74% of responders to the latest Global Directors’ and Officers’ Survey ranked ‘regulatory breach’ as a very or extremely important concern for D&Os, placing it at number four on the overall top seven list. It topped the concern list for the largest companies (>$5bn in revenue) and featured high on the top seven lists when viewed by region and industry.
Concern amongst D&Os about regulatory breaches is unsurprising, given the constantly changing regulatory landscape, which requires directors to stay informed and to actively seek to make their companies compliant with a range of regulations. This is a particular challenge for companies operating in multiple jurisdictions, especially since the general rise in regulatory actions in the wake of the global financial crisis, with often attendant substantial penalties for companies and their directors and officers. Regulatory risk has consistently ranked 3rd or 4th on the top seven risk list from 2018 to 2025, highlighting its ongoing importance in the risk landscape for directors.
The regulatory landscape is heavily influenced by the political landscape, with notable changes in the past year particularly in the US and UK. It is estimated that nearly half of the global population live in countries where elections were held during 2024 or are due to be held in 2025.
Trump's second term is expected to bring significant deregulation, reversing Biden's changes. This could boost short-term business growth but raises concerns about long-term corruption and financial stability.
Trump’s deregulation strategy will be aided by the change in leadership at the SEC - from Gary Gensler’s proactive and stringent approach (under his tenure, the SEC pursued controversial rules and guidance and brought novel claims) to Paul Atkin’s more conservative approach. Trump is expected to replace the leadership of most federal agencies, which will put an end to many regulatory projects in the pipeline and, following the Supreme Court’s decision (in June 2024) to strike down the Chevron doctrine, which previously granted agencies discretion in interpreting ambiguous statutes, the administration may find it easier to roll back existing regulations.
This deregulation strategy aided by the new Department of Government Efficiency (DOGE), co-led by Elon Musk and Vivek Ramaswamy involves cutting resources for regulators.. This will likely reduce their ability to pursue actions and marks a shift from the recent “broken windows” approach, where even the smallest infractions were pursued.
Trump also recently signed an executive order pausing the enforcement of the Foreign Corrupt Practices Act (FCPA), which US regulators have aggressively enforced around the world. Since its enactment in 1977, FCPA enforcement investigations and actions have resulted in substantial exposure from sizeable attorney fees, significant fines and follow-on shareholder litigation to companies, their D&Os and D&O insurers. According to a White House fact sheet, the pause on FCPA enforcement
Regulators are likely to, as was the case during the last Trump administration, follow a more basic agenda, pursuing traditional actions relating to fraud, illegal trading and market manipulation, rather than pursuing actions deriving from newer risks, such as ESG. In that regard, we have already seen, for example, that Trump has withdrawn the US from the Paris Agreement on climate, paused funding for green industries and rolled back the SEC’s climate-related disclosure rules. Many other initiatives around ESG have also been put out to pasture. Trump’s actions add to a growing “anti-ESG” sentiment in certain parts of the US, which has led to US companies downplaying ESG initiatives (green-hushing) and DEI programmes and asset managers becoming more reluctant to support activist shareholder proposals on social and environmental issues.
It is worth noting initiatives on the state level. In October 2023, the State of California passed its own climate disclosure rules in Senate Bill 253, the “Climate Corporate Data Accountability Act”, which surpasses the SEC’s climate disclosure rules. Senate Bill 261 , also signed into law in October 2023, requires that on or before 1 January 2026, and every two years thereafter, a “covered entity” (which includes companies doing business in California and with over $500m in revenue) must disclose their “climate-related financial risk” and measures taken to reduce and adapt to climate change.
Whilst these laws are currently being challenged in the courts, in view of the size of the California economy this legislation, if it survives, could impact many companies.
Additionally, states including Illinois, Minnesota, New York and Washington, are considering similar climate-related legislation that would mirror certain aspects of the California legislation.
In summary on ESG, there is a complex web of current and upcoming rules and regulations at both the state and federal levels applicable to ESG, which creates a difficult environment for most companies and their D&Os to operate in, particularly while investors, regulators and plaintiffs’ lawyers are closely scrutinising ESG disclosures by financial institutions and other types of companies.
Overall, Trump’s deregulation plan is likely to result in a decline in regulatory activity at the federal level but we may see individual states, who have their own regulators, stepping up to fill the void. In addition, activist investors and the plaintiffs’ bar are unlikely to slow down in relation to civil actions so companies and directors should not become complacent.
The desire for growth is also impacting the regulatory landscape in the UK, although the ethos behind the plans and the execution thereof is different from the US.
Following the July 2024 general election, a Labour government came to power for the first time since 2010.
Chancellor Rachel Reeves’ inaugural Mansion House speech on 14 November 2024 outlined reforms to boost the UK’s financial sector. Key initiatives include:
A new stock market to support private company growth by May 2025
A pilot using distributed ledger technology for a digital gilt instrument
A consultation to enhance the UK’s insurance-linked securities framework
the senior managers regime
published the same day, outlining growth strategies based on five policy pillars.
supporting adoption to open up opportunities
ensuring there is a framework which is robust whilst also protects consumers and promotes competition
fostering growth outside of London
nurturing local and attracting foreign talent
rebuilding relationships with Europe, maintaining UK as a financial hub.
