Corruption Crime & Compliance

The Commerce Department’s Bureau of Industry and Security (BIS) has sent an unmistakable message to the semiconductor industry: creative interpretations of the Export Administration Regulations (EAR) will not shield companies from significant enforcement risk.BIS imposed a $252 million penalty against Applied Materials — the second-largest fine in the agency’s history — for illegally exporting semiconductor manufacturing equipment to China’s Semiconductor Manufacturing International Corp. (SMIC), an Entity List company since 2020. The size of the penalty alone warrants attention. But the facts and legal analysis underlying the case provide even more important compliance lessons.

Episode 395 of Corruption, Crime and Compliance features an in-depth conversation with Bob Lemmond, the new CEO of LRN, on the evolving role of ethics and compliance in today’s risk environment. In this episode, Bob discusses how organizations can move beyond “check-the-box” compliance to embed a culture of integrity that drives performance, mitigates misconduct risk, and strengthens stakeholder trust. He shares his perspective on the growing complexity of global regulatory expectations, the importance of leadership tone and middle-management engagement, the integration of technology and data analytics into compliance programs, and the measurable business value of ethical culture. The discussion offers practical insights for compliance officers, boards, and senior executives navigating enforcement uncertainty while maintaining high standards of corporate accountability.

FCPA enforcement in 2025 was defined by what did not happen as much as what did. Compared to prior years, the number of publicly announced cases declined sharply, corporate resolutions were fewer, and the overall enforcement posture appeared more restrained. This slowdown, however, reflects a policy recalibration—not a dismantling—of the FCPA enforcement regime.Early in the year, DOJ paused FCPA enforcement activity while it reviewed policy priorities. That pause, followed by the issuance of revised enforcement guidance mid-year, produced a measurable decline in announced actions. Several investigations slowed, at least one long-running prosecution was dismissed, and the SEC brought no new FCPA cases during the year.DOJ’s revised guidance emphasized selectivity, signaling that enforcement would focus on higher-impact cases—large bribe payments, clear evidence of corrupt intent, sophisticated concealment, and conduct implicating U.S. national security or competitiveness. Lower-value cases and routine “business courtesy” fact patterns were explicitly deprioritized.The public numbers reflect that shift. 2025 was one of the lightest FCPA enforcement years in more than a decade. DOJ announced only a small handful of corporate outcomes, while continuing to emphasize voluntary self-disclosure and cooperation through declinations and deferred prosecution agreements.

Earlier this year, the Securities and Exchange Commission (SEC) charged Archer-Daniels-Midland Company (ADM) and three of its former executives with accounting and disclosure fraud, in what has become one of the most significant financial reporting enforcement actions of 2026. The case underscores a fundamental compliance truth: strong internal controls and transparent disclosures are not optional — they are core risk mitigants that protect investors, markets, and corporate reputations.At its core, the ADM matter highlights how breakdowns in accounting controls and disclosure practices — even when aimed at projecting performance — can quickly spiral into regulatory enforcement, civil penalties, and individual liability.On January 27, 2026, the SEC announced a settlement against ADM, as well as actions against two former executives, and a litigated complaint against a third. The SEC found that ADM materially overstated the performance of its nutrition business segment by recording intersegment transactions on terms that did not approximate market, thereby misleading investors about the segment’s profitability and growth.According to the order, executives directed “adjustments” to nutrition’s results — including retroactive rebates and price changes not available to third parties — to hit targeted profit levels and mask underperformance in key fiscal years. These adjustments were inconsistent with ADM’s internal policies and its public representations, creating materially false and misleading financial statements for multiple annual and quarterly reporting periods.ADM settled the matter and agreed to pay a $40 million civil penalty. Two former executives agreed to pay civil penalties and disgorgement, and one agreed to an officer and director bar. Meanwhile, the SEC is pursuing litigation against a third executive for fraud-based claims.Regulators do not view financial reporting risk as an isolated technical issue. The SEC’s enforcement approach in this case reflects several core priorities that every compliance leader should internalize.

