White-Collar Crime 2025 Comparisons

In the USA, both federal and state law define and prohibit crimes, usually classified as felonies, misdemeanours or petty crimes.

Felonies are the most serious offences, and include property crimes (including white-collar crimes) and crimes against persons. Felonies are punishable by more than one year in prison, but not all felonies result in imprisonment. Punishments can range from fines or limited time in prison to life without parole or death. Misdemeanours are punishable by one year or less in prison or jail, and could entail a fine, restitution, house arrest, probation or community service.

In criminal offences, prosecutors must generally establish proof beyond a reasonable doubt of an act or omission (actus reus) and a culpable state of mind (mens rea), which varies by crime. Prosecutors may need to prove that a defendant acted purposely, knowingly, recklessly or negligently. Strict liability offences – including some regulatory offences – require no showing of mens rea.

Attempts to commit crimes can also carry criminal liability. Typically, prosecutors must prove that the accused intended to commit the crime and knowingly took a substantial step beyond mere preparation.

As described in 1.1 Criminal Offences, the government has the burden of proof for criminal offences, and there is a presumption of innocence.

In civil and administrative proceedings, plaintiffs have the burden of proof and must generally show the validity of their claims by a preponderance of the evidence. In some proceedings, plaintiffs must establish substantial evidence of their claims. Defendants have the burden of proving any affirmative defences, usually by clear and convincing evidence or preponderance of the evidence.

A statute of limitations sets the maximum amount of time that a prosecutor in criminal cases, or a plaintiff in civil cases, has to bring charges or initiate legal proceedings.

The general federal statute of limitations is five years (18 USC Section 3282). Certain securities and tax crimes, as well as major frauds against the USA, have up to six- or seven-year limitation periods (18 USC Section 1031; 26 USC Section 6531). Other serious crimes or conspiracies involving fraud or embezzlement affecting banks and other financial institutions have ten-year limitation periods (18 USC Section 3293(2)). Several serious crimes have no limitation periods, such as capital murder and certain acts of terrorism (18 USC Sections 3281 and 3286).

Statute-of-limitation periods normally begin when the crime is “complete”, which occurs when the last element of the crime is satisfied. For “continuing crimes”, such as conspiracy, the limitation period may not begin to run until the last affirmative act is committed in furtherance of the scheme.

Regulators often request tolling agreements from potential subjects or targets to pause the limitation period for a specific time period.

Extraterritorial reach is permitted when a federal statute expressly states that it applies to conduct outside the USA.

In certain limited circumstances, courts have construed US statutes broadly to allow cases against defendants who commit offences abroad, particularly through the Foreign Corrupt Practices Act (FCPA) (15 USC Sections 78dd-1 et seq). Other federal criminal statutes with potential extraterritorial application include:

• money laundering (18 USC Section 1956);
• wire fraud (18 USC Section 1343);
• conspiracy (18 USC Section 371);
• false statements (18 USC Section 1001); and
• the Racketeer Influenced and Corrupt Organizations Act (RICO) (18 USC Section 1961 et seq).

The Department of Justice’s (DOJ) co-ordination with foreign counterparts has increased in recent years. The USA has mutual legal assistance treaties with many countries, allowing prosecutors and regulators to share information and investigative work across borders. For example, in March 2024, the commodities trading company Gunvor SA pled guilty to violating the FCPA. The Guvnor case also involved a parallel resolution with Swiss authorities, and the investigation entailed co-operation with additional authorities in the Cayman Islands, Colombia, Curacao, Ecuador, Panama, Portugal and Singapore.

The USA also has extradition agreements with many countries, though the terms of each agreement vary (eg, the USA and the European Union allow extradition for all crimes that are punishable in both jurisdictions).

Criminal liability can apply to individuals or legal entities. Individuals and entities may be liable for the same offence, but a separate case must be made against each. Individual directors and officers are not automatically liable for offences committed by their entities. Under the doctrine of respondeat superior, an entity is liable for the acts of its directors, officers, employees and agents that are both committed within the scope of their employment and at least partially motivated by an intent to benefit the entity.

Knowledge of individual directors, officers, employees or agents sometimes can be imputed collectively to the entity as a whole under the collective knowledge doctrine, although the validity of the doctrine is often controversial depending on jurisdiction. A parent entity is generally not liable for the acts of its subsidiary but can be if the parent exercises sufficient control over that subsidiary.

In mergers, the surviving entity is responsible for the predecessors’ liabilities under the doctrine of successor liability. In acquisitions, courts consider several factors in determining whether a successor entity can be held responsible for the acquired entity’s liabilities (eg, whether the buyer is a mere continuation of the seller).

Unlike the UK, the USA does not have a singular, broad “failure to prevent” offence.

In federal criminal courts, the United States Sentencing Commission guidelines provide a uniform framework for recommending sentences and fines. Each offence has a predetermined level. Judges weigh aggravating and mitigating factors, including an individual defendant’s criminal history, to calculate a recommended sentencing range or fine (18 USC Section 3553). The guidelines also set forth the rules for punishing entities. Restitution for identifiable victims is often mandatory (see, for example, 18 USC Section 3663A). The guidelines shape federal judges’ sentencing decisions but are not binding on judges.

For institutional defendants, the guidelines set forth culpability factors that determine appropriate multipliers applied to a base fine for determining an applicable fine range. Courts give due consideration to efforts to identify, disclose and remediate institutional or corporate misconduct, and consider the scope and pervasiveness of the wrongdoing when fashioning a sentence.

