Our thinking

2023 Global compliance risk benchmarking survey

In collaboration with

KPMG

 

Industry perspectives on the state of compliance today and effective strategies for managing compliance risk within the changing regulatory landscape

 

Introduction

Darryl Lew
Partner
White & Case LLP
T: +1 202 626 3674

Matthew McFillin
Partner, Forensic Services
KPMG LLP
T: +1 267-256-2647

In today's fast-paced and interconnected world of global business, a robust and comprehensive compliance program is not merely a choice, but a critical imperative for any organization. Drawing on the opinions of 201 senior decision-makers from more than 30 countries.

White & Case LLP and KPMG LLP's "2023 Global compliance risk benchmarking survey" offers powerful insights into compliance practices across industries worldwide and strategies employed by companies to manage their compliance risks—from anti-corruption risk assessments, third-party management and employee risk awareness to environmental, social and governance (ESG) practices and cybersecurity.

Among the key findings are the importance of regular anti-corruption risk assessments and robust third-party management practices—essential components for creating a culture of compliance and transparency.

Use of data analytics is gaining momentum in compliance programs, though many companies are still in the developmental stage. Testing anti-corruption programs for effectiveness is crucial, as is consistent measurement of hotline awareness and effectiveness, along with addressing employee concerns about hotline integrity.

ESG has increasingly become an area of focus, but our respondents reveal a lack of consistency in addressing ESG risks. This inconsistency in approach can hinder the effective implementation of organization-wide policies and procedures and lead to uncertainty among employees. Clearer guidance and communication are essential in navigating the complexities of ESG and ensuring successful integration into business practices.

Looking ahead, cybersecurity takes center stage as the top compliance priority for the next 12 months, as safeguarding sensitive data and proactively addressing digital threats become more important than ever.

By proactively addressing these compliance challenges, organizations can ensure ethical business practices, mitigate risks and safeguard their reputation in an increasingly complex regulatory environment. We hope you will find our "2023 Global compliance risk benchmarking survey" an insightful read.

Key insights at-a-glance

Drawing on the opinions of 201 senior decision-makers from more than 30 countries, White & Case LLP and KPMG LLP's "2023 Global compliance risk benchmarking survey" offers insights into compliance practices across industries worldwide and strategies employed by companies to manage their compliance risks—from anti-corruption risk assessments, third-party management and employee risk awareness to ESG practices and cybersecurity.

In today’s fast-paced and interconnected world of global business, a robust and comprehensive compliance program is not merely a choice, but a critical imperative for any organization

Key insights at-a-glance View full image: Key insights at-a-glance (PDF)

Global compliance risk benchmarking survey: ABC risk assessments

Read 2 min. article
tea garden

Global compliance risk benchmarking survey: Third-party management

Read 7 min. article
labyrinth garden

Use of data analytics in compliance programs

Read 2 min. article
mountain tea garden aerial

Global compliance risk benchmarking survey: Monitoring and review

Read 2 min. article
labyrinth

Global compliance risk benchmarking survey: Compliance escalations

Read 6 min. article
maze aerial view

Global compliance risk benchmarking survey: ESG

Read 6 min. article
garden maze

Impact of remote working on compliance and investigations

Read 2 min. article
aerial view of tea plantation

Looking to the future: Cybersecurity tops the list of compliance priorities for the next 12 months

Read 1 min. article
garden maze

Survey methodology and demographics

Read 1 min. article
corn maze
aerial view of tea plantation

Impact of remote working on compliance and investigations

In collaboration with

KPMG

Insight
|
2 min read

Key takeaways

01

Modest increases in compliance investments and efforts during COVID-19

02

Compliance escalations increased for small and medium-sized companies during COVID-19—and declined for the largest companies

03

Compliance and Ethics headcount stayed even during COVID-19, with pronounced growth in financial institutions, consumer & retail and technology, media & telecommunications

04

Dedicated compliance headcount remains lean at small and mid-sized companies

05

Companies anticipate expanding the use of remote technologies for internal investigations during the next 12 months

Modest increases in compliance investments and efforts during COVID-19

COVID-19 normalized remote interview/meeting practices that were episodic before the pandemic

Responses show that, overall, compliance teams experienced a slight uptick in budgets, headcount and compliance activities during the COVID-19 pandemic.

Respondents were more than twice as likely to report an increase in compliance budgets than a decrease (31% versus 13%).

Companies were more likely to report an increase in compliance escalations (25%) than a decrease (15%).

Respondents were twice as likely to increase compliance headcount (22%) as decrease it (11%) during this period.

Consistent with these findings, four in ten respondents stated that they increased compliance communications and training during COVID-19.

In your opinion, how has remote working during the COVID-19 pandemic affected...(PNG) View full image: In your opinion, how has remote working during the COVID-19 pandemic affected... (PDF)

Compliance escalations increased for small and medium-sized companies during COVID-19—and declined for the largest companies

The greatest decline in escalations occurred at companies with more than 50,000 employees. While respondents were more likely to report an increase in compliance escalations than a decrease, the trend was reversed for the largest companies. One in four respondents with more than 50,000 employees reported a moderate or significant decrease (26%) in compliance escalations during the COVID-19 pandemic.

Similarly, more than 50% of companies that regularly receive high escalation volumes (i.e., 500+ escalations per year) stated that they experienced a decline in compliance escalations.

Compliance teams at these companies may wish to explore whether these declines were related to a general decrease in high-risk activities during the COVID-19 pandemic and/or whether remote working may have caused an underreporting of compliance issues, which, in turn, could inform thinking about remote work policies going forward.

How has remote working during the COVID-19 pandemic affected compliance escalations volume? (PNG) View full image: How has remote working during the COVID-19 pandemic affected compliance escalations volume? (PDF)

Dedicated compliance headcount remains lean at small and mid-sized companies

A majority of respondents (58%) reported having fewer than 20 dedicated Compliance and Ethics staff.

55% of companies with between 10,000 and 50,000 employees reported having fewer than 20 dedicated compliance personnel.

More than two in ten (21%) companies with more than 50,000 employees reported having fewer than 20 dedicated compliance personnel. This would suggest a maximum ratio of 2,500 employees per single member of the Compliance and Ethics function.

Excluding internal audit, how many people in your company are responsible for carrying out the Compliance and Ethics function? View full image: Excluding internal audit, how many people in your company are responsible for carrying out the Compliance and Ethics function? (PDF)

Companies anticipate expanding the use of remote technologies for internal investigations over the next 12 months

COVID-19 normalized remote interview/meeting practices that were episodic before the pandemic. Before February 2020, only 30% of respondents conducted most or all interviews remotely, and 13% of respondents conducted most or all meetings with government authorities remotely.

February 2020 – August 2022: 74% of respondents conducted most or all interviews remotely, and 48% of respondents conducted most or all meetings with government authorities remotely.

Next 12 months: 62% of respondents anticipate conducting most or all interviews remotely, and 38% of respondents anticipate conducting most or all meetings with government authorities remotely.

In internal investigations, what percentage of the following activities were/will be conducted remotely in the following time periods? (PNG) View full image: In internal investigations, what percentage of the following activities were/will be conducted remotely in the following time periods? (PDF)

White & Case means the international legal practice comprising White & Case LLP, a New York State registered limited liability partnership, White & Case LLP, a limited liability partnership incorporated under English law and all other affiliated partnerships, companies and entities.

This article is prepared for the general information of interested persons. It is not, and does not attempt to be, comprehensive in nature. Due to the general nature of its content, it should not be regarded as legal advice.

© 2023 White & Case LLP

Service areas

Top