The EU Anti-Corruption Directive Raises Compliance Standard for Businesses

On May 31, 2026, Directive (EU) 2026/1021 of the European Parliament and of the Council of April 29, 2026 on combatting corruption (the EU Anti-Corruption Directive) entered into force, marking a significant step towards establishing a stronger EU legislative framework for combatting corruption effectively, with more harmonized national enforcement standards throughout the EU Member States.

The EU Anti-Corruption Directive harmonizes corruption offenses across the EU, introduces a new standalone “trading in influence” offense, and raises the stakes for individuals and businesses alike through turnover-based penalties. Genuine compliance programs, cooperation with authorities, and voluntary disclosure are all expressly recognized as mitigating factors, giving businesses a real incentive to reduce their risk exposure before Member States pass their implementing legislation.

Background

Corruption remains a significant and costly challenge across the EU. Between 2016 and 2021, the total cost of corruption risk in public procurement across all sectors in the EU was estimated at €29.6 billion. More recently, in 2025, 69% of Europeans considered corruption to be widespread in their country, with 66% believing that high-level corruption cases are not pursued sufficiently.

In view of this, the Commission presented an Anti-Corruption Package in May 2023, including a proposal to combat corruption by criminal law. Negotiations were difficult, and a provisional agreement between the Commission, the Parliament, and the Council was not reached until December 2025. The European Parliament formally adopted the text in March 2026 by 581 votes to 21, with the Council giving its final approval on April 21, 2026.

The EU Anti-Corruption Directive forms a core part of that broader package, introducing harmonized criminal offenses, minimum standards for penalties, and a turnover-based sanctioning regime applicable across the public and private sectors. It consolidates and substantially replaces the existing EU anti-corruption framework, including the 1997 Convention on corruption involving EU officials and Council Framework Decision 2003/568/JHA on combating corruption in the private sector, which had proved too high-level and directional to keep pace with increasingly sophisticated cross-border corruption, resulting in significant divergence in enforcement standards across Member States. The EU Anti-Corruption Directive seeks to address this by establishing a single, harmonized framework of criminal offenses and penalties applicable across both the public and private sectors. It will be complemented by a forthcoming EU Anti-Corruption Strategy expected later in 2026, which is anticipated to set out the broader political and institutional framework within which the EU Anti-Corruption Directive will operate.

Scope

The EU Anti-Corruption Directive applies to any business in the public or private sector with operations, subsidiaries, or business activities within the EU, bringing companies that are headquartered in the UK and the U.S. within scope. The definition of a “public official” is broad, extending beyond formal officeholders to include any person exercising a public service function, including employees of privately owned companies that perform public services.

Transposition

Member States will be expected to transpose the new provisions into national law within 24 months, although obligations relating to risk assessment and national anti-corruption strategies will have a longer transposition period of up to 36 months. National implementing legislation will be carefully watched, as part of the purpose of this Directive is to harmonize the EU-wide approach to corruption.

Member States will retain their own investigatory bodies and competent authorities operating within their national legal systems. Each Member State also retains autonomy over how it structures its investigatory and prosecutorial functions. However, the EU Anti-Corruption Directive emphasizes cross-border cooperation designed to address one of the most significant weaknesses in the previous framework.

What Are the Key Offenses?

The EU Anti-Corruption Directive standardizes a set of criminal offenses across all Member States, applicable when the conduct was intentional and committed either directly or indirectly.

The key offenses are:

• Bribery in the public sector (Article 3)
  Active bribery, comprising a promise, offer, or giving of an undue advantage to a public official, either directly or indirectly through an intermediary, is criminalized. Passive bribery, comprising a request or receipt of an undue advantage by a public official, either directly or indirectly through an intermediary, is also criminalized. The definition of “undue advantage” is broad and can be tangible or intangible, pecuniary or non-pecuniary, although gifts of low value are excluded.
• Bribery in the private sector (Article 4)
  Active and passive bribery in the course of business is criminalized where a person directing or working for a private sector entity acts (or refrains from acting) in breach of their duties, in exchange for an undue advantage. A “breach of duty” covers, at a minimum, any behavior constituting a breach of a statutory duty, professional regulations, or instructions applicable within the entity.
• Trading in influence (Article 6)
  Perhaps the most significant new offense for businesses, and one with no direct equivalent in many existing national regimes, it criminalizes the promising, offering, or giving of an undue advantage, including through an intermediary, to exert improper influence over a public official, regardless of whether the influence was real, actually exerted, or effective in changing behavior. The request or receipt is also criminalized. While legitimate interest representation that does not result in an “undue advantage” is carved out, Member States will need to carefully consider the line between lawful lobbying and criminal conduct. Businesses that engage lobbyists, government affairs consultants, or former public officials to interact with regulators or public authorities on their behalf face a new compliance risk under this offense.

