Skip to content.

As the EU continues to lead global sustainability, AI requires governance too

PORTLAND, Ore.— December 7, 2023 — NAVEX, the global leader in integrated risk and compliance management software, today announced the highlights of its 2024 Top 10 Risk & Compliance Trends Report. With insight from experts across governance, ethics, compliance, and risk management, it illuminates the forces shaping the risk and compliance landscape in the new year.  

For the past eleven years, NAVEX has professionally guided the governance, risk, and compliance (GRC) market through the publication of a series of much-anticipated annual reports, including the Top 10 Trends Report.  

From the adoption of artificial intelligence (AI) for program excellence to meeting evolving ESG, regulatory and supply chain requirements and effectively managing internal risks, “2024 will be a year for compliance officers to embed their risk management objectives across the enterprise,” said Matt Kelly, CEO, Radical Compliance, in the report’s introduction. “The good news is compliance officers can meet all these challenges with risk-aware decision making that empowers the business to achieve better outcomes.”   

The Top Ten Risk & Compliance Trends for 2024:  

  • AI needs governance too  
    While the technology behind AI is enormously powerful, companies will need to properly govern the channel. Compliance officers will play a pivotal role in helping the enterprise adopt AI in an ethical, legal, sustainable way, establishing enterprise-wide governance. 
  • The EU continues to lead global sustainability 
    ESG regulation driven out of the EU, such as CSRD, CSDDD, and the German Supply Chain Act, are affecting organizations globally. Organizations will need to boost efforts to build a program foundation as the ESG landscape continues to consolidate and enforcement ramps up.   
  • The nth supplier will enter daily supply chain vernacular 
    There are many laws on the horizon likely to upend supply chain due diligence and reporting requirements. Regulators will expect companies to collect and report on large amounts of data about their suppliers’ suppliers as scrutiny of supply chains by all stakeholders grows stronger. 
  • Data related laws continue to proliferate 
    As cyber-attacks escalate, and sanctions regimes become more common and stringent, governments – from the U.K. to California and China – will continue to pass legislations to keep their citizens’ data squarely under their control.   
  • Boards of directors get risk and compliance savvy 
    The increased attention to cybersecurity, data privacy, human rights, third-party risk, and sanctions enforcement means boards will become more fluent in compliance programs. This will lay the groundwork for risk and compliance to be viewed as a strategic imperative for the board.   
  • Sanctions: the “new” FCPA  
    The growing prominence of sanctions and the associated expansion of ESG factors will likely continue unabated, especially as the DOJ has labeled sanctions enforcement as the “new FCPA”.   
  • Evolving DOJ compliance program expectations 
    Next year will see evolving expectations when it comes to corporate claw backs, messaging app communication channels and M&A due diligence. Hinting at things to come, DOJ officials have emphasized data analytics as a key part of an effective compliance program.   
  • Compliance and cybersecurity leaders take their relationship to the next level 
    As the cyber threat landscape intensifies, and regulatory expectations increase, the partnership between cybersecurity and compliance leaders will be key to mitigating insider threats, protecting confidential information, and fortifying programs that can withstand governmental enforcement scrutiny.    
  • Compliance data becomes critical for decision making and business resiliency 
    The best defense against unfavorable outcomes is comprehensive knowledge of an organization’s risk and compliance environment because the regulatory burden of proof requires data. As the number of regulations continues to grow, a framework that ties together data from different systems will be critical to GRC success.    
  • Remote workforces introduce new risks 
    Forward thinking organizations will pay close attention to their own data and published trends to proactively address the emergence of increased susceptibility to fraud, new cyber exploits, and red flags signaling the erosion of ethical culture. CEOs will acknowledge the challenges of this new paradigm, empowering organization-wide ownership of a safe and ethical workplace.

Register for the Top 10 Risk & Compliance Trends for 2024 webinar and find out more about our full report here.  

About NAVEX  

NAVEX is trusted by thousands of customers worldwide to help them achieve the business outcomes that matter most. As the global leader in integrated risk and compliance management software and services, we deliver solutions through the NAVEX One platform, the industry’s most comprehensive governance, risk and compliance (GRC) information system. For more information, visit and our blog. Follow us on Twitter and LinkedIn.