[491]

Virginia Pump and Motor Company, Inc. (Guilty Plea)

On November 17, 2025, Virginia Pump and Motor Company, Inc., a corporation providing grease pumping services to residential and commercial customers in Virginia, entered into a plea agreement with the United States Attorney’s Office for the Eastern District of Virginia for violating the Clean Water Act and conditions of its industrial user permit under the Hampton Roads Sanitation District’s (“HRSD”) approved local pretreatment program.[492] According to the government, between 2022 and 2024, Virginia Pump and Motor Company serviced grease traps from customers using company trucks and illegally discharged grease waste into the HRSD’s system at unauthorized locations instead of transporting the waste to HRSD-designated disposal sites, as required by pretreatment regulations.[493] During this period, Virginia Pump and Motor Company allegedly submitted 18 monthly reports to HRSD containing false statements that underreported the volume of grease pumped from clients and improperly disposed of at non-HRSD-designated locations.[494]

Pursuant to the plea agreement, Virginia Pump and Motor Company agreed to pay a fine of $150,000 and restitution in the amount of $126,000, as well as a three-year probation period.[495] The company also agreed to pay $100,000 to the Hampton Roads Sanitation District to fund community service projects that remedy the harmful effects of the crime and to implement an effective ethics and compliance program, to be monitored by the U.S. Probation Office.[496] Sentencing is scheduled for February 18, 2026.[497]

V. Ships Norway A.S. (Guilty Plea)

On August 27, 2025, V. Ships Norway A.S., a maritime management company, pleaded guilty to violating the Act to Prevent Pollution from Ships (“APPS”) in connection with illegal discharges from the vessel, M/T Swift Winchester.[498] The government alleged that V. Ships Norway A.S. knowingly discharged oily bilge water and oily waste overboard from the M/T Swift Winchester and deliberately omitted these charges from the vessel’s oil record book.[499]

Pursuant to the plea agreement, V. Ships Norway A.S. was ordered to pay a $2 million criminal fine.[500] The company was also sentenced to a four-year probationary period during which it must adopt and implement environmental compliance plans, retain the services of an independent third-party auditor to perform external audits, and fund a court-appointed monitor.[501] The plea agreement included a provision expressly requiring V. Ships Norway A.S. not to take any position on any motion the government may file for payment of fine money to the whistleblower who provided information that ultimately led to the resolution,[502] which, under the relevant maritime statue, could be up to half the fine amount.[503] On September 8, 2025, the court imposed $2 million in criminal fines and four years of probation.[504]

[1] Gibson Dunn began tracking corporate guilty pleas in 2022. Our data generally capture information publicly available at the time of the agreement; if sentencing has not occurred by year-end, monetary recoveries may not be included in our data. Following publication of our prior updates, we identified additional plea agreements not originally included in those prior updates. We have adjusted the data here to reflect those additional plea agreements.

[2] DOJ, Reinstating the Prohibition on Improper Guidance Documents (Feb. 5, 2025), https://www.justice.gov/ag/media/1388511/dl?inline.

[3] DOJ, Total Elimination of Cartels and Transnational Criminal Organizations (Feb. 5, 2025), https://www.justice.gov/ag/media/1388546/dl?inline.

[4] See DOJ, Focus, Fairness, and Efficiency in the Fight Against White-Collar Crime (May 12, 2025), https://www.justice.gov/criminal/media/1400046/dl?inline.

[5] See DOJ, Criminal Division Corporate Enforcement and Voluntary Self-Disclosure Policy (May 12, 2025), https://www.justice.gov/d9/2025-05/revised_corporate_enforcement_policy_-_2025.05.11_-_final_with_flowchart_0.pdf.

[6] See DOJ, Department of Justice Corporate Whistleblower Awards Pilot Program (May 12, 2025), https://www.justice.gov/criminal/media/1400041/dl?inline.

[7] See DOJ, Memorandum on Selection of Monitors in Criminal Division Matters (May 12, 2025), https://www.justice.gov/criminal/media/1400036/dl?inline.

[8] DOJ, Focus, Fairness, and Efficiency in the Fight Against White-Collar Crime (May 12, 2025), https://www.justice.gov/criminal/media/1400046/dl?inline.

The ten high-impact areas are:

“1. Waste, fraud, and abuse, including health care fraud and federal program and procurement fraud that harm the public fisc;

Trade and customs fraud, including tariff evasion;
Fraud perpetrated through [variable interest entities], including, but not limited to, offering fraud, “ramp and dumps,” elder fraud, securities fraud, and other market manipulation schemes;
Fraud that victimizes U.S. investors, individuals, and markets including, but not limited to, Ponzi schemes, investment fraud, elder fraud, servicemember fraud, and fraud that threatens the health and safety of consumers;
Conduct that threatens the country’s national security, including threats to the U.S. financial system by gatekeepers, such as financial institutions and their insiders that commit sanctions violations or enable transactions by Cartels, TCOs, hostile nation-states, and/or foreign terrorist organizations;
Material support by corporations to foreign terrorist organizations, including recently designated Cartels and TCOs;
Complex money laundering, including Chinese Money Laundering Organizations, and other organizations involved in laundering funds used in the manufacturing of illegal drugs;
Violations of the Controlled Substances Act and the Federal Food, Drug, and Cosmetic Act (FDCA), including the unlawful manufacture and distribution of chemicals and equipment used to create counterfeit pills laced with fentanyl and unlawful distribution of opioids by medical professionals and companies;
Bribery and associated money laundering that impact U.S. national interests, undermine U.S. national security, harm the competitiveness of U.S. businesses, and enrich foreign corrupt officials; and
As provided by the Digital Assets DAG Memorandum: crimes (1) involving digital assets that victimize investors and consumers; (2) that use digital assets in furtherance of other criminal conduct; and (3) willful violations that facilitate significant criminal activity. Cases impacting victims, involving cartels, TCOs, or terrorist groups, or facilitating drug money laundering or sanctions evasion shall receive highest priority.” Id. at 4–5.

[9] See id.

[10] Id. at 2.

[11] See, e.g., Exec. Order 14249, 90 Fed. Reg. 14011 (Mar. 28, 2025); Exec. Order 14275, 90 Fed. Reg. 16447 (Apr. 18, 2025).

[12] See infra Dune Medical Supply, LLC and Prospect Health Solutions, Inc. (Guilty Pleas); KBWB Operations, LLC (Guilty Plea); OHM Pharmacy Services, Inc. (Guilty Plea); Troy Health Inc. (NPA); Kimberly Clark (DPA); Life Touch LLC (Guilty Plea); Aesculap Implant Systems, LLC (NPA) updates.

[13] See infra KBWB Operations LLC (“KBWB”) update.

[14] See Press Release, DOJ, Justice Department Expands Health Care Fraud Unit to Target Health Care Fraud in Massachusetts (Sept. 23, 2025), https://www.justice.gov/opa/pr/justice-department-expands-health-care-fraud-unit-target-health-care-fraud-massachusetts.

[15] See id.

[16] See id.

[17] See id.

[18] Fact Sheet: President Donald J. Trump Establishes New Department of Justice Division for National Fraud Enforcement, White House (Jan. 8, 2026), https://www.whitehouse.gov/fact-sheets/2026/01/fact-sheet-president-donald-j-trump-establishes-new-department-of-justice-division-for-national-fraud-enforcement/.

[19] Exec. Order 14209, 90 Fed. Reg. 9587 (Feb. 10, 2025).

[20] Gibson Dunn’s analysis of that Executive Order can be found at https://www.gibsondunn.com/president-trump-pauses-new-fcpa-enforcement-initiates-enforcement-review-and-directs-preparation-of-new-guidance/.

[21] See DOJ, Guidelines for Investigations and Enforcement of the Foreign Corrupt Practices Act (FCPA) (June 9, 2025), https://www.justice.gov/dag/media/1403031/dl.

[22] DOJ, Focus, Fairness, and Efficiency in the Fight Against White-Collar Crime at 4 (May 12, 2025), https://www.justice.gov/criminal/media/1400046/dl?inline.

[23] DOJ, Guidelines for Investigations and Enforcement of the Foreign Corrupt Practices Act (FCPA) at 2 (June 9, 2025), https://www.justice.gov/dag/media/1403031/dl.

[24] Id. at 2–4.

[25] See DOJ, Total Elimination of Cartels and Transnational Criminal Organizations (Feb. 5, 2025), https://www.justice.gov/ag/media/1388546/dl?inline.

[26] Id. at 3. Gibson Dunn’s analysis of this and other memoranda issued by Attorney General Bondi can be found at https://www.gibsondunn.com/new-memoranda-from-attorney-general-bondi-topics-to-watch-in-corporate-enforcement/.

[27] See DOJ, Focus, Fairness, and Efficiency in the Fight Against White-Collar Crime (May 12, 2025), https://www.justice.gov/criminal/media/1400046/dl?inline; DOJ, Criminal Division Corporate Enforcement and Voluntary Self-Disclosure Policy (May 12, 2025), https://www.justice.gov/d9/2025-05/revised_corporate_enforcement_policy_-_2025.05.11_-_final_with_flowchart_0.pdf; DOJ, Department of Justice Corporate Whistleblower Awards Pilot Program (May 12, 2025), https://www.justice.gov/criminal/media/1400041/dl?inline; DOJ, Memorandum on Selection of Monitors in Criminal Division Matters (May 12, 2025), https://www.justice.gov/criminal/media/1400036/dl?inline.

[28] DOJ, Focus, Fairness, and Efficiency in the Fight Against White-Collar Crime at 4 (May 12, 2025), https://www.justice.gov/criminal/media/1400046/dl?inline.

[29] Matthew R. Galeotti, Acting Assistant Att’y Gen., DOJ, Remarks at Association of Certified Anti-Money Laundering Specialists (ACAMS) Conference (Sept. 17, 2025) https://www.justice.gov/opa/speech/acting-assistant-attorney-general-matthew-r-galeotti-delivers-remarks-association.

[30] Id.

[31] Press Release, DOJ, TIGO Guatemala Paid Over $118M To Resolve Foreign Bribery Investigation (Dec. 12, 2025), https://www.justice.gov/opa/pr/tigo-guatemala-paid-over-118m-resolve-foreign-bribery-investigation.

[32] See DOJ, Focus, Fairness, and Efficiency in the Fight Against White-Collar Crime (May 12, 2025), https://www.justice.gov/criminal/media/1400046/dl?inline; DOJ, Criminal Division Corporate Enforcement and Voluntary Self-Disclosure Policy (May 12, 2025), https://www.justice.gov/d9/2025-05/revised_corporate_enforcement_policy_-_2025.05.11_-_final_with_flowchart_0.pdf; DOJ, Department of Justice Corporate Whistleblower Awards Pilot Program (May 12, 2025), https://www.justice.gov/criminal/media/1400041/dl?inline; DOJ, Memorandum on Selection of Monitors in Criminal Division Matters (May 12, 2025), https://www.justice.gov/criminal/media/1400036/dl?inline.

[33] See DOJ, Focus, Fairness, and Efficiency in the Fight Against White-Collar Crime at 4 (May 12, 2025), https://www.justice.gov/criminal/media/1400046/dl?inline; DOJ, Department of Justice Corporate Whistleblower Awards Pilot Program at 6 (May 12, 2025), https://www.justice.gov/criminal/media/1400041/dl?inline.

^xxxiv See DOJ, Departments of Justice and Homeland Security Partnering on Cross-Agency Trade Fraud Task Force, (Aug. 29, 2025) https://www.justice.gov/opa/pr/departments-justice-and-homeland-security-partnering-cross-agency-trade-fraud-task-force.

^xxxv Id.

^xxxvi Id.

^xxxvii See id.

[38] See DOJ, Focus, Fairness, and Efficiency in the Fight Against White-Collar Crime (May 12, 2025), https://www.justice.gov/criminal/media/1400046/dl?inline; DOJ, Criminal Division Corporate Enforcement and Voluntary Self-Disclosure Policy (May 12, 2025), https://www.justice.gov/d9/2025-05/revised_corporate_enforcement_policy_-_2025.05.11_-_final_with_flowchart_0.pdf; DOJ, Department of Justice Corporate Whistleblower Awards Pilot Program (May 12, 2025), https://www.justice.gov/criminal/media/1400041/dl?inline; DOJ, Memorandum on Selection of Monitors in Criminal Division Matters (May 12, 2025), https://www.justice.gov/criminal/media/1400036/dl?inline.

[39] DOJ, Focus, Fairness, and Efficiency in the Fight Against White-Collar Crime at 3 (May 12, 2025), https://www.justice.gov/criminal/media/1400046/dl?inline.

[40] See DOJ, Department of Justice Corporate Whistleblower Awards Pilot Program at 5 (May 12, 2025), https://www.justice.gov/criminal/media/1400041/dl?inline.

