No matter how you cut it – this was a big year in FCPA enforcement. Not just because of the large enforcement actions but the scope and depth of enforcement, remediation and compliance program demands.

We are witnessing a significant turning point in FCPA enforcement in which the Justice Department and the SEC are slowly but surely pushing companies to embrace a more robust ethics and compliance framework. At the same time, however, we have yet to see the big post-Yates push in the indictment of individuals as part of these enforcement actions. It may be early but it is inexplicable that several of the more significant enforcement actions have not yielded as of 2017 appropriate individual prosecutions.

Here are some specific trends:

Coordination of international anti-corruption enforcement: Even before the blockbuster, global enforcement action against Odebrecht and Baskrem, DOJ was increasing its coordination efforts with foreign jurisdictions, training prosecutors, and building relationships with law enforcement agencies. In many respects this is a welcome development, not because of increased enforcement capabilities, but the reduction of duplicative prosecutions by separate countries for similar conduct. In the end, companies face increased risks of detection because one country might discover potential bribery and then enlist the aid of other countries to assist in a joint investigation.

Return of corporate monitors: With the big bang of FCPA enforcement at the close of the year, DOJ imposed independent compliance monitorships in eight separate cases. DOJ’s reliance on corporate monitors reflects the severity of the underlying FCPA violations, the failure of the companies to embrace robust remediation programs, and DOJ’s lack of confidence in company leadership to meet exacting remediation standards.

Remediation deficiencies: In a related vein, DOJ is reviewing corporate remediation efforts with an exacting eye to ensure that companies meeting the standards set out in the FCPA Pilot Program memorandum. In several significant cases, DOJ failed to award companies credit for remediation, costing companies millions of dollars, because of a company’s failure to impose discipline against officers and employees who were either responsible for the conduct or know or should have known about such conduct.

Compliance program requirements: The impact of DOJ’s Compliance Counsel, Hui Chen, has been significant. First, in the April 2016 FCPA Pilot Project Memorandum, DOJ outlined increased requirements for compliance program standards and remediation. Second, as is evident from DOJ’s enforcement efforts, companies are being held to a higher overall standard when it comes to ethics and compliance program. DOJ appears to be well aware of compliance program developments, the advent of new technologies, and the importance of internal controls to implementation of an effective ethics and compliance program.

Due diligence and third party risk management: As part of DOJ’s rising expectations for company ethics and compliance programs, DOJ has focused on third party risk management. DOJ is not focused solely on whether a company conducted due diligence of a prospective third party representative but on the quality of the due diligence conducted, both procedurally and substantively. For example, the fact that Och-Ziff conducted due diligence of a prospective joint venture partner, identified red flags and then engaged in an internal debate among senior executives as to the hiring of the third party was reviewed and criticized by DOJ. In other words, Och Ziff’s resolution of the red flags and the information that it based its decision on was insufficient to meet relevant due diligence standards.

Focus on internal controls: Over the last few years, DOJ and the SEC have devoted increased attention to company internal controls. Not in a generic or macro sense but in drilling down to examine how specific controls worked at a company that either developed huge risks of bribery or companies that engaged in bribery. For example, the SEC has reviewed companies’ internal controls to determine how effective their controls governing invoice to payment were operating.

These trends are significant and can be expected to continue into 2017. The interesting question remains — what new trends may appear on the FCPA enforcement horizon?