Conflicts of interest are not abstract compliance niceties. They are serious risks to integrity that, if left unidentified or unmitigated, can erode employee trust, compromise decision-making, and expose organizations to regulatory enforcement, litigation, and reputational harm. Recent high-profile scandals involving relationships between supervisors and subordinates have underscored how personal conflicts can quickly morph into enterprise-wide compliance failures when controls, oversight, and ethical culture are weak.A conflict of interest program, when thoughtfully designed and actively managed, is far more than a static policy on a shelf. It is a risk identification and mitigation engine that anticipates where incentives might diverge from organizational interests, assesses control effectiveness, and embeds ethical decision-making into everyday business processes.Conflicts of interest arise wherever personal interests have the potential to interfere — or appear to interfere — with the objective performance of professional duties. Classic examples include financial interests in third parties, personal relationships that influence work decisions, and outside employment that competes with an employer’s interests.

The Justice Department has increased False Claims Act prosecutions, reflecting a continued focus on healthcare fraud and a new initiative on trade fraud. DOJ announced the largest annual recovery figure in the FCA's history -- $6.8 billion in settlements and recoveries.  FCA whistleblowers filed a record number of new cases -- 1,297 lawsuits and the government initiated 401 investigations. Since 1986, DOJ has recovered a total in excess of $85 billion. DOJ is taking full advantage of the power provisions of the FCA that include treble damages, broad liability coverage, and favorable amendments adopted to increase government leverage. Health care fraud remained the primary source of FCA settlements. Approximately $5.7 billion of the total $6.8 billion related to actions against healthcare companies. Notably, DOJ continued and expanded its success in three major areas: Managed Care, Prescription Drugs, and Medically Unnecessary Care.

From my perspective, hopefully a reasonable one, there is a little too much AI-Risk Hype. Not to belittle the experts or ignore potential risk concerns but this is getting a little carried away.  The compliance industry appears to be taken over by AI-this and AI-that. Third party risk bleeds into major AI risks, corporate governance needs to incorporate AI risks, and policies and procedures have to incorporate AI risks, while of course no risk assessment is worth its sale unless there is a discussion of dramatic AI risks. My first response is whoa -- let's all take a deep breath. The best self-help tactic when experiencing anxiety is to take a deep breath, a proven remedy. The AI discussion is veering off into a racing brain phenomena where the compliance profession is sprinting to keep up with the newest hypothetical risk. So let's take a calm and deliberate review of some of the key issues.

The most significant compliance and enforcement issue remains trade enforcement -- sanctions and export controls. In the second posting, I want to focus on the new and interesting development in this area: the use of the False Claims Act to capture violations of tariffs and customs duties. With all the hype on the trade compliance front, when you calculate the numbers relating to criminal enforcement, 2025 was a slower year than 2024. That is understandable since there is always a hiccup or delay when a new Administration takes power.  From the administrative standpoint, however, OFAC and Commerce's Bureau of industry and Security ("BIS") posted increased in 2025 over 2024. For OFAC, 2024 was a relatively slow year, and 2025 showed an uptick in numbers of cases. Notwithstanding these increases, OFAC brought big cases involving Russian oligarchs. For the year, OFAC brought 14 cases and recovered over $265 million in penalties. What was missing, however, was OFAC's steady enforcement against a variety of industries -- the spread of OFAC cases was fairly limited. From the numbers, for 2025, DOJ indicted, took guilty pleas or participated in sentencing proceedings in a total of forty-one (41) cases. For 26 of these cases, the illegal exports were intended to customers in Russia (16) and China (10); after that, Iran was involved in 5 cases, and Haiti was involved in 4, and Venezuela and North Korea had only 2 cases respectively. In this Episode, Michael Volkov reviews overall trade enforcement activities for 2025.

Scott Greytak, Transparency International, and Nate Sibley, Hudson Institute, join Michael Volkov for a review of anti-corruption issues and a look forward to the next year.

Tom Fox joins Michael Volkov to discuss ethics and compliance issues for the year 2025. Tom and Mike focus on the importance of ethics, conflict of interest, trade compliance, organizational justice and other issues.This is Part 2 of a 2-Part Episode.