The Crime Victims’ Rights Act provides that victims of federal crimes have the “right to full and timely restitution as provided in law” (18 USC Section 3771(a)(6)). The Mandatory Victims Restitution Act (MVRA) requires a sentencing judge to award full restitution to victims of crimes against property, such as wire fraud, mail fraud and many financial crimes (18 USC Section 3663A). The MVRA applies if the individual or entity suffering the loss is an “identifiable victim” that is “directly and proximately harmed as a result” of the crime.

Some statutes explicitly provide for damages for victims. For example, RICO provides that any person injured may sue in federal district court to recover treble damages, as well as reasonable attorneys’ fees (18 USC Section 1964).

Both federal and state governments can investigate, prosecute and enforce laws related to white-collar offences.

Federal white-collar offences are investigated by a variety of governmental agencies. Civil investigations and enforcement actions may be initiated by (among others):

• civil attorneys at the DOJ;
• the Securities and Exchange Commission (SEC);
• the Commodity Futures Trading Commission (CFTC);
• the Federal Reserve Bank;
• the Federal Trade Commission (FTC);
• the Office of Foreign Assets Control (OFAC);
• the Environmental Protection Agency (EPA);
• the Federal Bureau of Investigation (FBI);
• the United States Postal Services (USPS); and
• the Internal Revenue Service (IRS).

All federal criminal offences are investigated and prosecuted through the DOJ, often in partnership with other agencies. Both civil and criminal federal cases are heard by federal courts. Some administrative actions are litigated within the agencies themselves by administrative law judges, with the possibility of appeal to the federal courts.

States have a parallel set of criminal and civil laws as well as their own courts to hear cases. State prosecutors’ offices (often called state’s attorneys or district attorneys) bring cases based on criminal offences within their jurisdiction. State enforcement regimes for civil offences vary, but most have a series of investigative agencies and a state Attorney General, who acts as chief legal officer.

Self-regulatory organisations (such as the Financial Industry Regulatory Authority, the Options Clearing Corporation and the New York Stock Exchange) also enforce industry rules and professional regulations.

On 9 May 2025, President Trump issued an Executive Order directing federal agencies and regulators to avoid enforcing – in a criminal proceeding – vague regulations or statutes, or strict-liability offences unless the individual or entity acted with criminal intent or knowledge.

Investigations may be initiated by agencies or prosecutors whenever they have reason to believe that an offence has been committed within their jurisdiction. Regulatory agencies each possess their own set of standards for initiating investigations, which are based on statutes and internal guidance. Investigations vary in formality. The SEC’s Division of Enforcement, which prosecutes wrongdoing under the federal securities laws, may investigate through a relatively informal process, known as a “matter under inquiry”, or via a formal investigative order (under which a subpoena may be issued). Matter-under-inquiry investigations may arise from an entity’s self-reporting of possible misconduct, in response to media reporting or a whistle-blower submission. A matter under inquiry may convert to a formal investigation.

Civil investigations begin when a regulatory agency, such as the SEC or CFTC, begins exploring a civil claim against a potential defendant. Criminal investigations are initiated by agencies working in partnership with the DOJ, often through the local United States Attorney’s Office and Federal Bureau of Investigation (FBI). Potential targets of investigations might be identified by a whistle-blower.

In federal cases with possible civil and criminal claims, the DOJ encourages co-ordination of investigations with civil regulatory agencies – known as parallel proceedings – to facilitate information-sharing between civil and criminal investigators where permitted.

In both civil and criminal investigations, the government can conduct voluntary interviews, make informal requests for documents or information, and issue subpoenas both to investigation targets and to third parties for the production of evidence. Although it is possible to seek to quash a subpoena in court as being overly broad, companies and individuals often negotiate with the government to narrow the subpoena’s scope. In federal civil cases, one form of information-gathering is a civil investigative demand requiring the production of specified documents or information.

In criminal investigations, a grand jury may issue subpoenas that compel production of documents or testimony. The government may also obtain search warrants, which can be used to search particular places such as offices or databases, and to seize documents. To obtain a search warrant, investigators must provide probable cause that the stated offence has been committed and that evidence of said offence is located in a certain place.

In voluntary interviews with the government, the interviewee has no obligation to answer questions. The government can compel individuals to submit to questioning in limited circumstances. A person responding to a grand jury subpoena for testimony must appear but may consult with their attorney outside the presence of the grand jury before answering questions. A person may always refuse to answer a question if an answer would tend to incriminate that person, but may not refuse to answer questions that would tend only to incriminate an entity or another person.

The government also has broad authorities to trace, freeze and seize proceeds of a crime, including digital assets, bank accounts, real estate and other assets. This can be done in either a civil or criminal proceeding, and different rules and standards apply.

Several US regulators have announced their use of advanced tools for investigating white-collar crime. For example, in June 2025, the DOJ announced that it was creating an inter-agency Health Care Fraud Data Fusion Center to “leverage cloud computing, artificial intelligence, and advanced analytics to identify emerging health care fraud schemes”. In October 2024, the Treasury Department noted that it used “machine-learning AI” to recover USD1 billion in Treasury check fraud. Furthermore, the SEC has leveraged big data and analytic tools to identify suspicious trading patterns and accounting mismanagement.

