This report examines employee perceptions of corporate compliance programs across four countries: the United States, Canada, Germany, and France. Based on survey responses from more than 800 employees across multiple industries, the findings offer a cross-national view of how compliance programs are understood, implemented, and supported, including the growing role of AI.
Ben & Jerry’s is an activist brand. It operates under a unique mission-driven board configuration that sets it apart from most subsidiaries of large corporations. Although owned by Unilever, the company maintains a semi-independent board specifically tasked with safeguarding its social mission, which includes environmental sustainability, human rights, and ethical business practices. This hybrid governance model combines traditional corporate oversight with dedicated representatives who ensure that Ben & Jerry’s activism and ethical commitments remain central to its decision-making. The board includes independent directors, Unilever representatives, employee voices, and social mission advocates, creating a structure designed to balance profitability with purpose, a rare approach in the corporate world.
This article is the first in a short series called Taking Uncertainty Seriously, exploring how risk analysis changes when we stop pretending the future is known and start treating uncertainty as a first-class input to decision-making.
In a recent GRC Report piece, Risk Is Our Business: Why the GRC Market of 2030 Will Look Nothing Like Today, I argued that the governance, risk, and compliance market is not heading into another cycle of incremental change, but a structural break. The core claim was that risk has outgrown the architectures, assumptions, and mental models most GRC platforms and programs still rely on, and AI bolted onto legacy thinking will not save them.
The first wave of obligations under Europe’s AI Act quietly came into force on August 2, 2025. It was the moment organizations were meant to turn policy debates into practice, especially for general-purpose AI models already woven into customer service, analytics, and day-to-day operations. But just as this new era of AI oversight began, another development signaled how uneven the landscape still is.
AI is excellent at both looking confident and eating data like it’s at an all-you-can-eat buffet. And while that’s great for accuracy and shiny demos, it’s a little less great for privacy teams who now have to explain to regulators why a training dataset suddenly includes customer chats, location trails, or that folder someone swore was anonymized.
In this article, Norman Marks explores the evolving role of the chief audit executive, moving beyond traditional assurance to actively helping boards and audit committees operate more effectively. With new opportunities emerging through AI and technology, Marks argues that internal audit functions can deliver greater value by enhancing board governance, insight, and performance.