Other criminal offenses include misappropriation (Article 5), unlawful exercise of public functions (Article 7), obstruction of justice (Article 8), enrichment from corruption offenses (Article 9), and incitement, aiding and abetting, and attempt (Article 11).

Corporate Liability

The EU Anti-Corruption Directive imposes criminal liability on a legal person where an offense is committed for its benefit by a person in a “leading position” within the organization (Article 13). A “leading person” is broadly defined to include one or more of the following:

1. A power of representation of the legal person
2. An authority to take decisions on behalf of the legal person
3. An authority to exercise control within the legal person

While in practice this is likely to include directors, senior executives and other individuals at management level, the precise boundaries are likely to be the subject of further debate, particularly as the Member States transpose the EU Anti-Corruption Directive into national law.

Importantly, Article 13(2) imposes liability on a legal person where the lack of supervision or control made possible the criminal offense, where that offense was committed for the entity’s benefit. Liability incurred from failure to supervise has significant implications for how businesses structure their compliance frameworks, particularly in relation to junior employees, agents, and others acting on the company’s behalf.

Corporate liability under the EU Anti-Corruption Directive does not replace individual liability, and businesses should be prepared for the possibility of simultaneous investigations and prosecutions on both the corporate and individual levels.

Penalties and Sentencing

The EU Anti-Corruption Directive sets minimum standards for both custodial sentences and financial penalties, and introduces a turnover-based sanctioning regime for legal persons that raises the stakes for corporate non-compliance across the EU.

Member States must ensure that the offenses under the EU Anti-Corruption Directive are punishable by maximum terms of imprisonment of at least five years for public sector bribery and at least three years for private sector bribery (Article 12). These are minimum terms, and Member States may provide for higher maximum sentences under their national implementing legislation.

For legal persons, the EU Anti-Corruption Directive introduces two alternative bases for financial penalties. Member States must provide either for turnover-based fines of at least 5% of worldwide annual turnover for the core bribery offenses and misappropriation (and at least 3% for certain other offenses, including trading in influence, obstruction, and enrichment), or for fixed fines of at least €40 million and €24 million respectively (Article 14). Turnover-based fines can be significant for large multinationals, with 5% of worldwide annual turnover exceeding any fixed penalty and creating a clear incentive for businesses to revisit how they address regulatory risk.

Beyond financial penalties and imprisonment, the EU Anti-Corruption Directive provides for a range of additional sanctions and measures that can be imposed on individuals and legal persons, including disqualification from carrying on business activities, exclusion from access to public funding and tender procedures, and publication of the judicial decision. For businesses that depend on public sector contracts or EU funding, the reputational and commercial consequences should not be underestimated.

Aggravating and Mitigating Circumstances

The EU Anti-Corruption Directive specifies a number of aggravating and mitigating factors. For example, Member States may treat repeat offending, the obtaining of substantial benefit or causing of substantial damage, and the offender being an AML-obliged entity or a person in a leading position at one, as aggravating factors (Article 15). Voluntary disclosure and remedial action taken upon discovery, cooperation with competent authorities, and the legal person having implemented effective internal controls, ethics awareness, and compliance programs are all mitigating factors (Article 16). Compliance programs must be genuine and effective to qualify as a mitigating factor; they risk being treated as an aggravating one.

Practical Implications for Businesses

Businesses with EU operations should treat the EU Anti-Corruption Directive as a prompt to audit and strengthen their existing anti-bribery and corruption frameworks to ensure they are capable of withstanding scrutiny. Compliance programs must be genuinely effective since their presence is a formal mitigating factor at sentencing, whereas superficial or “window dressing” programs risk being treated as aggravating ones.

Particular attention should be given to the trading-in-influence offense, which is novel in many jurisdictions and has direct implications for how businesses select, due diligence, and instruct lobbyists, government affairs consultants, and other intermediaries who interact with public officials on their behalf.

Businesses should also map which individuals across their management structures and group entities fall within the “leading position” corporate liability trigger, and ensure that compliance oversight and escalation mechanisms operate effectively across all entities. Whistleblowing channels should be reviewed to ensure corruption offenses are explicitly covered.

The consequences of a successful prosecution are substantial and sit within a broader trend of increasingly aggressive enforcement across the EU. Regulators not only have greater ability and clearer mandates to pursue cases that would have previously fallen into jurisdictional gaps, but a combination of expanded offenses, wide jurisdictional reach, and penalties means businesses cannot treat anti-corruption compliance as a formality.

* Sophia Kim contributed to this Advisory. Sophia is employed as a Trainee Solicitor in Arnold & Porter’s London office.

© Arnold & Porter Kaye Scholer LLP 2026 All Rights Reserved. This Advisory is intended to be a general summary of the law and does not constitute legal advice. You should consult with counsel to determine applicable legal requirements in a specific fact situation.