Compliance Survey 2025

The compliance landscape is undergoing fundamental change, driven by increasing regulatory complexity, geopolitical shifts, and rapid technological advancements. While some organisations are adapting by innovating their compliance strategies, others are struggling to keep pace, diverting resources and losing strategic momentum. But what if compliance could be reimagined – not just as a risk management function, but as a way to build trust, enhance resilience, and create competitive advantage?

Long seen as a regulatory burden, compliance is increasingly becoming a source of strategic value. PwC’s Global Compliance Survey 2025 “Moving faster: Reinventing compliance to speed up, not trip up” shows that companies that proactively embed compliance into their broader business strategy and transform their compliance functions – e.g. by tackling technology compliance risks, particularly regarding cyber security and data protection and privacy – not only manage risks more effectively, but also drive efficiency, strengthen stakeholder trust, and position themselves for long-term success. Conversely, those that lag behind may face rising costs, slower responses to market changes, and heightened regulatory pressure.

Swiss findings

Compliance as a strategic enabler

85% of companies say that compliance requirements have become more complex over the past three years, with financial services, industrials, and consumer markets feeling the greatest impact. Without a structured compliance strategy, organisations risk diverting critical resources from core business activities, hindering growth and competitiveness.

71% of organisations are undertaking digital transformation initiatives that require compliance support, reinforcing the growing role of technology in regulatory alignment. Compliance technology is already delivering tangible benefits: 64% report better risk visibility, 53% say it helps identify and mitigate compliance issues faster, and 48% see improved reporting quality. AI is poised to further revolutionise compliance, with key applications in fraud detection, risk assessment, and predictive analytics.

77% of organisations say that compliance challenges are having a negative impact on business growth, particularly in areas such as expansion, partnerships, and innovation. Forward-thinking organisations are changing their approach – seeing compliance not just as a risk management tool, but as a value driver.

The traditional siloed approach to compliance is no longer enough. Companies are increasingly embedding compliance into broader business functions, with 59% reporting greater confidence in decision making due to improved coordination. This ‘connected compliance’ model improves transparency, strengthens culture, and fosters better alignment across the organisation.

Only 7% of companies currently consider themselves leaders in compliance transformation, yet 84% aim to reach that level within three years. Organisations that embrace compliance as a strategic function – leveraging data, AI, and automation – are positioning themselves for long-term success.

The Swiss perspective: adapting to a changing regulatory landscape

The compliance ecosystem has become more complex and interconnected, shaped by continuous transformation, cross-industry innovation, and evolving business models. Compliance is no longer confined to a fixed scope – it’s dynamic, requiring professionals to act as portfolio managers, balancing multiple regulatory requirements.

This growing complexity is particularly relevant to Switzerland. While the country benefits from a well-established regulatory framework, businesses must also navigate an expanding web of global and European regulations. New requirements such as the EU AI Act, Cybersecurity Act, and Omnibus Directive are reshaping compliance expectations and have a direct impact on Swiss companies operating in the European market.

Turning compliance into a competitive advantage

For Swiss companies, the challenge is no longer simply to keep up with regulations – it’s to use compliance as a catalyst for trust, resilience, and innovation. In a landscape of intensifying regulatory demands, companies that view compliance as a strategic asset rather than an obligation will be better positioned for long-term success.

Proactive adaptation is essential. Organisations that integrate compliance into their broader transformation efforts can more effectively manage complexity, accelerate innovation, and differentiate themselves in an increasingly regulated global marketplace.

The most successful organisations will:

Embed compliance into strategic decision-making to align with business objectives
Leverage technology and AI to improve efficiency, risk management, and reporting
Foster a culture of compliance through stronger governance, transparency, and leadership engagement
Move beyond regulatory requirements to position compliance as a driver of trust and market differentiation

Compliance by design: building resilience and trust

Leading compliance functions are moving beyond reactive measures to embrace ‘compliance by design’ – embedding regulatory and policy adherence directly into operations, systems, and decision-making. This approach streamlines processes, reduces risks, and fosters a proactive culture that drives efficiency and innovation. By transforming compliance from a checkbox exercise to a strategic enabler, companies can strengthen governance, build resilience, and drive sustainable growth.

