Legal, compliance and privacy leaders list strengthening their personal impact on company strategy as their top priority for 2024.
Improving third-party risk management (TPRM) and ensuring compliance programs can keep pace with fast-moving regulatory requirements are the top three priorities for this year.
The Gartner survey of 179 legal, compliance and privacy leaders in September of 2023 showed that developing guidance that enables the business to better balance risk and business benefit, designing or updating compliance training to make it more tailored to employee needs round out their top five priorities (see Figure 1).
“Legal and compliance leaders have neither resources, expertise, nor visibility into the business to manage the impacts of geopolitical tensions, or new technologies such as generative AI, alone. They must prompt others in the business to do more to own these risks,” said Stuart Strome, director of research in the Gartner Legal, Risk and Compliance Practice. “General counsels and chief compliance officers already needed to be lawyers, risk managers and strategies, but now they also must be influencers, diplomats and sales representatives as well.”
Figure 1: Top 5 Legal and Compliance Priorities for 2024
Expanding legal and compliance’s enterprise impact
The rapid and widespread adoption of new technologies – both internally and by third parties – is putting a lot of strain on legal and compliance leaders’ time and energy. There will be some risks the business can own and manage, but others require a level of expertise the business lacks.
“Legal and compliance leaders must prioritize their time, leadership style, and management behaviours to maximise team performance and influence senior leadership to take these risks seriously,” said Strome.
Strengthening TPRM programs
Improving TPRM processes and/or technology was both the third most frequent choice among leaders’ top five priorities and the joint most frequently selected top priority which reflects enterprise stakeholder demands for increased accountability for TPRM activities and programming.
“Stakeholder attention on TPRM is being driven by more stringent environmental sustainability and human rights standards prompted by the Corporate Sustainability Reporting Directive (CSRD), SEC Regulation S-K, and Germany’s Supply Chain Due Diligence Act,” said Strome. “Legal and compliance leaders know they must improve existing TPRM programs or develop a TPRM program to manage the new associated risks.”
Keeping pace with regulatory requirements
Legal and compliance leaders are faced with an increasingly volatile and complex regulatory and enforcement environment across jurisdictions.
“Many legal and compliance leaders are looking for strategies to implement a robust regulatory intelligence system to help stay on top of rapidly shifting regulatory requirements,” concluded Strome.