Transforming compliance with advanced strategies and technologies

External forces are exerting a significant impact on compliance risks, challenging and transforming conventional models of compliance. Our survey shows that external stakeholder expectations, a changing regulatory landscape and economic pressures are the top challenges for corporate compliance professionals to maintain business integrity. Organizations need to maximize the impact of their compliance function, and they can do this by elevating the status of compliance in the organization to equal other strategic positions and enhancing its visibility among senior leaders and corporate boards.

Nearly twenty-five percent of compliance and legal professionals surveyed have experienced a significant integrity incident, such as a major fraud, security breach or regulatory violation, in the past two years. It’s critical for companies to learn from their wrongdoing and determine the root causes behind major and repeated violations. Leading-class organizations leverage these insights and lessons to strengthen the compliance environment by fixing operational loopholes, reinforcing compliance weaknesses and improving detection methods in riskier business areas, while also considering the role of new technologies in these improvements.

Organizations should align their compliance priorities with their most critical risks and areas needing enhancement. Compliance and legal professionals rank data privacy and security as the top risk, with fraud and corruption also posing significant concerns. They identified employee training and risk assessments as key compliance areas for improvement. In shaping compliance priorities to address elevated risks and vulnerabilities, leaders should strategically incorporate advancements in technology and artificial intelligence (AI) into the areas of compliance with the greatest forecasted returns on investment, reducing efforts on existing compliance activities and freeing up limited resources.

Today’s business environment places greater strategic value on compliance to manage the risk of corporate misconduct and achieve statutory compliance. Compliance leaders, facing expanding responsibilities to navigate the ever-changing risk landscape, are pursing agile compliance programs fueled by data-driven insights. They need to strategically incorporate technology and drive compliance priorities to manage dynamic risks and demonstrate business value. To enhance these efforts further, leaders can measure the organizational benefits of compliance progress and quantify return on investment to show success.

Technology has advanced the state of whistle-blowing reporting and creation of a speak-up environment, including offering greater ease of reporting and better anonymity and flexibility in reporting. Despite this progress, one in five survey respondents admit to having a concern in the past two years that went unreported, which highlights the continued need to build employee trust in the whistle-blowing process.

Compliance leaders can take direct actions to improve confidence in reporting by addressing the main factors behind employee’s reluctance to report misconduct: corporate accountability and whistle-blower safety. Consider strengthening accountability by demonstrating consistent disciplinary actions, objectivity of the investigation team and transparency in whistle-blower communications. Leaders can advance beyond simple policy statements by embedding specific confidentiality and anti-retaliation protocols to protect whistle-blowers into the report handling process. Finally, they should increase organizational awareness of these measures and their effectiveness through audits of the whistle-blower hotline, sharing audit findings and resulting improvement plans throughout the company.

These tangible efforts go beyond simply encouraging a speak-up culture to actually creating an environment where employees feel secure to report issues, confident that their concerns will be taken seriously and appropriately acted on.

With the rapid acceleration of technology in business, compliance leaders are adopting modern solutions within everyday operations aligned to current business practices and regulatory expectations.

Our survey finds that one in three large corporations are using at least one AI-enabled technology within their compliance environments, most frequently in continuous program improvement, third-party due diligence and ongoing monitoring. Survey respondents identify continuous improvement as the compliance activity that would most benefit from AI and the correlation of disparate data sets as the greatest AI use case. However, organizations struggle with how best to channel AI, citing lack of in-house expertise. Companies overcome this challenge by establishing a cross-functional team responsible for guiding the use of emerging technologies, managing critical risks around privacy, security and transparency; and establishing guardrails aligned with responsible design principles and legal requirements.

Guided by a team of experts and strong risk management, compliance leaders can confidently explore how AI technologies can uplift current compliance efforts and integrate with existing technology capabilities. By using this strategic approach, organizations are better positioned to find long-term success in using digital technologies to achieve overall compliance objectives.

Our survey finds that complying with new and changing regulations is now the top ESG compliance issue. This prompts the need for evaluating and monitoring regulatory developments and obligations as part of a continuous ESG risk assessment.

In meeting ESG statutory reporting requirements, data integrity poses a significant disclosure risk, with concerns over data reliability, consistency and accuracy. This underscores the need for technology-enabled ESG reporting mechanisms and safeguards, with strong monitoring and testing, and the importance of folding sustainability disclosures into the company’s existing public disclosure controls and procedures. Companies should also be aware of greenwashing and include this fraud risk in the company’s compliance program to prevent, detect and address misconduct.

Compliance leaders can deliberately shape the role of compliance within corporate ESG initiatives while they are still developing. The scope of compliance’s responsibilities and authority should center on the areas where it can provide the greatest impact: achieving statutory compliance, mitigating key risks and upholding ethical standards.