At PwC Switzerland, we help organisations integrate compliance into their core business processes, leveraging technology, data, and best practices to build a future-ready compliance function. Our expertise enables companies to navigate complexity, manage risks, and unlock new opportunities – turning compliance into a driver of trust and competitive advantage.

Winning through compliance innovation

Global regulation – driven by myriad macro forces and crises – is adding unprecedented complexity and cost to companies. Against a backdrop of commercial pressures, some have adapted and become ‘compliance pioneers’, evolving their processes, technology and talent model to mitigate risks, manage cost and offer new insights. For others, this complexity has diverted management attention and resources and undermined confidence, causing them to lose their balance and momentum in pursuing strategic and competitive goals.

But what if there was a different way? A way to reinvent compliance to navigate complexity, build trust, and take risk intelligently to speed up – and stay in the race.

71%

expect to undertake digital transformation initiatives over the next three years that require the support of Compliance.

41%

need support related to new business models.

Source: PwC’s Global Compliance Study 2025

PwC conducted a survey of executives to obtain their perspectives on compliance practices, challenges, and ways they are evolving to remain fit for the future. Our survey represents feedback from:

1,802 executives in the first, second and third line, including business leaders (38%), Chief Compliance Officers (25%), Chief Risk Officers (14%), Chief Audit Executives (9%), and General Counsel/Heads of Legal (5%)
63 territories, covering Europe (29%), North America (26%), Asia Pacific (22%), Latin America (15%), Middle East (6%) and Africa (2%)
A broad mix of industry sectors, including financial services (29%), industrial products and services (20%), technology, media and telecommunications (14%), consumer markets (14%), and health industries (10%)
Companies operating domestically and internationally. 54% have annual revenues greater than US$1 billion

The insights shared in this report can help you to:

Compliance leaders

Optimise your compliance strategies and plan
Build an investment case for compliance transformation
Reposition compliance to have more effective stakeholder conversations
Develop future compliance talent
Reinforce the value of compliance to achieving company objectives

Board and business leaders

Understand how compliance can support reinvention
Leverage compliance to move faster on new commercial initiatives
Address blind spots that undermine market trust
Increase speed-to-market for product innovation • Support measures to increase company resilience
Reinforce need for connected and reliable data

Other second and third line leaders (e.g. risk, internal audit)

Collaborate and align on compliance activities to improve efficiency
Consider new and emerging risk areas and threats
Generate ideas on where data and technology could be shared or co-developed
Reinforce messages on risk and compliance culture

Amongst the findings in our survey

The compliance ecosystem is more complex and connected than ever before, driven by transformation, cross-industry reinvention and new business models. The common denominator is the focus on technology compliance risks, particularly cyber security and data privacy and protection – a top priority for 51% of respondents.
A majority of respondents (77%) stated that their company had been negatively impacted to some or a great extent across several areas that drive growth. This creates an imperative for companies to evolve compliance to alleviate the commercial impact and unlock its upside potential for ‘value creation’.
Companies have to tailor compliance models that are right for them, but ‘connected compliance’ is important for better decision-making, transparency and culture. 59% of respondents cited greater confidence in compliance decision-making because of better coordination.
Compliance technology is already helping companies move faster, navigate complexity, and avoid hazards. For compliance, this includes better visibility of risks and risk management activities (64%), faster identification and proactive response to compliance issues (53%), higher quality/more insightful reporting (48%), and increased productivity and cost savings (43%).
There is a sense of urgency and an opportunity to accelerate transformation and pioneer new approaches. Only 7% of respondents currently consider themselves to be leading in compliance, yet 38% aim to be leading within three years.

Access the full report

Download the PDF

The compliance ecosystem

In today’s world, regulation pervades most areas of a company, and new requirements are emerging with increasing velocity. Regulation is shaping standards relating to products and services, governance and transparency, reporting, tax, sustainability, IT systems and data, ethics and behaviours, workforce, health and safety, and trade and sanctions, amongst others. This is creating a multidimensional risk environment for leaders that operates like an ‘eco-system’ – dynamic and changing and connected across the organisation, value chain, and industry.

Our survey asked executives to rank their top five compliance risk priorities across the regulatory spectrum. Technology is top of the agenda, with cybersecurity and data protection and privacy cited as key priorities for over half of respondents. PwC’s 2025 Global Digital Trust Insights Survey reinforced these priorities. It found that even Chief Information Security Officers (CISOs), who are on the cybersecurity front line, feel less certain than CEOs about cyber compliance capabilities, noting the biggest gaps relate to AI, resilience and critical infrastructure.

