European Union’s landmark anti-corruption directive sets unified rules on offences and sanctions

Harmonised definitions of corruption offences

The Anti-Corruption Directive provides for harmonized definitions of a broad range of criminal offences that Member States must transpose into their national laws, including the following.

• Bribery in the public sector: The Anti-Corruption Directive reflects the traditional distinction between public active corruption, which consists in the promising, offering or giving an undue advantage to a public official with the intention of influencing the performance of their duties, and public passive corruption, in which it is the public official who demands or receives an undue advantage in exchange for performing (or refraining from performing) an act in exercise of their official functions. What constitutes a “public official” is very broad and applies to all individuals performing a public service function not only within the European Union or a Member State, but even within a “third country” (i.e. a non-EU country) and including in state-owned or state-controlled entities, as well as in asset-management foundations and privately owned companies performing public service functions.
• Bribery in the private sector: The Anti-Corruption Directive also mirrors the distinction between active and passive corruption in the private sector. Private active corruption consists of promising, offering or giving an undue advantage to a person who performs managerial or working functions for a private sector entity, with the intention of inducing that person to act, or refrain from acting, resulting in a breach of their professional duties. On the other hand, private passive corruption, occurs when such a person requests, receives or accepts the promise of an undue advantage in exchange for performing (or omitting) an act, resulting in a breach of their duties.
• Trading in illicit influence: An offence committed when a person intentionally offers, promises or gives an undue advantage to someone in order for that person to exert improper influence over the actions or omissions of a public official in the exercise of their functions, with the aim of obtaining an undue benefit from that official. It also covers the reverse situation, where a person solicits, receives or accepts an undue advantage (or the offer or promise of such an advantage_ in exchange for exerting improper influence over a public official’s decision-making. This offence applies irrespective of whether the influence is real or merely presumed, whether it is actually exercised or not, and whether it succeeds in producing the intended outcome or not.
• Unlawful exercise of public functions: An offence encompassing serious violations of the law committed by a public official through an action or omission in the exercise of their duties. This offence captures situations in which an official deliberately misuses powers conferred upon them in a manner that results in a serious breach of legal obligations, irrespective of whether any direct exchange of money or other undue advantage occurs.
• Misappropriation: Defined as the intentional commitment, disbursement, misappropriation or use, by a public official (or, in the context of economic, financial or business activities, by a person performing managerial or operational functions within a private‑sector entity), of property entrusted to them for management, for purposes other than those for which it was intended, where such conduct is carried out for the benefit of that public official or of another person or entity, or results in damage to the financial interests of the public or private entity concerned.

Corporate liability standard

Companies can be held liable when offences are committed for their benefit by individuals who hold a leading position within the legal entity, acting individually or as part of a corporate body, where any such person has:

• Power of representation of the legal person
• Authority to take decisions on behalf of the legal person; or
• Authority to exercise control within the legal person

Thus, liability can be the result of a mere lack of supervision or control by a leading person (e.g. senior executives), where any such failure has enabled the commission of the offence, for the benefit of the entity, by a person (e.g., an employee) acting under its authority.

In this context, the Anti-Corruption Directive clarifies that offences giving rise to corporate liability include all corruption related crimes, while excluding the offence of unlawful exercise of public functions under Article 7.

Importantly, corporate liability under the Anti-Corruption Directive does not replace or exclude individual criminal responsibility. Both coexist and may be pursued in parallel.

Sanctioning framework for legal entities: The turnover-based model

The Anti-Corruption Directive requires that for some serious offences (public and private corruption and misappropriation), fines must not be set below 5% of the entity’s global turnover in the financial year preceding the offence or the decision imposing the fine or, alternatively, a fixed amount of €40 million, while for other offences (trading in influence, obstruction of justice and enrichment through corruption) fines must reach at least 3% of the company’s global turnover or a fixed amount of €24 million.

These monetary sanctions may be accompanied by a broad range of additional measures, including:

• Exclusion from public aid and funding
• Exclusion from tenders, grants, concessions and licenses
• Temporary or permanent business bans
• Withdrawal of permits and authorisations
• Termination of the contract under which the offence occurred
• Judicial supervision
• Compulsory liquidation
• Closure of premises used to commit the offence
• Publication of the judicial decision (subject to privacy safeguards)

For companies operating in regulated sectors or dependent on public procurement, a conviction may have far-reaching consequences, potentially affecting their ability to continue operating.

This represents a structural shift from the traditional quota-based model towards the consolidation of turnover-based sanctions, consistent with the European Union’s sanctioning criteria set under the GDPR or the Directive (EU) 2024/1226 for the criminalization of violations of EU restrictive measures, which we discussed in our previous alert).

Jurisdiction and extraterritorial application

Article 18 of the Anti-Corruption Directive significantly expands jurisdictional reach beyond traditional territorial and nationality principles (i.e., territorial jurisdiction and jurisdiction based on the offender’s nationality, the so-called active personality principle), enabling Member States to assert jurisdiction over offences committed abroad where a sufficient nexus exists with their territory, including through the offender’s habitual residence, the victim’s nationality (and habitual residency) or,most notably, the benefit gained by legal entities established or operating within their jurisdiction.

