Admin Log In Let's Talk

Quarterly Compliance Round-up: June 2026

  • Photo of Susan Divers
    Susan Divers

The second quarter of 2026 brought a busy stretch of enforcement and rulemaking. Regulators kept their focus on export controls, sanctions, foreign investment review, and anti-corruption. A few developments stood out:

  • The EU adopted a revised foreign investment screening regulation.
  • BIS brought significant export enforcement actions, including a major case against Bosch GmbH and several semiconductor-related exporters.
  • U.S. whistleblower programs continued to expand across multiple regulators.
  • Anti-boycott, anti-corruption, and sanctions enforcement stayed active.

Together, they reinforce the need for an effective, well-staffed compliance program. Here’s what happened.

EU adopts major reforms to foreign investment screening

The European Union adopted a revised Foreign Direct Investment (FDI) Screening Regulation that expands and harmonizes investment screening across Member States.

  • On June 8, 2026, the European Council adopted the revised FDI Screening Regulation after more than two years of negotiations.
  • The new framework requires all EU Member States to maintain national screening mechanisms and sets a common minimum scope for reviewing investments in strategically sensitive sectors.
  • It expands coordination among Member States and the European Commission and, in certain cases, extends scrutiny to some intra-EU investments.
  • Acquisitions, joint ventures, and minority investments involving critical technologies, infrastructure, defense, energy, and data will face increased filing requirements and potentially longer transaction timelines.

Ethena tip: Review your deal playbook so cross-border transactions trigger a regulatory-screening check well before signing. Build the extra review time into your closing timelines.

Related training: Ethena Export Controls & Sanctions

U.S. export control enforcement ramps up: BIS and the Foreign Direct Product Rule

The Bureau of Industry and Security (BIS) kept its enforcement focus on semiconductor manufacturing equipment, advanced-technology exports, and transactions involving Chinese restricted parties. Plus, Bosch GmbH is the latest company to fall afoul of the Foreign Direct Product Rule (FDPR).

Our April update covered the Applied Materials action, which involved $252 million in fines to resolve allegations that the company exported semiconductor manufacturing equipment to Semiconductor Manufacturing International Corporation (SMIC) after SMIC was added to the Entity List. BIS described it as the second-highest enforcement penalty in its history.

  • February 26, 2026: BIS settled with Teledyne FLIR LLC over exports of thermal-imaging and other controlled technologies without the required authorizations. The case involved shipments to an Entity List address and alleged misuse of the de minimis content rule.
  • March 27, 2026: BIS settled with Solventum Corporation, a manufacturer of devices used in semiconductor production, over EAR99 exports to restricted destinations.
  • April 14, 2026: BIS settled with Coastal PVA Technology over exports of semiconductor manufacturing equipment components to Chinese entities on the Entity List. BIS alleged Coastal exported items, including EAR99 products (the least-restricted category), without required licenses, and used third-party distributors that ultimately supplied restricted parties.

In a major case announced June 14, 2026, Bosch GmbH agreed to settle export control violations brought by the Departments of Commerce and Justice for $36.1 million, and was cited for an under-strength trade controls team. The exports came from two overseas Bosch subsidiaries that make sensors for phones, vehicles, and wearables, and went to Huawei, which has been on the Entity List since 2019. The exports violated both the FDPR and the de minimis content rule.

According to the settlement, Bosch’s U.S. trade compliance team consisted of two people, one full-time and one half-time, who couldn’t effectively implement the FDPR when it took effect in 2020. The German trade compliance team at headquarters also misunderstood the rule’s scope.

Ethena tip: Screen right up to the time of export so you catch newly added restrictions. And remember: understaffed or overwhelmed trade controls teams are themselves a risk regulators will flag.

Related training: Ethena Export Controls

Whistleblower programs expand across U.S. regulators

Federal agencies kept expanding incentives for whistleblowers to report misconduct. Our April update outlined the DOJ whistleblower program. Since then:

  • On April 7, 2026, the SEC announced a $50 million award to an unnamed tipster who alleged that a company misled investors about the success of one of its units. The firm’s name was withheld.
  • The same day, the SEC issued its FY 2025 enforcement results: roughly $60 million in awards to 48 individuals, and nearly 54,000 tips and complaints (about 19% more than the prior year). Overall enforcement actions fell by nearly 20% in FY 2025.
  • FinCEN whistleblower program: On March 30, 2026, FinCEN issued a proposed rule implementing the Anti-Money Laundering and Sanctions Whistleblower Program established by Congress. The proposed rule outlines how to submit information and apply for awards tied to Bank Secrecy Act and U.S. sanctions violations, and permits awards to eligible whistleblowers whose original information leads to enforcement actions with monetary sanctions above statutory thresholds.

