PwC’s Global Compliance Survey 2025 — Irish edition

Reinventing compliance: navigate complexity, build trust, take smart risks

Global regulation is adding unprecedented complexity and cost to businesses. Some companies have become compliance pioneers, evolving their processes, technology and talent to mitigate risks and gain insights. Others struggle, losing focus on strategic goals. PwC’s Global Compliance Survey 2025 offers a new perspective. It highlights how organisations can reinvent compliance to navigate complexity, build trust and take intelligent risks to stay competitive. The survey captures insights from 1,802 executives across 63 territories and various industries, representing diverse roles in compliance, risk management, and business leadership. It provides a comprehensive view of global compliance practices, challenges and future-focused strategies.

The insights shared in this report can help you in the following ways:

Our compliance survey reveals key findings for Irish leaders, each detailed further in this report to underscore their importance for Irish organisations:

1. The compliance ecosystem is more complex and connected than ever before, driven by transformation, cross-industry reinvention and new business models. The common denominator is the focus on technology compliance risks, particularly cybersecurity and data privacy and protection — a top priority for over half of Irish and global respondents.
2. Most Irish respondents (94% versus 77% of global respondents) stated that their company had been negatively impacted to some or a great extent across several areas that drive growth. This creates an imperative for companies to evolve compliance to alleviate the commercial impact and unlock its upside potential for value creation.
3. Companies have to tailor compliance models that are right for them, but ‘connected compliance’ is important for better decision-making, transparency and culture. 59% of respondents cited greater confidence in compliance decision-making because of better coordination.
4. Compliance technology is already helping Irish organisations move faster, navigate complexity and avoid hazards. This includes higher quality/more insightful reporting (69% versus 48% globally), better visibility of risks and risk management activities (66% versus 64% globally), faster identification and proactive response to compliance issues (66% versus 53% globally), and increased productivity and cost savings (53% versus 43% globally).
5. There is a sense of urgency and an opportunity to accelerate transformation and pioneer new approaches. Only 9% of Irish respondents (7% globally) currently consider themselves to be leading in compliance, yet 47% aim to be leading within three years (38% globally).

This webpage contains the summary version. Download the full report here.

In today’s world, regulation pervades most areas of a company, and new requirements are emerging with increasing velocity. Regulation is shaping standards relating to products and services, governance and transparency, reporting, tax, sustainability, IT systems and data, ethics and behaviours, workforce, health and safety, and trade and sanctions, among others. This is creating a multidimensional risk environment for leaders that operates like an ecosystem — dynamic and connected across the organisation, value chain and industry.

Our survey asked Irish and global executives to rank their top five compliance risk priorities across the regulatory spectrum. Technology is high on the agenda for both Irish and global respondents, with cybersecurity and data protection and privacy cited as key priorities for over half of respondents. PwC’s 2025 Global Digital Trust Insights Survey reinforced these priorities. It found that even Chief Information Security Officers (CISOs), who are on the cybersecurity front line, feel less certain than CEOs about cyber compliance capabilities, noting that the biggest gaps relate to AI, resilience and critical infrastructure.

Interestingly, of the priorities listed, Anti-Bribery/ Anti-Corruption (ABAC), Anti-Money Laundering (AML) and fraud risks ranked highest for Irish respondents (63%) and significantly higher than 38% of global respondents. While this is not a new topic, its elevated ranking may reflect the changes underway to address an uptick in AML and ABAC-related matters, potentially driven by broader economic pressures on companies and individuals. PwC’s Global Economic Crime Survey 2024 found, for example, that 41% of respondents feel anti-corruption laws and enforcement are increasing and becoming more robust in the countries in which they operate. Nearly 90% of survey respondents reported that their breadth of compliance responsibilities has increased in the last three years.

There is one notable difference between Irish and global survey responses regarding the prioritisation of consumer protection as a compliance risk. 41% of Irish respondents had consumer protection in their top five priorities (compared to only 9% of global respondents), perhaps reflecting the expected publication of the Consumer Protection Code (Revision) in 2025, with an implementation date in 2026.