The Anti-Corruption Directive also addresses conflicts of jurisdiction, requiring Member States to cooperate in determining the most appropriate forum for prosecution, with the possibility of referring disputes to European Union Agency for Criminal Justice Cooperation (Eurojust).

Limitation periods

The Anti-Corruption Directive also introduces minimum limitation periods designed to ensure the effective enforcement of corruption offences, in light of their inherently complex and often covert nature. As mentioned in the Anti-Corruption Directive, corruption offences are difficult to detect, investigate and prove, often involving cross-border elements and sophisticated concealment mechanisms and “[t]he longer it takes to detect a corruption offence, the more difficult it is to uncover evidence.”

Against this backdrop, Member States are required to provide for sufficiently long limitation periods both for the prosecution phase (at least eight or five years, depending on the offence) and for the enforcement of final convictions (up to at least ten years). By setting minimum thresholds, the Anti-Corruption Directive seeks to ensure that authorities have adequate time to uncover evidence, conduct complex investigations and ultimately secure and enforce convictions.

Whistleblowers’ protection

The Anti-Corruption Directive places significant emphasis on the role of whistleblowers as a key enforcement mechanism in the fight against corruption. Due to the difficulty in detecting corruption through traditional investigative means, individuals operating within organizations are frequently the primary source of relevant information.

In this context, the Anti-Corruption Directive confirms the applicability of the so-called “Whistleblowing Directive” to reports concerning corruption offences falling within its scope, thereby ensuring, namely,  access to confidential reporting channels and protection against retaliation.

The Anti-Corruption Directive requires Member States to put in place appropriate measures to ensure that anyone that reports offences, provides evidence or otherwise cooperates with the relevant authorities is granted effective protection, as well as access to support and assistance, in accordance with national law.

From a practical standpoint, this reinforces the centrality of internal reporting systems within corporate compliance frameworks, which are no longer merely procedural safeguards but increasingly function as critical tools for early risk detection, mitigation, and potential defence against corporate liability.

Mitigating factors

The Anti-Corruption Directive requires Member States to ensure that an offender’s cooperation with the relevant authorities is recognised as a mitigating circumstance, where the information provided proves essential to uncover evidence or identify the perpetrators of the offence that would otherwise have remained undiscovered.

As to legal entities, the Anti-Corruption Directive clarifies that the adoption and effective implementation of internal control and compliance systems may be taken into account as a mitigating factor in setting sanctions, without prejudice to national regimes that attribute a broader legal effect to such systems. This approach preserves Member States’ discretion to recognise liability ‑ excluding effects for compliance programmes, as exemplified by either the Italian Legislative Decree No. 231/2001, under which an effectively implemented Organisational, Management and Control Model may exclude the entity’s liability, or the French Sapin II law and related decrees, which require the implementation of compliance programs, the absence of which may be considered an aggravating factor when setting sanctions.

From a practical perspective, the final determination of the sanction is left to the court’s discretion, assessing the relevance of any mitigating circumstances against the specific case. In this context, the Anti-Corruption Directive makes clear that compliance systems must be effectively operational, and not merely formal (“window dressing”), thereby placing decisive emphasis on the substantive effectiveness of internal controls and procedures rather than on their mere formal adoption.

Prevention of corruption

Beyond criminalization, the Anti-Corruption Directive emphasizes prevention and systemic reform. Member States will be required to adopt and periodically update national anti corruption strategies, carry out structured risk assessments and reinforce transparency mechanisms relating to conflicts of interest and political financing. They must also ensure that one or several bodies or organizational units is tasked with the prevention of corruption are in place and possesses the necessary expertise to fight against corruption. Reinforced cooperation with bodies such as the European Anti-Fraud Office (OLAF), Europol, Eurojust and the European Public Prosecutor’s Office (EPPO) is intended to improve enforcement, particularly in cross-border investigations.

Next steps: Transposition timeline and key takeaways

The Anti-Corruption Directive will enter into force 20 days after its publication in the Official Journal of the European Union. Member States will have 24 months to transpose the Anti-Corruption Directive into national law.

From a corporate perspective, the Anti-Corruption Directive significantly raises the stakes and that is why companies should not wait. Early alignment will be crucial, including by:

• Conducting a targeted gap analysis, aimed at assessing the alignment of existing compliance frameworks with the offences, triggers and sanctioning criteria introduced by the Anti-Corruption Directive, as well as identifying areas where current controls may prove insufficient in light of the enhanced EU standards, except in Member States that already have such legal frameworks in place or more stringent ones
• Reviewing or updating codes of conducts and policies, with a view to ensuring consistency with the Anti-Corruption Directive’s harmonized definitions (e.g. against the broad notion of “undue advantage”)
• Strengthening procurement and third-party due diligence controls, ensuring that intermediaries, agents, distributors, joint-venture partners, suppliers, clients and public-sector counterparts are properly screened and regularly monitored
• Tracking and managing conflicts of interests
• Reviewing internal procedures and tools to test their effectiveness
• Reviewing or strengthening second and third level of controls, including audit, as related to the compliance function and framework within the company
• Reinforcing training programs and internal reporting whistleblowing mechanisms to ensure alignment with and awareness of the revised legal framework.

Acting now will enable organizations to transition more smoothly once the various European Member States align (where necessary) with this new legal framework.

*Valeria Kiseleva (trainee) contributed to this article.