[41] See infra Aux Cayes Fintech Co. Ltd. d/b/a OKX, Brink’s Global Services USA, Inc., Brink’s Global Services USA, Inc., Paxful Holdings, Inc., and Peken Global Limited / KuCoin updates.

[42] See infra Paxful Holdings, Inc. update.

[43] See DOJ, Focus, Fairness, and Efficiency in the Fight Against White-Collar Crime at 5 (May 12, 2025), https://www.justice.gov/criminal/media/1400046/dl?inline.

[44] Id.

[45] Id. at 4.

[46] See infra Gotbit Consulting LLC and CLS Global FZC LLC updates.

[47] Letter from DOJ on BofA Securities, Inc. (Sept. 17, 2025), https://www.justice.gov/criminal/media/1414486/dl?inline.

[48] See infra Able Groupe, Inc. (Guilty Plea); Advanced Inventory Management, Inc. (DPA); Aesculap Implant System (NPA); Kimberly-Clark Corporation (DPA).

[49] See, e.g., Press Release, DOJ, Digital Health Company and Medical Practice Indicted in $100M Adderall Distribution Scheme, (Dec. 17, 2025), https://www.justice.gov/opa/pr/digital-health-company-and-medical-practice-indicted-100m-adderall-distribution-scheme.

[50] See DOJ, Focus, Fairness, and Efficiency in the Fight Against White-Collar Crime (May 12, 2025), https://www.justice.gov/criminal/media/1400046/dl?inline.

[51] Speech, DOJ, Acting Assistant Attorney General Matthew R. Galeotti Delivers Remarks at Association of Certified Anti-Money Laundering Specialists (ACAMS) Conference (Sept. 17, 2025), https://www.justice.gov/opa/speech/acting-assistant-attorney-general-matthew-r-galeotti-delivers-remarks-association.

[52] See Plea Agreement, United States v. Cadence Design Sys, Inc., 25-00217-EJD (N.D. Cal. Jul 28, 2025); DOJ, Nat’l Sec. Div., USRA Declination Letter (Apr. 23, 2025), https://www.justice.gov/nsd/case-document/usra-declination-letter; Plea Agreement, U.S. v. Hao Global LLC, No. 4:25-cr-00510 (S.D. Tex. Oct 10, 2025); Press Release, DOJ, U.S. Authorities Shut Down Major China-Linked AI Tech Smuggling Network (Dec 8, 2025), https://www.justice.gov/opa/pr/us-authorities-shut-down-major-china-linked-ai-tech-smuggling-network.

[53] See DOJ, Focus, Fairness, and Efficiency in the Fight Against White-Collar Crime (May 12, 2025), https://www.justice.gov/criminal/media/1400046/dl?inline.

[54] Deputy Attorney General Todd Blanche, Ending Regulation by Prosecution (Apr. 7, 2025), https://www.justice.gov/dag/media/1395781/dl?inline.

[55] Id.

[56] DOJ, Acting Assistant Attorney General Matthew R. Galeotti Delivers Remarks at the American Innovation Project Summit in Jackson, Wyoming (Aug. 21, 2025), https://www.justice.gov/opa/speech/acting-assistant-attorney-general-matthew-r-galeotti-delivers-remarks-american.

[57] See DOJ, Focus, Fairness, and Efficiency in the Fight Against White-Collar Crime (May 12, 2025), https://www.justice.gov/criminal/media/1400046/dl?inline.

[58] See id.

[59] See id.

[60] See Government’s Unopposed Motion to Dismiss Information, United States v. ABB Ltd., No. 1:22-cr-00220-MSN, ECF 23 (E.D. Va. June 18, 2025); Unopposed Motion to Dismiss Information, United States v. UOP, LLC, d/b/a Honeywell UOP, No. 4:22-cr-00624, ECF 24 (S.D. Tex. July 2, 2025); Government’s Unopposed Motion to Dismiss Information, United States v. Stericycle, Inc., No. 1:22-cr-20156-KMM, ECF 21 (S.D. Fla. Apr. 21, 2025).

[61] See Albemarle Corp., Quarterly Report (Form 10-Q) (Apr. 30, 2025); Consent Motion to Modify Conditions of Probation, United States v. Glencore International A.G., No. 1:22-cr-00297-LGS, ECF 62 (S.D.N.Y. Mar. 19, 2025).

[62] DOJ, Focus, Fairness, and Efficiency in the Fight Against White-Collar Crime (May 12, 2025), https://www.justice.gov/criminal/media/1400046/dl?inline.

[63] See id.

[64] Speech, DOJ, Head of the Criminal Division, Matthew R. Galeotti Delivers Remarks at SIFMA’s Anti-Money Laundering and Financial Crimes Conference (May 12, 2025), https://www.justice.gov/opa/speech/head-criminal-division-matthew-r-galeotti-delivers-remarks-sifmas-anti-money-laundering.

[65] Id.

[66] DOJ, Focus, Fairness, and Efficiency in the Fight Against White-Collar Crime (May 12, 2025), https://www.justice.gov/criminal/media/1400046/dl?inline.

[67] DOJ, Focus, Fairness, and Efficiency in the Fight Against White-Collar Crime (May 12, 2025), https://www.justice.gov/criminal/media/1400046/dl?inline.

[68] Speech, DOJ, Head of the Criminal Division, Matthew R. Galeotti Delivers Remarks at SIFMA’s Anti-Money Laundering and Financial Crimes Conference (May 12, 2025), https://www.justice.gov/opa/speech/head-criminal-division-matthew-r-galeotti-delivers-remarks-sifmas-anti-money-laundering.

[69] See id.

[70] See DOJ, Criminal Division Corporate Enforcement and Voluntary Self-Disclosure Policy (May 12, 2025), https://www.justice.gov/d9/2025-05/revised_corporate_enforcement_policy_-_2025.05.11_-_final_with_flowchart_0.pdf.

[71] In contrast, DOJ policy under the Biden Administration directed prosecutors considering non-prosecution to give the “greatest significance” to “recent U.S. criminal resolutions, and to prior misconduct involving the same personnel or management.” This policy de-emphasized conduct addressed by criminal resolution more than ten years prior, or civil / regulatory resolutions finalized more than five years prior. However, conduct that fell outside of this timeframe could still be considered if it was part of a pattern of behavior indicative of deficient corporate “compliance culture or institutional safeguards.” See Memorandum from Deputy Attorney General Lisa O. Monaco, Further Revisions to Corporate Criminal Enforcement Policies Following Discussions with Corporate Crime Advisory Group (Sept. 15, 2022). See also Speech, DOJ, Deputy Attorney General Lisa O. Monaco Delivers Remarks on Corporate Criminal Enforcement (Sept. 15, 2022), https://www.justice.gov/archives/opa/speech/deputy-attorney-general-lisa-o-monaco-delivers-remarks-corporate-criminal-enforcement.

[72] See DOJ, Crim. Div., MGI International, LLC Declination Letter (Nov. 19, 2025).

[73] See DOJ, Nat’l Sec. Div., White Deer Management LLC Declination Letter (Dec. 19, 2024); DOJ, Nat’l Sec. Div., Unicat Catalyst Technologies, LLC Declination Letter (Dec. 19, 2024).

[74] Speech, DOJ, Head of Justice Department’s Criminal Division Matthew R. Galeotti Delivers Remarks at American Conference Institute Conference (June 10, 2025), https://www.justice.gov/opa/speech/head-justice-departments-criminal-division-matthew-r-galeotti-delivers-remarks-american.

[75] Speech, DOJ, Head of the Criminal Division, Matthew R. Galeotti Delivers Remarks at SIFMA’s Anti-Money Laundering and Financial Crimes Conference (May 12, 2025), https://www.justice.gov/opa/speech/head-criminal-division-matthew-r-galeotti-delivers-remarks-sifmas-anti-money-laundering.

[76] Id.

[77] DOJ, Focus, Fairness, and Efficiency in the Fight Against White-Collar Crime (May 12, 2025), https://www.justice.gov/criminal/media/1400046/dl?inline

[78] Galeotti, Speech (June 10, 2025), supra note 74.

[79] DOJ, Focus, Fairness, and Efficiency in the Fight Against White-Collar Crime (May 12, 2025), https://www.justice.gov/criminal/media/1400046/dl?inline.

[80] Memorandum, DOJ, Matthew R. Galeotti, Selection of Monitors in Criminal Division Matters (May 12, 2025), at 2-3, https://www.justice.gov/criminal/media/1400036/dl?inline.

[81] Galeotti, Speech (June 10, 2025), supra note 74.

[82] Galeotti, Memorandum, supra note 80, at 6.

[83] Id at 4.

[84] Id.

[85] Id.

[86] Consent Motion to Modify Conditions of Probation, United States v. Glencore International A.G., No. 1:22-cr-00297-LGS, ECF No. 62 (S.D.N.Y. Mar. 19, 2025).

[87] Order Granting Joint Motion to Amend Plea Agreement, United States v. NatWest Markets PLC, No. 3:21-cr-00187-OAW, ECF 36 (D. Conn. Sept. 4, 2025).

[88] Non-Prosecution Agreement, United States v. The Boeing Co., No. 4:21-cr-00005-O, ECF No. 312-1 (N.D. Tex. May 29, 2025).

[89] Deferred Prosecution Agreement, United States v. The Boeing Co., No. 4:21-cr-00005-O, ECF No. 4 (N.D. Tex. Jan. 7, 2021).

[90] Id at 3.

[91] See DOJ Letter, United States v. The Boeing Co., No. 4:21-cr-00005, Dkt. No. 199 (N.D. Tex. Dec. 5, 2024).

[92] Id at 3.

[93] Id at 3–10.

[94] Plea Agreement, United States v. Paxful Holdings, Inc., No. 2:25-CR-235 (E.D. Cal. Dec. 9, 2025), ECF No. 18 (“Paxful Plea Agreement”).

[95] Deferred Prosecution Agreement, United States v. Comunicaciones Celulares S.A., d/b/a Tigo Guatemala, No. 1:25-CR-20476, (S.D. Fla. Nov. 12, 2025), ECF 17 (“TIGO DPA”).

[96] Paxful Plea Agreement at D-1; TIGO DPA at D-1.

[97] Deferred Prosecution Agreement, United States v. TD Sec. (USA) LLC, No. 2:24-cr-00623, at D-4 (D.N.J. Sept. 30, 2024) (“TD Securities DPA”); Plea Agreement, United States v. Gunvor S.A., No. 1:24-cr-00085-ENV, at D-4 (E.D.N.Y. Mar. 1, 2024) (“Gunvor Plea Agreement”).

[98] Plea Agreement, United States v. Aux Cayes FinTech Co. Ltd., d/b/a “OKEx,” d/b/a/ “OKX,” No. 1:25-cr-00069 (S.D.N.Y. Feb. 24, 2025) (“OKX Plea Agreement”).

[99] Plea Agreement, United States v. Old Dutch Mustard Co., Inc., d/b/a Pilgrim Foods, Inc., No. 1:25-cr-00002-LM-TSM, ECF No. 3 (D.N.H. Jan. 24, 2025) (“Old Dutch Mustard Plea Agreement”).

[100] We note that Attachment C to OKX’s Plea Agreement, which discusses the external compliance consultant framework, appears incomplete, with the attachment missing page “C-5.” Consequently, we were able to conduct only limited analysis of this framework.

[101] OKX Plea Agreement, supra note 98 at C-1.

[102] Id. at C-4.

[103] Id. at C-1–C-4.

[104] Old Dutch Mustard Plea Agreement, supra note 99, at A-2.

[105] Id. at 2–5.

[106] OKX Plea Agreement, supra note 98 at C-1.

[107] Old Dutch Plea Agreement, supra note 99, at A-1.

[108] Memorandum, DOJ, Matthew R. Galeotti, Guidance on Coordinating Corporate Resolution Penalties in Parallel Criminal, Civil, Regulatory, and Administrative Proceedings (June 5, 2025), https://www.justice.gov/criminal/media/1402751/dl?inline.

[109] Id. at 1-2.

[110] Id at 6.

[111] Id at 5.

[112] Id at 5–6.

[113] Id at 6.

[114] See id.

[115] Speech, DOJ, Director Emma Burnham of the Antitrust Division’s Criminal Enforcement Section Delivers Remarks to Global Competition Review (Mar. 11, 2025), https://www.justice.gov/opa/speech/director-emma-burnham-antitrust-divisions-criminal-enforcement-section-delivers-remarks.

[116] Id.

[117] See id.

[118] Id.

[119] See id.

[120] Id.

[121] We counted four corporate enforcement agreements in 2024, nine in 2023, and four in each of 2022, 2021, and 2020.

[122] Press Release, DOJ, Justice Department’s Antitrust Division Announces Whistleblower Rewards Program (July 8, 2025), https://www.justice.gov/opa/pr/justice-departments-antitrust-division-announces-whistleblower-rewards-program.

