Reimagining Controls Assurance with AI: Latest Insights for Leaders

Reimagining Controls Assurance with AI: Latest Insights for Leaders, builds on the momentum of last year’s study and reflects the accelerating integration of AI across assurance, governance, and risk management. AI now plays a transformative role. Whether it's assurance with AI — using tools such as KPMG Clara AI, DataSnipper®, KCc and Microsoft 365 Copilot to streamline testing, reduce disruption for control owners, and enhance evidence quality — or assurance of AI, through our SOC 2+ approach that provides reasonable assurance over AI governance and responsible use, the theme is consistent: trust, transparency and acceleration.

Drawing on insights from more than 180 assurance reports issued between 2024 and 2025, the data shows a clear shift towards modernised and tech‑enabled control environments. Organisations are reducing reliance on highly manual management review controls and increasing exception‑based and automated controls — signalling stronger operational discipline and greater efficiency in how risks are managed. Our benchmarking also highlights areas where organisations continue to face challenges. System access management, completeness and accuracy of information, and evidence retention remain key drivers of exceptions. With rising expectations across Financial Services, sustainability reporting and material controls, strengthening these foundations is becoming increasingly essential.

Irene Sellars

Partner, Head of Controls Assurance

KPMG in the UK

mail
call

This year’s report offers market-wide benchmarking, practical recommendations, and a forward look at the assurance needs shaping 2026 and beyond. If your organisation is navigating AI adoption, evolving its control framework or preparing for formal assurance, these insights provide a valuable sense-check on where you stand.

If you require any further information or would like to discuss how these findings apply to your organisation contact our Controls Assurance team. We’re here to help you prioritise, design and evidence the controls that matter.

Reimagining Controls Assurance with AI: Latest Insights for Leaders

Download

Why Choose Controls Assurance?

Do you offer outsourced services, such as technology, payroll, HR or investment management?
Do you manage large amounts of customer data?
Are data security, availability, privacy or processing integrity important to your business operations?
Are you required to demonstrate a strong control environment?

If the answer to any of these questions is ‘yes’, then Controls Assurance could benefit your business.

Benefits of Controls Assurance

Peace of mind:

We’ll help you exceed the ever-rising third-party assurance bar.
A risk-aware culture:

We’ll help you to enhance staff awareness of risk and controls, and continually drive improvements for you and your customers.

A competitive edge:

Controls Assurance puts you on the front foot when bidding to prospective customers.
Customer reassurance:

Controls Assurance streamlines the process of meeting due diligence and audit requests – giving confidence to customers and prospects, and reducing audit fatigue.

Our Controls Assurance experience

Our UK team of over 600 specialists issues more than 150 Controls Assurance reports each year – and KPMG produces 2,000-plus reports worldwide.

We work with clients of all shapes and sizes, in sectors including:

Payment
HR and payroll
Financial services (including FinTech)
Technology
Public sector
Health
Private enterprises

By working with KPMG, you’ll benefit from our many years of working with organisations globally and locally. This experience enables us to tailor our approach to your business’ Controls Assurance requirements, ensuring that your assurance project is a success.