Fraud, FCPA, sanctions and tech-enabled investigations are reshaping how companies prepare for compliance.

1. A Renewed Focus on White Collar Crime in the Digital Age

Despite occasional signals of respite, 2026 is shaping up to be a busy year for white collar enforcement. The U.S. Department of Justice (DOJ) has made clear that while the tactics may change, the mission remains: investigate and prosecute major corporate and individual misconduct—especially where technology, cross-border flows, and opacity create new risk.

The DOJ’s white collar enforcement plan, released mid-2025, highlights “high-impact areas” including bribery (under the Foreign Corrupt Practices Act or FCPA), sanctions and trade violations, program fraud, and digital assets. Covington & Burling+4Norton Rose Fulbright+4Mayer Brown

In its 2024 review, the DOJ’s Fraud Section recorded a 25 % uptick in the average value of fraud per individual charged, rising to approximately US $35 million. Recoveries topped US $2.3 billion, far higher than prior years. Reuters

Put simply: from bribery and corruption to digital-asset-enabled fraud, companies are facing more sophisticated investigations—and more aggressive consequences.

2. FCPA and Anti-Bribery: A New Strategic Focus

The FCPA has long been a staple of U.S. corporate enforcement—but the signal from the DOJ is that enforcement is not static; it is becoming strategically oriented. A June 2025 memo from Deputy Attorney General Todd Blanche laid out four non-exhaustive factors for deciding whether to proceed with an FCPA investigation:

• Links to cartels or transnational criminal organizations (TCOs)

• Harm to U.S. commercial interests (e.g., unfair advantage of foreign competitors)

• National-security implications (critical infrastructure, defense)

• The seriousness of the misconduct (not routine business courtesies) Alston & Bird+2Proskauer

A parallel memo encouraged U.S. companies to report misconduct by foreign competitors—signaling that the DOJ now sees some U.S. companies as victims of foreign-based bribery, not just potential defendants. White & Case

In practice, this means:

• Multinational companies must examine whether their foreign-based peers are engaging in unfair corrupt practices that impact U.S. operations.

• Non-U.S. companies with U.S. jurisdictions remain at risk—especially where U.S. competitive harm or national security themes appear.

• Entities tied to digital assets, supply-chain manipulations, or customs/sanctions violations now face increased attention.

Together, these developments mean that FCPA risk isn’t going away—it’s evolving. What once was a “foreign bribery” flag now connects to national security, trade distortion, and technology-enabled mischief.

3. Sanctions, Trade Fraud & Digital Assets: Enforcement’s Tech Turn

White collar enforcement in 2026 is characterized by cross-domain convergence. Traditional regulatory silos—bribery, procurement fraud, customs, sanctions—are blurring as technology enables new misconduct vectors.

For example:

• Sanctions evasion and trade-based money laundering (TBML) are now identified as core priorities in the DOJ’s 2025 enforcement plan, alongside procurement fraud and healthcare fraud. Covington & Burling

• Digital assets and blockchain flows get special mention: enforcement guidance now emphasises “willful violations that facilitate significant criminal activity” via digital platforms. Mayer Brown

• Cybercrime, data theft, and sophisticated fraud schemes powered by generative AI and deep fakes are being woven into white collar frameworks. (See research on GenAI’s role in financial crime: arXiv )

In short: the toolkit of the white collar investigator now includes AI-enabled surveillance, forensic accounting that spans global flows, and network analysis of digital tokens and supply-chain logs. Companies that built compliance programs for the pre-cloud, pre-AI era may find themselves inadequate for today’s interconnected, tech-intensive investigations.

4. Compliance Program Evolution: The Role of Self-Disclosure and Remediation

For companies pondering exposure, one consistent datum is that self-disclosure, cooperation, and remediation remain the best way to mitigate risk. The DOJ’s updated Corporate Enforcement and Voluntary Self-Disclosure Policy clarifies that entities who qualify “will” receive a declination (i.e., no prosecution) if they meet defined criteria. Norton Rose Fulbright
Similarly, a “near-miss” category now provides reduced-penalty options for companies that act swiftly, transparently, and remedially—even if they don’t fully meet voluntary disclosure criteria. Norton Rose Fulbright

Other practical shifts:

• The threshold for imposing independent corporate monitorships is being raised; the DOJ will assess cost and necessity before mandating one. ArentFox Schiff+1

• The expansion of whistleblower reward programs to include procurement fraud, sanctions violations, and digital asset misconduct means internal compliance teams must elevate whistleblower-channel readiness. Norton Rose Fulbright

Thus, companies are best advised to treat compliance not as an after-thought but as a strategic control: documenting systems, embedding monitoring, enabling internal reporting, and preparing for external investigation.

5. Technology, AI and Data: Investigations Go Digital

One of the most transformative trends in white collar enforcement is the use of advanced analytics, AI, and data platforms by regulators—and the corresponding need for companies to prepare accordingly.