[123] DOJ, Antitrust Div., Memorandum of Understanding Regarding the Whistleblower Rewards Program and Procedures (May 7, 2025), at 3, https://www.justice.gov/atr/media/1407261/dl?inline.

[124] Id. at 8.

[125] Id. at 2, 7.

[126] Id. at 4.

[127] Press Release, DOJ, Justice Department’s Antitrust Division Announces Whistleblower Rewards Program (July 8, 2025), https://www.justice.gov/opa/pr/justice-departments-antitrust-division-announces-whistleblower-rewards-program.

[128] Gibson Dunn, DOJ Antitrust Division Announces New Whistleblower Reward Program (July 31, 2025), https://www.gibsondunn.com/doj-antitrust-division-announces-new-whistleblower-reward-program/ (collecting sources).

[129] Press Release, DOJ, Whistleblower Report Led to Charges a Deferred Prosecution Agreement, and $3.28 million fine against an International Corporation (Jan. 29, 2026), https://www.justice.gov/opa/pr/antitrust-division-and-us-postal-service-award-first-ever-1m-payment-whistleblower-reporting.

[129a] Serious Fraud Office, SFO Cooperation Guidance (Apr. 24, 2025), https://www.gov.uk/government/publications/sfo-corporate-guidance; see also Serious Fraud Office, SFO sets out route for businesses to avoid prosecution (Apr. 24, 2025), https://www.gov.uk/government/news/sfo-sets-out-route-for-businesses-to-avoid-prosecution.

[130] See Guidance, supra note 129.

[131] See id.

[132] Crown Prosecution Service & Serious Fraud Office, Corporate Prosecutions: Guidance on Corporate Prosecutions (Aug. 18, 2025), https://www.cps.gov.uk/legal-guidance/corporate-prosecutions.

[133] Crown Prosecution Service, Organisations must prepare now for new fraud prevention law (Aug. 18, 2025), https://www.cps.gov.uk/cps/news/organisations-must-prepare-now-new-fraud-prevention-law.

[134] Serious Fraud Office, SFO Guidance on Evaluating a Corporate Compliance Programme (Nov. 26, 2025), https://www.gov.uk/government/publications/sfo-guidance-on-evaluating-a-corporate-compliance-programme.

[135] Openbaar Ministerie, Boete van 14 miljoen euro voor ABN AMRO voor medeplichtigheid aan dividendbelastingontduiking door een andere bank (May 28, 2025), https://www.om.nl/actueel/nieuws/2025/05/28/boete-van-14-miljoen-euro-voor-abn-amro-voor-medeplichtigheid-aan-dividendbelastingontduiking-door-een-andere-bank.

[136] Openbaar Ministerie, Geldboete 101 miljoen voor Morgan Stanley wegens dividendbelastingontduiking (Nov. 27, 2025), https://www.om.nl/actueel/nieuws/2025/11/27/geldboete-101-miljoen-voor-morgan-stanley-wegens-dividendbelastingontduiking.

[137] Controladoria‑Geral da União & Advocacia‑Geral da União, CGU e AGU Assinam Acordo de Leniência com a Qualicorp (Mar. 17, 2025), https://www.gov.br/agu/pt-br/comunicacao/noticias/agu-e-cgu-assinam-acordo-de-leniencia-com-a-qualicorp; Controladoria‑Geral da União & Advocacia‑Geral da União, CGU e AGU assinam acordo de leniência com a empresa Trafigura Beheer B.V. (Mar. 31, 2025), https://www.gov.br/cgu/pt-br/assuntos/noticias/2025/03/cgu-e-agu-assinam-acordo-de-leniencia-com-a-empresa-trafigura-beheer-b-v; Controladoria‑Geral da União & Advocacia‑Geral da União, CGU e AGU assinam acordo de leniência com empresa de processamento de alimentos (May 9, 2025), https://www.gov.br/cgu/pt-br/assuntos/noticias/2025/05/cgu-e-agu-assinam-acordo-de-leniencia-com-empresa-de-processamento-de-alimentos.

[138] Controladoria‑Geral da União & Advocacia‑Geral da União, CGU e AGU assinam acordo de leniência com empresas que atuam na indústria naval e de energia (July 30, 2025), https://www.gov.br/cgu/pt-br/assuntos/noticias/2025/07/cgu-e-agu-assinam-acordo-de-leniencia-com-empresas-que-atuam-na-industria-naval-e-de-energia.

[139] Controladoria‑Geral da União, CGU e AGU mudam regras dos acordos de leniência e ampliam incentivos à autodenúncia (Dec. 2025), https://www.gov.br/cgu/pt-br/assuntos/noticias/2025/12/cgu-e-agu-mudam-regras-dos-acordos-de-leniencia-e-ampliam-incentivos-a-autodenuncia.

[140] See id.

[141] Media Release, Attorney‑General’s Chambers Singapore, Seatrium Limited to Pay Financial Penalty of US$110m Under Deferred Prosecution Agreement for Corruption Offences in Brazil (July 30, 2025), https://www.agc.gov.sg/newsroom/seatrium-limited-to-pay-financial-penalty-of-us-110m-under-deferred-prosecution-agreement-for-corruption-offences-in-brazil/.

[142] See id.

[143] See id.

[144] Press Release, Serious Fraud Office, UK, France and Switzerland Announce New Anti‑Corruption Alliance (Mar. 20, 2025), https://www.gov.uk/government/news/uk-france-and-switzerland-announce-new-anti-corruption-alliance.

[145] On September 9, 2025, the U.S. District Court for the District of Arizona accepted plea agreements from Backpage.com LLC and several related companies. See Plea Agreements, United States v. Backpage.com LLC et. al, No. 2:18-cr-00465-DJH, (D. Ariz. Sep. 9, 2025), ECF Nos. 180-185. Because the companies entered into the agreements in 2018, these resolutions are not included in this update.

[146] Term of Agreement refers to duration of probation or the agreed upon term.

[146a] Plea Agreement, United States v. Abda Moving, LLC, No. 3:25-cr-00325 (D.N.J. May 21, 2025) (“11Even Movers Plea Agreement”); Plea Agreement, United States v. Mallad Trading, LLC, No. 3:25-cr-00326 (D.N.J. May 21, 2025) (“Mallad Trading Plea Agreement”).

[147] 11Even Plea Agreement at 7–8; Mallad Trading Plea Agreement at 7.

[148] 11Even Plea Agreement at 7–8; Mallad Trading Plea Agreement at 7.

[149] Judgment at 5, United States v. Abda Moving, LLC, No. 3:25-cr-00325 (D.N.J. Oct. 7, 2025); Judgment at 5, United States v. Mallad Trading, LLC, No. 3:25-cr-00326 (D.N.J. Oct. 8, 2025).

[150] Plea Agreement, United States v. Able Groupe Inc., No. 3:25-cr-00373-N (N.D. Tex. Aug. 15, 2025), ECF No. 2.

[151] Press Release, DOJ, Online Seller of Infant Formula Pleads Guilty to Smuggling and Violating FDA Prior Notice Requirements (November 21, 2025), https://www.justice.gov/opa/pr/online-seller-infant-formula-pleads-guilty-smuggling-and-violating-fda-prior-notice (“Able Groupe Inc. Press Release”).

[152] Id.

[153] Plea Agreement, United States v. Able Groupe Inc., No. 3:25-cr-00373-N, at 2–3.

[154] Able Groupe Press Release.

[155] Deferred Prosecution Agreement, United States v. Advanced Inventory Management, Inc., No. 25-CR-18-1 (N.D. Ill. 2025), at 1.

[156] Deferred Prosecution Agreement, Advanced Inventory Management, Inc., Attachment A Statement of Facts at 21–24.

[157] Press Release, U.S. Atty’s Off. N.D. Ill., Suburban Chicago Medical Device Company to Pay $1 Million To Resolve Federal Fraud Investigation (February 14, 2025), https://www.justice.gov/usao-ndil/pr/suburban-chicago-medical-device-company-pay-1-million-resolve-federal-fraud.

[158] Id.

[159] Deferred Prosecution Agreement, Advanced Inventory Management, Inc., at 7–8.

[160] Id. at 31.

[161] Press Release, DOJ Atty’s Off. E.D. Va., Aesculap Implant Systems Agrees to Pay $38.5 Million to Resolve False Claims Act Allegations Related to Knee Implant Failures (Nov. 17, 2025), https://www.justice.gov/opa/pr/aesculap-implant-systems-agrees-pay-385m-resolve-false-claims-act-allegations-related-knee.

[162] Id.

[163] Id.

[164] Plea Agreement, United States v. Aghorn Operating Inc., No. 7:22-CR-00049-DC (W.D. Tex., Apr. 10, 2025) (“Aghorn Plea Agreement”); Press Release, DOJ, Oilfield Company, Its Executive, and a Support Services Company Plead Guilty and Are Sentenced for Worker Safety, Clean Air Act, and Safe Drinking Water Act Violations Resulting in the Death of an Employee and His Spouse (Apr. 16, 2025), https://www.justice.gov/opa/pr/oilfield-company-its-executive-and-support-services-company-plead-guilty-and-are-sentenced (“Aghorn & Kodiak Press Release”).

[165] Aghorn Plea Agreement at 2–5.

[166] Id. at 1-2.

[167] Aghorn Plea Agreement at 2.

[168] Aghorn & Kodiak Press Release; Plea Agreement at 1, United States v. Aghorn Operating Inc., No. 7:22-CR-00049-DC (W.D. Tex., Apr. 10, 2025) (“Kodiak Plea Agreement”).

[169] Aghorn & Kodiak Press Release.

[170] Aghorn Plea Agreement at 8-9.

[171] Aghorn & Kodiak Press Release; Kodiak Plea Agreement at 6.

[172] Plea Agreement, United States v. Allwaste Onsite LLC, No. 3:25-cr-00138 (M.D. Tenn. Aug. 5, 2025) (“Onsite Plea Agreement”); Press Release, DOJ, Tennessee Company Pleads Guilty to Illegally Bypassing Waste Treatment and Discharging Industrial Wastes into Nashville Sewer System (Aug. 5, 2025), https://www.justice.gov/opa/pr/tennessee-company-pleads-guilty-illegally-bypassing-waste-treatment-and-discharging (“Onsite Press Release”).

[173] Onsite Press Release; Onsite Plea Agreement at 4.

[174] Onsite Plea Agreement at 4-5.

[175] Id at 5–7.

[176] Id. at 9.

[177] Non-Prosecution Agreement, American Express Company (E.D.N.Y. Jan. 16, 2025) (“American Express NPA”).

[178] Statement of Facts, American Express Company (E.D.N.Y Jan. 16, 2025), https://www.justice.gov/usao-edny/media/1384826/dl?inline.

[179] Id. at 2, 7–8.

[180] American Express NPA at 3.

[181] Id. at 1–2.

[182] Press Release, DOJ, American Express Agrees to Pay More Than $138 Million to Resolve Wire Fraud Investigation in Connection with the Sales and Marketing of Wire Products (Jan. 16, 2025), https://www.justice.gov/usao-edny/pr/american-express-agrees-pay-more-138-million-resolve-wire-fraud-investigation.

[183] Id.

[184] Deferred Prosecution Agreement at 1, 5, United States v. American Premium Water Corporation, No. 1:23-cr-00144-JPC (N.D. Ohio May 13, 2025).

[185] Id. at 1.

[186] Id. at 3.

[187] Id. at 3–5.

[188] Id. at 7, 9.

[189] Id. at 2.

[190] Plea Agreement, United States v. Anderson Pest Control, Inc., No. 25-cr-60122 (S.D. Fla. Dec. 4, 2025) (“APC Plea Agreement”); Plea Agreement, United States v. Cris Anderson, No. 25-cr-60122 (S.D. Fla. Dec. 4, 2025).

[191] Joint Factual Statement, United States v. Anderson Pest Control, Inc., No. 25-cr-60122 (S.D. Fla. Dec. 4, 2025).

[192] APC Plea Agreement at 5.

[193] Id.

[194] Order Setting Date, Time, and Procedures for Sentencing Hearing, United States v. Anderson Pest Control, Inc., No. 25-cr-60122 (S.D. Fla. Dec. 4, 2025).

[195] Plea Agreement at 1, United States v. Applied Partners, LLC, No. 1:25-cr-20850 (E.D. Mich. Dec. 17, 2025), ECF No. 7.

[196] Id. at 3.

[197] Id. at 4–9.

[198] Id.

[199] Id. at 12–13.

[200] Id. at 14–15.

[201] United States v. Applied Partners, LLC, No. 1:25-cr-20850 (E.D. Mich. Dec. 18, 2025), ECF No. 9.

[202] Deferred Prosecution Agreement, United States v. Apprio, Inc., No. 8:25-cr-00174-PX (D. Md. June 12, 2025) (“Apprio DPA”); Deferred Prosecution Agreement, United States v. PM Consulting Group LLC d/b/a Vistant, No. 8:25-cr-00173-PX (D. Md. June 12, 2025) (“Vistant DPA”).