Despite the importance of regulation in a healthy corporate ecosystem, PwC’s 27^th Global CEO Survey found that the regulatory environment was the number one barrier to reinvention, with 64% agreeing that it inhibits their company from delivering value. One significant factor is complexity.

Despite the importance of regulation in a healthy corporate ecosystem, PwC’s 27^th Global CEO Survey found that the regulatory environment was the number one barrier to reinvention, with 64% agreeing that it inhibits their company from delivering value. One significant factor is complexity.

It is not surprising that 97% of Irish survey respondents stated that compliance requirements have become more complex in the last three years (85% globally). This was a trend that was consistently felt across industries, with those in financial services (90%), industrials and services (86%), consumer markets (83%), health industries (84%), and technology, media and telecommunications (81%) all experiencing the impact of rising regulation. Half of survey respondents have a global remit and must navigate different laws and regulations across multiple jurisdictions, which amplifies compliance complexity. Companies in mature jurisdictions, and with strong, centralised compliance functions, may find it easier to set minimum standards. However, many struggle to implement and monitor them consistently across their organisation.

Understanding complexity is important, but it’s just the first step. Arguably, the more relevant focus is addressing the negative impact it’s creating. Most Irish respondents (94% versus 77% of global respondents) stated that their company had been negatively impacted to some or a great extent in five or more areas that can drive growth.

Negative impacts of increased complexity

Driving new decisions

All of this presents a conundrum: if regulation is intended to protect market and industry ecosystems and help them thrive, is the complexity it has created actually doing the opposite?

Answering this question requires understanding what value can be unlocked by approaching compliance differently, and what companies are doing to reinvent their compliance models. Many companies are re-examining their compliance models to help keep pace with regulation, minimise risk, manage costs and respond to issues.

We see companies change their approach to compliance in a variety of ways, from incremental improvement to more wide-ranging transformation. This includes:

• Centralising and aligning compliance activities, including coordination across first, second and third lines of defence;
• Leveraging new technology, including AI, to automate compliance activities and generate new insights;
• Consolidating and using data differently to help see and manage compliance risks, and support better decision-making;
• Embedding compliance mechanisms earlier in product development and strategic initiatives to address issues sooner and increase speed-to-market; and
• Changing the compliance talent model and bringing in new capabilities and specialist skills.

Some companies have taken the opportunity to re-examine the demarcation between the traditional organisational lines in their compliance model, including responsibilities between the first and second lines to reinforce a ‘culture of compliance’ and raise awareness. This has been a focus of companies and regulators in several sectors, particularly financial services where there has been an emphasis on conduct and culture.

Earlier involvement of compliance is one way companies are unlocking the value it can provide, positioning it as an advisor to the business to help identify risks and avoid issues sooner. This may be beneficial for companies with significant research and development (R&D) activities, where competition is increasing pressure to speed up development and bring new products and services to market faster.

With increasing value chains, volumes of data, costs and regulatory complexity, it is no longer practical for companies to manage compliance manually. Compliance functions have been compelled to incorporate technology into their operational models just to remain relevant and keep pace with broader business change. PwC’s Global Investor Survey 2024 found that over 70% of investors identified technological change as the most important factor in encouraging companies to change the way they create, deliver and capture value.

Irish companies are increasingly using technology to automate, optimise and speed up a range of compliance activities. Our survey found that 49% of respondents are using technology for 11 or more compliance activities. Training (85% versus 82% globally), customer due diligence/assessments (75% versus 75% globally), and compliance and transaction monitoring (72% versus 75% globally) comprised the top three areas of technology use for Irish organisations. This was closely followed by media monitoring and screening (71% versus 64% globally). On average, 82% of companies plan to invest more in at least one technology to automate and optimise compliance activities, indicating continuing momentum in digitising compliance models.

