Navigating a year of heightened regulatory activity
Amid a bevy of new rules and enhanced enforcement of existing ones, here’s a guide to the year’s top challenges.
Estimated read time: 3-4 minutes
Is 2024 the Year of the Regulator? It sure feels that way for many companies at the halfway point of a year marked by an overall level of regulatory intensity on multiple fronts that hasn’t been seen in decades.
From environmental, social, and governance (ESG) and cybersecurity rules to new financial and privacy standards, companies are continuing to monitor a complex mix of considerations. This increased regulatory traffic is being driven by both new guidelines as well as updates to existing rules, with much of the potential impact still playing out.
To stay ahead, leading companies are meeting the regulators head-on by ensuring their teams understand the changing landscape, the potential timing of all relevant updates, and how best to respond, as we outlined in our recent report, Ten Key Regulatory Challenges of 2024.
Here’s a closer look at some of the top areas highlighted in our report, including the potential impact, what to monitor, and specific calls to action that companies should consider prioritizing as the year unfolds.
Regulatory bandwidth
Companies are managing an overall intensity of supervision that affects a wide range of teams across the organization: compliance, tax, controller, finance, cybersecurity, information technology, legal, the C-suite, and even the board of directors. Significant new rules are in consideration that will affect banking standards, long-term debt requirements, and market structure, to name just a few of the big rocks. And while the Securities and Exchange Commission (SEC) paused its much-anticipated climate disclosure guidelines in April amid legal challenges, many companies view meaningful new rules there as inevitable. Meantime, regulators continue to vigorously apply existing rules, regulations, and guidance. To stay on the right side of the regulators in general, organizations must be ready to demonstrate that they can respond quickly and are committed to resolving any perceived weaknesses.
Calls to action
1
2
3
Data security and privacy
This arena topped our report’s overall Regulatory Barometer index, notching a 7.6 score (out of 10) based on the sheer volume, complexity, and impact of activity. Broad regulatory concerns around data systems, security, management, and privacy are expanding well beyond the traditional cyber and information technology purviews as technology becomes more ingrained in everyday business processes. Cybersecurity and protecting customers’ privacy remain essential table stakes, even as the rapid emergence of generative artificial intelligence (AI) has regulators on many fronts racing to catch up with the technology’s many potential implications (security, privacy, model bias, intellectual property).
Calls to action
1
2
3
4
5
Growth and resiliency
Higher interest rates and liquidity challenges are putting a squeeze on some long-standing growth strategies—which has regulators paying more attention as well. The increased scrutiny may affect areas like merger and acquisition activity, with deals increasingly influenced by macroeconomic conditions. Regulators are taking a closer look at companies’ contingency funding plans and their exposure to interest rate and liquidity risks. To steer clear of any “too big to manage” concerns, organizations will need to demonstrate robust resiliency by avoiding any perception of structural weaknesses, repeat offenses, or lackluster remediation efforts.
Calls to action
1
2
3
Mastering the details
Amid ongoing economic fluctuations, geopolitical instability, and election-year uncertainties, we expect the elevated regulatory intensity to be one of 2024’s more consistent realities. We’re already seeing new and higher risk standards, strong enforcement action, new consumer protections, and regulators generally willing to cast a wider net across the globe.
Explore more insights and opportunities:
Insight
AI regulation: Prepare for a more-restrictive future
Establishing sound risk management and governance for automated intelligence is a good first step. But it’s not nearly enough.
Resource
SEC stays its climate rule pending judicial review
No change in SEC’s position regarding its authority; no effect on companies preparing for compliance with other rules.
Resource
Pillar Two Gameplan
Our executive guide to the new rules – with implementation steps, and how accounting and finance may be impacted.
Subscribe to receive the KPMG Opportunity (In)sight Newsletter
Turn insight into opportunity with unique perspectives and actionable insights addressing the burning issues atop the C-suite agenda. Delivered monthly.
Meet our team