Tom Fox joins Michael Volkov to discuss ethics and compliance issues for the year 2025. Tom and Mike focus on the importance of ethics, conflict of interest, trade compliance, organizational justice and other issues.This is Part 1 of a 2-Part episode.

What do you do when the headlines shift faster than your risk matrix can keep up? In this episode, Michael Volkov dives into the challenge of adapting compliance programs in the face of volatile and fast-changing global risks—from tariffs and trade controls to supply chain disruptions and third-party exposures. While the pressure to react is constant, the real key is staying anchored in your company’s values while making smart, timely adjustments.Legal and compliance officers are used to adjustments and continuous improvement of their compliance programs. Building and maintaining an effective ethics and compliance program never ends — it is a continuous process. In a climate of rapid change, the strategies may feel familiar, but the risks themselves are taking new shape. To that end, Michael outlines five specific strategies for evolving your compliance program without losing your footing.You'll hear him discuss:Why culture isn't just a buzzword—it's the first and most critical line of defense in volatile timesHow to run a quick-turn, focused risk assessment to identify new hotspots like sanctions, tariffs, and supply chain gapsThe rising danger of indirect exposure to foreign terrorist organizations and cartels through third partiesWhat companies need to know about tariff classification, scope, and enforcement to avoid legal and economic penaltiesWhy sanctions and export controls enforcement is heating up—and what that means for your global operationsHow to recalibrate third-party risk management to account for trade-based threats and hidden ownership structuresResourcesMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

With the beginning of the “New FCPA” era coined by DOJ’s Deputy Attorney General Lisa Monaco, we now need to focus on third-party risk and sanctions enforcement. The law, the practice, and the risks are important and not just the same as FCPA legal requirements. As we embark on a new criminal enforcement era surrounding sanctions violations, companies have to address this issue and do it correctly. In this episode, Michael Volkov takes a comprehensive look at third-party risks from the distribution and supply sides and outlines appropriate strategies to manage these risks.Epsilon Electronics serves as a stark reminder of the financial consequences of non-compliance. The company faced an OFAC enforcement action due to a shipment to Iran, resulting in a staggering penalty of over $4 million.Apollo Aviation Group settled with OFAC for $210,600 for leasing aircraft engines which ultimately ended up being placed in to aircraft of a prohibited entity, Sudan Airways, violating sanctions regulations.ELF Cosmetics settled with OFAC for $996,000 for importing false eyelash kits containing materials sourced from North Korea, highlighting supply chain due diligence failures.The ELF Cosmetics case underscores the crucial role of supply chain due diligence in preventing sanctions violations. Instead of sticking their heads in the sand, companies must undertake basic supply chain due diligence when sourcing products from regions close to high-risk countries or regions.“Reason to know” is now the key phrase guiding the New FCPA era. OFAC does not need to prove goods ultimately end up in a sanctioned country. When you see red flags, you must resolve them or they could be considered a “reason to know” in OFAC’s eyes.Seven essential elements to boost your compliance program and effectively mitigate third-party sanctions risks include risk assessment, varying levels of due diligence, end-user documentation, monitoring, training, and red flag identification.ResourcesMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

Is the DOJ really changing its playbook on FCPA enforcement, or is it business as usual under a new administration? In this episode, Michael digs into two headline developments that say a lot about where things are headed - the first FCPA declination under the Trump Administration and the first indictment. Both shed light on how DOJ is applying its policies in practice, what companies should expect, and why individuals are squarely in the crosshairs. Taken together, these cases remind listeners that while priorities may shift, the fundamentals of disclosure, cooperation, and accountability remain very much alive.You’ll hear him discuss:Why Liberty Mutual’s $4.7 million disgorgement shows DOJ is sticking closely to its Corporate Enforcement PolicyHow voluntary disclosure and cooperation continue to all but guarantee a declinationThe details behind Liberty Mutual’s misconduct in India and the factors DOJ weighed in its decisionWhat the Pemex indictment tells us about DOJ’s push to hold individuals accountableThe role of disgorgement in DOJ resolutions and whether the policy might be applied with more flexibility going forwardHow luxury goods and personal perks were used in the Pemex scheme and why DOJ zeroed in on those detailsWhat these developments signal for companies trying to strengthen compliance programs in a shifting enforcement landscapeResourcesMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

