U.S. organizations have long been expected to monitor and audit their compliance programs and generally have implemented a three lines of defense model that forms a foundation for their compliance efforts and specifically for their testing activities. By allocating monitoring, auditing, and more generally testing activities across their three lines of defense, organizations build a more sound compliance program that better manages compliance risks and more quickly identifies any gaps in process controls that could present compliance exposure.

In today’s economic climate, compliance leaders are increasingly challenged to “do more with less.” This is prompting many to take a second look at their risk-based approach to monitoring, auditing and testing in an effort to more efficiently execute their obligations. This can include seeking greater coordination and communication across the three lines of defense; specifically defining who owns responsibility for testing specific controls in place to mitigate each risk in order to eliminate unintentional duplication; and assessing whether they can further leverage resources and data for consistent test populations across all three lines. Others are going further---embarking on a journey to realize a more systematic, disciplined, and sustainable approach to their monitoring and testing activities that is also more agile and cost-effective.

This article focuses on how compliance leaders are executing their monitoring and testing responsibilities, how they are seeking to further enhance their monitoring and testing activities to realize greater value in their compliance efforts, and the role of data and technology in compliance monitoring; and also current challenges. Included are insights from KPMG LLP (KPMG) professionals’ firsthand discussions with executives and their stakeholders, and key takeaways to help organizations bolster their compliance monitoring and testing efforts.

By registering for this white paper, the personal information you provide on this site will be shared with KPMG and you may be contacted regarding similar products and solutions presented. The KPMG name and logo are registered trademarks or trademarks of KPMG International.