Diligent Institute’s “GC Risk Index 2026: Conducting governance, risk and compliance”—based on a March 2026 survey of 147 senior legal leaders globally, including general counsel and chief legal officers—highlights the expanding role of GCs in coordinating enterprise-wide governance, risk, and compliance (GRC), along with varied reporting structures and opportunities to review and potentially enhance risk-related information provided to the board. Respondents represented a mix of primarily privately held (50%) and publicly held (43%) companies across industries, with 56% headquartered in North America.
Significant Time Devoted to Risk and Compliance Coordination—Survey results indicate that a substantial portion of GC time is now dedicated to enterprise-wide risk and compliance coordination in addition to traditional legal responsibilities, with 46% of respondents reporting spending between 21% and 40% of their time on these activities; an additional 25% reported spending between 41% and 60%.
Fragmented Reporting Structures for Risk and Compliance—The report also depicts variation and fragmentation in how organizations structure reporting lines for risk and compliance functions, as shown here:
Limited Confidence in Board Risk Reporting—Consistent with the structural variations, respondents expressed mixed confidence in the effectiveness of board-level risk reporting, with only 21% of respondents reporting being “very confident” that their board receives the right mix of risk information, signaling considerable opportunities for improvement.
Coverage also includes data on perceived overall risk levels and key risk drivers, as well as findings on AI adoption, reported efficiency impacts, and risks associated with AI use in the boardroom.
This post first appeared in the weekly Society Alert!