AI promises efficiency, innovation, and new opportunities - but are companies moving too fast in the rush to adopt it? The risks are very real, from false content to flawed decision-making, and the global regulatory patchwork is only getting more complex. The challenge now is building governance and compliance frameworks that keep pace without stifling progress.In this episode of Corruption, Crime, and Compliance, Michael Volkov explains why an AI compliance program is essential to corporate governance today.You’ll hear him discuss:Why companies need to start with a clear use case and weigh benefits against potential legal and compliance risks before rolling out AIThe evolving patchwork of regulations, including the FTC, state-level laws in the US, and the EU’s AI ActHow sector-specific rules in healthcare, financial services, and defense add new layers of complexityThe two biggest risks: AI-generated false content that can cause liability and reputational harm, and decision-making systems that create unfair or discriminatory resultsWhat strong AI governance looks like, from board oversight and compliance officers to clear policies and cross-functional committeesThe role of training, documentation, and incident reporting in ensuring responsible, transparent AI useWhy embedding responsible AI into company values and employee performance reviews helps build a culture of accountabilityResourcesMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

What happens when a company tries to outsmart the system - and gets caught red-handed by the DOJ in a $140 million export control scheme tied to Chinese military supercomputers?In this episode, Michael dives into the DOJ’s criminal enforcement action against Cadence Design Systems - a case that marks yet another major step in the DOJ’s rapidly unfolding trade enforcement strategy. We’re no longer in the FCPA era. This is a whole new ballgame, where national security and trade compliance have collided, and companies that haven’t adjusted are already behind.You’ll hear him discuss:Why Cadence’s plea deal - not a DPA or NPA - is such a big dealHow the DOJ and BIS coordinated to secure over $140 million in criminal and civil penaltiesThe simple, sloppy scheme that involved fake names, hidden aliases, and blatant attempts to skirt export controlsWhy partial cooperation didn’t earn Cadence a full credit reduction - and what they failed to doThe shocking compliance gap: only one export control officer handling global riskWhat this case signals about the DOJ’s growing focus on national security and semiconductor enforcementWhy ethics, due diligence, and transaction monitoring are still your best defenseHow companies can avoid getting blindsided by embracing the new trade enforcement landscapeResourcesMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

Is your internal reporting program keeping up or falling behind the curve? With over 2.15 million reports analyzed from nearly 70 million employees worldwide, NAVEX's 2025 Regional Whistleblowing & Incident Management Benchmark Report offers a goldmine of insight into how companies are (and aren’t) managing employee concerns. In this episode, Michael Volkov breaks down the key findings, regional trends, and what they really mean for compliance officers trying to build a stronger speak-up culture. NAVEX dominates the hotline market, and its annual benchmark report gives compliance professionals an unparalleled look at reporting behaviors across the globe. From rising retaliation concerns to surprising substantiation rates, the numbers speak volumes.You’ll hear him discuss:Why Europe’s sharp spike in reporting rates is likely tied to the EU Whistleblower DirectiveHow North American companies resolve reports faster and what that says about handling HR-driven complaintsWhy anonymous reporting is much higher in APAC, Europe, and South America and what it might reveal about employee trustHow retaliation claims are being substantiated at drastically different rates depending on geography and legal frameworksWhat’s behind the higher substantiation rates at privately owned companies compared to public onesHow reporting channel preferences are shifting and why phone-based hotlines may be on the way outWhat “time to report” stats reveal about fear, hesitation, and the need for cultural change in the workplaceResourcesMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

