Moving faster: Reinventing compliance to speed up, not trip up

Winning through compliance innovation

Global regulation – driven by macro forces and crises – is adding unprecedented complexity and cost. While some companies have become compliance pioneers, adapting processes, technology, and talent to mitigate risks and offer insights, others find themselves overwhelmed, diverting resources and losing momentum.

But what if compliance could be reinvented? A more strategic approach could help navigate complexity, build trust, and take risks intelligently to stay ahead.

Amongst the findings in our survey

1. The compliance ecosystem is more complex and connected than ever before, driven by transformation, cross-industry reinvention and new business models. The common denominator is the focus on technology risks, particularly cyber security and data privacy and protection – a top priority for 51% of respondents.
2. A majority of respondents (77%) stated that their company had been negatively impacted to some or a great extent by compliance complexity across several areas that drive growth. This creates an imperative for companies to evolve compliance to alleviate the commercial impact and unlock its potential for ‘value creation’.
3. Companies have to tailor compliance models that are right for them, but ‘connected compliance’ is important for better decision-making, transparency and culture. 59% of respondents cited greater confidence in compliance decision-making because of better coordination.
4. Compliance technology is already helping companies move faster, navigate complexity, and avoid hazards. This includes better visibility of risks and risk management activities (64%), faster identification and proactive response to compliance issues (53%), higher quality/more insightful reporting (48%), and increased productivity and cost savings (43%).
5. There is a sense of urgency and an opportunity to accelerate transformation and pioneer new approaches. Only 7% of respondents currently consider themselves to be leading in compliance, yet 38% aim to be leading within three years.

This web report contains the summary version. Download our report for the full version.

In today’s world, regulation is evolving rapidly, influencing governance, transparency, IT systems, sustainability, workforce, trade, sanctions and other critical areas. As new requirements emerge, businesses face a dynamic, interconnected risk ecosystem that spans their operations, value chains, and industries.

Our survey asked executives to rank their top five compliance risk priorities. Technology, cybersecurity, data protection and privacy emerged as key priorities for over half of respondents. PwC’s 2025 Global Digital Trust Insights Survey reinforced this, revealing that even Chief Information Security Officers (CISOs) feel less certain than CEOs about cyber compliance, particularly in AI, resilience, and critical infrastructure.

Corporate governance (40%), Anti-Bribery/Anti-Corruption (ABAC), Anti-Money Laundering (AML) and fraud risks (38%) also ranked high. Their prominence reflects global efforts to strengthen corporate conduct rules and address rising AML and ABAC-related matters amid economic pressures. PwC’s 2024 Global Economic Crime Survey found that 41% of respondents see stronger anti-corruption laws and enforcement. Additionally, growing accountability for Boards and Directors has led to expanded compliance responsibilities, with nearly 90% of executives reporting an increased scope in the past three years.

Despite the importance of regulation in a healthy corporate ecosystem, PwC’s 27th Global CEO Survey found that the regulatory environment was the number one barrier to re-invention, with 64% agreeing that it inhibits their company from delivering value. One significant factor is complexity.

It is no surprise that 85% of survey respondents say compliance requirements have become more complex in the past three years. This trend spans industries, with those in financial services (90%), industrials and services (86%), consumer markets (83%), health industries (84%), and TMT (81%) all experiencing the impact of rising regulation. Half of respondents with a global remit face additional complexity navigating different laws and regulations across jurisdictions, which amplifies compliance complexity. While companies in mature jurisdictions with centralised Compliance functions may set minimum standards, many struggle to implement and monitor them consistently.

Understanding complexity is key, but more important is addressing its negative impact, with 77% of respondents saying their company has been adversely affected in five or more growth driving areas.

Driving new decisions

All of this presents a conundrum: If regulation is intended to protect market and industry ecosystems and help them thrive, is the complexity that it has created actually doing the opposite?

Answering this question requires understanding what value can be unlocked by approaching compliance differently, and what companies are doing to reinvent their compliance models. Many companies are relooking at their compliance models to help keep pace with regulation, minimise risk, manage costs, and respond to issues.

PwC is seeing companies change their approach to compliance in a variety of ways, from incremental improvement to more wide-ranging transformation. This includes:

• Centralising and aligning compliance activities, including coordination across first, second and third line
• Leveraging new technology, including AI, to automate compliance activities and generate new insights
• Consolidating and using data differently to help see and manage compliance risks, and support better decision-making
• Embedding compliance mechanisms earlier in product development and strategic initiatives address issues sooner and increase speed-to-market
• Changing the compliance talent model and bringing in new capabilities and specialist skills

PwC US’s Risk and Compliance Reimagined paper explores other ideas on how companies are changing their risk and compliance models to unlock hidden savings and performance gains as costs and complexity increase.

Some companies have taken the opportunity to relook at the demarcation between the traditional organisational lines in their compliance model, including responsibilities between the first and second lines to reinforce a ‘culture of compliance’ and raise awareness. This has been a focus of companies and regulators in several sectors, particularly FS where there has been an emphasis on conduct and culture.

Earlier involvement of Compliance is one way companies are unlocking the value it can provide, positioning them as an advisor to the business to help identify risks and avoid issues sooner. This may be beneficial for companies with significant research and development (R&D) activities, where competition is increasing pressure to speed up development and bring new products and services to market faster.

Companies are increasingly using technology to automate, optimise and speed up a range of compliance activities. Our survey found that 49% of respondents are using technology for 11 or more compliance activities. Training (82%), risk assessment (76%), and compliance and transaction monitoring (75%) comprised the top three areas of technology use. This was closely followed by customer due diligence/assessments (75%) and regulatory disclosures and reporting (72%). On average, 82% of companies are planning on investing more in at least one technology to automate and optimise compliance activities, indicating continuing momentum in digitising compliance models. 