For defence lawyers, many discovery vendors now provide AI-related tools to assist in electronic document identification, prioritisation and review, and such uses are generally accepted by enforcement bodies. For corporate compliance departments, AI can be used to proactively identify risks and potential misconduct. While no laws specifically address the use of AI in investigations, white-collar lawyers should be mindful of court and state-level ethics rules that may limit the use of AI in court submissions and other formal proceedings.

While not required, internal investigations help entities to identify and remediate problems, and to decide whether to self-report to the government. Internal investigations are also used to demonstrate compliance and remediation efforts that can justify government leniency. The thoroughness of an internal investigation is one factor considered by the federal government when deciding whether to charge or penalise entities. For these reasons and others, including the applicability of attorney–client privilege in the USA, internal investigations should be carefully structured and executed.

Officers and directors of an entity must often promptly investigate possible wrongdoing to fulfil their legal and fiduciary obligations. For example, statutes such as the Sarbanes-Oxley Act (the “SOX Act”) require entities to establish procedures for employees to report possible wrongdoing. Failing to investigate reports of possible misconduct can subject both the leadership of an entity and the entity itself to liability.

Internal investigations can be affected by various data protection and labour laws, including the Health Insurance Portability and Accountability Act (HIPAA) and state-specific laws, such as the Illinois Biometric Information Privacy Act. These laws regulate the handling and disclosure of sensitive information, including medical records, biometric data and other personally identifiable information.

Companies are not universally obligated to share findings of internal investigations with enforcement authorities. Disclosure does not prevent prosecution, and companies must consider the implications of disclosure in their unique circumstances. However, voluntary disclosure of investigation findings can significantly influence an enforcement action’s outcome – such as securing a more favourable resolution.

Prosecutors have broad discretion in choosing whom to prosecute and which charges to bring, but both the DOJ and SEC guidance govern when cases can be brought. Prosecutors are also bound by state-level ethics rules.

For example, with business entities, DOJ prosecutors weigh various culpability factors pursuant to the “Principles of Federal Prosecution of Business Organizations”, also known as the “Filip Factors” (named for then-Deputy Attorney General Mark Filip). Similarly, the SEC’s Seaboard Report outlines elements of corporate conduct that can play a significant role in whether the Commission pursues an enforcement action.

Prosecutors may charge by indictment, complaint or information. Criminal indictments must be approved by a grand jury – which nearly always approves prosecutors’ requests. Criminal complaints must set forth adequate probable cause for a charge and be signed by a judge. Complaints provide authority for an arrest but must be followed by an information or indictment within a set period. For felony violations, a defendant has a waivable right under the Constitution to indictment by a grand jury, which, if waived, can result in the filing of information detailing the charge.

Deferred prosecution agreements (DPAs) and non-prosecution agreements (NPAs) are mechanisms by which a company or individual can avoid prosecution in exchange for a commitment to abide by an agreement for a period of time. If the signatory successfully complies with the agreement’s terms, the government will either:

• not file charges (NPAs); or
• move to dismiss the charges (DPAs).

Courts must approve DPAs, whereas courts are not involved in approving NPAs. Consequences for breaching these arrangements can be severe. The government may extend the company’s obligations under the agreement, or otherwise it may terminate the agreement and prosecute the company.

Government use of a DPA or an NPA depends on a variety of factors including the company’s co-operation, the pervasiveness of the conduct, remediation, self-disclosure, collateral consequences and other criteria. DPAs and NPAs are negotiated between the prosecution and the defendant, and may include an acknowledgement of wrongdoing or admitting relevant facts, co-operation in ongoing investigations (including of culpable individuals), ongoing compliance obligations (and sometimes monitoring), ongoing reporting obligations, fines, penalties or business reforms.

In addition to the crimes described throughout3. White-Collar Offences, RICO criminalises conduct that is part of a “pattern of racketeering activity” to carry out the goals of an enterprise. Both officers and employees can be liable under RICO.

RICO cases may be brought civilly or criminally. Criminal violators face imprisonment of up to 20 years, a USD250,000 fine and forfeiture of any property derived from the unlawful activity (18 USC Sections 1963, 3571). Civil violators face treble damages and liability for reasonable attorney fees (18 USC Section 1964).

Both federal and state law prohibit domestic bribery. The general federal bribery statute punishes giving or receiving anything of value to or from a public official to influence official acts (18 USC Section 201(b)). Successful prosecution demonstrates a quid pro quo – that the thing of value was given in exchange for the official act. Courts construe “public official” and “thing of value” broadly.

A similar law prohibits bribing agents of an organisation, state or local government or agency with anything worth at least USD5,000 when the subject organisation receives at least USD10,000 in federal programme funds annually (18 USC Section 666). No federal funds need to be implicated in the bribery for conviction.

The FCPA criminalises bribery of foreign officials. A prosecutor must prove that the defendant offered to pay, paid or promised to pay money or anything of value:

• to a foreign government official, whether directly or indirectly;
• with corrupt intent;
• for the purpose of influencing any official act or decision, inducing the official to influence any act or decision of a foreign government or securing an improper advantage; and
• to obtain, retain or direct business.

There is no de minimis defence, and a mere offer of payment incurs liability. There is a limited safe harbour for “facilitation” payments that merely encourage a government official to perform a routine governmental action, such as processing visas or scheduling inspections.

