Compliance is often seen as a weight businesses must carry. But as Markus Hornburg, Head of Compliance at Basware, has argued in three recent publications, compliance is evolving into something much more valuable: a tool for resilience, trust, and transformation.
Here are the key themes Markus has shared—and what they mean for finance and procurement teams today.
CFOs under pressure
In Compliance Week, Markus wrote about the heavy burden CFOs face. According to Basware’s AI to ROI report, nearly six in ten finance leaders admit they are struggling to stay compliant. “Regulatory compliance is no longer just a box-ticking exercise,” Markus explained. “It’s becoming a high-stakes, fast-moving challenge for CFOs.” Expanding regulations such as the EU’s VAT in the Digital Age (ViDA) and the Digital Operational Resilience Act (DORA) are making compliance more complex, and with penalties rising, CFOs now face a broader remit that extends beyond tax and financial reporting to include ESG, cybersecurity, and corporate governance—a shift that demands new skills in risk management, data analytics, and cross-team collaboration.
Markus warns that “simply maintaining the status quo is no longer enough—compliance strategies must be dynamic, data-driven, and future-proof.” The stakes are high. In one case, Kraft Heinz faced $62 million in penalties, and senior executives were personally held accountable for financial misconduct. CFOs today cannot afford to rely on outdated, manual processes.
Compliance is culture, not a checklist
Markus has been clear in both Procurement Magazine and Enterprise Talk: compliance must be part of culture, not an isolated task.
“Unsurprisingly, tech enablement is going to be a key driver of change within GRC during 2025,” he noted, but technology alone is not enough. Compliance has to be woven into everyday decisions.
That means training people to understand why compliance matters. As Markus puts it, “Understanding compliance as a change management initiative is essential.
CFOs and their compliance teams must adopt this perspective, recognizing that compliance is interconnected with wider social and ethical issues.”
Technology as an enabler
The future of compliance is powered by automation and AI. Across all three articles, Markus emphasizes that technology is about more than efficiency—it builds accuracy, resilience, and trust.
“Only by aligning governance practices with daily operations can businesses achieve the scalability and resilience needed in a rapidly changing environment,” he explained in EnterpriseTalk. AI-powered tools can “unlock customer success, accelerate innovation, and expand the business in addition to ensuring compliance.”
The example of Imerys in Compliance Week illustrates this. Faced with over ten ERP systems across 40 countries, Imerys implemented an AI-powered accounts payable solution.
The system quickly automated invoice checks, detected compliance risks in real time, and reduced manual work. Within six months, it was live in 14 countries. The result: streamlined operations, lower compliance costs, and stronger regulatory agility.
Risk management: from reactive to proactive
Traditional risk management was about auditing incidents after they happened. Now, advanced analytics allow firms to predict and prevent risks.
- Cybersecurity: Continuous monitoring can flag unusual payment patterns, while simulations help employees practice responses.
- Supplier risk: Automated onboarding checks can validate ESG and regulatory compliance before contracts are signed.
- Financial risk: Predictive models can detect fraud or compliance gaps earlier.
As Markus emphasized, proactive monitoring is key: “Proactive monitoring will detect issues before they escalate, allowing organizations to navigate a complex risk landscape while staying aligned with governance and compliance goals.”
ESG as compliance
ESG was another recurring theme. Markus noted that “tech enablement helps adhere to regulatory mandates and supports a broader commitment to corporate responsibility.” This means treating ESG not as a side project, but as part of compliance itself.
Companies that integrate ESG checks into onboarding and automate reporting are not just keeping regulators satisfied—they’re strengthening their reputation and winning business in markets where sustainability is a selection criterion.
Practical steps for 2025
Drawing on Markus’s insights, here are five actions organizations can take today:
- Automate invoice validation across jurisdictions to reduce penalties and free staff time.
- Embed compliance into culture with training, communication, and scenario-based learning.
- Adopt proactive risk monitoring with analytics and AI to recognize risks before they escalate.
- Integrate ESG into compliance as part of supplier onboarding and reporting.
- Partner with experts to share the compliance burden and stay ahead of regulatory change.
Looking ahead
The future of compliance is dynamic, data-driven, and cultural. CFOs and finance leaders can no longer treat it as back-office administration. It is central to governance, resilience, and long-term success. Markus Hornburg’s message across interviews is consistent: compliance should be seen as an advantage, not a burden.
With the right mix of culture, technology, and proactive risk management, organizations can move beyond simply avoiding penalties and start using compliance as a foundation for growth and trust. Stay up to date with compliance mandates by country using our handy Global Compliance Map or tune into the next episode of Compliance Without the Boring Bits to get the latest news, along with a few laughs. For anything else, Basware’s helpful representatives are always on hand. Get in touch today.
