As evolving technological innovations become the norm in todays business environment, company leaders will need to accelerate and implement technology and data-driven processes within the Compliance function.

Today's leaders have to anticipate and mitigate new and emergent risks with the adoption of digital capabilities such as generative AI, and ongoing tech innovations including deceptive marketing, model bias, civil rights, and digital devices. To thrive in the increasing technology-driven business environment, compliance is now a crucial capablity to meet dynamic business needs and the regulatory expectations.

CCOs’ focus on technology

Chief ethics and compliance officers (CCOs) expect the focus on Compliance to increase based on rising regulatory expectations and scrutiny.

Companies are focusing on enhancing technology and data analytics in their ethics and compliance in an effort to help create a dynamic and continuously improving Compliance program. In particular, they are implementing data-driven approaches, investing in strong data governance and controls, maintaining resources, establishing effective operational controls, and implementing automation.

77% of respondents expect generative AI to have the largest impact on their businesses out of all emerging technologies.

Implementing tech and data-driven compliance

How compliance plays a key role in anticipating new and emergent risks
Download report ⤓



2023 KPMG CCO Survey highlights

KPMG!
53 %

look to enhance technology and data analytics

KPMG!
63 %

anticipate increasing their technology budget

KPMG!
44 %

are implementing enterprise technology solutions


Tips to implement an effective tech and data-driven compliance program:

Most CCOs say they are targeting improvement in processes related to industry-specific regulations. As the adoption of the cloud, e-communication technologies and platforms, and digital tools grows along with the increasing use of service providers, regulators warn of potential risks, including information security incidents, cyberattacks, and misuse of consumer data.

Investing in and adopting technological tools requires companies to be diligent in complying with evolving regulations and improving areas such as:

  • Technology risk management 
  • Data integrity and accuracy 
  • Data analytics 
  • Attracting and retaining talent 

To integrate automation into compliance and increase organizational awareness of compliance tools and technology, it is important that data analytics and predictive modelling tools are developed for compliance monitoring and risk management. Although many companies have begun automating processes over the past few years, CCOs are building on this effort and prioritizing automating processes that will enable them to mitigate emerging risks and keep up with changing regulations.

Companies must view compliance as an ongoing process. Viewing Compliance as an investment can help measure its return during ongoing compliance improvements while propelling the organization toward greater effectiveness, sustainability, and efficiencies in its compliance efforts.

Implementing a data-driven approach, investing in strong data governance and controls, maintaining resources, establishing effective controls, and implementing automation will help to create a dynamic and continuously improving Compliance program.


Opportunities to automate

  • Regulatory mapping and change management: Automoation acellerates inventorying regulations from global sources, provides real-time notification of new rules and changes, tracks regulation lifecycles, and facilitates quick impact analysis when obligations change.
  • Manual supervisory tasks: Automation of repetitive manual supervisory tasks enables CCOs and their teams to continue business-as-usual (BAU) processes
  • Monitoring and testing: Automation extracts text from non-machine readable documents to review transaction activity, analyse source dcumentation, aggregate test results for a holistic risk view, and proactively identify compliance failures. It enhances risk coverage, consistency, and identifies meaningful patterns in transactional data for improved compliance insight.
  • Policy management:  Automation tracks policies, protocols, enables approval workflows, certifications, and creates an audit trail.
  • Risk assessments: Automation assigns ratings to inherent risks or mitigating controls as part of the quantitative analysis process. It analyzes structured and unstructured data contained in documentation and prepopulates the information into risk assessment templates for overall document retention. 
  • Third party management: Automation drives down the costs of completing due diligence, particularly on third-party vendors, suppliers, contractors, and customers, which often must be updated, or refreshed, on a recurring basis, potentially in real time

Get in touch

Jonathan Ho blog posts
Jonathan Ho
Partner, Head of Governance & Risk, Advisory and Head of Infrastructure, Government & Healthcare
KPMG in Singapore
Profile | | Phone
Find out how our advisory leaders can help you and your business »

Connect with us


Related content

man sitting in yacht looking at tablet
Risk Management category
Risk transformation — A breath of fresh air for the CRO agenda

Nine focus areas to further enhance the risk function

Blue vortex
Strategy category
Top Risks 2023: The bottom line for business

Globalisation is changing, risk management is evolving with it