The Federal Government published on July 12 the Decree 11,129/22, which regulates the Anti-Corruption Law and replaces the former Decree 8,420/15. The new decree brought innovations on relevant topics introduced by the Anti-Corruption Law. But, after all, what changes in practice for companies in terms of civil and administrative accountability for acts against public administration?

Verification and accountability

Decree 11.129/22 consolidates other sparse rules that dealt with the investigation and accountability in cases of corruption, such as instructions, ordinances and manuals of the Office of the Comptroller General (CGU) and Attorney General’s Office (AGU), presenting more detailed provisions.

First, the guidelines related to the Preliminary Investigation and the Administrative Proceeding for Accountability (PAR) stand out. The investigative measures available at preliminary investigation are now expressly provided for in the new decree. Productions of evidence previously restricted to the committee responsible for conducting the PAR are available within the framework of preliminary investigation, with emphasis on:

  • precautionary suspension of the effects of the act or the proceedings under investigation;
  • search and seizure requests;
  • requests for banking information on the movement of public resources, although confidential; and
  • requests of tax information.

Decree 11.129/22 also changes the deadline for the conclusion of investigations, which was previously 60 days extendable for another 60, to 180 days extendable, without specifying time and no longer having as a requirement the need for any kind of justification for the extension.


In relation to sanctions, there are also relevant changes in relation to the criteria and percentages of calculation of the fine. In the new decree, the percentages of sum or reduction of the fine now show a gradation in the percentage with no minimum value.

Before, for example, the percentage of reduction of fine for legal entities who had and applied an compliance program aligned with the instructions of the respective regulatory decrees was "1% up to 4%". Decree 11.129/22 provides that the reduction of fines for an integrity program becomes "up to 5%" which, in practice, allows a reduction of any amount. In the old decree, if the evaluation of the compliance program allowed a reduction of 0.8% it would not be applied, because the minimum was 1%.

The new standard brings a stricter approach to illicit public procurement.

Before, the calculation of the fine was based on calculation percentages related to contracts ranging from R$ 1.5 million to R$ 1 billion.

In practical terms, the scale of percentage of fines related to illicit in public contracts was calculated considering contracts with amounts above R$ 1.5 million. Now, this calculation will be done considering contracts starting at R$ 500,000, as follows:

- 1% in the case of contracts with value between R$ 500,000 and R$ 1.5 million;

- 2% in the case of contracts with value above R$ 1.5 million up to R$ 10 million;

- 3% in the case of contracts with value above R$ 10 million up to R$ 50 million;

- 4% in the case of contracts with value above R$ 50 million up to R$ 250 million;

- 5% in the case of contracts with value above R$ 250 million.

Leniency Agreement

There are also changes in multiple provisions on the Leniency Agreement, with the introduction of more conditions for legal entities when concluding an agreement, including, expressly, the duty to fully redress the damage caused and the amounts corresponding to the undue income or unjust enrichment.

Decree 11.129/22 also brought responsibility for monitoring the obligations of adoption, implementation and improvement of the integrity program under the leniency agreement for the CGU. It is worth noting that this monitoring can be carried out directly or indirectly by the CGU, that is, there is also the possibility of hiring an independent third-party monitor by the legal entity.

Whatever the scenario, supervision and evaluation will be responsibility, directly or indirectly, of the CGU, which can waive the monitoring depending on the characteristics of the harmful act, the remediation measures adopted by the legal entity and the public interest.

In order to establish a technical investigation aligned with the provisions of the Anti-Corruption Law itself, the new decree includes, as one of the conditions for concluding the Leniency Agreement, that the legal entity admits its objective responsibility for the harmful acts, replacing the previous wording that dealt with the admission of participation in the violation.

The limitation period in the Leniency Agreement is now interrupted when the Memorandum of Understandings (MoU) is signed. In practice, a longer negotiation period is granted, since the negotiation of the agreement should be closed within 180 days, starting from the date of signature of the MoU, and no longer from the presentation of the proposal, as it was in the old decree.

In addition, by Decree 11.129/22, the Leniency Agreement may contain a clause on the possibility of using an uncontroversial portion of compensation for damage to compensate other amounts in other sanctioning or accountability proceedings, relating to the same facts. This means that due amounts can be compensated in other processes that reference the same facts. There is, however, no specification whether it includes state or municipal processes in this list of possibilities.

Compliance program

With regard to the legal entity compliance program, the recommendations listed in the paragraphs of Art. 57 bring some innovations in relation to the previous decree, such as:

  • the express mention of the allocation of adequate resources for the operation of the program;
  • the inclusion, in addition to periodic training, of periodic communications; and
  • risk-based due diligence, especially related to the hiring of third parties, hiring and supervising politically exposed persons, and conducting and supervising sponsorships and donations.

In addition, the final provisions mention a simplified assessment of the compliance program in the case of very small and small businesses. The regulation will be the responsibility of the CGU.