Series

Blogs

A raised floor across the EU: What the new Anti-Corruption Directive means for business compliance

Article|

31 March 2026

Key features of the endorsed text

The text of the Directive, which follows extensive negotiations between the Parliament and the Council, introduces important clarifications and changes compared to the earlier positions of the European Parliament and the Council.

Harmonised offences

To create a level playing field, the Directive establishes common definitions for a broad range of criminal offences that Member States must transpose into their national laws. The offences that must be penalised, if committed intentionally, now include:

Bribery: Public-sector bribery covers two forms: active bribery, which involves promising, offering, or giving an undue advantage to a public official, and passive bribery, which involves the official requesting, receiving, or accepting such an advantage. For the purposes of the Directive, arbitrators (as defined therein) are treated as public officials. Private-sector bribery mirrors that active/passive structure in the course of business activity, tied to conduct by a person directing or working for a private-sector entity and acting “in breach of that person’s duties”. Importantly, the recitals add only limited colour to “undue advantage”: advantages can be tangible or intangible and pecuniary or non-pecuniary, and an advantage is not “undue” where permitted by law or administrative rules, or in the case of minimum or very low-value gifts. The term is otherwise left to national application, which should be closely monitored, especially since what is considered a “low value” gift can differ significantly from one country to another.
Misappropriation: Misappropriation is criminalised for public officials, but in a notable shift, private-sector misappropriation appears as an optional approach. Member States are encouraged to go further and criminalise private sector misappropriation and clarify that misappropriation does not require both damage and advantage.
Trading in influence: The offence covers both offering or giving an undue advantage to induce improper influence over a public official and requesting or receiving such an advantage to exert that influence. A significant clarification has been introduced: the offence should not cover the “legitimate exercise of acknowledged forms of interest or legal representation”, with the note that remuneration for representation can still constitute an “undue advantage” if the other elements of the offence are met, including violations of applicable rules.
Unlawful exercise of public functions: This new offence replaces the original, more contentious proposal of “abuse of functions”. It obliges Member States to criminalise at least certain serious breaches of law by a public official in the exercise of their duties.
Obstruction of justice: This criminalises actions like using threats or bribes to induce false testimony, interfere with evidence, or otherwise obstruct justice in proceedings related to the Directive’s other offences.
Enrichment from corruption offences and concealment: Enrichment from corruption offences criminalises a public official’s intentional possession or use of property that they know is derived from corruption committed by another public official. Concealment is a notable addition that emerged during negotiations. It criminalises disguising or concealing property knowing it derives from the listed offences. Critically, “property” expressly includes funds and assets of any kind, including crypto assets, whether tangible or intangible, and digital instruments evidencing title or interests.

Finally, following a significant push from the Parliament, the text addresses illegal political financing. However, this offence is not regulated by the Directive; instead, Member States are encouraged to consider appropriate action and potential criminalisation.

Liability and sanctions

For companies, the stakes are material. Legal persons must be capable of liability for specified offences committed for their benefit by persons in leading positions, or where a lack of supervision or control made the offence possible for their benefit. Maximum fines must reach at least 5% of total worldwide turnover for bribery and misappropriation offences, and at least 3% for trading in influence, obstruction of justice, and enrichment, with alternative fixed maxima of EUR 40 million and EUR 24 million respectively. Beyond fines, sanctions may include exclusion from public funding and tenders, disqualification from business activities, withdrawal of permits, contract annulment or rescission, judicial supervision, winding-up, and closure of establishments.

For individuals, the Directive sets minimum maximum imprisonment terms: at least five years for certain public-sector bribery offences; at least four years for misappropriation, enrichment, and concealment; and at least three years for private-sector bribery, trading in influence, and other specified offences. Additional measures include fines, removal or suspension from public office, disqualifications, tender exclusions, withdrawal of permits, and publication of judicial decisions where there is a public interest.

In addition, the Directive introduces aggravating and mitigating circumstances. Unless it constitutes a ground for exclusion of liability, the existence of a genuinely implemented and effective compliance programme (as opposed to mere “window-dressing”) may be regarded as a mitigating factor. “Rapidly and voluntarily” disclosing the offence to the competent authorities and adopting remedial measures may also constitute a mitigating factor. As regards aggravating circumstances, to the extent that the following circumstances do not already form part of the constituent elements of the criminal offences, Member States are required to treat the commission of an offence within the framework of a criminal organisation as an aggravating circumstance, whilst the obtaining of a substantial benefit or the causing of substantial damage, to the extent that they can be determined, are aggravating circumstances which Member States may implement in national law.