A competitor could trigger a federal investigation against your company, just by filing a whistleblower complaint about your imports. In this episode, Michael Volkov explores how the Trump Administration is reshaping the enforcement landscape by linking trade compliance and the False Claims Act (FCA) in unprecedented ways. With “trade and customs fraud, including tariff evasion” now a DOJ national priority, companies engaged in international trade face growing legal and reputational risks. A recent Ninth Circuit ruling has only intensified the stakes.You’ll hear him discuss:Why DOJ is combining trade enforcement and FCA cases, and what that means for companies that import goods into the U.S.How “reverse false claims” work in the trade context, and why import misclassification, undervaluation, or incorrect country-of-origin declarations are now high-risk areas.Recent high-dollar settlements - including $45 million in one case - where companies paid the price for customs fraud violations.The significance of the Ninth Circuit’s decision in Island Industries v. Sigma Corp., which confirmed DOJ’s ability to pursue customs fraud claims under the FCA in federal court.How whistleblowers, including competitors, are using FCA claims as a strategic tool in the marketplace, leading to sealed complaints and increased litigation.What companies should be doing now to evaluate and reinforce their trade compliance programs, from reviewing documentation and broker relationships to training and internal reporting.Why ignoring tariff and duty obligations - or failing to investigate them thoroughly - could be seen as deliberate indifference, exposing companies to both civil and criminal liability.ResourcesMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

What happens when companies ignore red flags, bypass legal advice, and underestimate the reach of U.S. export laws? In this episode, Michael Volkov unpacks two major enforcement actions from the Department of Commerce’s Bureau of Industry and Security (BIS) and the Treasury Department’s Office of Foreign Assets Control (OFAC). These cases serve as cautionary tales for companies navigating complex trade and sanctions landscapes, highlighting the steep costs of compliance failures, even when violations aren't willful.You’ll hear him discuss:BIS’s $4.25 million penalty against Alpha and Omega Semiconductor (AOS) for 15 violations of the Export Administration Regulations (EAR), including unauthorized shipments to HuaweiHow AOS disregarded legal advice and internal compliance warnings while continuing to export EAR99 items from the U.S. to an Entity List companyThe significance of BIS’s finding that even non-willful violations will trigger serious enforcement consequencesOFAC’s $608,825 settlement with Key Holding LLC over Cuban sanctions violations linked to its Colombian subsidiary, Key ColombiaHow a failure to implement sanctions compliance after acquiring a foreign affiliate exposed Key Holding to U.S. jurisdiction - and liabilityThe importance of post-acquisition compliance integration and automated screening in mitigating enforcement riskWhy these cases mark a return to traditional administrative enforcement priorities and serve as stark reminders of jurisdictional reachResourcesMichael Volkov on LinkedIn | TwitterThe Volkov Law Group

Could your supply chain be funding cartels without you realizing it? In today’s complex global economy, companies are grappling with a dual challenge - the urgent need to unravel their supply chains and the immediate recalibration of due diligence systems to detect links to cartel and transnational criminal organizations (TCOs). With the Department of Justice sharpening its focus on both direct prosecutions and financial facilitators, global companies must prepare for heightened scrutiny. Michael breaks down the mounting risks, enforcement priorities, and practical steps companies must take to protect themselves from becoming unwitting participants in criminal operations.You’ll hear him discuss:How DOJ’s new two-pronged enforcement strategy is bringing corporate facilitators of cartels and TCOs into the crosshairsWhy traditional due diligence no longer goes far enough, especially with "Nth Party" risks buried deep in supply chainsHow cartels and TCOs exploit legitimate businesses in sectors like logistics, agriculture, mining, and constructionThe importance of identifying beneficial ownership and tracing complex corporate structures across jurisdictionsRed flags to watch for, from nominee arrangements and shell companies to unexplained wealth and layered financial flowsHow cartels are adapting with fake websites, fake bios, and cryptocurrency to mask illicit activitiesWhat companies must do to modernize their compliance systems with open-source tools and workflow automationWhy trade-based money laundering, remittance services, and decentralized platforms are growing areas of concernResourcesMichael Volkov on LinkedIn | TwitterThe Volkov Law Group