[203] Apprio DPA at 1; Vistant DPA at 1.

[204] Press Release, DOJ, USAID Official and Three Corporate Executives Plead Guilty to Decade-Long Bribery Scheme Involving Over $550 Million in Contracts; Two Companies Admit Criminal Liability for Bribery Scheme and Securities Fraud (June 12, 2025), https://www.justice.gov/opa/pr/usaid-official-and-three-corporate-executives-plead-guilty-decade-long-bribery-scheme (“Apprio & Vistant Press Release”).

[205] Apprio DPA at 5, 12–13; Vistant DPA at 6, 12–13; see also Apprio & Vistant Press Release.

[206] Apprio DPA at 10–11.

[207] Vistant DPA at 10–11.

[208] Apprio DPA at 4; Vistant DPA at 4.

[209] Apprio & Vistant Press Release.

[210] Plea Agreement, United States v. ASL Singapore Shipping Limited and Jia Feng Shipping (Fuzhou) Limited, No. 2:25-cr-00027-JCZ-EJD (E.D. La. Feb. 20, 2025) (“ASL Singapore and Jia Feng Plea Agreement”).

[211] Id. at1–2.

[212] Press Release, U.S. Atty’s Off. E. La., Companies That Own and Operate Bulk Carrier Guilty, Sentenced for Environmental Crimes (Feb. 24, 2025), https://www.justice.gov/usao-edla/pr/companies-own-and-operate-bulk-carrier-guilty-sentenced-environmental-crimes (“ASL Singapore and Jia Feng Press Release”).

[213] ASL Singapore and Jia Feng Press Release.

[214] Id.

[215] Id.

[216] ASL Singapore and Jia Feng Plea Agreement at 3–4.

[217] Id. at 3.

[218] ASL Singapore and Jia Feng Press Release.

[219] Plea Agreement, United States v. Fei Wang, No. 25-CR-007 “M” (Jan. 13, 2025).

[220] Plea Agreement, United States v. Aux Cayes FinTech Co. Ltd., d/b/a “OKEx,” d/b/a/ “OKX,” No. 25 Cr. ____ (KPF) (S.D.N.Y. Feb. 24, 2025) (“OKX Plea Agreement”).

[221] Id. at 2.

[222] Id. at A-7–A-9.

[223] Id. at A-6.

[224] Id. at 17–19.

[225] Id. at C-1.

[226] Deferred Prosecution Agreement, United States v. Barlow Herbal Specialties LLC, No. 2:25-cr-00405-DAO (D. Utah Nov. 5, 2025), ECF No. 5. (“Barlow DPA”).

[227] Id. at Appendix B.

[228] Id. at 6.

[229] Id. at 2.

[230] Id. at 3.

[231] Id. at 4; see also Appendix D.

[232] Barlow DPA at 5.

[233] Order, United States v. Barlow Herbal Specialties LLC, No. 2:25-cr-00405-DAO (D. Utah Nov. 5, 2025), ECF No. 8.

[234] Plea Agreement, United States v. BJS & T Enterprises, Inc., d/b/a San Diego Powder & Protective Coatings, No. 25-cr-04519-CAB (S.D. Cal. Nov. 26, 2025) (“BJS Plea Agreement”).

[235] Id. at 2, 7–8.

[236] Press Release, DOJ, El Cajon Company and its and Human Resources Manager Plead Guilty to Engaging in Practice of Employing Aliens; Company to Forfeit More than $200,000 (Nov. 26, 2025), https://www.justice.gov/usao-sdca/pr/el-cajon-company-and-its-and-human-resources-manager-plead-guilty-engaging-practice (“BJS Press Release”).

[237] BJS Press Release.

[238] BJS Plea Agreement at 13.

[239] Government’s Rule 48(a) Motion to Dismiss the Information and Motion to Terminate Pretrial Deadlines and Vacate the Trial Date, United States v. The Boeing Company, No. 4:21-cr-00005-O (N.D. Tex. May 29, 2025), ECF No. 312, at 1, 19 (“Government’s Rule 48(a) Boeing Motion”); Criminal Information, United States v. The Boeing Company, No. 4:21-cr-00005-O (N.D. Tex. Jan. 7, 2021), ECF No. 1, at 1–2.

[240] Government’s Rule 48(a) Boeing Motion at 13–19.

[241] Memorandum Opinion and Order, United States v. The Boeing Company, No. 4:21-cr-00005-O (N.D. Tex. Nov. 6, 2025), ECF No. 358.

[242] NPA, United States v. The Boeing Company, No. 4:21-cr-00005-O (N.D. Tex. May 29, 2025), at A-2-4–A-2-5.

[243] Id. at 3.

[244] Id.

[245] Id.

[246] Id. at 6.

[247] See Press Release, DOJ, BofA Securities Inc. Resolves Criminal Investigation with Justice Department Pursuant to Part I of the Criminal Division’s Corporate Enforcement and Voluntary Self-Disclosure Policy (Sept. 18, 2025), https://www.justice.gov/opa/pr/bofa-securities-inc-resolves-criminal-investigation-justice-department-pursuant-part-i.

[248] Letter from DOJ re BofA, (Sep. 17, 2025), https://www.justice.gov/criminal/media/1414486/dl?inline.

[249] Id at 2.

[250] See id.

[251] Plea Agreement, United States v. Brew City Envt’l & Restoration Servs., LLC, No. 25-cr-00121 (E.D. Wis. June 20, 2025), at 1–3 (“Brew City Plea Agreement”).

[252] Id. at 3.

[253] Id. at 3.

[254] Id. at 6.

[255] Id. at 9, Exhibit B.

[256] Minutes of Proceedings, United States v. Brew City Envt’l & Restoration Servs., LLC, No. 25-cr-00121 (E.D. Wis. Aug. 29, 2025).

[257] Environmental Crimes Bulletin – August 2025, U.S. Dep’t of Justice, Envtl. & Natural Resources Div. (Sept. 12, 2025), https://www.justice.gov/enrd/blog/environmental-crimes-bulletin-august-2025.

[258] Plea Agreement, United States v. Burns Hunting Club, LLC, No. 24-cr-40040-RJD (S.D. Ill. Mar. 27, 2025), at 1 (“Burns Hunting Plea Agreement”).

[259] Press Release, DOJ, Williamson County Waterfowl Hunting Club Shut Down for Illegal Baiting (June 24, 2025), https://www.justice.gov/usao-sdil/pr/williamson-county-waterfowl-hunting-club-shut-down-illegal-baiting (“Burns Hunting Press Release”).

[260] Burns Hunting Plea Agreement at 1.

[261] Id. at 4.

[262] Id. at 5.

[263] Id. at 5–6.

[264] See Burns Hunting Press Release.

[265] Judgment, United States v. Burns Hunting Club, LLC, No. 24-cr-40040-RJD (S.D. Ill. May 19, 2025).

[266] See Burns Hunting Press Release.

[267] Press Release, DOJ, Cadence Design Systems Agrees to Plead Guilty and Pay Over $140 Million for Unlawfully Exporting Semiconductor Design Tools to a Restricted PRC Military University (July 28, 2025), https://www.justice.gov/opa/pr/cadence-design-systems-agrees-plead-guilty-and-pay-over-140-million-unlawfully-exporting; Plea Agreement, United States v. Cadence Design Systems, Inc., CR 25-00217 at 2 (N.D. Cal. July 28, 2025) (“Cadence Plea Agreement”).

[268] Cadence Plea Agreement at 23–25.

[269] Id. at 7.

[270] Id.

[271] Id. at 9.

[272] Deferred Prosecution Agreement, United States v. Campbell Sales Group, Inc., No. 7:25-cr-00014 (E.D.N.C. Feb. 25, 2025) (“Campbell DPA”).

[273] Criminal Information, United States v. Campbell Sales Group, Inc., No. 7:25-cr-00014 (E.D.N.C. Feb. 25, 2025), at 4.

[274] Id at 4–5.

[275] Id.

[276] Campell DPA at 4.

[277] Plea Agreement, United States v. Donald Clark Garner II and Clark Garner, LLC, No. 1:25-cr-00117-JLR (S.D.N.Y. Mar. 20, 2025) (“Clark Plea Agreement”).

[278] Plea Agreement, United States v. TranscendBS, LLC, No. 1:25-cr-00112-JLR (S.D.N.Y Mar. 19, 2025) (“Transcend Plea Agreement”); Press Release, DOJ, Former New York City Department of Education Business Manager Sentenced in Bid Rigging Scheme (Aug. 19, 2025), https://www.justice.gov/opa/pr/former-new-york-city-department-education-business-manager-sentenced-bid-rigging-scheme (“TranscendBS Press Release”).

[279] Clark Plea Agreement; TranscendBS Plea Agreement.

[280] Clark Plea Agreement at 1.

[281] Information, United States v. Donald Clark Garner II and Clark Garner, LLC., No. 1:25-cr-00117-JLR (S.D.N.Y. Mar. 20, 2025); TranscendBS Press Release.

[282] Information, United States v. TranscendBS, LLC, No. 1:25-cr-00112-JLR (S.D.N.Y Mar. 19, 2025).

[283] TranscendBS Press Release.

[284] Clark Plea Agreement at 3.

[285] Judgment, United States v. Donald Clark Garner II and Clark Garner, LLC., No. 1:25-cr-00117-JLR (S.D.N.Y. July 31, 2025).

[286] Clark Plea Agreement.

[287] Judgment, United States v. TranscendBS, LLC, No. 1:25-cr-00112-002-JLR (Aug. 19, 2025).

[288] TranscendBS Press Release.

[289] Plea Agreement, United States v. CLS Global FZE LLC et al., 24-cr-10293, at 1 (D. Mass. Jan. 21, 2025) (“CLS Global Plea Agreement”).

[290] See id. at Exhibit B.

[291] Id.

[292] Press Release, DOJ, Cryptocurrency Financial Services Firm Sentenced for Cryptocurrency “Wash Trading” (Apr. 2, 2025), https://www.justice.gov/usao-ma/pr/cryptocurrency-financial-services-firm-sentenced-cryptocurrency-wash-trading (“CLS Press Release”); Minute Order, United States v. CLS Global FZE LLC et al., 24-cr-10293 (D. Mass. Jan. 21, 2025).

[293] CLS Press Release.

[294] Deferred Prosecution Agreement, United States v. Comunicaciones Celulares S.A., d/b/a Tigo Guatemala, No. 25-cr-20476-JB (S.D. Fla. Nov. 12, 2025) (“TIGO DPA”).

[295] Id. at 7.

[296] Id. at 11.

[297] Id at 15, C-8.

[298] Id. at 4.

[299] Id.

[300] Id.

[301] Plea Agreement, United States v. Credit Suisse Services AG, 1:25-cr-00123 (E.D. Va. May 5, 2025) (“Credit Suisse Plea Agreement”).

[302] Letter from DOJ regarding Credit Suisse Services AG (May 5, 2025), https://www.justice.gov/opa/media/1411011/dl?inline.

[303] Id.

[304] Id. at 3.

[305] Judgment, United States v. Credit Suisse Services AG, No. l:25-cr-00123 (E.D. Va. May 5, 2025), ECF No. 7.

[306] Id.; Credit Suisse Plea Agreement at 9–10.

[307] Letter from DOJ regarding Credit Suisse Services AG at 2 (May 5, 2025), https://www.justice.gov/opa/media/1411011/dl?inline.

[308] Plea Agreement, United States v. Dune Med. Supply, LLC, No. 1:25-cr-00347 (M.D.N.C. Oct. 1, 2025), ECF No. 2 (“Dune Medical Plea Agreement”); Plea Agreement, United States v. Prospect Health Sols, Inc., No. 1:25-cr-00348-1 (M.D.N.C. Oct. 1, 2025), ECF No. 2 (“Prospect Health Plea Agreement”).

[309] Information, United States v. Dune Med. Supply, LLC, No. 1:25-cr-00347 (M.D.N.C. Oct. 1, 2025) at 5 (“Dune Medical Information”); Information, United States v. Prospect Health Sols, Inc., No. 1:25-cr-00348-1 (M.D.N.C. Oct. 1, 2025) (“Prospect Health Information”).

[310] Dune Medical Information at 4–5; Prospect Health Information at 4–5.

[311] Dune Medical Plea Agreement at 6; Prospect Health Plea Agreement at 6.

[312] Minute Entry, United States v. Dune Med. Supply, LLC, No. 1:25-cr-00347 (M.D.N.C. Jan. 22, 2026); Minute Entry, United States v. Prospect Health Sols, Inc., No. 1:25-cr-00348 (M.D.N.C. Jan. 22, 2026).

