How the digital-savvy would modernize compliance

A tech-enabled approach to SOX compliance can lower costs while boosting control efficiencies

Despite two decades of technology advances, most businesses today continue to navigate compliance with a distinctly pre-digital mindset. Many controls and processes, for example, still entail significant manual effort: On average, only 15% of a company’s Sarbanes-Oxley Act (SOX) controls are automated, according to PwC research.

This glacial pace of progress can be explained, in part, by the fact that many business leaders view compliance as an obligation that yields little strategic or competitive value, and thus have not invested in compliance processes at the same rate as other parts of the business.

That’s starting to change. Business executives are waking up to the powerful promises of automation to significantly reduce costs of compliance. PwC’s own analysis suggests that a 15% increase in automation can yield a 10% decrease in the cost of compliance in many companies today. Compliance now represents a prime opportunity to lower costs as companies modernize systems, migrate to the cloud and adopt low-code automation.

What’s more, tech-enabled processes can help reinvigorate overworked compliance teams, deliver meaningful insights early on and rapidly maximize the value of robust compliance and risk assessments. These capabilities are increasingly essential, given the escalating complexity of compliance requirements. In fact, our 2022 Global Risk Survey found that keeping pace with digital transformation and compliance pressures are among today’s top overall business concerns. Almost three-quarters (74%) of respondents told us external compliance requirements are consuming the resources and time of the risk-management function.

Download full report

Contact us

Lauren Massey

Lauren Massey

Principal, Cyber, Risk and Regulatory, PwC US

Jason Colo

Jason Colo

Principal, Cyber, Risk and Regulatory, PwC US

Shane Foley

Shane Foley

Principal, Cyber, Risk & Regulatory, PwC US

Elizabeth McNichol

Elizabeth McNichol

Principal, Enterprise Technology Solutions Leader, Cyber, Risk and Regulatory, PwC US

Jason Josko

Jason Josko

Principal, Cyber, Risk and Regulatory, PwC US

Nick Salazar

Nick Salazar

Director, Cyber, Risk, and Regulatory, PwC US

Follow us