KPMG study finds AI adoption in ESG and compliance remains limited
AI is still barely moving in ESG and GRC work: 82 percent call it important, but only 25 percent and 13 percent are using it.

KPMG Germany’s latest survey puts a hard number on the gap between AI talk and AI use in compliance work. In a survey of 157 companies across Germany, Austria and Switzerland, 82 percent said AI is highly or very highly relevant in ESG, but only 25 percent said they were actively using it there; in governance, risk and compliance, 66 percent called it highly relevant, yet just 13 percent were using it.
That gap matters inside KPMG because the work AI is touching is exactly the work that already eats hours in audit, sustainability reporting and risk teams. KPMG said more than half of companies are using AI in reporting, data management, compliance and audit processes, which suggests the technology is being pushed into structured tasks first, not into new business models. The firm found that 86 percent of companies see efficiency gains as AI’s biggest benefit, while only 23 percent in ESG and 13 percent in GRC see it as relevant for innovation or new business models.

The barriers are not futuristic. KPMG said 71 percent of companies pointed to poor data quality as a major obstacle, 54 percent cited security and compliance requirements, and 49 percent cited a lack of internal expertise. That combination creates exactly the kind of manual burden compliance teams know too well: incomplete ESG data that still has to be cleaned by hand, controls that still have to be documented line by line, and reports that still need human review because the inputs are too messy to automate safely.

For KPMG professionals, that is where the market is likely to buy help. Dr. Jan-Hendrik Gnändiger, the firm’s sustainability reporting lead, is tied to the study and to KPMG’s ESG reporting advisory work, which already covers CSRD, EU taxonomy and ISSB support. KPMG’s own sustainability pages say the EU Green Deal has far-reaching effects on reporting obligations and corporate governance systems, while its reporting guidance says many companies are still early in CSRD implementation. That leaves a clear opening for teams that can combine data governance, assurance and regulatory know-how.
The timing makes the pressure sharper. The Council of the European Union gave final approval on February 24, 2026 to simplify CSRD and CSDDD requirements, and Directive (EU) 2026/470 was published two days later. The European Commission says the first CSRD companies had to apply the rules for financial year 2024, with reports published in 2025, so the region is already moving from preparation into live reporting cycles. A separate KPMG June study found 98 percent of German companies see AI as relevant to their business model and future value creation, and 98 percent say they already have an AI strategy. ESG and compliance are still lagging behind that ambition.
This article was produced by Prism’s automated news system from verified source data, official records, and press releases, then run through automated quality and moderation checks before publishing. The system is built and supervised by the people who set the standards it runs under. Read our full AI policy.
Did this article answer your question?