[313] Plea Agreement, United States v. E&A Auto Cores, LLC, No. 4:25-cr-00545-HEA (E.D. Mo. Oct. 24, 2025), at 1–3.

[314] Id. at 3–5.

[315] Id. at 5.

[316] Id. at 5–6.

[317] Id. at 2.

[318] Id. at 7.

[319] Minute Order, United States v. E&A Auto Cores, LLC, No. 4:25-cr-00545-HEA (E.D. Mo. Oct. 24, 2025).

[320] Plea Agreement, United States v. Eagle Ship Mgmt., LLC, No. 2:25-cr-00138 (E.D. La. July 15, 2025), at 1–2 (“ESM Plea Agreement”).

[321] Information, United States v. Eagle Ship Mgmt., LLC, No. 2:25-cr-00138 (E.D. La. May 29, 2025), at 4.

[322] ESM Plea Agreement at 3.

[323] Id. at 4–6; id. at Attachment B (Environmental Compliance Plan).

[324] Judgment, United States v. Eagle Ship Management LLC, No. 2:25-cr-00138-SM-JVM (E.D. La Oct. 16, 2025).

[325] Plea Agreement, United States v. Elecsurf Trading Ltd., No. 1:14-cr-00319 (N.D. Ill. Aug. 1, 2025), at 1.

[326] Id. at 2–4.

[327] Id. at 4.

[328] Id. at 9.

[329] Judgment, United States v. Elecsurf Trading, LTD, No. 1:14-cr-00319 (N.D. Ill. Oct. 1, 2025).

[330] Plea Agreement, United States v. Eleview International, Inc., No. 1:25-cr-00046-LMB (E.D. Va. Oct. 28, 2025).

[331] Statement of the Facts, United States v. Eleview International, Inc., No. 1:25-cr-00046-LMB (E.D. Va. Oct. 28, 2025), at 1–9.

[332] Id. at 5, 7, 9.

[333] Plea Agreement, United States v. Eleview International, Inc., No. 1:25-cr-00046-LMB (E.D. Va. Oct. 28, 2025), at 5–6, 10.

[334] Minute Order, United States v. Eleview International Inc., No. 1:25-cr-00046 (E.D. Va. Oct. 28, 2025).

[335] Settlement Agreement, In the Matter of Eleview International Inc., No. 1:25-cr-00046-LMB (E.D. Va. Oct. 28, 2025).

[336] Plea Agreement, United States v. Erie Coke Corp., No. 1:22-cr-00023 (W.D. Pa. June 17, 2025).

[337] Indictment, United States v. Erie Coke Corp., No. 1:22-cr-00023 (W.D. Pa. Nov. 15, 2022), at 10–11.

[338] Id.

[339] Id. at 13.

[340] Judgment, United States v. Erie Coke Corp., No. 1:22-cr-00023 (W.D. Pa. Oct. 7, 2025).

[341] Plea Agreement, United States v. Exploring Together Therapy LLC, No. 3:25-cr-00494-CVR (D.P.R. Nov. 24, 2025), ECF No. 6 (“Exploring Together Plea Agreement”).

[342] Id. at 1.

[343] Id. at 13.

[344] Id. at 3.

[345] Id. at 3.

[346] Id. at 4.

[347] Minute Order, United States v. Exploring Together Therapy LLC, No. 25-cr-00494-CVR (D.P.R. Nov. 24, 2025), ECF No. 8.

[348] Plea Agreement, United States v. Eurobulk Ltd., No. 2:24-cr-00655 (S.D. Tex. Jan. 8, 2025), at 1 (“Eurobulk Plea Agreement”).

[349] Press Release, DOJ, Foreign Operator of Bulk Carrier Convicted for Concealment of Pollution and Falsification of Records (Jan. 29, 2025), https://www.justice.gov/usao-sdtx/pr/foreign-operator-bulk-carrier-convicted-concealment-pollution-and-falsification.

[350] Judgment, United States v. Eurobulk Ltd., No. 2:24-cr-00655 (S.D. Tex. Feb. 6, 2025), at 3–4 (“Eurobulk Judgment”).

[351] Eurobulk Plea Agreement at 5–7, Attachment A (Environmental Compliance Plan); Eurobulk Judgment at 2.

[352] Eurobulk Plea Agreement at 6–7, Attachment A (Environmental Compliance Plan).

[353] Order on Whistleblower Award, United States v. Eurobulk Ltd., No. 2:24-cr-00655 (S.D. Tex. Feb. 13, 2025), at 1.

[354] Judgment, United States v. Fabcon Precast LLC, No. 2:25-cr-00020 (S.D. Ohio June 10, 2025), at 1 (“Fabcon Judgment”).

[355] Press Release, DOJ, Ohio Company Sentenced for Violating OSHA Rule Leading to Worker’s Death (June 9, 2025), https://www.justice.gov/opa/pr/ohio-company-sentenced-violating-osha-rule-leading-workers-death (“Fabcon Press Release”).

[356] Fabcon Judgment at 3.

[357] Id. at 2.

[358] Plea Agreement, United States v. Gotbit Consulting LLC, No. 24-cr-10190-AK (D. Mass. Mar. 19, 2025) (“Gotbit Plea Agreement”); Press Release, DOJ, Cryptocurrency Financial Services Firm “Gotbit” and Founder Sentenced for Market Manipulation and Fraud Conspiracy (June 13, 2025), https://www.justice.gov/usao-ma/pr/cryptocurrency-financial-services-firm-gotbit-and-founder-sentenced-market-manipulation (“Gotbit Press Release”).

[359] Gotbit Plea Agreement at 1.

[360] Id.

[361] Gotbit Press Release.

[362] Gotbit Plea Agreement at 3–6.

[363] Id. at 3.

[364] Gotbit Press Release.

[365] Plea Agreement, United States v. Gadsden, Gaillard & West LLC, No. 2:25-cr-00175 (S.D.W.V. Oct. 9, 2025) (“Gadsden Plea Agreement”); Press Release, DOJ, South Carolina Man and Trucking Business Plead Guilty to Contamination of Paint Creek Resulting from 2022 West Virginia Turnpike Crash (Nov. 20, 2025), https://www.justice.gov/usao-sdwv/pr/south-carolina-man-and-trucking-business-plead-guilty-contamination-paint-creek (“Gadsden Press Release”).

[366] Gadsden Plea Agreement at 12–16.

[367] Order, United States v. Gadsden, Gaillard & West LLC, No. 2:25-cr-00175 (S.D.W. Va. Dec. 15, 2025)

[368] Gadsden Plea Agreement at 3.

[369] Press Release, DOJ, U.S. Authorities Shut Down Major China-Linked AI Tech Smuggling Network (Dec. 8, 2025), https://www.justice.gov/opa/pr/us-authorities-shut-down-major-china-linked-ai-tech-smuggling-networkhttps://www.justice.gov/opa/pr/us-authorities-shut-down-major-china-linked-ai-tech-smuggling-network (“Hao Press Release”).

[370] Plea Agreement, United States v. Hao Global LLC, No. 4:25-cr-00510 (S.D. Tex. Oct. 10, 2025), ECF No. 32, at 1 (“Hao Plea Agreement”).

[371] Hao Press Release.

[372] Hao Plea Agreement at 6–7

[373] Id. at 8.

[374] Hao Press Release.

[375] Hao Plea Agreement at 2, 18

[376] Minute Order, United States v. Hao Global LLC, No. 4:25-cr-00510 (S.D. Tex. Dec. 1, 2025), ECF No. 41.

[377] Plea Agreement at 1–6, United States v. Hino Motors, Ltd., No. 2:25-cr-20016 (E.D. Mich. Mar. 19, 2025) (“Hino Plea Agreement”), ECF No. 16.

[378] Hino Plea Agreement at 15.

[379] Id. at 17–19.

[380] Id. at 13, 16.

[381] Id. at 23–24; Ex. 3, Corporate Compliance Program.

[382] Plea Agreement, United States v. Horseshoe Grove, LLC, No. 3:24-cr-00430-HZ (D. Or. Feb. 7, 2025) (“Horseshoe Plea Agreement”), ECF No. 23; Plea Agreement, United States v. Chamness Dirt Works Inc., No. 3:24-cr-00430-HZ (D. Or. Feb. 7, 2025) (“Chamness Plea Agreement”), ECF No. 30.

[383] Chamness Plea Agreement at 2–3.

[384] Judgment, United States v. Horseshoe Grove, LLC, No. 3:24-cr-00430-HZ (D. Or. Apr. 8, 2025), ECF No. 45; Judgment, United States v. Chamness Dirt Works Inc., No. 3:24-cr-00430-HZ (D. Or. Apr. 8, 2025), ECF No. 30.

[385] Plea Agreement, United States v. Hytera Commc’ns Corp., Ltd., No. 1:20-cr-00688 (N.D. Ill. Jan. 13, 2025) (“Hytera Plea Agreement”), ECF No. 353 at 1.

[386] Press Release, DOJ, Northern District of Illinois, Chinese Telecommunications Company Pleads Guilty to Conspiring to Steal Technology From Illinois-Based Motorola Solutions (Jan. 14, 2025), https://www.justice.gov/usao-ndil/pr/chinese-telecommunications-company-pleads-guilty-conspiring-steal-technology-illinois.

[387] Id.

[388] Id.

[389] Notification of Docket Entry, United States v. Hytera Commc’ns Corp., Ltd., No. 1:20-cr-00688 (N.D. Ill. Jan. 13, 2025), ECF No. 413.

[390] Plea Agreement, United States v. J.H. Baxter & Co., No. 6:24-CR-00441-MC-2 (D. Or., Jan. 22, 2025) (“J.H. Baxter Plea Agreement”); Press Release, DOJ, Companies and President Operating Oregon Wood Treatment Facility to Pay $1.5M in Criminal Fines for Hazardous Waste and Air Pollution Charges (Apr. 23, 2025), https://www.justice.gov/opa/pr/companies-and-president-operating-oregon-wood-treatment-facility-pay-15m-criminal-fines (“J.H. Baxter Press Release”).

[391] J.H. Baxter Plea Agreement at 2–4.

[392] J.H. Baxter Plea Agreement at 5; Judgment, United States v. J.H. Baxter & Co., Inc., No. 6:24-cr-00441-MC (May 1, 2025), ECF No. 48; Judgment, United States v. J.H. Baxter & Co., Inc., No. 6:24-cr-00441-MC (May 1, 2025), ECF No. 50.

[393] J.H. Baxter Press Release.

[394] Plea Agreement, United States v. KBWB Operations LLC, No. 3:23-cr-00010-wmc (W.D. Wis. Jan. 17, 2025) (“KBWB Plea Agreement”), at 1–2; Press Release, DOJ, Corporation and Former Chief Executive Officer Plead Guilty to Health Care Fraud and Tax Conspiracy (Nov. 18, 2025), https://www.justice.gov/opa/pr/corporation-and-former-chief-executive-officer-sentenced-health-care-fraud-and-tax (“KBWB Press Release”).

[395] KBWB Plea Agreement at 2–4.

[396] KBWB Press Release.

[397] KBWB Plea Agreement at 4.

[398] Judgment, United States v. KBWB Operations LLC, No. 3:23-cr-00010-wmc (W.D. Wis. Nov. 20, 2025), ECF No. 355.

[399] Press Release, DOJ, Kucoin Pleads Guilty to Unlicensed Money Transmission Charge and Agrees to Pay Penalties Totaling Nearly $300 Million (Jan. 27, 2025), https://www.justice.gov/usao-sdny/pr/kucoin-pleads-guilty-unlicensed-money-transmission-charge-and-agrees-pay-penalties (“KuCoin Press Release”); Transcript, Plea and Sentence, United States v. Peken Glob. Ltd, No. 2-cr- 168 (S.D.N.Y. Jan. 30, 2025), ECF No. 15; Consent Preliminary Order of Forfeiture/Money Judgment, United States v. Peken Glob. Ltd, No. 2-cr- 168 (S.D.N.Y. Jan. 30, 2025) (“KuCoin Order”).

[400] KuCoin Press Release.

[401] Judgment, United States v. Peken Glob. Ltd., No. 1:24-cr-168 (S.D.N.Y. Feb. 11, 2025).

[402] KuCoin Press Release.

[403] Letter from DOJ re Liberty Mutual Insurance Company (Aug. 7, 2025), https://www.justice.gov/criminal/media/1410761/dl?inline.

[404] Id. at 2.

[405] Min. Entry, United States v. Life Touch LLC, No. 4:25-cr-00025 (E.D.N.C. July 14, 2025), ECF No. 20; Information ¶¶ 20, 52, United States v. Life Touch LLC, No. 4:25-cr-00025 (E.D.N.C. May 28, 2025), ECF No. 1 (“Life Touch Information”).

[406] Life Touch Information ¶¶ 25–27, 30.

[407] Text Order, United States v. Life Touch LLC, No. 4:25-cr-00025 (E.D.N.C. Nov. 25, 2025).