A reinforced enforcement framework

The Directive builds a robust enforcement architecture centred on national anti-corruption bodies or organisational units. Member States shall ensure bodies are in place for prevention, as well as for repression and investigation, and that they are equipped with adequate resources, specialised training, and operate without undue interference. To support investigations, the framework mandates the availability of effective and proportionate tools, including special measures used against organised crime, and specific powers to trace, identify, freeze, and confiscate the instrumentalities and proceeds of corruption offences. At cross-border level, enforcement is strengthened through the use of the SIENA network for information exchange, the collection of statistical data on the criminal offences, and facilitated cooperation between Member States and EU bodies like Eurojust and Europol. These measures are complemented by requirements for Member States to perform sectoral risk assessments, develop national strategies, and implement a range of preventive tools.

Practical impact: A changing risk landscape for businesses

For businesses, exposure is amplified by legal-person criminal liability, significant turnover-based fines, and procurement and public-funding consequences including tender exclusions. The broad definition of “public official” means that seemingly routine commercial relationships may carry bribery risk where they did not before. The explicit inclusion of crypto assets in the definition of “property” adds a further dimension for businesses operating in digital asset markets or using crypto in treasury management.

By harmonising offences and penalties, including for private-sector bribery, and pairing them with prevention, reporting and investigation measures, the Directive is designed to reduce cross-border enforcement friction and increase the likelihood of detection and sanction. The result is a raised floor across all 27 Member States.

However, the compliance-as-mitigation framework creates a direct incentive for robust, effective compliance programmes.

Next steps and how to prepare

The Directive will enter into force 20 days after publication in the Official Journal of the EU. Member States will generally have 24 months to transpose from the date of the adoption of the Directive, with a longer 36-month deadline for obligations tied to risk assessments and national strategies.

For companies, recommended readiness steps include, but are not limited to, the following:

Risk mapping and periodic risk assessments across all operations, business lines, third parties, procurement channels, and M&A targets
Codes of conduct and gifts and hospitality registers, reviewed against the Directive’s broad "undue advantage" concept.
Genuine compliance programmes, documented, resourced, tested, and independently assessed.
Third-party due diligence, onboarding, and ongoing monitoring, including agents, distributors, joint-venture partners, and public-sector counterparts.
Internal investigation and escalation protocols, including clear decision-making frameworks around voluntary disclosure and remediation.
Whistleblowing mechanisms that are confidential and protected from retaliation, aligned with the EU Whistleblower Directive.
Regular training and awareness, from the board to the front line, covering the Directive's expanded offence catalogue.
Internal controls and audit, with documented evidence of review and update cycles.
Conflicts of interest tracking and management policies, particularly for those interacting with public officials or public procurement processes.
Staying informed on national transposition developments across all operating jurisdictions, given the Directive’s minimum-harmonisation approach.

This Directive represents a fundamental shift in the EU’s approach to corruption and will likely lead to an increase in enforcement by Member States’ authorities. By taking adequate preparatory steps now, organisations can mitigate risks and build a resilient compliance framework fit for this new regulatory era.

A raised floor across the EU: What the new Anti-Corruption Directive means for business compliance

Share this:

Key features of the endorsed text

Harmonised offences

Liability and sanctions

A reinforced enforcement framework

Practical impact: A changing risk landscape for businesses

Next steps and how to prepare

Share this:

A raised floor across the EU: What the new Anti-Corruption Directive means for business compliance

Key features of the endorsed text

Harmonised offences

Liability and sanctions

A reinforced enforcement framework

Practical impact: A changing risk landscape for businesses

Next steps and how to prepare

A raised floor across the EU: What the new Anti-Corruption Directive means for business compliance

Share this:

Key features of the endorsed text

Harmonised offences

Liability and sanctions

A reinforced enforcement framework

Practical impact: A changing risk landscape for businesses

Next steps and how to prepare

​

Share this:

A raised floor across the EU: What the new Anti-Corruption Directive means for business compliance

​

Key features of the endorsed text

Harmonised offences

Liability and sanctions

A reinforced enforcement framework

Practical impact: A changing risk landscape for businesses

Next steps and how to prepare