Of the priorities listed, corporate governance (40%), Anti-Bribery/Anti-Corruption (ABAC), Anti-Money Laundering (AML) and fraud risks (38%) also ranked high. Whilst these are not new topics, their elevated ranking may reflect the changes underway in various countries and industries to reinforce corporate conduct and transparency rules and to address an uptick in AML and ABAC-related matters, potentially driven by broader economic pressures on companies and individuals. PwC’s Global Economic Crime Survey 2024 found, for example, that 41% of respondents feel anti-corruption laws and enforcement are increasing and becoming more robust in the countries in which they operate. For corporate governance, this may reflect the increased accountability – with real penalties – that Board members, Directors and Non-Executive Directors are subject to and the spectrum of risks they are being asked to manage. Nearly 90% of survey respondents reported their breadth of compliance responsibilities has increased in the last three years.

The commercial conundrum

Despite the importance of regulation in a healthy corporate ecosystem, PwC’s 27th Global CEO Survey found that the regulatory environment was the number one barrier to re-invention, with 64% agreeing that it inhibits their company from delivering value. One significant factor is complexity.

85%

feel that compliance requirements have become more complex in the last three years.

Source: PwC’s Global Compliance Study 2025

It is not surprising that 85% of survey respondents stated that compliance requirements have become more complex in the last three years. This was a trend that was consistently felt across industries, with those in the financial services (FS) (90%), industrials and services (86%), consumer markets (83%), health industries (84%) and TMT (81%) all experiencing the impact of rising regulation. Half of survey respondents have a global remit and must navigate different laws and regulations across multiple jurisdictions, which amplifies compliance complexity. Companies in mature jurisdictions, and with strong, centralised Compliance functions, may find it easier to set minimum standards, but many struggle on how to implement and monitor them consistently across their organisation.

Understanding complexity is important, but it’s just the first step. Arguably the more relevant focus is addressing the negative impact it’s creating. The majority of respondents (77%) stated that their company had been negatively impacted to some or a great extent in five or more areas that can drive growth.-

Driving new decisions

All of this presents a conundrum: If regulation is intended to protect market and industry ecosystems and help them thrive, is the complexity that it has created actually doing the opposite?

Answering this question requires understanding what value can be unlocked by approaching compliance differently, and what companies are doing to reinvent their compliance models. Many companies are relooking at their compliance models to help keep pace with regulation, minimise risk, manage costs, and respond to issues.

Compliance model reinvention

PwC is seeing companies change their approach to compliance in a variety of ways, from incremental improvement to more wide-ranging transformation. This includes:

Centralising and aligning compliance activities, including coordination across first, second and third line
Leveraging new technology, including AI, to automate compliance activities and generate new insights
Consolidating and using data differently to help see and manage compliance risks, and support better decision-making
Embedding compliance mechanisms earlier in product development and strategic initiatives address issues sooner and increase speed-to-market
Changing the compliance talent model and bringing in new capabilities and specialist skills

PwC US’s Risk and Compliance Reimagined paper explores other ideas on how companies are changing their risk and compliance models to unlock hidden savings and performance gains as costs and complexity increase

59%

cited greater confidence in decision-making regarding compliance matters because of better coordination.

Source: PwC’s Global Compliance Study 2025

Some companies have taken the opportunity to relook at the demarcation between the traditional organisational lines in their compliance model, including responsibilities between the first and second lines to reinforce a ‘culture of compliance’ and raise awareness. This has been a focus of companies and regulators in several sectors, particularly FS where there has been an emphasis on conduct and culture.

Earlier involvement of Compliance is one way companies are unlocking the value it can provide, positioning them as an advisor to the business to help identify risks and avoid issues sooner. This may be beneficial for companies with significant research and development (R&D) activities, where competition is increasing pressure to speed up development and bring new products and services to market faster.

Compliance is not just about passing audits. Compliance now requires instrumentation and mechanisms to ensure your obligations, to your customers, are being met - all the time. Organisations that take this responsibility seriously, will enable market trust and confidence in their products. Focus on doing the right things by design and invest in innovation that enables quicker detection and remediation of compliance drift.