The SEC investigates and brings civil enforcement actions under the FCPA, and can seek civil monetary penalties per violation from entities of up to USD500,000 and from individuals of up to USD100,000 based on the gross amount of monetary gain to the defendant as a result.

The DOJ can bring criminal and civil prosecutions under the FCPA. Individual criminal violators face imprisonment of up to five years, fines of up to USD250,000 per violation (which may not be paid by the culpable entity), or both. Entity violators face fines of up to USD2 million per violation. As with other federal criminal offences, the alternative fines provision specifies that an individual or entity can alternatively be criminally fined up to twice the gross monetary gain or loss resulting from the violation if that figure is greater than the otherwise applicable fine amount (18 USC Section 3571(d)) – which could total billions of dollars. In civil prosecutions, individuals and entities can be fined up to USD10,000.

A “wilful” FCPA violation in a criminal case carries a fine of up to USD25 million for entities or USD5 million for individuals. Individuals face imprisonment of up to 20 years. Violations must involve knowing in order to incur criminal liability. FCPA violations may also trigger exclusion from federal programmes or suspension or debarment within the securities industry.

Relatedly, the Foreign Extortion Prevention Act (FEPA) (18 USC Section 1352) prohibits foreign officials from corruptly seeking, receiving or agreeing to receive anything of value from any person while in the territory of the USA, or with a US issuer or a domestic concern in exchange for an improper business advantage. Violations carry fines of up to USD250,000 per violation or three times the monetary equivalent of the thing of value, imprisonment for up to 15 years, or both.

Bribery of foreign non-governmental officials is also potentially punishable under the Travel Act (18 USC Section 1952), which criminalises interstate travel, foreign commerce or using interstate facilities, such as the mail, in furtherance of an unlawful activity.

There is no general obligation to report suspected bribery to authorities under US law, though reporting requirements exist in certain contexts. For example, the FCPA does not explicitly require individuals or entities to report bribery, but as discussed in 3.6 Financial Record-Keeping it penalises those who fail to keep accurate books and records.

Some regulations, such as those in government contracting, impose consequences for failure to report. For example, under 48 CFR 9.407–2, contractors who knowingly fail to disclose credible evidence of bribery may face suspension or debarment from future government contracts.

Federal law prohibits corporate insiders from using material and non-public information (MNPI) to their advantage or passing that information to outsiders, known as “tipping”. Both the giver and the receiver of the information are liable. Federal law also prohibits corporate outsiders from misappropriating and trading based on MNPI in breach of a duty of confidence or trust. Liability of a corporate outsider is premised upon whether the source or “tipper” disclosed the information with an expectation of confidentiality (ie, with the expectation that such information would not be shared with other parties).

The SEC holds authority under Section 10(b) of the Securities Exchange Act and Rule 10b-5 to bring a civil action for insider trading for injunctive relief and disgorgement of profits. In addition, the Insider Trading Sanctions Act and Insider Trading and Securities Fraud Enforcement Act allow the SEC to seek civil penalties of up to three times the profits gained or losses avoided from insider trading (15 USC Sections 78u, et seq). The SEC can also seek to bar people from serving as officers and directors. Violations can be based on “shadow trading”, where an employee or insider has traded in the securities of another comparable company based on MNPI learned in connection with their employment or role as an insider.

Private persons who traded at the same time and in the same securities as defendants can also bring an insider trading case under Section 20A of the Securities Exchange Act (15 USC Sections 78t, et seq).

Under Section 32(a) of the Securities Exchange Act, individual insider trading defendants face criminal fines of up to USD5 million and 20 years of imprisonment. Entities that are liable as controlling persons for their employees face fines of up to USD25 million. Defendants can also be charged with wire fraud (18 USC Section 1343), which is punishable by up to 20 years in prison. In 2024, the DOJ brought its first prosecution of a corporate executive based exclusively on sales of stock under Rule 10b5-1 trading plans, which are plans that typically provide an affirmative defence for corporate insiders buying and selling company stock. The trader was convicted for securities fraud and insider trading based on charges that the trader was aware of MNPI when he entered the Rule 10b5-1 plans.

Under the Internal Revenue Code (IRC), multiple criminal statutes concern omission, evasion and false statements regarding the filing and paying of taxes (IRC Sections 7201-7216). Criminal enforcement is accomplished through the IRS’s Criminal Investigation Division and the DOJ’s Tax Division. IRS civil actions can proceed at the same time as a criminal investigation.

Tax Evasion

The elements of tax evasion under 26 USC Section 7201 are:

• wilfulness;
• the existence of a tax deficiency; and
• an affirmative act constituting an evasion or attempted evasion of the tax.

Conviction results in a fine of up to USD100,000 (USD500,000 in the case of a corporation) or imprisonment of not more than five years, or both, together with the costs of prosecution.

False Returns and Statements

False returns and statements constitute a felony under IRC Section 7206(1) if a person wilfully made and subscribed to a tax return, verified by a written declaration made under penalties of perjury, that they do not believe to be true and correct as to every material matter.

Those convicted are subject to fines of not more than USD100,000 (USD500,000 in the case of a corporation) or imprisonment of up to three years, or both, together with the costs of prosecution (26 USC Section 7206).

Aid or Assistance

A person is guilty of aiding or assisting under IRC Section 7206(2) if they wilfully aided, assisted, procured, counselled, advised or caused the preparation and presentation of a return that was fraudulent or false as to a material matter. The government must prove that the defendant acted with specific intent to defraud the government. Violators face fines of up to USD100,000 (USD500,000 in the case of a corporation) or imprisonment of up to three years, or both, together with the costs of prosecution (26 USC Section 7206).

