According to a recent Economic Intelligence Unit/KPMG survey, many companies find it difficult to keep pace with the rate of new regulations and compliance. As a result, a frequent response to a new regulatory requirement is to add an extra process or function, an ad hoc approach that may address the immediate issue but can lead to overlapping responsibilities, inconsistent processes, and duplicated efforts. And costs. Indeed, almost a third of the global executive respondents say that they spend more than 6 percent of their organization’s annual revenues on governance, risk, and compliance (GRC) activities. There is also near-universal agreement that the cost of these activities is rising. Over the past two years, 89 percent say that the cost has increased, and 84 percent expect it to grow further over the next two years.