The Strategy is due to be published in Spring 2025. In a letter of response, the FCA welcomed the recommendations and set out how it will achieve the aims by:
All, it is said, whilst ensuring certainty and predictability.
This ‘growth’ theme from the Labour government aligns with and builds on the Edinburgh Reforms launched by the previous Conservative government in December 2022.
While the reforms aim to boost the economy and the UK’s global financial markets globally, critics argue that “regulating for growth” might lead to a relaxation of important regulatory safeguards, many of which were put in place after the global financial crisis, potentially increasing financial misconduct, financial instability and a lack of market confidence. Additionally, there are concerns that reduced scrutiny may lead to oversight gaps and a higher chance of regulatory breaches. Current Prudential Regulation Authority (PRA) head (and prior head of the Financial Conduct Authority (FCA)), Andrew Bailey, recently cautioned policymakers in a speech “not to forget the lasting damage” of the global financial crisis when focusing on growth.
The concern is heightened by the new secondary objective for the FCA and PRA (initially proposed in the Edinburgh Reforms and in force from 29 July 2023) to facilitate the UK’s international competitiveness and medium to long-term growth, while aligning with international standards. This has drawn criticism from some quarters, concerned that the objective potentially encourages looser regulation to increase competitiveness.
One can see that balancing stability and competitiveness will be a very difficult exercise for the regulators to achieve. A recent All-Party Parliamentary Group (APPG) report on investment fraud and fairer financial services, which analysed the effectiveness of the FCA (prompted by criticism of how the FCA handled a range of recent scandals) notes that the secondary objective contributes to the potential for conflicts of interest to arise within the organisation and the report makes a number of recommendations (including legislative changes, changes in the appointment of the FCA's senior leadership team and addressing the funding of the FCA).
The FCA, in response, emphasised its commitment to fostering economic growth while maintaining robust consumer protections during a Treasury Committee hearing. The discussion centred on the challenges of balancing these goals in line with the Labour government’s focus on promoting responsible risk-taking to support economic expansion. FCA Chair, Ashley Alder, highlighted a strategic "inflection point" for the regulator, where its objectives of consumer protection, market integrity, and competition must coexist with a new secondary goal of enhancing the UK’s global competitiveness. He stressed that the FCA would not revert to the "light touch" regulation seen before the 2008 financial crisis, acknowledging the trade-offs involved in fostering innovation and economic growth.
In 2024 several reforms increased accountability for directors and officers, exposing them to penalties and/or other actions for breaches. Examples include:
Despite these reforms, the July 2024 report following the Australian Securities and Investments Commission [ASIC] Investigation and Enforcement inquiry conducted by the Senate Standing Committee on Economics and chaired by Senator Andrew Bragg found that:
“Evidence to this inquiry has made clear the deep flaws in ASIC’s approach to investigation and enforcement. Too often, ASIC fails to respond to early warnings of corporate misconduct and does not routinely use the full extent of its powers to achieve strong enforcement outcomes. This approach fails to deliver justice to the victims of corporate crimes, undermines economic productivity and does not deter future poor behaviour…ASIC’s capacity to respond to corporate misconduct is now compromised by significant structural, resourcing and cultural issues.”
The 11 recommendations put forward by the Committee included separating ASIC’s functions between a companies regulator and a separate financial conduct authority, and reversing the current Government’s decision to reduce the frequency of the Financial Regulator Assessment Authority reviews from every two years to every five.
ASIC publishes the enforcement actions it takes. Since 2013, civil penalty actions have progressively increased, peaking at 44 civil penalty actions for the 2022 calendar year but dropping by half to 22 in 2023. According to ASIC, “we select and target our enforcement actions to ensure that we have the greatest impact on the most serious harms within our remit…For this reason…we dedicate our resources to target [Reports of Misconduct] where a large proportion of consumers are affected. This approach helps promote a culture of compliance across Australia’s financial system and the corporate sector more generally”. An enforcement focus of quality over quantity. This focus will be increasingly important as ASIC’s budget is estimated to decrease from AU$592m in 2024-25 to AU$516m in 2027-28.
Senator Bragg, a member of the Coalition party, says that it is unlikely that the recommendations by the Committee will be adopted in th current Labour government term. With the Federal election due this year, Australia may see a change to the focus and funding of corporate regulation and a shift on enforcement actions.
Politics significantly shapes regulatory agendas, influencing policy priorities, legislative changes, appointments andgrowth objectives – which collectively determine the focus and volume of regulatory actions against companies and their D&Os. Despite the incoming changes in the US, UK and Australia, we do not anticipate, however, a significant change in the concern level for D&Os in future surveys - regulatory risk has been, and will continue to be, high on the list of concerns for boards.