FCPA

As noted in 3.2 Bribery, Influence Peddling and Related Offences and 3.3 Anti-Bribery Regulation, the FCPA requires “issuers” to:

• keep accurate books and records; and
• have a system of adequate internal accounting controls (15 USC Section 78m(b)(2)).

Violators must knowingly falsify books or records, or knowingly circumvent or knowingly fail to implement a system of internal accounting controls (15 USC Section 78m(b)(5)). The SEC has two additional rules to aid in the enforcement of the record-keeping provisions:

• no person shall directly or indirectly falsify any book, record or account; and
• officers and directors of issuers are prohibited from making material misrepresentations or omissions in the preparation of reports (17 CFR Section 240.13b2-1; 17 CFR Section 240.13b2-2).

Individual violators face a maximum fine of USD5 million or imprisonment of up to 20 years, or both; entity violators face fines of up to USD25 million (15 USC Section 78ff(a)).

Securities Exchange Act of 1934

SEC Rule 17a-4(b)(4) requires registered members, brokers and dealers to preserve original copies of all communications sent and received by the registrant that relate to its business for at least three years. The SEC has brought several cases against broker-dealers for failing to preserve records from “ephemeral messaging” platforms – such as Signal and WhatsApp – where messages are automatically deleted after a set amount of time or after viewing.

Securities Fraud

Under the SOX Act, it is a felony to knowingly execute, or attempt to execute, a scheme or artifice to defraud any person in connection with any security of an issuer that has a registered class of securities or is required to file periodic or other reports with the SEC. Violators face a fine or imprisonment of not more than 25 years, or both (18 USC Section 1348). It also requires financial statements to be filed periodically and be accompanied by written certifications from the company’s CEO and CFO (18 USC Section 1350). CEOs and CFOs who certify statements knowing that the periodic report violates the requirements of this provision are subject to fines of up to USD1 million and imprisonment for ten years. If wilful, the maximum fine increases to USD5 million, and the prison term increases to up to 20 years (18 USC Section 1350).

The SOX Act also contains an executive claw-back provision requiring CEOs and CFOs of issuers that engaged in misconduct to forfeit for a 12-month period their bonus, certain other compensation and profits from the sale of company stock (15 USC Section 7243(a)).

Other Financial Fraud

A variety of financial or accounting frauds may be prosecuted federally as instances of mail, wire or bank fraud (18 USC Sections 1341, 1343 and 1344). Violators must knowingly devise a scheme to defraud others through materially false or fraudulent pretences, representations or promises, and must act with the intent to defraud.

Individual violators face up to 20 years’ imprisonment and a USD250,000 fine per violation. Entities face up to a USD500,000 fine per violation. If a financial institution was affected, violators face 30 years’ imprisonment and a USD1 million fine.

The Antitrust Division of the DOJ enforces federal criminal competition laws.

The Sherman Antitrust Act

The Sherman Antitrust Act is a federal statute that prohibits contracts, conspiracies or combinations of business interests that restrict foreign or interstate trade (15 USC Section 1). Federal courts evaluate claims under a so-called rule of reason, which requires proof that a defendant with market power unreasonably engaged in anti-competitive conduct (eg, sharing competitive information, “tying arrangements”, “exclusive dealing arrangements”).

In contrast, per se violations involve anti-competitive arrangements that are considered illegal on their face, such as an agreement among competitors to fix prices, divide markets or rig bids. It also prohibits the monopolising of trade or commerce among states or with other countries (15 USC Section 2). Elements of a violation are possessing or attempting to possess monopoly power in the relevant market and wilfully acquiring or maintaining that power, as opposed to growth resulting from a superior product, business strategy or historic accident. Violators face criminal penalties of up to USD100 million for corporations and USD1 million for individuals, imprisonment of up to ten years, or both. The DOJ, state Attorneys General and private parties can also bring civil actions and win treble damages.

The Clayton Act

The Clayton Act prohibits a seller from discriminating in price between purchasers of goods of similar quality when doing so may result in substantial competitive injury, and from making promotional payments or services available only to some customers (15 USC Section 13a). Violators face fines of USD5,000 and imprisonment of up to one year, or both.

Section 7 of the Clayton Act prohibits any merger or acquisition that will result in substantially less competition or a monopoly within a relevant market (15 USC Section 18). The DOJ and FTC are both authorised to enforce it, and private parties may also seek injunctive relief against a transaction that would result in a Section 7 violation (15 USC Section 26).

The Clayton Act is enforceable through civil actions by the DOJ and through administrative proceedings before and by the FTC, which can also seek injunctive relief (15 USC Sections 21, 25 and 53(b)).

The FTC Bureau of Consumer Protection regulates business practices including advertising and financial practices, data security, high-tech fraud and telemarketing. The FTC investigates and brings civil actions against violators and also co-ordinates with the DOJ and state prosecutors to bring criminal suits.

The Consumer Financial Protection Bureau, the US Food and Drug Administration and the DOJ also enforce various consumer protection laws, including:

• the Dodd-Frank Act;
• the Consumer Financial Protection Act;
• the Fair Debt Collection Practices Act;
• the Fair Credit Reporting Act;
• the Fair Housing Act;
• the Truth in Lending Act;
• the Gramm-Leach-Bliley Act; and
• the Food, Drug, and Cosmetic Act.

