‘Fight, Fight, Fight’: Why Compliance Still Matters in a Deregulatory Environment

A pause in DOJ enforcement of the FCPA. Potential punishment for companies and federal contractors that have DEI programs. Mass layoffs at government agencies. Sudden reversals on everything from tariffs to Corporate Transparency Act (CTA) reporting. It’s said the only constant is change, and that maxim has certainly been proved accurate in the first several weeks of the second Trump Administration.

While corporate compliance professionals are old hands at adapting to evolving regulations, the blistering pace and vast scope of change is unlike anything seen in decades, whether through the imposition of new legal requirements or the removal of existing ones — or both: Agencies are being asked to identify at least 10 rules or guidance documents they could eliminate for every new one they propose.

The administration’s continued deregulatory push could lead companies to question whether compliance functions still matter as decision-makers perhaps perceive that federal regulatory enforcement is no longer of concern. But that move could actually harm organizations in the long run, observers told CCI. 

“The greatest challenge is preventing organizations from self-inflicted wounds,” said Eric Young, senior managing director at Guidepost Solutions, who cautioned chief compliance officers, management and the board of directors to resist major budget cuts in the area of compliance. “[Companies should] ‘fight, fight, fight’ against the corporate temptation to slash compliance budgets in times of deregulation.” 

Indeed, Young says, it’s the duty of compliance officers to “convince board members and the C-suite that now is especially the right time to hold management accountable.”

Deregulation isn’t necessarily permanent

Periods of deregulation are often only temporary, leaving an organization vulnerable in the long term if compliance resources are diminished. 

“History reveals that deregulation typically leads to major enforcement actions and a return to prescriptive re-regulation,” Young said, citing the savings and loan crisis that followed the Reagan years, the accounting scandals that followed the telecommunications and technology deregulation of the Clinton presidency and the 2008 financial crisis that followed the bank deregulation of the late 1990s.

The risks to an organization that de-emphasizes compliance may be more immediate as well. For example, the DOJ’s FCPA enforcement pause doesn’t mean the agency won’t be investigating corporate conduct, said Eric Morehead, director of advisory services at LRN.

“FCPA cases make up only a tiny fraction of criminal cases against organizations brought by [the DOJ],” Morehead said. “The new administration has already stated that it intends to investigate issues around ‘illegal’ DEI and other ‘fraud’ under the False Claims Act.”

And although a deregulatory wind is blowing through the US, American regulators aren’t the only ones watching, Morehead warned.

“Unlike 25 years ago, when the FCPA first became regularly enforced, there are a myriad of international anti-bribery laws that, for the most part, are even more comprehensive than the FCPA. These laws and these regulators may relish taking up cases that the US will now pass on.” 

FCPA

FCPA Enforcement Is Changing; What Does It Mean for Compliance Programs? [Q&A]

by Jennifer L. Gaskin

February 24, 2025

From international enforcement risks to M&A implications, experts warn against weakening anti-corruption controls despite DOJ's temporary hold

Read moreDetails

Change is nothing new

Even during periods of intense deregulation by one governing body, other governments and standard-setting agencies can continue to establish new rules or guidelines. This is especially true for fast-moving or developing fields, such as the technology industry, where efforts to regulate AI continued across the US and the globe in 2024. 

Rob Gutierrez, senior cybersecurity and compliance manager at Secureframe, cited the frequent regulatory developments in cybersecurity, AI and data privacy, including California’s US-standard-setting regulations. 

Likewise, Brenda Corey, senior vice president of compliance and regulatory at claims management company Sedgwick, observed the blossoming of AI regulation that’s already happening at the state level. 

“[States] have begun to take the lead with their own guidance on this technology,” Corey said, noting that state departments of insurance have been issuing bulletins on the topic. Other fields have a similarly fast-paced rate of regulatory change, including employment, privacy and workers’ compensation, Corey said. 

The environment is another area where state-level and international bodies have issued a variety of regulations that US companies may need to follow, including the recent EU omnibus package around corporate sustainability and the proliferation of state-level rules regarding so-called “forever chemicals.”

New standards being rolled out at the state and international level further increase the complexity of regulatory compliance, no matter what’s coming out of the White House.

“As countries and states around the world introduce their own standards, our monitoring and maintenance responsibilities grow with increased complexities,” Gutierrez said. “Different governing bodies announce implementation timelines with varying lead times, requiring our team to adapt our platform and processes accordingly.”

Compliance isn’t going anywhere

Experts offered various pieces of advice for dealing with the latest wave of regulatory change, but some lessons about ensuring compliance are timeless. Where the sale or manufacture of products is involved, for example, companies must identify pertinent regulations early enough in a product cycle to minimize costs. 

“One of the biggest challenges is simply understanding the pending regulations early enough to make changes to products or marketing strategies to ensure an organization can stay compliant,” said Cally Edgren, vice president of regulatory and sustainability at supply chain management provider Assent. “When manufacturers find out about a change after they’ve already released products to market, it gets very expensive to redesign and requalify products.”

Generally, experts advised organizations to stay the course, even though it may be tempting to shed compliance roles or tasks to save money.

Disputes over “[b]udget and resources … may become even more difficult in the future,” Morehead said. “Compliance officers are going to have to become more educated about the risks and dangers ahead and be prepared to make the case” for compliance resources “against strong headwinds.”