The emergence of governance and risk management is a response to an increasing complexity of large global organizations. Yet, it has failed to deliver the expected results. In the past decade, a number of corporate scandals were unearthed, and the banking sector collapsed. Governments and regulators were forced to intervene by enacting a number of laws to improve corporate governance and tighten risk management.

To avoid business failure and non-compliance, companies have expanded their governance, risk, and compliance (GRC) departments, resulting in a web of uncoordinated structures, policies, committees, and reports. Consequently, GRC does not serve its core objective any more: to improve business performance and efficiency and achieve compliance.

To explore the extent to which organizations are integrating GRC, KPMG International commissioned the Economist Intelligence Unit to conduct a global survey of more than 500 major companies. The results, which are augmented by KPMG comments and a number of case studies, provide valuable insights for organizations looking to get the most from their GRC investment. The survey examines the driving forces behind the convergence and highlights costs and potential benefits correlated with it. It also looks at the barriers and hurdles to achieving a smooth and successful GRC convergence.