[408] Plea Agreement, United States v. Mayhem Servs., LLC, No. 2:25-CR-00005-LK (W.D. Wash., July 21, 2025), ECF No. 27; Plea Agreement, United States v. Mayhem Servs., LLC, No. 2:25-CR-00005-LK (W.D. Wash., Sep. 8, 2025), ECF No. 52.

[409] Id. at 2.

[410] Judgment, United States v. Mayhem Servs., LLC, No. 2:25-CR-00005-LK (W.D. Wash., July 21, 2025), ECF No. 69 at 2, 4.

[411] Press Release, DOJ, Washington Hunting Guide and Outfitting Company Enter Guilty Pleas to Lacey Act Crime (July 22, 2025), https://www.justice.gov/opa/pr/washington-hunting-guide-and-outfitting-company-enter-guilty-pleas-lacey-act-crime.

[412] Letter from DOJ regarding MGI International, LLC (Nov. 19, 2025), https://www.justice.gov/criminal/media/1421291/dl?inline.

[413] Id. at 1.

[414] Id. at 1–2.

[415] Id. at 2.

[416] Plea Agreement, United States v. Millenia Prods., LLC, 25-cr-10075, (D. Kan. Aug. 13, 2025), ECF No. 18 at 1.

[417] Id. at 2.

[418] Id.

[419] Id. at 3.

[420] Judgment, United States v. Millenia Prods., LLC, No. 6:25-cr-10075-EFM (D. Kan. Nov. 3, 2025), ECF No. 31.

[421] Plea Agreement, United States v. Mudafort Xtreme Sports & Motorsports, Inc., 22-cr-00553, (D.P.R. Jan. 13, 2025), ECF No. 123 at 1.

[422] Id. at 12.

[423] Judgement, United States v. Mudafort Xtreme Sports & Motorsports, Inc., 22-cr-00553, (D.P.R. Jan. 13, 2025), ECF No. 151 at 2, 6.

[424] Plea Agreement Letter, United States v. Murex Mgmt., Inc., No. 2:25-CR-134 (E.D. La. June 25, 2025) (“Murex Plea Agreement”), ECF No. 20 at 1; Press Release, DOJ, Texas Company Guilty of Aiding and Abetting Fraudulent Transactions Related to False Ethanol Sales, Pays Over $15,000,000 in Fines, Restitution (July 11, 2025), https://www.justice.gov/usao-edla/pr/texas-company-guilty-aiding-and-abetting-fraudulent-transactions-related-false-ethanol (“Murex Press Release”).

[425] Murex Press Release.

[426] Id.

[427] Murex Plea Agreement at 2.

[428] Id.

[429] Id.

[430] Judgment, United States v. Murex Mgmt., Inc., No. 2:25-CR-134 (E.D. La. July 10, 2025), ECF No. 23.

[431] Plea Agreement, United States v. OHM Pharm. Servs., Inc., 25-cr-10128 (D. Mass. April 10, 2025) (“OHM Pharmacy Plea Agreement”) ECF No. 3 at 1.

[432] OHM Pharmacy Plea Agreement at 8–9.

[433] Judgement, United States v. OHM Pharm. Servs., Inc., 25-cr-10128 (D. Mass. April 10, 2025), ECF No. 10 at 2, 3; OHM Pharmacy Plea Agreement at 3.

[434] Press Release, DOJ, Florida Pharmacy Pleads Guilty to Health Care Fraud and Agrees to Pay More Than $1 Million Settlement (May 16, 2025), https://www.justice.gov/usao-ma/pr/florida-pharmacy-pleads-guilty-health-care-fraud-and-agrees-pay-more-1-million-settement.

[435] Plea Agreement, United States v. Old Dutch Mustard Co., Inc., No. 1L25-cr-00002-LM-TSM (D.N.H. Jan. 24, 2025) (“Old Dutch Mustard Plea Agreement”), ECF No. 3.

[436] Id. at 5–8.

[437] Id. at 10–11.

[438] Plea Agreement, United States v. Paxful Holdings, Inc., No. 2:25-CR-235 (E.D. Cal. Dec. 8, 2025) (“Paxful Plea Agreement”), ECF No. 18.

[439] Press Release, DOJ, Virtual Asset Trading Platform Pleads Guilty to Violating the Travel Act and Other Federal Criminal Charges (Dec. 10, 2025), https://www.justice.gov/opa/pr/virtual-asset-trading-platform-pleads-guilty-violating-travel-act-and-other-federal-criminal (“Paxful Press Release”).

[440] Paxful Plea Agreement at 18.

[441] United States v. Schaback, No. 24-cr-0072 (E.D. Cal Jul. 8, 2024) (“Schaback Plea Agreement”), ECF No. 14 at 3,4.

[442] Paxful Press Release.

[443] Press Release, FinCEN, FinCEN Assesses $3.5 Million Penalty Against Paxful for Facilitating Suspicious Activity Involving Illicit Actors (Dec. 9, 2025), https://www.fincen.gov/news/news-releases/fincen-assesses-35-million-penalty-against-paxful-facilitating-suspicious.

[444] Judgment, United States v. PT Servs., Inc., No. 2:25-cr-20223-MSN (W.D. Tenn. Nov. 25, 2025), ECF No. 21 at 1–2; Press Release, DOJ, Western District of Tennessee, Memphis Company Sentenced for Violations of the Clean Air Act (Nov. 26, 2025) (“PT Services Judgement”), https://www.justice.gov/usao-wdtn/pr/memphis-company-sentenced-violations-clean-air-act (“PT Services Press Release”).

[445] Plea Agreement, United States v. PT Servs., Inc., No. 2:25-cr-20223-MSN (W.D. Tenn. Nov. 25, 2025), ECF No. 5.

[446] PT Services Press Release.

[447] PT Services Judgment at 3, 5.

[448] Judgment at 3–4.

[449] Id.

[450] Id.

[451] Plea Agreement, United States v. Quadrant Magnetics LLC, No. 3:22-cr-00088 (W.D. Ky. Dec. 1, 2025), ECF No. 452, at 1–2.

[452] Id. at 2, 3.

[453] Id. at 2–3.

[454] Id. at 3.

[455] Id. at 5–6.

[456] Id. at 6.

[457] Id.

[458] Id. at 5–7.

[459] Order Following Entry of Guilty Plea, United States v. Quadrant Magnetics LLC, No. 3:22-cr-00088 (W.D. Ky. Dec. 1, 2025), ECF No. 453 at 2.

[460] Plea Agreement, United States v. Rossy Sport Bar Paroramico, LLC, No. 3:25-cr-00142-MAJ (D.P.R. Oct. 14, 2025), ECF No. 52.

[461] Id. at 14.

[462] Id. at 5.

[463] Plea Agreement, United States v. Royal Sovereign Int’l, Inc., No. 2:25-cr-00498 (D.N.J. Aug. 6, 2025) (“Royal Sovereign Plea Agreement”), ECF No. 5; Press Release, DOJ, New Jersey Company Pleads Guilty and Agrees to Restitution and Civil Penalty for Failing to Report Dangerous Air Conditioners (Aug. 5, 2025), https://www.justice.gov/opa/pr/new-jersey-company-pleads-guilty-and-agrees-restitution-and-civil-penalty-failing-report.

[464] Royal Sovereign Plea Agreement at 1; Information, United States v. Royal Sovereign Int’l, Inc., No. 2:25-cr-00498 (D.N.J. Aug. 5, 2025), ECF No. 1, at 2–4.

[465] Royal Sovereign Plea Agreement at 2.

[466] Consent Decree, United States v. Royal Sovereign Int’l, Inc., No. 2:25-cv-11114 (D.N.J. June 20, 2025), ECF No. 4 at 3–4.

[467] Plea Agreement, United States v. Servismed, LLC, No. 3:25-mj-00243 (N.D. Fla. Aug. 14, 2025) (“Servismed Plea Agreement”), ECF No. 5 at 1.

[468] Information, United States v. Servismed, LLC, No. 3:25-mj-00243 (N.D. Fla. July 28, 2025), ECF No. 1 at 4.

[469] Servismed Plea Agreement at 2; Judgment, United States v. Servismed, LLC, No. 3:25-mj-00243 (N.D. Fla. Aug. 15, 2025) (“Servismed Judgment”), ECF No. 10 at 2.

[470] Servismed Judgment at 3.

[471] Judgment, United States v. ShotStop Ballistics, LLC, No. 5:25-CR-00070-DCN(3) (N.D. Ohio Aug. 20, 2025) (“ShotShop Ballistics Judgment”), ECF No. 42 at 1; Judgment, United States v. Vallmar Studios, LLC, No. 5:25-cr-00070-DCN(2) (N.D. Ohio Aug. 20, 2025) (“Vallmar Judgment”), ECF No. 40 at 1; Press Release, DOJ, Ohio Man Charged with Smuggling Body Armor from China to Sell to Law Enforcement Customers as American Made (Feb. 26, 2025), https://www.justice.gov/usao-ndoh/pr/ohio-man-charged-smuggling-body-armor-china-sell-law-enforcement-customers-american (“Vallmar Press Release”).

[472] Vallmar Press Release.

[473] ShotStop Ballistics Judgment at 2–3; Vallmar Judgment at 2.

[474] Plea Agreement, United States v. Trans World Servs., Inc., No. 4:25-cr-00442 (S.D. Tex. Sept. 9, 2025), ECF No. 12 at 1.

[475] Id.at 7–8.

[476] Id.

[477] Id. at 8.

[478] Id. at 2.

[479] Id.

[480] Id. at 10.

[481] Judgment, United States v. Trans World Servs., Inc., No. 4:25-cr-00442 (S.D. Tex. Sept. 24, 2025), ECF No. 13.

[482] Non-Prosecution Agreement, Troy Health, Inc. (Aug. 14, 2025), available at https://www.justice.gov/criminal/media/1411396/dl?inline.

[483] Id., Attachment A at A-5.

[484] Id., Attachment A at A-5–A-8.

[485] Id. at 3. Troy Health also acknowledged the government’s ability to file a forfeiture action for at least $1,887,193.90, representing the proceeds traceable to the commission of the offense.

[486] Id. at 1–5.

[487] Press Release, DOJ, Justice Department Declines Prosecution of Company That Self-Disclosed Export Control Offenses Committed by Employee (Apr. 30, 2025), https://www.justice.gov/opa/pr/justice-department-declines-prosecution-company-self-disclosed-export-control-offenses.

[488] Id.

[489] Letter from DOJ regarding Universities Space Research Association (Apr. 23, 2025), https://www.justice.gov/opa/media/1398471/dl?inline.

[490] Id.

[491] Id.

[492] Plea Agreement, United States v. Virginia Pump and Motor Co., Inc., No. 2:25-cr-00129 (E.D. Va. Nov. 17, 2025); Statement of the Facts, United States v. Virginia Pump and Motor Co., Inc., No. 2:25-cr-00129 (E.D. Va. Nov. 17, 2025), at 3.

[493] Statement of the Facts, United States v. Virginia Pump and Motor Co., Inc., No. 2:25-cr-00129 (E.D. Va. Nov. 17, 2025), at 3–5.

[494] Id. at 5.

[495] Id.

[496] Id. at 4–5.

[497] Sentencing Procedures Order, United States v. Virginia Pump and Motor Co., Inc., No. 2:25-cr-00129 (E.D. Va. Nov. 17, 2025).

[498] Plea Agreement, United States v. V. Ships Norway, A.S., No. 1:25-CR-39 & 1:25-CR-45 (E.D. Tex., Aug. 27, 2025) (“V. Ships Norway Plea Agreement”); Press Release, DOJ, Shipping Company Fined $2M for Maritime Pollution Offense (Aug. 27, 2025), https://www.justice.gov/opa/pr/shipping-company-fined-2m-maritime-pollution-offense (“V. Ships Norway Press Release”).

[499] V. Ships Norway Press Release.

[500] V. Ships Norway Plea Agreement at 4.

[501] Id. at 4–5.

[502] Id. at 8.

[503] 18 U.S.C. § 1908(a).

[504] Amended Judgment, United States v. V. Ships Norway, A.S., No. 1:25-cr-00039-MAC-ZJH (E.D. Tex. Sept. 8, 2025), ECF No. 24; Amended Judgment, United States v. V. Ships Norway, A.S., No. 1:25-cr-00045-MAC-CLS (E.D. Tex Sept. 8, 2025), ECF No. 19.