State Attorneys General prosecute consumer fraud violations under a variety of state laws. Many states have adopted the Uniform Deceptive Trade Practices Act, which prohibits fraudulent business practices and misleading advertising.

The Computer Fraud and Abuse Act prohibits intentionally obtaining access to computers “without authorization” or by “exceeding authorized access” with the intent to defraud, cause damage or extort (18 USC Section 1030). Sanctions include up to ten years’ imprisonment and a USD250,000 fine.

The Stored Communications Act prohibits intentionally accessing email or voicemail without authorisation or in a way that exceeded authorised access (18 USC Section 2701). Sanctions include up to five years’ imprisonment and a USD250,000 fine, or ten years’ imprisonment for subsequent offences.

Prosecutors may charge other computer fraud violations (which have similar elements) as wire fraud (18 USC Section 1343) due to the wire fraud statute’s higher penalties, including fines of up to USD250,000 for individuals and USD500,000 for organisations, and imprisonment for up to 20 years. If the fraud affects a financial institution, or if the violation is in connection with a Presidentially declared major disaster or emergency, violators face fines of up to USD1 million and up to 30 years’ imprisonment.

The Wiretap Act prohibits intentionally intercepting or endeavouring to intercept communications without consent from the speaker (18 USC Section 2511). Violators face a USD250,000 fine and up to five years’ imprisonment.

The Theft of Trade Secrets statute prohibits the theft of trade secrets and the knowing possession or use of stolen trade secrets (18 USC Section 1832). Violators are subject to fines of up to USD5 million or three times the value of the stolen trade secret. Related criminal laws prohibit economic espionage (18 USC Section 1831) and the wilful infringement of copyright for the purpose of commercial advantage or private financial gain (17 USC Section 506(a); 18 USC Section 2319).

Financial Sanctions

OFAC enforces economic and trade sanctions against countries, territories, entities, property and individuals who engage in certain prohibited transactions. Prohibited transactions are designated based on US foreign policy or national security interests. For example, OFAC sanctions the transfer of assets to, trade with, and export of services to certain comprehensively sanctioned countries, and maintains a list of “blocked” persons with whom US persons cannot conduct any business and whose assets US persons must freeze. OFAC’s administrative actions include licence denial, imposing a civil monetary penalty for violations and referring violations to the DOJ for possible criminal prosecution.

OFAC sanctions are based on two principal statutes: the Trading with the Enemy Act (TWEA) (50 USC App Sections 5, 16) and the International Emergency Economic Powers Act (IEEPA) (50 USC Section 1701 et seq). OFAC enforces sanctions extraterritorially against US persons on a “strict liability” basis.

Under the TWEA, wilful violators can be fined up to USD1 million or imprisoned for up to 20 years, or both. Criminal penalties are subject to increase pursuant to 18 USC 3571. Civil penalties currently cannot exceed USD111,308 per violation (subject to annual inflationary adjustment).

Under the IEEPA, criminal liability attaches to persons who wilfully violate the law. Criminal liability may include a fine of up to USD1 million or a prison term of up to 20 years, or both. Maximum civil penalties may not exceed the greater of USD377,700 (subject to annual inflationary adjustment) or an amount that is twice the amount of the transaction that is the basis of the violation. Penalties can be substantially mitigated through the submission of a valid voluntary disclosure.

The 21st Century Peace through Strength Act, Pub L No 118-50, div D Section 3111, extends the statute of limitations from five years to ten years for civil and criminal violations of the TWEA and the IEEPA occurring after April 2024.

Trade – Export Controls and Anti-Boycott

The two principal export control regimes are:

• the International Traffic in Arms Regulations (ITAR) administered by the US Department of State pursuant to the Arms Export Control Act (AECA) (22 USC § 2778); and
• the Export Administration Regulations (EAR) administered by the Department of Commerce pursuant to the Export Control Reform Act of 2018 (ECRA) (50 USC Section 4811 et seq).

ITAR generally govern the exportation, transfer and temporary importation of defence articles (hardware, software, technical data, defence services), whereas EAR generally govern the export and in-country transfer of hardware, software and technology that is commercial or dual-use in nature.

ITAR and EAR violations can include licence denial, imposing a civil monetary penalty and referral to the DOJ for possible criminal prosecution. Under AECA, corporate wilful violators are subject to up to USD1 million in fines, and individuals to up to USD1 million per violation and/or up to 20 years’ imprisonment. Civil penalties can be up to the greater of USD1,271,078 (subject to annual inflationary adjustment) and an amount that is twice the value of the transaction. Under ECRA, criminal penalties can include up to 20 years of imprisonment and up to USD1 million in fines per violation, or both (as well as criminal forfeiture of funds or other property involved in any violation). Civil penalties can be up to USD374,474 per violation (subject to annual inflationary adjustment) or twice the value of the underlying transaction, whichever is greater. Violators can also be denied export privileges or debarred from government contracting. Penalties can be substantially mitigated through the submission of a valid voluntary disclosure.

Customs

Smuggling and other importation violations are crimes under 18 USC Sections 541, 542 (importation of goods by means of any fraudulent written or verbal statement), 544 and 545 (smuggling). The False Statements statute provides for fines and potential imprisonment of up to two years. Smuggling is knowingly and clandestinely bringing goods into the USA with the intent to defraud the government by failing to properly declare the goods. Punishment for smuggling is a fine of up to USD250,000 and imprisonment of up to 20 years, and forfeiture of the merchandise smuggled, or its value.

