Top priorities for compliance leaders this year
Legal, compliance and privacy leaders list strengthening their personal impact on company strategy as their top priority for 2024, according to Gartner.
Improving third party risk management (TPRM), and ensuring compliance programs can keep pace with fast-moving regulatory requirements are the top three priorities for this year.
The Gartner survey of 179 legal, compliance and privacy leaders in September of 2023 showed that developing guidance that enables the business to better balance risk and business benefit, designing or updating compliance training to make it more tailored to employee needs round out their top five priorities.
“Legal and compliance leaders have neither resources, expertise, nor visibility into the business to manage the impacts of geopolitical tensions, or new technologies such as generative AI, alone. They must prompt others in the business to do more to own these risks,” said Stuart Strome, Director, Research in the Gartner Legal, Risk and Compliance Practice. “General counsels and chief compliance officers already needed to be lawyers, risk managers and strategies, but now they also must be influencers, diplomats and sales representatives as well.”
Expanding legal and compliance’s enterprise impact
The rapid and widespread adoption of new technologies – both internally and by third parties – is putting a lot of strain on legal and compliance leaders’ time and energy. There will be some risks the business can own and manage, but others require a level of expertise the business lacks.
Legal and compliance leaders are expected to function as lawyers, risk managers, strategists, diplomats, process builders and the corporate conscience. These increased expectations place greater pressure on leaders’ limited time and incentivize them to influence other C-suite leaders to ensure legal and compliance goals are met.
“Legal and compliance leaders must prioritize their time, leadership style, and management behaviors to maximize team performance and influence senior leadership to take these risks seriously,” said Strome.
Strengthening TPRM programs
Improving TPRM processes and/or technology was both the third most frequent choice among leaders’ top five priorities and the joint most frequently selected top priority which reflects enterprise stakeholder demands for increased accountability for TPRM activities and programming.
More than 50% of TPRM leaders have seen an increase in senior leader oversight of their third-party network, while 46% have observed an increase in board oversight.
“Stakeholder attention on TPRM is being driven by more stringent environmental sustainability and human rights standards prompted by the Corporate Sustainability Reporting Directive (CSRD), SEC Regulation S-K, and Germany’s Supply Chain Due Diligence Act,” said Strome. “Legal and compliance leaders know they must improve existing TPRM programs or develop a TPRM program to manage the new associated risks.”
Ensuring compliance strategy aligns with regulations
Legal and compliance leaders are faced with an increasingly volatile and complex regulatory and enforcement environment across jurisdictions.
“Many legal and compliance leaders are looking for strategies to implement a robust regulatory intelligence system to help stay on top of rapidly shifting regulatory requirements,” Strome concluded.