Only 20% of financial services professionals believe AI has had a "very positive" effect on their financial crime compliance framework – down from 37% in 2023.

76% of organisations cannot produce a complete data asset inventory within hours when needed for compliance or security incidents.

More than four-fifths (82.1% of organisations) are not currently using GenAI tools or functions within their compliance program.

41% of CISOs said that OSCAL adoption is hindered by both a lack of usage and a difficulty in understanding its importance.

33.5% of CISOs are challenged by audit readiness in satisfying regulatory requirements.

More than one-third of organisations (34.2%) hope to achieve their KPIs for compliance benchmarks by incentivizing success or by penalizing failure, or by implementing both incentives and penalties.

23% of UK security professionals cite a lack of visibility over supply chain/third-party partners as a barrier to DORA compliance.

More than one-third (37.2% of CISOs) said that no platform has demonstrated its reliability for Compliance as Code.

Just 17.9% of CISOs are using GenAI tools within their compliance program.

Roughly 22.6% of CISOs rate their compliance program a 4 (“Adherence: measured with metrics to support audit and risk mitigation”), but only 5.3% believe their program is a 5 (“Optimized: continuous improvement and efficiency”).

34.6% of CISOs are challenged by regulatory change management in satisfying regulatory requirements.

38% of respondents believed their legal/compliance privacy team was understaffed.

Almost two thirds of organisations (63.7%) do not feel that meeting new regulatory requirements slow their organisational growth.

Just over a quarter (27.7% of CISOs) think that automation will improve the ROI on existing tools.

Nearly as many (46.3% of CISOs) think the technology will allow them to more rapidly apply governance.

Many CISOs (51.6%) were impacted by their maturing compliance program as a challenge in satisfying regulatory requirements.

33.5% of CISOs cited audit management as a challenge in implementing new or updated compliance frameworks.

75% of retail and consumer goods and 62.5% of entertainment and media corporations are coping with the lack of a centralized system, but retailers are also challenged by silos within their data (75%).

88% of UK senior security professionals believe that DORA will be beneficial.

82% of businesses report increased compliance risks due to a lack of control caused by a more complex landscape.