Anil Markose, Chief Compliance OfficerOracle SaaS

With increasing value chains, volumes of data, costs, and regulatory complexity, it is no longer practical for companies to manage compliance manually. Compliance functions have been compelled to incorporate technology into their operational models just to remain relevant and keep pace with broader business change. PwC’s Global Investor Survey 2024 found that over 70% of investors identified technological change as the most important factor in encouraging companies to change the way they create, deliver and capture value.

Technology at the heart of compliance

Companies are increasingly using technology to automate, optimise and speed up a range of compliance activities. Our survey found that 49% of respondents are using technology for 11 or more compliance activities. Training (82%), risk assessment (76%), and compliance and transaction monitoring (75%) comprised the top three areas of technology use. This was closely followed by customer due diligence/assessments (75%) and regulatory disclosures and reporting (72%). On average, 82% of companies are planning on investing more in at least one technology to automate and optimise compliance activities, indicating continuing momentum in digitising compliance models.

82%

of companies plan to invest more in technology to drive compliance activities.

Source: PwC’s Global Compliance Study 2025

Our survey showed that technology investment has benefited company compliance activities in a variety of ways. These include better visibility of risks and risk management activities (64%), faster identification and response to compliance issues (53%), higher quality/more insightful reporting (48%), faster/more confident decision-making (46%) and increased productivity, efficiencies and cost savings (43%). Each is important in enabling compliance to help companies move faster in the market, navigate complexity, and avoid hazards.

If these benefits are to be realised, many organisations face a common challenge: data. Whilst technology infrastructure and applications provide the compliance ecosystem backbone, it relies on the flow of accurate, timely and consistent data to function effectively. 63% of respondents, however, said that the complexity and disaggregated nature of data across the organisation made compliance more difficult (this rose to 70% North America). Respondents also cited the reliability and quality (56%) and availability (47%) of data as challenging, along with a lack of skills and experience (47%) to manage and use the data.

Augmented with AI

AI is driving changes to business models, increasing competition, and creating demand for new skills from the workforce. PwC’s 28th Global CEO Survey found that almost half of CEOs say that their biggest priorities over the next three years are integrating AI (including generative AI (GenAI)) into technology platforms as well as business processes and workflows. It also found that those using GenAI report efficiencies in how employees use their time and increases in revenue and profitability.

32%

of companies are not currently piloting or using AI for any compliance activities.

Source: PwC’s Global Compliance Study 2025

This brings new opportunities for compliance too. Our survey found that the majority of respondents (71%) believe that AI will have a net positive impact overall on compliance. Currently just under half (46%) reported piloting or using AI in data and predictive analytics and 36% are piloting or using it for fraud detection. We are seeing examples of sophisticated AI being used in this area as approaches that were pioneered in FS companies are deployed more widely, such as in payment service providers, to analyse and target transactions. There is also significant opportunity to apply such techniques to help non-FS sectors focus on higher risk fraud and compliance scenarios

Many of our clients expect a net positive impact of AI on compliance management. To realise this, it will be crucial to have an aligned AI, data and cyber security risk mitigation strategy as each area is reliant on the others.

Robert Paffen, Risk Services Digital LeaderPwC Germany

Investing in the human ecosystem

Compliance is critical to every part of an organisation. It helps to define its culture, build trust with customers, suppliers, investors, regulators and other stakeholders and gives it a license to operate in a global market that expects transparency and the highest standards from leaders and employees. This means the human dimension of compliance is evolving as quickly as the regulations.

Of the factors companies considered most important in creating a strong compliance culture, senior management sponsorship/’tone at the top’ (55%), employee training and communication (48%), and coordination with compliance teams (37%) were ranked at the top.

Compliance leaders are becoming more adept at embedding ethics and risk-based decision-making into their organisation. This is helping compliance to be ‘built into’ business activities and culture rather than it being a ‘bolt-on’ burden. When combined with technology, this is helping drive effectiveness and cost efficiency and reducing the regulatory burden many firms are facing.

Moira Cronin, Digital Risk PartnerPwC Ireland

Interestingly, Compliance function resources was ranked lower in importance (19%), perhaps indicating the continued shift in responsibility towards the first line rather than reliance on Compliance functions alone. This might also support the view that compliance resourcing in the new risk environment is less about increasing traditional capabilities and capacity, and more about refocusing skills and capabilities.

