Compliance gaps widen: Are you ready to respond?

This article originally appeared in our December 4th edition of the Diligent Minute Newsletter. For more insights like these, delivered straight to your inbox, subscribe here.

Compliance gaps widen: Are you ready to respond?

The latest GC Risk Index from Diligent Institute, in partnership with Corporate Board Member, reveals a clear trend: legal, compliance, and audit leaders continue to perceive significantly heightened risk heading entering Q4 with heightened risk perceptions - and they are mobilizing accordingly. 

Business risk now stands at 7.9 out of 10, up from 5.8 in Q1, a 36% increase in just six months. Leaders point to the combined impact of regulatory complexity, tariff volatility, geopolitical tensions, and persistent inflation as the primary forces destabilizing today’s operating environment.

“The convergence of these factors keeps risk levels high and requires businesses to invest more in proactive compliance, risk management, scenario planning and governance frameworks,” says respondent Taras Lytovchenko, Chief Legal and Compliance Officer at Trinetix.

Shifting risk landscape: From regulatory exposure to tariff and cross‑border volatility

Regulatory risk remains a top concern, but its share dropped by 10 percentage points since our Q2 2025 reporting, suggesting growing confidence in internal regulatory frameworks and monitoring capabilities. As compliance programs mature, attention is moving toward more specific operational threats: tariff changes, global volatility, and cross-border policy shifts that can outpace traditional response mechanisms.

Accordingly, legal and compliance teams report reinforcing nearly every dimension of their programs — with a strong focus on technology (including AI) for monitoring and regulatory tracking, alongside expanded training and policy reviews. One area that isn’t gaining traction: whistleblower and reporting channels, which most GCs do not expect to prioritize in 2026.

The geopolitics gap

Geopolitical risk shows a clear divide in response. Nearly 27% of organizations have expanded their monitoring of cross-border trade or engaged external advisors to navigate international regulatory complexity; proactive moves that position them to adapt as conditions change.

Yet, 43% report no change in compliance priorities, even though geopolitical conflicts rank as the third-most pressing risk today. This disconnect should concern directors and executives alike. True resilience requires active reassessment of policies and controls as the environment evolves, not a wait-and-see approach.

AI integration: Widespread planning, uneven confidence

Many teams have started building AI governance guardrails, but confidence remains low. Only 29% report a comprehensive plan in place, while 38% are actively drafting guidelines and 44% say their policies need refinement. Just 11% feel very confident in their current approach. The pace of AI adoption is introducing novel risks, making transparency and trust essential in deployment and oversight.

Board action plan: 4 steps to close compliance gaps now

1. Double down on scenario planning for tariff and trade disruptions; ensure supply chain, pricing, and market-entry contingencies are current and tested.
2. Strengthen regulatory monitoring with technology-enabled workflows, and pair them with periodic policy reviews and targeted training to maintain agility.
3. Address the geopolitics posture gap by mandating regular reviews of regional exposure, even if current operations feel insulated.
4. Prioritize AI governance through clear usage policies, risk assessments, human oversight protocols, and transparent reporting. Educate the board so oversight keeps pace with adoption.

The headline is clear: Risk is rising, but so is the capacity to respond. The organizations that win in this environment will be those that turn maturing compliance programs into a forward-looking risk posture, board-level fluency on emerging technologies, and maintain consistent operational readiness.

Explore the GC Risk Index for more insights on emerging threats and benchmarks to guide your next move.