The following Gibson Dunn lawyers prepared this client alert: F. Joseph Warin, Stephanie Brooker, Winston Chan, Nicola Hanna, M. Kendall Day, Melissa Farrar, Bryan Parr, Douglas Colby, Justin Accomando, Cordelia Achen, Teia Anderson, John Turquet Bravard, Kio Bell, Alex Buettner, Sarah Burns, Claire Carter, Daniel Carvalho, Anthony Cruz, Tim Dragonette, Michael Dziuban, Mary Aline Fertin, Alison Frison, Betsy Goodwin, Sarah Hafeez, Erika Suh Holmberg, Wynne Leahy, Allison Lewis, Lafayette Matthews, Dorkas Medina, Alex Ogren, David Reck, Shreya Sarin, Psi Simon, Nimrita Singh, Kelly Skowera, Shannon Summer, Yixian Sun, Eric Thompson, Lorena Toussaint, Todd Truesdale, Alyse Ullery-Glod, and Jinhua Zhang.

Gibson Dunn’s White Collar Defense and Investigations Practice Group successfully defends corporations and senior corporate executives in a wide range of federal and state investigations and prosecutions, and conducts sensitive internal investigations for leading companies and their boards of directors in almost every business sector. The Group has members across the globe and in every domestic office of the Firm and draws on more than 125 attorneys with deep government experience, including more than 50 former federal and state prosecutors and officials, many of whom served at high levels within the Department of Justice and the Securities and Exchange Commission, as well as former non-U.S. enforcers.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding these issues. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any leader or member of Gibson Dunn’s White Collar Defense and Investigations or Anti-Corruption and FCPA practice groups:

Washington, D.C.
F. Joseph Warin (+1 202.887.3609, fwarin@gibsondunn.com)
Stephanie Brooker (+1 202.887.3502, sbrooker@gibsondunn.com)
Matthew S. Axelrod – Washington, D.C. (+1 202.955.8517, maxelrod@gibsondunn.com)
Courtney M. Brown (+1 202.955.8685, cmbrown@gibsondunn.com)
David P. Burns (+1 202.887.3786, dburns@gibsondunn.com)
John W.F. Chesley (+1 202.887.3788, jchesley@gibsondunn.com)
Daniel P. Chung (+1 202.887.3729, dchung@gibsondunn.com)
M. Kendall Day (+1 202.955.8220, kday@gibsondunn.com)
Stuart F. Delery (+1 202.955.8515, sdelery@gibsondunn.com)
Michael S. Diamant (+1 202.887.3604, mdiamant@gibsondunn.com)
Gustav W. Eyler (+1 202.955.8610, geyler@gibsondunn.com)
Melissa Farrar (+1 202.887.3579, mfarrar@gibsondunn.com)
Amy Feagles (+1 202.887.3699, afeagles@gibsondunn.com)
Scott D. Hammond (+1 202.887.3684, shammond@gibsondunn.com)
George J. Hazel (+1 202.887.3674, ghazel@gibsondunn.com)
Jake M. Shields (+1 202.955.8201, jmshields@gibsondunn.com)
Adam M. Smith (+1 202.887.3547, asmith@gibsondunn.com)
Patrick F. Stokes (+1 202.955.8504, pstokes@gibsondunn.com)
Oleh Vretsona (+1 202.887.3779, ovretsona@gibsondunn.com)
David C. Ware (+1 202.887.3652, dware@gibsondunn.com)
Ella Alves Capone (+1 202.887.3511, ecapone@gibsondunn.com)
Lora Elizabeth MacDonald (+1 202.887.3738, lmacdonald@gibsondunn.com)
Bryan Parr (+1 202.777.9560, bparr@gibsondunn.com)
Pedro G. Soto (+1 202.955.8661, psoto@gibsondunn.com)

New York
Zainab N. Ahmad (+1 212.351.2609, zahmad@gibsondunn.com)
Barry H. Berke (+1 212.351.3860, bberke@gibsondunn.com)
Reed Brodsky (+1 212.351.5334, rbrodsky@gibsondunn.com)
Mylan L. Denerstein (+1 212.351.3850, mdenerstein@gibsondunn.com)
Jordan Estes (+1 212.351.3906, jestes@gibsondunn.com)
Dani R. James (+1 212.351.3880, djames@gibsondunn.com)
Darren LaVerne (+1 212.351.3936, dlaverne@gibsondunn.com)
Michael Martinez (+1 212.351.4076, mmartinez2@gibsondunn.com)
Osman Nawaz (+1 212.351.3940, onawaz@gibsondunn.com)
Karin Portlock (+1 212.351.2666, kportlock@gibsondunn.com)
Mark K. Schonfeld (+1 212.351.2433, mschonfeld@gibsondunn.com)
Orin Snyder (+1 212.351.2400, osnyder@gibsondunn.com)

Dallas
David Woodcock (+1 214.698.3211, dwoodcock@gibsondunn.com)

Denver
Ryan T. Bergsieker (+1 303.298.5774, rbergsieker@gibsondunn.com)
Robert C. Blume (+1 303.298.5758, rblume@gibsondunn.com)
John D.W. Partridge (+1 303.298.5931, jpartridge@gibsondunn.com)
Laura J. Plack (+1 303.298.5749, lplack@gibsondunn.com)
Laura M. Sturges (+1 303.298.5929, lsturges@gibsondunn.com)

Houston
Gregg J. Costa (+1 346.718.6649, gcosta@gibsondunn.com)

Los Angeles
Michael H. Dore (+1 213.229.7652, mdore@gibsondunn.com)
Michael M. Farhang (+1 213.229.7005, mfarhang@gibsondunn.com)
Diana M. Feinstein (+1 213.229.7351, dfeinstein@gibsondunn.com)
Douglas Fuchs (+1 213.229.7605, dfuchs@gibsondunn.com)
Nicola T. Hanna (+1 213.229.7269, nhanna@gibsondunn.com)
Poonam G. Kumar (+1 213.229.7554, pkumar@gibsondunn.com)
Marcellus McRae (+1 213.229.7675, mmcrae@gibsondunn.com)
Eric D. Vandevelde (+1 213.229.7186, evandevelde@gibsondunn.com)
Debra Wong Yang (+1 213.229.7472, dwongyang@gibsondunn.com)

San Francisco
Winston Y. Chan (+1 415.393.8362, wchan@gibsondunn.com)

London
Patrick Doris (+44 20 7071 4276, pdoris@gibsondunn.com)
Sacha Harber-Kelly (+44 20 7071 4205, sharber-kelly@gibsondunn.com)
Michelle Kirschner (+44 20 7071 4212, mkirschner@gibsondunn.com)
Allan Neil (+44 20 7071 4296, aneil@gibsondunn.com)
Philip Rocher (+44 20 7071 4202, procher@gibsondunn.com)

Paris
Benoît Fleury (+33 1 56 43 13 00, bfleury@gibsondunn.com)
Bernard Grinspan (+33 1 56 43 13 00, bgrinspan@gibsondunn.com)

Frankfurt
Finn Zeidler (+49 69 247 411 530, fzeidler@gibsondunn.com)

Munich
Kai Gesing (+49 89 189 33 285, kgesing@gibsondunn.com)
Katharina Humphrey (+49 89 189 33 155, khumphrey@gibsondunn.com)
Benno Schwarz (+49 89 189 33 110, bschwarz@gibsondunn.com)

Hong Kong
Oliver D. Welch (+852 2214 3716, owelch@gibsondunn.com)
Ning Ning (+852 2214 3763, nning@gibsondunn.com)

Singapore
Oliver D. Welch (+852 2214 3716, owelch@gibsondunn.com)
Karthik Ashwin Thiagarajan (+65 6507 3636, kthiagarajan@gibsondunn.com)

Fuentes v. Empire Nissan, Inc., S280256 – Decided February 2, 2026

The California Supreme Court held today that while the size, placement, and legibility of provisions in an arbitration agreement may affect the agreement’s procedural unconscionability, they do not affect the analysis of substantive unconscionability.

“An otherwise fair and mutual term is not made substantively unconscionable by printing it in a manner that makes it difficult to read … [B]ecause font size does not affect the substance of an agreement’s terms, it cannot render a contractual term substantively unconscionable.”

Justice Groban, writing for the Court

Background:

A party seeking to invalidate an arbitration agreement on unconscionability grounds under California law must make two showings. First, the party must show the agreement is procedurally unconscionable: i.e., that the way the contract was formed was one-sided or unfair, often because it involved oppression or surprise and unequal bargaining power. Second, the party must show the agreement was substantively unconscionable: i.e., that its terms are unfair, one-sided, and shocking to the conscience.

When she applied to work at Empire Nissan, Evangelina Yanez Fuentes signed an agreement requiring arbitration of all disputes arising out of her employment. Fuentes later filed a lawsuit alleging wrongful discharge. Empire Nissan sought to compel arbitration, but the trial court denied the motion to compel on the ground that the arbitration agreement was unconscionable. It reasoned that the agreement’s fine-print terms and scarcely legible text indicated substantive unconscionability. The Court of Appeal reversed, departing from other decisions of the Court of Appeal and holding that arguments about the legibility or prominence of contract provisions affect only procedural unconscionability.

Issue Presented:

Do the placement, prominence, or legibility of provisions in an arbitration agreement affect whether the agreement is substantively unconscionable under California law?

Court’s Holding:

No. Although small font size and near-illegibility may indicate procedural unconscionability and therefore require a lesser showing of substantive unconscionability, those features of an arbitration agreement do not themselves indicate substantive unconscionability.

What It Means:

Physical features of contract provisions—font size, placement, prominence, legibility, and the like—do not factor into the analysis of whether an arbitration agreement is substantively unconscionable.
However, the Court emphasized that, while prominence or legibility issues do not themselves affect substantive unconscionability, courts should “closely scrutinize” the substantive terms set out in small or difficult-to-read text “to ensure they are not manifestly unfair or one-sided.”
The Court also held that, in assessing whether an arbitration agreement is unconscionably one-sided, courts should not rely “on the policy favoring arbitration as an interpretive presumption.” So if an agreement may be read to require arbitration only as to one side, courts may rule that the agreement is substantively unfair without construing the agreement in a more arbitration-friendly manner.
The Court declined to resolve a raft of issues left for remand, including whether any arbitration agreement had been formed at all and whether, if validly formed, the agreement was unconscionable and thus unenforceable.

The Court’s opinion is available here.

Gibson Dunn’s lawyers are available to assist in addressing any questions you may have regarding developments at the California Supreme Court. Please feel free to contact the following practice group leaders:

Appellate and Constitutional Law

Thomas H. Dupree Jr. +1 202.955.8547 tdupree@gibsondunn.com	Allyson N. Ho +1 214.698.3233 aho@gibsondunn.com	Julian W. Poon +1 213.229.7758 jpoon@gibsondunn.com
Lucas C. Townsend +1 202.887.3731 ltownsend@gibsondunn.com	Bradley J. Hamburger +1 213.229.7658 bhamburger@gibsondunn.com	Michael J. Holecek +1 213.229.7018 mholecek@gibsondunn.com

Related Practice: Labor and Employment

Jason C. Schwartz
+1 202.955.8242
jschwartz@gibsondunn.com

Katherine V.A. Smith
+1 213.229.7107
ksmith@gibsondunn.com

Jesse A. Cripps
+1 213.229.7792
jcripps@gibsondunn.com

This alert was prepared by Daniel R. Adler, Ryan Azad, Matt Aidan Getz, and John Collins.

The court found an activist investor failed to clear the “high hurdle” of showing that protective provisions in a merger agreement illegally or inequitably locked up a stock-for-stock, premium merger already resoundingly approved by stockholders.

On January 23, 2026, the Delaware Court of Chancery rejected activist stockholder HoldCo Opportunities Fund V, L.P.’s emergency request to temporarily enjoin the closing of Comerica Incorporated’s stockholder-approved merger with Fifth Third Bancorp. HoldCo argued that the merger should be enjoined because a force-the-vote provision, a no-shop and fiduciary out to change the board’s recommendation, a mandatory renegotiation provision following a stockholder no-vote, a one-year outside date, and a 4.7% termination fee unlawfully and unfairly locked Comerica into the Fifth Third deal to the detriment of Comerica and its stockholders. In a letter decision published on January 26, 2026, Vice Chancellor Morgan T. Zurn explained that HoldCo’s TRO application failed to clear the “high hurdle” of showing that the merger’s deal protections were colorably illegal or inequitable; and that closing a premium deal approved by Comerica’s stockholders, in the absence of any rival bidder, would irreparably harm those stockholders rather than benefit them. See HoldCo Opp. Fund V, L.P. v. Angulo, C.A. No. 2025-1360-MTZ (Del. Ch. Jan. 26, 2026).

Background

In July 2025, HoldCo initiated an activist campaign to force a sale of Comerica to Fifth Third or other possible buyers. HoldCo agitated for a sale based on its belief that Comerica’s stock price had underperformed for twenty-five years and its CEO refused to address that underperformance. In September 2025, Comerica commenced a sale process that led to an October 5, 2025 agreement for a stock-for-stock merger with Fifth Third at a 20% premium to Comerica’s then-10-day volume-weighted average stock price. During the sale process, Comerica’s financial advisor surveyed three other potential buyers and received offers from only one; and all of Fifth Third’s proposals valued Comerica at a higher price per share than the alternative buyer’s proposals.