Our survey showed that technology investment has benefited company compliance activities in a variety of ways. These include better visibility of risks and risk management activities (64%), faster identification and response to compliance issues (53%), higher quality/more insightful reporting (48%), faster/more confident decision-making (46%) and increased productivity, efficiencies and cost savings (43%). Each is important in enabling compliance to help companies move faster in the market, navigate complexity, and avoid hazards.

If these benefits are to be realised, many organisations face a common challenge: data. Whilst technology infrastructure and applications provide the compliance ecosystem backbone, it relies on the flow of accurate, timely and consistent data to function effectively. 63% of respondents, however, said that the complexity and disaggregated nature of data across the organisation made compliance more difficult (this rose to 70% North America). Respondents also cited the reliability and quality (56%) and availability (47%) of data as challenging, along with a lack of skills and experience (47%) to manage and use the data.

Augmented with AI

AI is driving changes to business models, increasing competition, and creating demand for new skills from the workforce. PwC’s 28th Global CEO Survey found that almost half of CEOs say that their biggest priorities over the next three years are integrating AI (including generative AI (GenAI)) into technology platforms as well as business processes and workflows. It also found that those using GenAI report efficiencies in how employees use their time and increases in revenue and profitability.

This brings new opportunities for compliance too. Our survey found that the majority of respondents (71%) believe AI will have a positive overall impact on compliance. Currently, 46% are using AI in data and predictive analytics, and 36% in fraud detection.

Compliance is vital across an organization, shaping culture, building trust, and enabling global operations. As regulations evolve, so does the human dimension of compliance.

Key factors companies considered most important for a strong compliance culture include senior management sponsorship (55%), employee training and communication (48%), and coordination with compliance teams (37%). Notably, compliance function resources ranked lower (19%), indicating a shift toward first line responsibility and a focus on skills and capabilities.

Leading companies seek expertise beyond legal, risk and audit backgrounds, prioritizing specialist knowledge (53%) and data management (43%). More than half of those identifying these skill needs as critical foresee a skills shortage in these areas within next 12 months. To drive value, compliance professionals need to operate in three dimensions, collaborate with others, connect insights and align compliance with strategic goals.

Compliance Leaders face higher stakes than ever. In some regulated industries, like financial services, Compliance Officers have a high degree of liability. In the past, institutions were fined; now, in some jurisdictions, there are personal liabilities that include being disbarred and fined. Beyond penalties, the commercial perspective is equally serious: the risk of being irrelevant.

This is putting the ‘Strategic Compliance Officer’ at the centre of compliance model reinvention – someone who can help organizations see, take and manage risk effectively to both protect and create value.

Looking forward, Compliance has significant opportunities to demonstrate its value. Survey respondents highlighted substantial business changes in the next three years that might require Compliance involvement. This includes digital transformation, as 71% noted the need for compliance skills to address cyber and data regulations.

The Rise of the Compliance Pioneer

Our survey shows it is possible – and the right time – to reimagine compliance to protect the organization and add strategic value. While only 7% of companies currently see themselves as leaders in compliance maturity, 84% aim to be leading or mature within three years, signaling both urgency and an opportunity to accelerate transformation.

Approximately 10% of respondents are embracing transformation and giving rise to the 'Compliance Pioneer'. These are respondents who state that compliance leadership have a significant level of influence on business decisions, use technology to optimise compliance activities across a high number of areas and report multiple benefits of technology use. This group is more likely to (percentages are Compliance Pioneers vs all others):

• Have broad responsibilities - are responsible for a wider number of compliance areas and report that their responsibilities have increased in the last three years (60% vs 41%)
• Offer advice - feel that their company’s Compliance function always offers proactive advice (58% vs 31%)
• Get involved - have more strategic initiatives planned in the next three years that involve compliance input and involve compliance at all stages of the development of new products and services
• Bring in skills - use third-party providers for a range of compliance activities (to bolster capabilities and coverage)
• Invest more - plan to invest in tech to optimise/automate compliance and see data management and analytics (56% vs 42%), tech (52% vs 39%) and AI capabilities (30% vs 22%) as important
• Use AI - use AI across multiple areas already and are more likely to see AI’s net benefit (88% vs 69%)
• Be highly regulated - come from Banking and Capital Markets compared to other sectors (24% vs 15%)

The level of regulatory change, shifting stakeholder expectations, and changes in industry ecosystems and macro risks, means that responding in a ‘traditional way’ – more people, more controls – is unlikely to be sustainable. New problems call for new thinking. This requires ‘compliance by design’ that brings together new technology, talent, and a strategic mindset to connect-the-dots across functions and build the data flows into the DNA of the organisation.

Done well, such a design can enable companies to ‘see around corners’ to predict threats and empower the business with confidence to navigate the compliance risk landscape faster, avoid hazards, and maintain trust. Ultimately this is the only way that companies can stay ahead of the regulatory changes and issues that will continue to disrupt the market – and win the race.

About the survey

PwC conducted a survey of executives to obtain their perspectives on compliance practices, challenges, and ways they are evolving to remain fit for the future. Our survey represents feedback from:

• 1,802 executives in the first, second and third line, including business leaders (38%), Chief Compliance Officers (25%), Chief Risk Officers (14%), Chief Audit Executives (9%), and General Counsel/Heads of Legal (5%)
• 63 territories, covering Europe (29%), North America (26%), Asia Pacific (22%), Latin America (15%), Middle East (6%) and Africa (2%)
• A broad mix of industry sectors, including financial services (29%), industrial products and services (20%), technology, media and telecommunications (14%), consumer markets (14%), and health industries (10%)
• Companies operating domestically and internationally. 54% have annual revenues greater than US$1 billion