Kroll

Only 12% of companies feel "completely prepared" to address the global patchwork of data privacy laws.

The most common cybersecurity threats reported include malware (44%) and AI-powered exploits (28%).

Nearly three-quarters (74%) of organisations report increased cybersecurity and data privacy concerns.

Approximately 90% of organisations report some degree of automation across business activities, with IT and cybersecurity functions becoming highly automated and digitised.

Slightly more than a third (34%) of companies have implemented continuous monitoring for AI, highlighting a gap in managing AI-related risks and compliance failures.

Cybersecurity threats rank among the most significant business challenges to organisations (47%).

At least four in 10 business leaders are increasing budgets, expanding teams, upskilling, and/or hiring external help for cybersecurity challenges and data privacy concerns

Only 41% of companies have AI policies and guidance in place, which relates to managing risks associated with AI.

35% of financial services professionals identified political instability as a challenge to supply chain assessment.

While 37% of financial and professional services organizations peform sanctions screening entirely in-house, using a third party (34%) and hybrid approach (28%) are becoming increasingly common.

Only 38% of financial services professionals are "very confident" in their financial compliance program's ability to detect emerging geopolitical threats.

Nearly half of financial services professionals (49%) say keeping up with regulatory changes is the biggest challenge in sanctions compliance, up from one-third (34%) in 2023.

Looking ahead through 2025, just one-third (33%) of financial services professionals say that they are "very prepared" to address geopolitical risks over the next 12 months.

Nearly three-fifths (58%) of professionals in the insurance sector express concern over potential new economic and financial sanctions

26% of financial services professionals identified geopolitical risk as a challenge to supply chain assessment.

AI is primarily being used to identify suspicious behavior (63%) across financial and professional services organizations.

44% of financial and professional services organisations use AI for identifying risk signals.

54% of financial and professional services organisations use AI for network analysis.

Over 71% of executives across financial and professional services anticipate a rise in financial crime risks in 2025. This is also stated as almost three quarters of senior global financial services professionals.

Nearly half of financial and professional services organizations (49%) expect to invest in AI solutions as part of their efforts to tackle financial crime.

68% of executives across financial and professional services who expect an increase in financial crime risk cite cybersecurity threats and data breaches as the top risk factor.

Over a quarter (27%) of financial and professional services organizations have AI and machine learning as an established part of their financial crime compliance programs, exceeding 2023 levels (24%).

Globally, just under two in five (39%) senior financial professionals say that they are "very confident" in their organisation's sanctions screening capabilities, with the U.K. (34%) trailing the global average.

Among financial services professionals who were less than "very confident" in their program's ability to assess their supply chains for threats, more than half (56%) of global respondents identified cybercrime as the biggest challenge to their programs in 2025.

Only 20% of financial services professionals believe AI has had a "very positive" effect on their financial crime compliance framework – down from 37% in 2023.

AI is primarily being used to identify suspicious behavior (63%) across financial and professional services organizations.