Key Takeaways from Compliance. Curated. 2025: Building Better Risk and Control Practices

Last week, we had the pleasure of hosting Compliance. Curated. by Impero, our annual gathering of risk, compliance, finance, and internal control professionals. Over two days, we exchanged ideas, debated challenges, and learned from an incredible lineup of speakers, customers, and partners.

For those who could not attend, we have pulled together key highlights and practical takeaways. The conversations all circled around one common theme: how to move risk and compliance from a check-the-box exercise into a strategic enabler for organizations.

Compliance is about people as much as processes

Our opening session with Christina Gravert, Associate Professor in Behavioral Economics at the University of Copenhagen, reminded us that compliance is not just about systems and policies. It is about people.

Through her research on nudging, Christina showed how small interventions can help people do the right thing more consistently. Simple reminders, clear instructions, and making tasks easier to complete can dramatically increase compliance. Her message was clear:

• Experiment with different ways of wording and structuring controls
• Trust that most people want to comply, and focus on reducing friction
• Remember that compliance crosses cultures and contexts

The lesson? Strong compliance cultures are built on human behavior as much as on technical knowledge.

Internal controls must be designed for impact

Morten Schleicher Christensen, Director of Customer Experience at Impero, led a session on what makes internal controls actually work in practice.

His point was simple but powerful: controls are only as strong as their design.

• Too simple, and they lack evidence and accountability
• Too complex, and they risk not being completed at all

The sweet spot is designing controls that are efficient, robust, and truly embedded in daily operations. Participants walked away with practical guidance on balancing usability with assurance, and on ensuring that controls mitigate real risks rather than just filling documentation gaps.

From burden to business enabler

One of the most engaging sessions came from Alexandra Vlasova, Head of Risk & Internal Control at Royal Unibrew. She challenged us to rethink how we position controls inside organizations.

Controls, she argued, need a rebrand. They should not be seen as an audit cost center, but as a business enabler. That shift starts with:

• Speaking the language of value, speed, and trust when engaging executives
• Securing C-suite buy-in, while building internal champions at the operational level
• Delivering quick wins that prove value today, while shaping the culture for tomorrow

Her interactive session showed how controls can empower growth when teams see them as tools that build credibility, not just compliance.

AI and governance: balancing speed with oversight

AI was a hot topic throughout the event, and our fireside chat with Anja Monrad, experienced board member and former Audit Committee Chair, brought a board-level perspective.

Anja emphasized that while AI promises speed and scale, it comes with very real risks if governance is not prioritized. Without strong oversight, organizations face:

• Hidden costs and wasted budgets
• Reputational risks from bias or opacity
• Regulatory consequences under GDPR or the upcoming EU AI Act

Her advice was clear: oversight cannot be optional. Governance must evolve to keep pace with AI’s velocity. At the same time, organizations that adopt AI responsibly can strengthen controls, improve insights, and free up capacity for strategic work.

Future-proofing internal controls

In a panel moderated by Jeanne Koch Rasmussen from our partner PwC Denmark, the discussion focused on the rapid pace of change in the risk and control environment. Digital transformation, regulatory acceleration, and rising cyber threats are reshaping the landscape.

Key takeaways included:

• Malene Prehn (HBK): Ensure an integrated approach towards risk management, and establish risk, control and compliance as a business partner in the organization
• Robbie O’Neill (STG): With regulations constantly changing and once-in-a-lifetime events occurring more frequently, it’s important to partner with legal on new risks as they develop
• Jens P. (Demant): It’s key to work towards a global standardized compliance process, while still taking into account local risks & internal controls

The panel’s conclusion was that resilience, not just compliance, must be the new benchmark.

Practical transformation journeys

Hearing from professionals who have been through the journey was another highlight. Christian Reimar, Senior Manager of Financial Compliance at Radiometer, shared how his team rolled out internal controls to 35 entities worldwide.

By leveraging technology, they achieved:

• Reduced time on audit preparation and self-testing
• A truly global overview of risks and controls
• Significant reductions in manual follow-up work

His message summed it up: “If it is not in Impero, it is not done.”

This story showed how structured internal control processes, supported by the right tools, can turn compliance from a burden into a scalable, strategic advantage.

Building community in compliance

Finally, Rikke Stampe Skov, CEO of Impero, and Jacob Engedal Sørensen, co-founder of Impero, reminded us why events like Compliance.Curated. matter.

Compliance can often feel like a solitary role. But when professionals come together, share experiences, and challenge each other, it builds trust and transparency across organizations. That is how internal champions are born. True transformation in risk and compliance does not happen in isolation. It takes a community.

Looking ahead

Compliance. Curated. 2025 was a reminder that risk and compliance are not static. They are evolving disciplines that require both technical solutions and human-centered approaches. From nudging behaviors to designing smarter controls, from embedding AI responsibly to rethinking compliance as a growth driver, the conversation is only just beginning.

We are grateful to every speaker, partner, and participant who contributed to these discussions. Together, we are shaping the future of risk and compliance.

Stay tuned for more insights at our Q3 Product Update webinar on October 1st, where we will share the latest updates to the Impero platform.