Full Report: 2025 State of Risk & Compliance

Introduction

NAVEX partnered with The Harris Poll to survey nearly 1,000 risk and compliance professionals globally about their R&C programs. The survey was conducted between April-May 2025, representing professionals from various industries and organization sizes across the US, UK, France, Germany, Japan, and other countries.

Critical Priorities & Trends

Key Priorities for 2025

• 70% see Compliance as highly engaged in risk assessment and management
• 65% of compliance teams are involved in AI decision making to some degree
• 67% use centralized approach for compliance investigations
• 57% rank their programs at top maturity levels (Managing/Optimizing)

AI in Compliance

• 33% are very involved in AI decision making
• 32% are somewhat involved in AI decisions
• 39% say IT leads AI policy development
• 67% cite lack of visibility into risks or gaps in compliance controls as top AI concern

Regulatory Compliance Remains a Challenge

• 24% say regulatory compliance is their top priority when making decisions
• 23% prioritize data privacy, protection and security
• 61% use risk assessment results to review and improve R&C programs
• Only 24% say their risk assessment process is effective

About this Report

The survey was conducted by The Harris Poll on behalf of NAVEX among 1,000 risk and compliance professionals globally. Respondents included Chief Information Security Officers (CISOs), Chief Risk Officers (CROs), compliance managers, audit professionals, and other R&C leaders across various industries and organization sizes.

The research provides insights on current compliance challenges including AI governance, program maturity, staffing approaches, and technology adoption. Complete methodology and participant demographics are included in the full report.

Download the full report.