In the merger agreement, Comerica and Fifth Third agreed to reciprocal and symmetrical commitments, termination rights, and fiduciary outs, including:

A no-shop provision with an ability to engage with unsolicited, bona fide written acquisition proposals;
A force-the-vote provision obligating a stockholder vote, but with a fiduciary out to submit without a favorable board recommendation;
A requirement to use reasonable best efforts to renegotiate if stockholders voted against the merger;
A right to terminate if the other party changed its recommendation or breached the merger agreement;
A $500 million termination fee (4.7% of equity value) payable to the terminating party following the other party’s recommendation change, breach, or entry into an alternative transaction under certain tail period circumstances; and
A one-year outside date before which the parties were obligated to use their reasonable best efforts to file disclosures and obtain approval from stockholders and banking regulators.

HoldCo initially touted the merger as “a rare win for Bank Activists” and its reciprocal no-shop, fiduciary out, and termination provisions as “[m]arket.” Then it reversed course. On November 21, 2025, HoldCo sued to enjoin the closing of the merger. The court scheduled a preliminary injunction hearing on HoldCo’s deal protection claims for February 23, 2026, and the parties proceeded with discovery.

On January 6, stockholders overwhelmingly approved the merger—by 99.7% of the Fifth Third votes cast and 97% of the Comerica votes cast, representing 73% of Comerica’s outstanding stock. Then, on January 13, the merger received regulatory approval, prompting Fifth Third to advise the court that the merger would close on February 1. No higher bid had emerged.

On January 14, HoldCo filed an emergency motion to temporarily enjoin the February 1 closing. The court denied the TRO on January 23 and published its reasoning on January 26. The court held that HoldCo failed to carry its burden on all three elements of its TRO application.

Merits

HoldCo’s TRO application failed to raise a colorable claim that the parties illegally locked up the merger or inequitably limited the Comerica board’s or stockholders’ ability to consider alternatives. The merits of HoldCo’s claims turned on unambiguous contractual language and dispositive legal authority.

Illegality

The court made quick work of HoldCo’s argument that the deal protections were per se invalid constraints on the Comerica board’s authority under Section 141(a) of the DGCL and Omnicare. First, the court found its prior decision in Energy Partners “dispositive of HoldCo’s argument that Comerica’s fiduciary out is illegal because it is not accompanied by a termination right.” Under Delaware law, “a fiduciary out that allows a merger party to engage with an unsolicited proposal and change its recommendation”—like the one here—”enables that party’s board to fulfill its fiduciary duties, even if the other party holds the right to terminate and is entitled to a fee.”

Second, the court rejected HoldCo’s argument that the one-year outside date made the parties’ symmetrical deal commitments, termination rights, and fiduciary outs illegal: “The one-year outside date does not strip the board of its managerial authority to decide if the [m]erger is best for stockholders[;] it defines how long the board must work to close the highly regulated [m]erger once stockholders approve it.” In reaching this conclusion, the court readily distinguished Omnicare and other precedents, finding that, before stockholders approved it, “[n]othing about the [m]erger was a fait accompli or a mathematical certainty,” and that “[n]othing prevented Comerica’s board from considering, negotiating, or pursuing alternative transactions” consistent with its fiduciary out.

Inequity Under Unocal

Next, the court similarly rejected HoldCo’s argument that the merger and accompanying deal protections constituted an unreasonable defensive response to HoldCo’s activism under Unocal. To assuage the “omnipresent specter” of a pending takeover bid “that a board may be acting primarily in its own interests, rather than those of the corporation and its shareholders,” Unocal asks whether a response is defensive and whether a defensive measure is preclusive, coercive, and within a range of reasonableness. None of these elements favored HoldCo.

First, the court doubted the merger’s defensiveness, finding HoldCo not only pushed for a sale of Comerica but also predicted Fifth Third was the likeliest partner. The court was also unconcerned by the fact that Comerica’s CEO secured a post-closing transitional role and three Comerica directors would join Fifth Third’s eleven-member board.

Second, the court concluded that HoldCo failed to show the deal protections were preclusive or coercive. Comerica’s fiduciary out left its board free to pursue alternative proposals, and the court found that the 4.7% termination fee was not unreasonable. Comerica stockholders also had a meaningful ability to vote down the merger without penalty: there was no voting agreement or naked-no-vote termination fee, and stockholders were free to consider the merger—including its termination fee, absence of a termination out, and one-year outside date—and take it or leave it.

Irreparable Harm and Balance of Equities

The court also found that the imminent, irreparable harm and balance of equities elements favored denying the TRO because HoldCo failed to raise a colorable claim that the deal protections chased away would-be topping bidders or otherwise deprived Comerica stockholders of a unique opportunity to obtain more value. The Court also concluded that the facts—including outreach by Comerica’s advisors and the highest bid from Fifth Third—did not support HoldCo’s claim of irreparable harm.

Against this backdrop, the court concluded that the balance of equities favored the defendants because the risk of enjoining the merger and depriving stockholders of a certain premium they chose to accept did not outweigh HoldCo’s speculation that stockholders might “benefit from the delay” of closing, which the court found had “no basis in logic or the record.”

Takeaways

This decision reinforces Delaware law and deal participant expectations that merger lockups are permissible where a fiduciary out permits a board to engage with an unsolicited proposal and change its recommendation, stockholders are informed, and the vote is not a fait accompli or mathematical certainty. Comerica’s defense was especially strong because the deal commitments, termination rights, and fiduciary outs were reciprocal and symmetrical.
The Court of Chancery upheld Delaware’s long tradition of recognizing that, in the absence of a rival topping bidder, “the real risk of irreparable harm [to merger parties and stockholders] is not from the consummation of the merger—it is from this [TRO] motion itself.”
This decision is a testament to the responsiveness, speed, and sophistication of the Delaware Court of Chancery, which decided an emergency TRO—and published its reasoning in a 20-page decision—seven days after the TRO’s submission and nine days before the merger’s anticipated closing.

The following Gibson Dunn lawyers participated in preparing this update: Colin Davis, Andrew Kaplan, Laura O’Boyle, Mark Mixon, and Russell Shapiro.

Gibson Dunn lawyers are available to assist in addressing any questions you may have regarding these developments. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any of the following leaders and members of the firm’s Mergers & Acquisitions, Private Equity, and Securities Litigation practice groups:

Mergers & Acquisitions:
Robert B. Little – Dallas (+1 214.698.3260, rlittle@gibsondunn.com)
Andrew Kaplan – New York (+1 212.351.4064, akaplan@gibsondunn.com)
Saee Muzumdar – New York (+1 212.351.3966, smuzumdar@gibsondunn.com)
George Sampas – New York (+1 212.351.6300, gsampas@gibsondunn.com)

Securities Litigation:
Colin B. Davis – Orange County (+1 949.451.3993, cdavis@gibsondunn.com)
Monica K. Loseman – Denver (+1 303.298.5784, mloseman@gibsondunn.com)
Brian M. Lutz – San Francisco (+1 415.393.8379, blutz@gibsondunn.com)
Jason J. Mendro – Washington, D.C. (+1 202.887.3726, jmendro@gibsondunn.com)
Mark H. Mixon, Jr. – New York (+1 212.351.2394, mmixon@gibsondunn.com)
Laura K. O’Boyle – New York (+1 212.351.2304, loboyle@gibsondunn.com)
Craig Varnen – Los Angeles (+1 213.229.7922, cvarnen@gibsondunn.com)

Beyond its objective of narrowing the gender pay gap, the Directive ushers in far-reaching pay transparency from the recruitment stage and through the entire employment relationship.

Adopted in May 2023, and coming into force in June 2026, European Directive 2023/970 (the “Directive”) imposes new rules that dictate how employers must prevent and address gender-based pay gaps across Europe. While the Directive does not explicitly specify whether it applies to non-EU companies or to foreign employees posted to the territory of a Member State, a combined reading of applicable EU directives strongly suggests that it will extend to non-EU employers with EU-based employees, including U.S. companies.

By seeking to strengthen equal pay for equal work through upfront transparency and strong enforcement, the Directive imposes key obligations on employers, including pay range disclosure in hiring, employee access to pay information, and reporting of pay gaps.

The anticipated cost, complexity, and social tensions associated with the implementation of this Directive explains why EU companies and other companies with EU-based employees are struggling to implement these rules, even though it will come into force in the coming year.

Beyond its objective of narrowing the gender pay gap, the Directive ushers in far-reaching pay transparency from the recruitment stage and through the entire employment relationship. The practical impacts will extend well beyond the sole prism of “gender equality” and will lead to major changes in terms of HR practices and compensation management. It will also profoundly change remuneration practices.

ENHANCED EMPLOYEE PAY INFORMATION RIGHTS

Starting June 2026, regardless of company headcount, employees in EU countries will gain an unprecedented right of access to pay information: employers with EU-based employees will be required to make easily accessible the criteria used to determine pay, the pay levels, and rules governing pay progression. Employees will also be able to request information on their individual pay level and on average pay levels, broken down by gender, for their category.

And these new rules cannot be hidden from employees. In fact, the Directive mandates EU-based employees will have to be reminded of this right annually, and this applies to employees fixed salary, as well as variable compensation. Although employees will gain access to valuable and confidential information regarding minimum salary scales or levels by job type, no confidentiality obligation may be imposed on employees to try to prevent the wider disclosure of this information within the company. At this stage, the Directive only provides that employers may require workers who have obtained information other than that relating to their own compensation not to use it for purposes other than exercising their right to equal pay.

The release of this data will inevitably fuel internal comparisons, heightening the risk of social tensions within the company. For example, in a survey of 600 companies in France conducted last June, more than half of the managers surveyed reported they would struggle to explain certain pay differences within their team and fear conflicts and a deterioration in the social climate[1]. And this is likely the case with many companies that will be affected by the Directive.

This new right to pay information will undoubtedly constrain managerial discretion in setting pay, bonuses, and individual increases, which in turn will potentially weaken traditional levers of engagement and motivation for employees.

And the Directive will also impose an additional challenge on employers: to implement this right to pay information, employers will have to define categories of employees performing the same work or work of equal value. However, the concept of “work of equal value” remains vague. The Directive merely suggests the factors to be considered for such an evaluation, such as “skills, effort, responsibilities, and working conditions“.

Employers with EU-based employees will therefore need to carry out an in-depth, but above all strategic, analysis and classification of jobs, likely requiring updates to job descriptions and internal classification grids. This will be a time-consuming exercise that should be anticipated and carried out in consultation with staff representatives. The use of external experts will also prove indispensable both to secure the process and to limit the risk of errors or litigation.

SANCTIONS FOR NON-COMPLIANCE?

Sanctions for violations of rules in the Directive remain to be determined by each national legislation but are foreseeable: administrative fines corresponding to a percentage of the total payroll and full compensation for damages (back pay, damages) seem likely as possible sanctions.

Litigation risks will be amplified by the fact that the Directive reverses the burden of proof: in the event of a violation by the employer, it will be up to the employer to prove that there was no discrimination or that the violation of its obligations was unintentional and minor.

HOW TO PREPARE FOR TRANSPOSITION AND IMPLEMENTATION?

For employers with EU-based employees, the practical horizon is now. With the Directive coming into force by June 2026, employers should already be thinking about and engaging in auditing their job architecture and pay-setting frameworks to ensure they are gender-neutral, mapping comparator groups across business units, and testing their ability to produce reliable pay data. HR teams should prepare to include pay ranges in external communications and adjust hiring practices to exclude salary history inquiries. As this may expose discrepancies between employees, work council dialogue will become even more important than it is today.

Separately, legal teams should review policies on confidentiality, the handling of equal pay claims, evidentiary recordkeeping, and corrective measures, ensuring that remedial actions are timely, documented, and capable of demonstrating that any disparities are objectively justified by legitimate, gender-neutral factors. A few large companies have already begun this crucial preparatory work, but others will need to tackle these important steps well ahead of the June 2026 date.

Gibson Dunn stands ready to support companies in securing compliance, assessing anticipated risks, and turning regulatory constraint into a lever for attractiveness and social performance.

[1] Association pour l’emploi des cadres (Apec) survey on salary transparency, 18 November 2025.

The following Gibson Dunn lawyers assisted in preparing this update: Nataline Fleury and Fadéla Kaïlech.

Gibson Dunn lawyers are available to assist in addressing any questions you may have regarding pay transparency laws. Please contact the Gibson Dunn lawyer with whom you usually work, the authors, or any leader or member of the firm’s Labor and Employment practice group in Paris:

Nataline Fleury (+33 1 56 43 13 00, nfleury@gibsondunn.com)

Fadéla Kailech (+33 1 56 43 13 00, fkailech@gibsondunn.com)