Leading companies are looking beyond the more one-dimensional talent model and traditional legal, risk and audit backgrounds to incorporate more technology, data, risk modelling, behavioural science, and strategic business experience. Specialist knowledge (53%) and data management (43%) are seen as key skills to maintain effective compliance. More than half of those identifying these skill needs as critical believe their company will have a skills shortage in these areas in the next 12 months.

To unlock real value, compliance professionals need to operate in three dimensions, collaborating with others across the organisation and externally, connect-the-dots, and articulate the upside of compliance in supporting strategic initiatives and transformation.

The Strategic Compliance Officer

For Compliance Leaders, the stakes are higher than ever. In some regulated industries, like FS, Compliance Officers have a high degree of liability. In the past, institutions were fined; now, in some jurisdictions, there are personal liabilities that include being disbarred and fined. From a commercial perspective, the stakes are different but arguably just as serious - the risk of being irrelevant.

This is putting the ‘Strategic Compliance Officer’ at the centre of compliance model reinvention – someone who can help companies see risk, take risk, and manage risk effectively to both protect value and create value.

Looking forward, Compliance has numerous opportunities to demonstrate its value. Survey respondents indicated their companies are planning substantial business changes in the next three years that might require Compliance involvement. Nearly three-quarters (71%), for example, highlighted digital transformation as a key initiative requiring compliance skills, including helping to address cyber and data regulations.

The Rise of the Compliance Pioneer

Our survey shows it is possible – and the right time – to reimagine and reframe compliance to protect the organisation, add more strategic value and be fit for the future. When asked to describe their own level of compliance maturity, just 7% of companies currently consider themselves to be leading, and only 31% classify themselves as mature - yet 84% aim to be leading or mature within three years. This highlights both a sense of urgency and an opportunity to accelerate transformation and pioneer new approaches.

7%

of respondents currently consider their company to be leading.

31%

classify themselves as mature.

84%

aim to be leading or mature within three years.

Source: PwC’s Global Compliance Study 2025

Approximately 10% of respondents are embracing transformation and giving rise to the 'Compliance Pioneer'. These are respondents who state that compliance leadership have a significant level of influence on business decisions, use technology to optimise compliance activities across a high number of areas and report multiple benefits of technology use. This group is more likely to (percentages are Compliance Pioneers vs all others):

Have broad responsibilities - are responsible for a wider number of compliance areas and report that their responsibilities have increased in the last three years (60% vs 41%)
Offer advice - feel that their company’s Compliance function always offers proactive advice (58% vs 31%)
Get involved - have more strategic initiatives planned in the next three years that involve compliance input and involve compliance at all stages of the development of new products and services
Bring in skills - use third-party providers for a range of compliance activities (to bolster capabilities and coverage)
Invest more - plan to invest in tech to optimise/automate compliance and see data management and analytics (56% vs 42%), tech (52% vs 39%) and AI capabilities (30% vs 22%) as important
Use AI - use AI across multiple areas already and are more likely to see AI’s net benefit (88% vs 69%)
Be highly regulated - come from Banking and Capital Markets compared to other sectors (24% vs 15%)

Conclusion: Winning the race

Navigating the new compliance landscape means understanding how fast your company can move, including how quickly it can see and understand emerging risks, access reliable data at the right time, adopt new processes and technology, and train those responsible for compliance. Go too slow and risk being overtaken; move too fast without the right capabilities, and risk missing the gaps and tripping over new requirements. This requires a clear compliance strategy and plan – and the right strategic compliance leadership to drive it.

Shaun Willcocks,Global Risk Markets Leader & Global Internal Audit Leader PwC Japan

The level of regulatory change, shifting stakeholder expectations, and changes in industry ecosystems and macro risks, means that responding in a ‘traditional way’ – more people, more controls – is unlikely to be sustainable. New problems call for new thinking. This requires ‘compliance by design’ that brings together new technology, talent, and a strategic mindset to connect-the-dots across functions and build the data flows into the DNA of the organisation.

Done well, such a design can enable companies to ‘see around corners’ to predict threats and empower the business with confidence to navigate the compliance risk landscape faster, avoid hazards, and maintain trust. Ultimately this is the only way that companies can stay ahead of the regulatory changes and issues that will continue to disrupt the market – and win the race.