Enterprises are increasingly exploring generative AI (Gen AI) in their governance, risk, and compliance (GRC) initiatives to streamline standards implementation, enhance compliance, and improve the efficiency and accuracy of third-party risk assessments. At the same time, organizations face significant challenges from the evolving regulatory landscape, with new AI and data privacy regulations and complex geopolitical shifts creating hurdles, particularly for those with global operations.
In response, these organizations are seeking technology partners who can reinforce their GRC frameworks and harness Gen AI to drive accountability, innovation, and regulatory agility. This approach not only addresses compliance needs but also enables proactive management of risks in a dynamic global environment.
Both demand-side and supply-side trends are covered in our Governance, Risk, and Compliance Services 2024 Market Insights™ and Governance, Risk, and Compliance Services 2024 RadarView™, respectively. These reports present a comprehensive study of governance, risk, and compliance service providers and closely examine market leaders, innovators, disruptors, and challengers.
Avasant evaluated 27 service providers across three dimensions: practice maturity, partner ecosystem, and investments and innovation. Of the 27 providers, we recognized 16 that brought the most value to the market during the past 12 months.
The report recognizes service providers in four categories:
-
- Leaders: Accenture, HCLTech, Infosys, TCS, and Wipro
- Innovators: Capgemini, Cognizant, IBM, and Tech Mahindra
- Disruptors: Eviden, Kyndryl, LTIMindtree, and Telefónica Tech
- Challengers: CGI, DXC Technology, and Mphasis
Figure 1 below from the full report illustrates these categories:
“Enterprises are prioritizing integrated risk visibility, real-time compliance monitoring, and third-party risk management to boost GRC practices,” said Mark Gaffney, Avasant senior director. “However, GRC initiatives are often hindered by complex multi-geography regulations, fragmented data repositories, and legacy system integration.”
The reports provide several findings, including the following:
-
- More than 50% of governance, risk, and compliance services revenue comes from manufacturing, banking, financial services, and healthcare and life sciences sectors. Notably, the financial services sector has shown a growth in demand for GRC services due to increased focus on DORA compliance, GRC automation, and fraud prevention.
- Service providers plan to invest over 60% of their GRC investment budget in practice growth and human capital development. These investments include developing new solutions with Gen AI capabilities, training resources to meet the required digital skill sets, and expanding business to new locations.
- Enterprises managing multi-geography operations are encountering complex compliance challenges due to diverse regulations and growing data privacy concerns from governments across the globe. Other challenges enterprises face include fragmented asset repositories and the high cost of monitoring and compliance audits.
- Enterprises are using Gen AI to boost operational efficiency, minimize risks, and maintain regulatory compliance. Common applications of Gen AI include compliance monitoring and reporting, on-demand GRC support through AI-powered chatbots, and real-time regulatory impact assessment.
“The shift toward AI-driven GRC is not just about automation, but about building resilient, scalable frameworks that adapt to evolving global regulatory requirements,” said Avasant Research Director Gaurav Dewan. “However, organizations must remain cautious, as relying too heavily on AI without proper oversight could introduce compliance gaps.”
The RadarView™ also features detailed profiles of 16 service providers, along with their solutions, offerings, and experience in assisting enterprises in their governance, risk, and compliance journey.
This Research Byte is a brief overview of Avasant’s Governance, Risk, and Compliance Services 2024 Market Insights™ and Governance, Risk, and Compliance Services 2024 RadarView™. (Click for pricing.)