Defendants can incur liability for both concealment and an underlying offence. State and federal laws criminalise efforts to conceal wrongdoing improperly, which are generally referred to as obstruction of justice.

18 USC Section 1503 punishes corrupt attempts to obstruct the “due administration of justice” in connection with a pending judicial proceeding. Violators face up to ten years’ imprisonment and a fine of up to USD250,000 for individuals and USD500,000 for organisations.

18 USC Section 1505 punishes attempts to impede the “due and proper administration of the law” in any proceeding before a US agency, department or committee, including Congress. Violators face up to five years’ imprisonment, or eight years in terrorism cases, and a USD250,000 fine.

Federal law prohibits making false statements to the government, including by misleading misrepresentations (18 USC Section 1001).

Even when not charged separately, prosecutors and regulators consider efforts to conceal wrongdoing to be aggravating factors in charging and sentencing. Convicted parties face fines of up to USD250,000 and five years’ imprisonment. If the crime is related to terrorism, the convicted parties face up to eight years’ imprisonment.

Both state and federal courts recognise liability for aiding and abetting. A director, officer or employee of a corporation can incur liability for aiding and abetting the commission of a corporate crime. Under federal law, anyone who “aids, abets, counsels, commands, induces or procures” the commission of an offence is punishable as a principal (18 USC Section 2(a)). As a result, the penalties for aiding and abetting are equivalent to those for the principal offence.

Certain actors may also be liable for “causing” another to violate a federal securities statute, and the SEC may issue a cease-and-desist order against a secondary actor. For “causing” liability to attach, the SEC must prove three elements (see 15 USC Section 78u-3(a)).

The Money Laundering Control Act (18 USC Sections 1956 and 1957) criminalises money laundering. Prosecutors must show that a defendant knowingly transported or transmitted funds between states or between the USA and another country, knowing the funds were the proceeds of unlawful activity and knowing the movement was designed to conceal the unlawful activity.

Violators face up to 20 years in prison, a fine of up to USD500,000 or twice the value of the property involved, whichever is greater, and the mandatory forfeiture of property involved in the offence or traceable to the offence, or of substitute assets (18 USC Section 982(a)(1) and (b)(2)).

Under 18 USC Section 1957, liability extends to persons who knowingly engage in monetary transactions. Violators face up to ten years’ imprisonment and a maximum fine of USD250,000, or not more than twice the amount of the criminally derived property involved in the transaction.

Financial institutions have obligations under the Bank Secrecy Act (BSA) and related regulations to help detect and report suspicious activity, and must file a currency transaction report for transactions involving more than USD10,000. Courts may punish individuals for structuring transactions to evade the reporting requirement.

Financial institutions must also establish effective programmes to combat money laundering. BSA compliance is enforced by the Department of Treasury (“Treasury”) and violators face a fine of up to USD250,000 and imprisonment for up to five years for wilful violations.

On 4 September 2024, Treasury’s Financial Crimes Enforcement Network (FinCEN) issued a final rule adding certain registered investment advisers and exempt reporting advisers to the definition of “financial institution” under the regulations implementing the BSA, effective 1 January 2026.

Federal regulators including the DOJ, CFTC and SEC, as well as a number of US states, have recognised or pursued enforcement actions related to ESG practices under a variety of state and federal statutes (such as the Uyghur Forced Labor Prevention Act (UFLPA)) and legal theories including carbon market fraud, securities fraud, greenwashing or environmental fraud, ESG investment fraud, false claims, consumer fraud, and anti-competitive business practices.

The DOJ generally enforces offences related to new technologies under traditional criminal laws, such as fraud. In April 2025, the DOJ charged Albert Saniger with securities fraud and wire fraud for claiming that his company was fully automated based on AI, while allegedly employing hundreds of overseas contract workers to manually complete tasks. Wire fraud is punishable by up to 20 years in prison, and securities fraud is punishable with up to 25 years in prison, depending on the particular statute.

The DOJ generally enforces offences related to digital currencies under traditional criminal laws. For example, wire fraud, money laundering, sanctions violations, and unlicensed money transmission laws have been used recently to prosecute criminal activity involving crypto-assets and digital currencies. On 7 April 2025, the DOJ issued a memorandum entitled “Ending Regulation by Prosecution” that set forth the Trump administration’s crypto enforcement priorities. The memo stated that the DOJ would focus more on holding individuals accountable (as opposed to, for example, unwitting companies whose platforms are abused by wrongdoers), and reduce charges based on securities violations or registration requirements, unless there is evidence of wilful misconduct. Whether crypto-assets are classified as securities, commodities or something else involves a case-by-case determination that could impact the legal enforcement options available to a prosecutor, and the involvement of other enforcement authorities beyond the DOJ.

Common defences to white-collar crimes include the following.