Key dimensions include:

• Investigators use network analytics, machine-learning models, anomaly detection and AI-driven signature detection to spot complex fraud, money-laundering rings, and corrupt networks across jurisdictions. (See research on GenAI in financial crime: arXiv )

• Data volume and cross-border flows demand detailed logs, full audit trails, and forensic capability. Companies facing investigation must produce, among other things: chain of custody for digital evidence, internal access logs, cross-system mappings, and comprehensive data governance.

• AI-enabled tools are also being used in the monitoring and compliance side—for example using agentic AI to flag suspicious behaviour, enforce process controls, and support internal investigations (see paper on agentic AI for financial crime compliance: arXiv )

In effect: the era of “we’ll dump some spreadsheets if asked” is over. Today’s white collar investigations expect digital readiness. Lack of controls, opaque processes, or missing logs may shift from mere compliance risk to evidence of negligence.

6. Geographic & Sectoral Impacts: What Companies Should Focus On

While the enforcement themes are global, companies in certain geographies and industries face heightened risk.

Multinationals with U.S. nexus
Non-U.S. companies with U.S. operations—or that use U.S. banks or financial infrastructure—often fall under U.S. jurisdiction. The DOJ’s new FCPA guidance signals increased risk for foreign companies whose misconduct distorts U.S. markets or harms U.S. business interests. Mayer Brown

Industries under spotlight
Sectors with complex supply chains, heavy government contracting, or digital-asset exposure—such as aerospace & defense, energy, healthcare, technology, and financial services—are repeatedly referenced in enforcement memoranda. Covington & Burling

Emerging risk domains

• Customs/trade fraud and tariff evasion are explicitly called out as priorities. Covington & Burling

• Sanctions and export control violations, especially in the context of supply chains, dual-use tech, and state-actor networks, are high on the agenda.

• Digital assets and fintech: Companies in crypto, tokenization, and blockchain platforms must watch for anti-money-laundering (AML) and sanctions exposure. Global Investigations Review

7. The 2026 Enforcement Playbook: How Companies Should Prepare

Given the evolving terrain, companies can adopt a multi-layered approach to readiness:

1. Map and monitor high-risk activities

• Identify where bribery, procurement fraud, sanctions/trade risk, digital assets, and complex supply-chain flows intersect.

• Build a risk taxonomy that connects business units, regions, third-parties, and technology platforms.

2. Strengthen governance, controls, and data architecture

• Invest in data/lifecycle controls: full audit trails, whistleblower mechanisms, rapid internal escalation.

• Build monitoring and logging platforms that capture events across systems (ERP, CRM, trade systems, digital-asset platforms).

• Consider “data as evidence” readiness: your internal processes should anticipate potential investigation data requests.

3. Self-disclose proactively and remediate continuously

• The self-reporting incentives remain strong under the Corporate Enforcement Policy.

• Create an internal environment where misconduct can be reported and handled before external investigation begins.

• Document remediation action plans and monitor their implementation.

4. Leverage technology for compliance, not just investigation

• Use AI/analytics to detect anomalies, flag suspicious transactions, and monitor third-party networks.

• Ensure transparency and traceability of AI tools: how models are trained, who approved them, what flags triggers.

• Build cross-function collaboration between compliance, risk, operations, legal, and technology.

5. Stay agile to regulatory and geopolitical shifts

• Enforcement priorities may evolve quickly (e.g., national-security motif, digital-asset prism, trade focus).

• Maintain intelligence on regional developments: export controls, sanctions updates, national-security legislation, crypto regulation.

• Don’t treat compliance as static—it must adapt to technology change and regulatory evolution.

Closing Thoughts and Looking Forward

White collar enforcement in 2026 is not back to business as usual—it’s moving into a new phase altogether. The combination of advanced technologies, cross-border digital flows, generative AI, sanctions/trade regimes, and complex supply chains means that companies face greater exposure, greater speed of enforcement, and greater demand for compliance sophistication.

The good news: many enforcement themes are visible and predictable. The DOJ has published its enforcement priorities, and companies have a roadmap for preparation. The bad news: the capability gap between “we have a compliance program” and “we can demonstrate digital readiness for a global investigation” is widening.

For senior leaders—chief compliance officers, general counsel, chief risk officers, chief data officers—the message is clear: the question is no longer whether you might face an investigation, but when and how ready you will be. Companies that treat this as purely a legal cost risk will find themselves reacting to crises. Companies that treat it as a strategic discipline—integrating governance, technology, data, and risk—stand a better chance of turning compliance from a vulnerability into a competitive strength.

In the years ahead, the most resilient organizations will be those that know their data architecture, their third-party networks, and their digital asset exposures as well as they know their products and customers. Because when the investigators knock, they won’t just ask for papers—they’ll ask for logs, analytics, AI-audit trails, and proof of remediation.

Author: Serge Boudreaux – AI Hardware Technologies, Montreal, Quebec
Co-Editor: Peter Jonathan Wilcheck – Miami, Florida

white collar enforcement
FCPA compliance
corporate fraud investigations
sanctions violations risk
DOJ enforcement priorities
global anti-corruption laws
sanctions and trade compliance
digital assets financial crime
corporate self-disclosure policy
AI in regulatory investigations