CCO Insight: The Regulatory Intensity

Emerging Compliance Risks

How are chief compliance officers (CCO) navigating the regulatory intensity challenges associated with expanded regulatory issuances, supervision, exams, inspections, and enforcements?  

Almost regardless of industry, there is consensus around the level of high regulatory volume and scrutiny and the importance for both established “routines” and enhanced internal communication. 2023 is expected to bring higher levels of supervision and enforcement. KPMG client CCOs share many key insights, including:

Emerging Compliance Risks, including:

  • Resource-constrained environment
  • Digital device monitoring
  • Divergent data privacy regulatory impact
  • Sanctions compliance
  • Heightened ESG-related regulatory actions
  • Compliance behavior incentives

KPMG Perspective

In 2023, the broad and ambitious regulatory agendas, challenged by political divergence and questions around judicial authority give way to a renewed focus on key foundational elements of risk, governance, and accountability that permeate across industries. KPMG’s ten key areas of regulatory, risk, and compliance challenges include:

Scrutiny & Divergence

Examinations and investigations under existing regulations will increase in scope coverage as regulatory “perimeters” expand via established jurisdictional authorities.

Climate & Sustainability

There is an integral need for climate and sustainability risk management, controls, and governance, inclusive of quantitative analysis for climate and sustainability in 2023.

Transparency & Reporting

Companies should expect continued expansion of reporting and disclosures to regulators, investors, clients/consumers, and markets at large. Focus in this area will be on effective risk management processes to ensure transparency and consistency of data.

Data & Cybersecurity

Regulators are looking to strengthen data risk management, especially in areas such as governance incident reporting, vulnerability management, and identity/access management.

Technology & Resiliency

The robustness of a company’s modern technology risk management program will be of continuing focus for regulators; heightened attention will be directed to significant operating changes using new technology innovations (e.g., cloud, AI, digitalization of risk management processes).

Credit & Capital Persistent inflation, recessionary trends, and changing interest rates are driving strategic capital shifts, which push companies to adopt a robust quantification of financial and non-financial risks.
Fairness & Inclusion Regulatory expectations of “fairness” reach beyond fair lending laws and span across industries. Key approaches for companies to build trust include promoting fairness and equitable treatment for consumers and employees.
Fraud & Financial Crime Regulators will continue to be concerned around areas of fraud and financial crime risks such as terrorist financing, beneficial ownership, sanctions/tax evasion, consumer scams, and potential anti-bribery and corruption/ FCPA compliance violations.
Payments & Crypto Expanded use of digital payments and digital assets increase the need for defined regulatory authority around key risk area—all companies in digital must ensure effective controls to mitigate these risks.
Risk & Governance Regulators will continue their focus on robust risk frameworks including assessment of risk and compliance programs across the enterprise.


Contact us

Amy S. Matsuo

Amy S. Matsuo

Principal and National Leader, Regulatory Insights, KPMG US

+1 919-244-0266
Brent McDaniel

Brent McDaniel

Ethical Business Leader, KPMG US

+1 214-840-2979