If your compliance programme has been built around the UK Bribery Act, that foundation will no longer be sufficient for clients with EU exposure. In April 2026, the EU adopted a new Anti‑Corruption Directive, marking a significant step towards a more uniform criminal law framework across Member States.
The EU approach follows a fundamentally different regulatory philosophy from the UK Bribery Act, which is widely regarded as a preventive, compliance driven “gold standard”. Whilst the UK Bribery Act sets a high bar for corporate compliance culture, the EU Directive reshapes the legal environment by establishing minimum rules on corruption offence types, imposing uniform corporate liability, and normalising turnover‑based sanctions across the EU. Its aim is to remedy fragmentation, enforcement gaps, and regulatory arbitrage within the EU’s internal market.
Key Offences
One of the most striking differences between the two systems lies in the scope of criminalised conduct.
The UK Bribery Act deliberately focuses on bribery alone. Its offences are tightly defined and conceptually coherent: active bribery, passive bribery, bribery of foreign public officials, and the corporate offence of failure to prevent bribery. This narrow scope facilitates legal certainty and concentrated enforcement but leaves other forms of corrupt conduct to separate legal regimes.
The EU Anti‑Corruption Directive, by contrast, adopts a broader conception of corruption, closely aligned with the United Nations Convention Against Corruption. In addition to bribery, it mandates criminalisation of misappropriation, obstruction of justice, unlawful exercise of public functions, concealment of corruption proceeds, and trading in influence. This expanded list significantly expands exposure outside classic bribery paradigms, particularly for companies operating in high interaction regulatory or public procurement environments.
The EU-Directive therefore reconceptualises corruption not merely as bribery, but as a spectrum of influence-based misconduct. For multinational companies, this represents a qualitative expansion of risk rather than simply stricter penalties.
Sanctions
The sanctions frameworks reveal further divergence between the two systems.
Under the UK Bribery Act, corporate fines are unlimited and determined judicially, allowing for contextualised sentencing but also introducing a degree of unpredictability. Enforcement relies heavily on prosecutorial discretion, negotiated settlements, and reputational consequences.
The EU-Directive introduces mandatory, robust penalties. Individuals convicted of corruption offences must face custodial sentences with statutory maximums of three to five years, depending on the offence. Legal persons may be subject to fines of either 3–5% of worldwide turnover, or 24–40 million€, whichever is higher or more appropriate under national law.
This aligns corruption sanctions with EU competition law and signals a deliberate escalation in financial deterrence. For large multinationals, this shift is profound. Corruption risk becomes comparable in scale to antitrust or sanctions exposure and moves decisively into the domain of board level risk oversight.
Corporate Liability and Compliance
The systems also differ in their approach to corporate liability. Under the UK Bribery Act, a company is strictly liable for bribery committed by associated persons unless it can prove it had “adequate procedures” in place to prevent the offence. Compliance is thus embedded as a core element of liability.
The EU Directive adopts a less prescriptive approach. While corporate liability is mandatory, the Directive does not require Member States to introduce a harmonised “failure to prevent” offence or a compliance based safe harbour. Compliance systems remain highly relevant in practice, but primarily as mitigating factors rather than formal legal defences.
Jurisdiction and Enforcement Dynamics
The UK Bribery Act is notable for its extensive extraterritorial reach, applying to UK persons and entities regardless of where the offence occurs, and to foreign companies carrying on business in the UK. It remains one of the most expansive national anti‑corruption statutes in jurisdictional terms.
The EU Directive, while less explicit in extraterritorial terms, compensates through enhanced mechanisms of cross‑border cooperation and coordination. By strengthening cooperation among national authorities and EU‑level bodies, it seeks to ensure that corruption offences spanning multiple Member States can be investigated and prosecuted effectively.
In formal legal terms, the Directive binds all 27 EU Member States, which must transpose its requirements into national law within 24 months after publication with certain preventive strategy obligations subject to a 36‑month implementation period. Only then do the rules apply directly to companies or individuals.
In practical terms, the Directive reaches any conduct occurring wholly or partly within EU territory as well as EU nationals and legal entities established in the EU. Corruption committed for the benefit of EU‑established companies, even where parts of the conduct occur abroad, also fall within the remit of the EU-Directive. Equally, the Directive has substantial derivative reach over non‑EU companies where they operate through EU subsidiaries, benefit from corruption affecting EU operations, or engage in conduct impacting EU public functions, procurement, or funds.
What This Means for Lawyers and Their Clients
UK‑style compliance systems remain the strongest foundation, but they are no longer sufficient on their own. In future, businesses must address broader offence risks, more aggressive financial sanctions, and more integrated enforcement across multiple EU jurisdictions.
The inclusion of trading in influence materially expands risk assessments. Lawyers advising on public affairs , government relations, mergers, and public‑sector contracting will need to revisit assumptions drawn from UK‑style bribery frameworks.
Also, the Directive’s turnover‑based fines reposition corruption risk alongside competition and sanctions law as a matter of board level concern. Legal advice will increasingly focus on governance, reporting lines, and risk escalation.
Finally, lawyers advising UK‑based or ‑compliant clients must emphasise that UK‑style compliance remains necessary but not sufficient within the EU. The absence of an EU‑wide “adequate procedures” defence means that even well‑designed compliance programmes do not guarantee immunity from prosecution, although they remain crucial in practice.
We will continue to monitor national implementation and enforcement trends. However, there are three things UK legal teams can do now:
- Map which client matters touch EU subsidiaries, EU procurement, or EU public functions;
- Update risk assessments to capture trading in influence and misappropriation, not just bribery;
- Brief boards that corruption sanctions now sit alongside competition and sanctions exposure in scale.
If you would like to explore what impact the new EU rules have on your firm and how we can assist you on tailored risk assessments and preparedness planning, please get in touch with Heike Loercher at heike.loercher@hooktangaza.com or brussels@hooktangaza.com
