On December 9, 2025, the World Bank Group ("WBG") published the newest Integrity Compliance Guidelines ("2025 Guidelines" or "Guidelines") which was revised by the Integrity Compliance Office ("ICO") on November 24, 2025. This was the first revisions of these Guidelines since their creation in 2010 ("2010 Guidelines"). 2025 WBG Guidelines have significantly expanded the core integrity compliance policy from the original 11 indicators as specified in 2010 Guidelines to total 28 compliance standards including 13 "Core Principles" and 15 "Internal Controls".
Updates on Main Revisions
The 2025 Guidelines continue to lead the global integrity compliance best practices by creating some new policies and guidance for developing an integrity compliance program ("ICP") including:
-
Expanded scope of application
While the 2025 Guidelines are intended primarily for entities sanctioned by the WBG, these Guidelines also serve as compliance practical guidance for the entities subject to WBG's investigation and all other entities seeking to improve their corporate compliance management.
-
Minimum requirement of an ICP
2025 Guidelines make clear that, at a minimum, an integrity compliance program should be designed to Prevent, Detect, Investigate, and Remediate the misconduct.
-
Prioritize the integrity risk assessment
2025 Guidelines put the integrity risk Assessment at the top of its "Core Principles", demonstrating the importance attached by the WBG on risk assessment in an integrity compliance program. Such comprehensive integrity risk assessment should be conducted regularly, ideally at least annually, and must cover the entity's entire workforce and business operations.
-
Expanded management role to middle management
2025 Guidelines expand management roles from senior management to managers at all levels including middle management. Managers at all levels should reinforce company's integrity standards and encourage employees to abide by such standards.
-
Publicize mechanism of advice and guidance
2025 Guidelines stress the importance of adopting an effective, confidential mechanism to provide timely advice and guidance on integrity compliance program. Entities are further required to publicize such mechanism in order to make it easily accessible for relevant persons.
-
Compliance control over technology tools
Specifically, detailed instructions are provided for using technology system, such as chatbots, to provide advice and guidance, mandating the accuracy, consistency, confidentiality, and reporting obligation.
-
Remediation mechanisms with disciplinary measures
2025 Guidelines consider the disciplinary measures as part of the various steps of the appropriate remedial actions, and encourage reasonable steps to be taken to remediate and prevent further misconduct.
-
Clear protocol restricting relationships with currently and former public officials and politically exposed persons
2025 Guidelines add a clear protocol requiring entities to impose appropriately tailored restrictions on the remuneration and other commercial compensation for current and former public officials, politically exposed persons("PEP"), and entities associated with such persons.
-
Adopt safeguards procedures for business development
Pursuant to 2025 Guidelines, particular safeguards and procedures should be adopted to prevent and address misconduct in business development process. Accurate and complete disclosure are mandated during all bidding and business development activities. Segretation mechanism should be established to avoid conflict of interests for conflicting roles, such as sales and marketing staff and the personnel who review and approve business proposals.
-
Compliance control over merger and acquisition
This brandnew policy is adopted in the 2025 Guidelines to ensure that other companies, organizations who come under an entity's control through M&A are subject to integrity risk assessment and compliance program prior to their integration into the entity. Entity should also reserve right to exit or cancel the deal if material compliance risks are identified from in the M&A transaction.
In addition to the newly-created compliance policies mentioned above, 2025 Guidelines also refine and optimize the existing integrity policies contained in 2010 Guidelines, such as:
-
Integrity compliance function
2025 Guidelines make clear that a senior officer with adequate independence, authority, autonomy, stature, resources and expertise, should lead and manage company's integrity compliance program.
-
Decision-making process
Senior management and compliance function are clearly designated as appropriate decision-makers in the context of implementing integrity compliance program, taking into consideration of various elements.
-
Training and communication
While the importance of compliance training and communication are continued stressed in 2025 Guidelines as did in 2010 Guidelines, entities are further required to periodically assess the impact of compliance trainings and communication on employee behavior and overall corporate integrity culture, such as through conducting surveys, interviews and other channels for feedback.
-
Duty to report
2025 Guidelines make one step further to require and encourage, not only employees but also external parties including business partners, to report integrity concerns and breaches.
-
Whistleblowing / reporting channels
2025 Guidelines supplement whistleblowing requirements contained in 2010 Guidelines, by further requiring entities to periodically assess employees' awareness of whistleblowing/reporting mechanisms and their comfort level in using the channels.
-
Investigation procedures
In addition to developing and implementing protocols for internally investigating suspected misconduct, 2025 Guidelines encourage entities to establish clear protocols for responding to external investigations and audits in timely and legal manner under the leadership of management and compliance function.
-
Employee due diligence
2025 Guidelines expanded the integrity vetting from personnel of high-risk individuals or positions to all candidate employees, existing employees and members of governance body, especially prior to promotion and reassignment to sensitive positions.
-
Gifts, hospitality, entertainment, travel, and expenses
While repeating the same compliance control measures for G&E as specified in 2010 Guidelines, 2025 Guidelines further mandate the pre-approval by compliance function or other high-ranking persons in the high-risk situations involving gifts, hospitality, entertainment, travel and expenses.
-
Political contribution
In the case of political contribution, entities are required to conduct due diligence on such political contribution, be reviewed by compliance function for potential risks, and obtain the approvals from senior management.
-
Charitable donations and sponsorship
Similarly, 2025 Guidelines mandate to conduct risk-based due diligence on proposed recipients of such charitable donations and sponsorship, to ensure the recipients are reputable and no improper purpose is intended.
-
Facilitation payment
Besides clearly prohibiting facilitation payments, 2025 Guidelines require prompt reporting to compliance function and proper recording in the books and records of the company.
-
Appropriate remuneration and payment
For the payment to business partners, further requirements are added such as, payment should be made through bona fide channels, duly recorded in books and record, supported by proper documentation and receipts, among others.
Key takeaways
The 2025 Guidelines are indicative of the updated expectations by the WBG for international integrity compliance best practices. It is critical for entities, both multinationals and small-medium size enterprises, to be aware of these new trends of the growing landscape of international integrity compliance practice, and utilize the 2025 WBG Guidelines as an important practical guidance to further improve the integrity compliance management to be an integral part of their business operations.