• Evidentiary gaps – the prosecutor has not met its burden to prove each element of the offence beyond a reasonable doubt.
• Lack of intent/acts in good faith – for charges requiring a showing of specific intent or a guilty mind, acts made in good faith or without such intent may provide a defence.
• Lack of jurisdiction/extraterritoriality – the prosecutor does not have the required legal authority or has not established the required nexus to exercise its jurisdiction.
• Coercion and entrapment – a defendant was forced or coerced to perform an illegal act by others. The government may have entrapped the defendant by creating a set of circumstances in which an otherwise law-abiding person would be induced to commit a crime.
• Statute-specific defences – some statutes provide for specific affirmative defences. The FCPA, for example, allows defendants to show that a payment or promise was lawful under the local law where it was made (15 USC Section 78dd- 1(c)(1)).
• Conduct was authorised – an entity may argue that it was authorised or licensed to conduct certain activity, or that its activity was not prohibited.
• Due process violations – the government conducted an illegal search or seizure.
• Statute of limitations – the charges were not timely raised.

An effective compliance programme is not a defence to criminal charges, though government agencies view an effective compliance programme as a mitigating factor weighing against prosecution, enforcement actions or the assessment of penalties.

No industry or sector is exempt from compliance with white-collar crime-related laws. Nonetheless, exceptions to white-collar offences exist under statute-specific provisions. For example, the FCPA contains an exception for so-called facilitation payments used to expedite or secure the performance of routine governmental actions (15 USC Section 78dd- 1(b)). However, courts and regulators construe the exception narrowly, and payments typically involve small amounts. No de minimis exceptions exist under the FCPA or other white-collar fraud statutes.

In addition, federal securities laws generally require that issuers disclose all material information in their filings.

Plea agreements allow defendants, both individual and corporate, to acknowledge wrongdoing voluntarily in exchange for lesser penalties or convictions on potentially reduced charges. Plea agreements also offer predictability in outcomes and penalties that trials do not. Plea agreements (as opposed to trials) are commonly used to resolve criminal cases in the USA.

Federal plea agreement procedures are governed by Rule 11 of the Federal Rules of Criminal Procedure. Defendants must admit to sufficient facts to prove each element of the crime to which they are pleading, as well as the crime itself. Federal and state prosecutors follow common charging and plea practices established for their various offices, which tend to be recorded in confidential internal guidance.

Voluntary self-disclosure and meaningful co-operation with investigators are considered mitigating factors by agencies and prosecutors. Other common leniency measures include remediation efforts, the mitigation of possible harm, restitution and reform (including changes in internal policies). The payment of restitution in advance of enforcement action also demonstrates a corporation’s acceptance of responsibility.

Examples of proactive steps that legal counsel can take to receive co-operation credit include:

• flagging key documents and making witnesses available on an expedited basis;
• offering translations of documents where necessary;
• providing informed factual explanations outside mere advocacy; and
• helping clients who may have violated the law to admit that violation and work in good faith to remedy it.

Whistle-blowers have express protection against retaliation by employers under several statutes, including the False Claims Act (31 USC Section 3730(h)), the SOX Act and the Dodd-Frank Act (15 USC Section 78u-6).

Large financial incentives exist for whistle-blowers to report. Whistle-blowers who voluntarily provide the SEC with original, timely and credible information that leads to a successful enforcement action in which the monetary sanctions exceed USD1 million may be eligible for an award of 10% to 30% of the penalty collected. The FCA provides for awards of between 15% and 30% of the proceeds of the action or settlement of the claim.

The DOJ launched its “Corporate Whistleblower Awards Pilot Program” in August 2024, which awards whistle-blowers who provide original, truthful disclosures that lead to a successful forfeiture of assets that exceed USD1 million. On 12 May 2025, the DOJ revised some of the criteria that whistle-blowers must meet to broaden the eligibility for recovery.

The Program encourages whistle-blowers to first report misconduct internally by considering internal reporting as a plus factor when calculating any whistle-blower award. It also rewards corporate self-reporting. Companies can still qualify for a declination under the DOJ’s Corporate Enforcement and Voluntary Self-Disclosure Policy – even if the whistle-blower reports to the DOJ before the company self-discloses.

Typically, whistle-blowers are also protected by companies through specific whistle-blower policies or company ethics codes.

Companies should not prohibit or discourage an employee from sharing information with the SEC and should not impose overly broad confidentiality obligations that could reasonably be interpreted to deter employees from sharing information with the SEC. The federal securities laws prohibit any person from “imped(ing) an individual from communicating directly with the [SEC] about a possible securities law violation” (17 CFR Section 240.21F–17(a)).

Handling cross-border investigations before enforcement authorities in multiple jurisdictions requires sensitivity to sometimes conflicting regulatory requirements. Data protection statutes vary widely by jurisdiction, and thus at times it may not be possible to transmit responsive materials across national borders. Concepts of legal professional or attorney–client privilege may not be recognised in certain jurisdictions (eg, China), which requires counsel to be particularly attentive to how internal investigations are structured in order to preserve privilege in other affected jurisdictions. Different legal regimes (eg, Germany) may not recognise plea agreements or immunity for co-operating witnesses, which can make resolutions of white-collar matters implicating individuals more complicated. It is critical for counsel handling complex investigations implicating multiple enforcement bodies and legal systems to plan from the outset how they can best structure an investigation that satisfies various authorities’ expectations, while still navigating any competing national requirements.

In May 2025, the DOJ issued a memorandum detailing its enforcement priorities. The memo identifies three core tenants – focus, fairness and efficiency – that will guide its enforcement of white-collar criminal statutes. As provided in the memo, healthcare fraud, trade and customs fraud, and fraud targeting American investors, individuals and markets are identified as priority enforcement areas.