These developments continue a broader trend: regulators increasingly rely on whistleblower information to spot misconduct and open investigations.

Ethena tip: Employees who feel their concerns aren’t being heard internally are more likely to take them straight to regulators. Strengthen your speak-up channels, investigate promptly, and enforce anti-retaliation protections.

Related: Ethena's Ethics Hotline tool

Anti-boycott prosecution: Thales Defense & Security

As we noted in our April update, anti-boycott compliance is a frequently overlooked risk, especially amid ongoing conflict in the Middle East. That risk just rose with Thales Defense & Security’s settlement of BIS charges.

Thales’s penalty, $44,750, was modest, but it came with an admission that the company certified no Israeli goods or entities were involved in a 2019 contract with the UAE, and that it failed to report receiving the certification requests.

Ethena tip: Make sure your internal controls and training cover U.S. anti-boycott rules, including the requirement to report boycott requests when you receive them.

Related training: Ethena US Anti-Boycott

Sanctions enforcement updates

Adani Enterprises settlement: In May, Adani Enterprises settled allegations of 32 violations of OFAC (the Treasury’s Office of Foreign Assets Control) sanctions for $275 million, tied to importing Iranian LPG and processing payment through U.S. financial institutions. OFAC classified the matter as egregious and not voluntarily disclosed, and said Adani acted recklessly by ignoring red flags and skipping due diligence.

FTI Consulting: In June, FTI Consulting settled with OFAC for violating U.S. Russia sanctions. FTI was providing investigation services for a law firm whose client was VTB Bank. FTI paid double the base penalty, for a total of $1.05 million, on the basis that VTB was ultimately responsible for paying FTI’s invoices through the law firm. The case is a reminder to screen every party in a transaction.

Ethena tip: Screen the full payment chain, not just your direct counterparty. Indirect or pass-through payments can still create sanctions exposure.

Related training: Ethena Export Controls & Sanctions

FCPA enforcement update

The last quarter saw two notable FCPA developments: a declination of prosecution for Balt SAS and Balt USA LLC over an alleged bribery scheme in France, and movement in the long-running Adani Group matter over conduct in India.

On May 15, 2026, the head of the Adani Group and his nephew agreed to settle SEC charges first brought in 2024 for $18 million. The SEC alleged they misled investors about the group’s anti-bribery policies while paying nearly $250 million in bribes to Indian government officials to win infrastructure contracts.

A few days later, DOJ’s related criminal FCPA prosecution, launched in 2024, was dismissed with prejudice by the Eastern District of New York. The court accepted the Adani Group’s argument that the case was an impermissible extraterritorial extension of U.S. securities laws.

As noted above, the Adani Group also recently settled the 32 OFAC sanctions violations involving Iranian LPG imports.

Ethena tip: Anti-bribery programs need to hold up across borders.

Related training: Ethena Anti-Bribery & Corruption

Articles

View All
A grid of cartoon robots with green checkmarks and one flagged with a red warning, representing AI vendor risk auditing.
Articles

How to Audit Your AI Vendors: A Practical Guide to Third-Party Risk

Most companies have more AI vendors than they realize, and you're liable for what they do. A practical five-step audit for Compliance, Legal, HR, and People Ops teams.

4 min read
Articles

Five questions our first AI in Compliance cohort asked about vibe coding

Twenty-five compliance professionals. Ninety minutes inside Lovable. Here are the five questions they asked about vibe coding — and the answers worth keeping.

4 min read
Articles

How to give your employees a reality check, respectfully (and the training to do it)

Every People team has a story like it. We sat down with Hebba Youssef, CPO at Workweek, to talk through how to give employees a reality check without losing the room — and we're sharing the training deck we actually use.

3 min read
Articles

Why does everyone hate HR? Steal these scripts and prompts to reclaim the people work

Spend five minutes in an anti-work subreddit and the verdict on HR is unanimous. "Order takers." "Policy police." "The cleanup crew." "The scapegoats." Those were real words from real HR/People...

4 min read