In the past 18 months, three developments have redrawn the U.S. control landscape:
Paradoxically, dedicated FCPA resources have been cut in 2025, signalling that companies must self-police more aggressively even as formal enforcement wanes. reuters.com
Strategic Priorities for U.S. Boards & CAEs
|
Priority |
What “good” looks like in 2025 |
Practical levers |
|
1. Embed anti-corruption into ESG governance |
Integrate bribery-and-fraud risk into the enterprise-level risk appetite statement and the ESG scorecard reported to investors. |
Map COSO’s new Sustainability Reporting guidance to your existing SOX control matrix so that anti-corruption, ESG and climate data share control owners and testing cycles. ey.comauditboard.com |
|
2. Real-time compliance analytics |
Continuous monitoring flags outlier payments, override journals, and vendor changes within 24 hours. |
Deploy AI-enabled anomaly detection fed from ERP + payment platforms; script automatic “pause-and-review” workflows for suspicious wires > $25k. |
|
3. Beneficial-ownership & third-party assurance |
Central repository reconciles FinCEN filings, sanctions lists and vendor master data. |
Perform quarterly entity validation; require automated “kill switch” to suspend vendors lacking BOI confirmation. |
|
4. Independent internal audit (IA) over culture & data |
IA’s plan dedicates ≥ 20 % of hours to data governance and culture audits (speak-up, retaliation, incentives). |
Align IA charter with DOJ ECCP questions; use employee sentiment analytics and whistle-blower statistics as audit evidence. |
|
5. Agile disclosure committee |
Pre-mortal drills for climate, cyber or corruption events determine whether to file an 8-K vs. voluntary disclosure. |
Maintain a “red-team” calendar aligned with SEC, DOJ and FinCEN reporting clocks. |
Take-away – The U.S. environment is squeezing companies from two sides: higher disclosure diligence but lower official anti-bribery staffing. The winners will be issuers that treat internal control as a competitive ESG asset, not a compliance-only cost centre.