Our survey showed that technology investment has benefited Irish company compliance activities in a variety of ways. These include higher quality/more insightful reporting (69% versus 48% globally), better visibility of risks and risk management activities (66% versus 64% globally), faster identification and response to compliance issues (66% versus 53% globally), increased productivity, efficiencies and cost savings (53% versus 43% globally) and quicker identification and response to regulatory changes (41% versus 42% globally). Each is important in enabling compliance to help companies move faster in the market, navigate complexity and avoid hazards.

If these benefits are to be realised, many organisations face a common challenge: data. While technology infrastructure and applications provide the compliance ecosystem backbone, it relies on the flow of accurate, timely and consistent data to function effectively. 63% of both Irish and global respondents, however, said that the complexity and disaggregated nature of data across the organisation made compliance more difficult. Irish respondents also cited the lack of technology/tools to support use of data (50% versus 42% globally), reliability and quality (44% versus 56% globally) and availability (44% versus 47% globally) of data as challenging, along with a lack of skills and experience (44% versus 47% globally) to manage and use the data.

Augmented with AI

AI is driving changes to business models, increasing competition and creating demand from the workforce for new skills. PwC’s 28^th Global CEO Survey found that almost half of CEOs say their biggest priorities over the next three years are integrating AI (including generative AI (GenAI)) into technology platforms as well as business processes and workflows. It also found that those using GenAI report efficiencies in how employees use their time and increases in revenue and profitability.

This brings new opportunities for compliance too. Our survey found that most respondents (71%) believe that AI will have a net positive impact overall on compliance. Currently, just 25% of Irish respondents compared to 46% of global respondents reported piloting or using AI in data and predictive analytics, while 26% of Irish respondents (36% globally) are piloting or using it for fraud detection. We see examples of sophisticated AI being used in this area as approaches that were pioneered in financial services companies are deployed more widely, such as in payment service providers, to analyse and target transactions. There is also a significant opportunity to apply such techniques to help non-financial services sectors focus on higher-risk fraud and compliance scenarios. However, the survey results indicate that Irish companies are generally lagging behind their global counterparts in the planned adoption of AI technologies for compliance purposes.

Artificial Intelligence (AI) use

Compliance is critical to every part of an organisation. It helps to define its culture, build trust with customers, suppliers, investors, regulators and other stakeholders, and gives it a licence to operate in a global market that expects transparency and the highest standards from leaders and employees. This means the human dimension of compliance is evolving as quickly as the regulations.

Of the factors Irish companies considered most important in creating a strong compliance culture, senior management sponsorship/tone at the top (78% versus 55% globally), accountability and responsibility framework (50% versus 29% globally), and employee training and communication (47% versus 48% globally) were ranked at the top.

Interestingly, compliance function resourcing was ranked lower in importance in terms of enhancing an organisation’s culture of compliance (28% by Irish respondents and 19% by global respondents), perhaps indicating the continued shift in responsibility towards the first line rather than reliance on compliance functions alone. This might also support the view that compliance resourcing in the new risk environment is less about increasing traditional capabilities and capacity, and more about refocusing skills and capabilities.

Leading Irish companies are looking beyond the more one-dimensional talent model and traditional legal, risk and audit backgrounds to incorporate more technology, data, risk modelling, behavioural science and strategic business experience. Specialist knowledge (81% of Irish respondents compared to 53% globally) and data management (31% versus 43% globally) are seen as key skills for maintaining effective compliance. The substantial difference in the importance placed on specialist knowledge between Irish respondents versus their global counterparts is notable. More than half of those identifying these two skill needs as critical believe their company will have a skills shortage in these areas in the next 12 months.To unlock real value, compliance professionals need to operate in three dimensions:

1. Collaborating with others across the organisation and externally;
2. Connecting the dots; and
3. Articulating the upside of compliance in supporting strategic initiatives and transformation.

For compliance leaders, the stakes are higher than ever. In some regulated industries — like financial services, for example — compliance officers have a high degree of liability. In the past, institutions were fined; now, in some jurisdictions, there are personal liabilities that include being disbarred and fined. From a commercial perspective, the stakes are different but arguably just as serious — the risk of being irrelevant.

This is putting the ‘strategic compliance officer’ at the centre of compliance model reinvention — someone who can help companies see risk, take risk and manage risk effectively to both protect value and create value.

Looking forward, compliance has numerous opportunities to demonstrate its value. Irish survey respondents indicated their companies are planning substantial business changes in the next three years that might require compliance involvement. Nearly three-quarters (72%), for example, highlighted digital transformation as a key initiative requiring compliance skills, including helping to address cyber and data regulations.

The rise of the compliance pioneer

Our survey shows it is possible — and the right time — to reimagine and reframe compliance to protect the organisation, add more strategic value and be fit for the future. When asked to describe their own level of compliance maturity, just 9% of Irish companies currently consider themselves to be leading (7% globally), and 47% classify themselves as mature (31% globally). Yet, 91% of Irish companies aim to be leading or mature within three years. This highlights both a sense of urgency and an opportunity to accelerate transformation and pioneer new approaches.

Approximately 10% of respondents are embracing transformation and giving rise to the ‘compliance pioneer’. These are Irish and global respondents who state that compliance leadership have a significant level of influence on business decisions, use technology to optimise compliance activities across a high number of areas and report multiple benefits of technology use. This group is more likely to (percentages are compliance pioneers versus all others):

• Have broad responsibilities — are responsible for a wider number of compliance areas and report that their responsibilities have increased in the last three years (60% vs 41%);
• Offer advice — feel that their company’s compliance function always offers proactive advice (58% vs 31%);
• Get involved — have more strategic initiatives planned in the next three years that involve compliance input and involve compliance at all stages of the development of new products and services;
• Bring in skills — use third-party providers for a range of compliance activities (to bolster capabilities and coverage);
• Invest more — plan to invest in technology to optimise/automate compliance and see data management and analytics (56% vs 42%), technology (52% vs 39%) and AI capabilities (30% vs 22%) as important;
• Use AI — use AI across multiple areas already and are more likely to see AI’s net benefit (88% vs 69%); and
• Be highly regulated — come from the banking and capital markets sector compared to others (24% vs 15%).

Compliance leaders

• Re-examine the mandate and vision for compliance to strike the right balance between value protection and value creation.
• Identify key senior stakeholders and their strategic priorities, and map their relevance to compliance activities.
• Understand the various communication paths and interfaces with the business and consider whether these provide sufficient opportunity for timely and meaningful advice (e.g. at early stages of product and service development).

Board and business leaders

• Agree on the mandate and vision for compliance and check that it aligns with the long-term business strategy.
• Set clear objectives and expectations for compliance leaders, including how they can support transformation and interact with business teams.
• Check that compliance leaders have a seat at the leadership table to provide advice and input to strategic initiatives.

The level of regulatory change, shifting stakeholder expectations, and changes in industry ecosystems and macro risks, means that responding in a traditional way — more people, more controls — is unlikely to be sustainable. New problems call for new thinking. This requires compliance by design that brings together new technology, talent and a strategic mindset to connect the dots across functions and build the data flows into the DNA of the organisation.

Done well, such a design can enable companies to see around corners to predict threats and empower the business with confidence to navigate the compliance risk landscape faster, avoid hazards and maintain trust. Ultimately this is the only way companies can stay ahead of the regulatory changes and issues that will continue to disrupt the market — and win the race.

We are here to help

At PwC, we understand the complex challenges facing organisations in today’s rapidly evolving compliance landscape. Our team of experienced professionals is ready to assist you in reimagining your compliance function to drive value, manage risk and stay ahead of regulatory changes. Whether you need support in developing a strategic compliance vision, implementing cutting-edge technology solutions, or enhancing your compliance talent model, we have the expertise to guide you. Our tailored approach ensures that your compliance function not only protects your organisation but also contributes to its strategic goals. Contact us today to explore how we can help you transform your compliance function into a true business enabler.