51% of Executives Weigh DEI Rollbacks

CCI staff share recent surveys, reports and analysis on risk, compliance, governance, infosec and leadership issues. Share details of your survey with us: editor@corporatecomplianceinsights.com.

61% consider removing DEI language from outward-facing communications

A majority of C-suite executives (51%) are considering rolling back aspects of their DEI programs following President Donald Trump’s executive orders targeting such initiatives, according to new research from global law firm Littler. The firm’s post-inauguration survey, conducted Jan. 30-Feb. 7, found that many organizations are focusing primarily on reducing the visibility of their programs rather than eliminating them entirely.

Among executives considering DEI rollbacks, the largest percentage (61%) are weighing whether to remove or reduce DEI-related language from their websites, proxy statements and outward-facing communications. More substantial programmatic changes are also under consideration, with 52% contemplating eliminating DEI benchmarks and metrics, 45% considering scaling back employee training and 38% potentially ending incentives tied to advancing DEI priorities.

Despite these potential changes, most organizations appear reluctant to dismantle their programs completely. Only 8% of the 340 C-suite leaders surveyed are seriously considering significant changes, and just 22% of those weighing rollbacks are considering reducing or eliminating DEI-focused roles.

“We are discussing ways to thread the needle in a manner that maintains commitment to diversity and inclusion for all,” noted one executive, reflecting the balancing act many companies are attempting between maintaining workplace inclusion efforts and responding to the new political climate.

Other key findings:

• 60% of organizations are awaiting further details on the administration’s priorities and enforcement mechanisms before making program modifications.
• 55% report increased concern about DEI-related lawsuits, government enforcement actions and shareholder proposals following the inauguration.
• Large organizations (5,000+ employees) are more than twice as likely as smaller companies to be considering program changes (37% vs. 16%).
• 53% of executives believe anti-DEI policies from the Trump Administration, which are facing court challenges, will lead organizations to decrease their DEI commitments over the next year — up from 38% pre-inauguration.

88% of depositors would accept lower returns for values alignment and deposit safety

Nine in 10 depositors would accept a lower rate of return on their deposits if their financial institution aligned with their values and guaranteed the safety of deposits, according to new research from finserv firm Ampersand. The report, which includes surveys of 264 executives and senior managers involved in deposit decisions, reveals that liquidity of funds and robust security measures are the factors that would most improve depositors’ experiences.

The study found that safety and security remain paramount concerns for depositors, with 90% citing concerns about the safety of their deposits today and even stronger concerns for the future. In response, 70% of respondents have already made changes to their deposit behavior, primarily by moving funds to larger banks, using deposit protection products, or spreading funds across multiple institutions.

“While safety and security remain at the forefront for Depositors, liquidity of funds is also of utmost importance today,” notes the report. “Fully insured deposits is in the top 3 of what’s important to Depositors when deciding where to deposit their funds.”

Other key findings:

• 61% of respondents are limited in their ability to select a new financial institution due to existing loan agreements, though 88% of those would consider moving deposits if they could.
• 88% of financial services professionals agree that demand for values-based banking products has increased in recent years.
• While large institutions are seen as best equipped to offer attractive rates and safety assurances, 58% believe mid-sized institutions are poised to offer tailored deposit solutions aligned with clients’ needs and values.
• Fee levels, fully insured deposits, and attractive rates ranked as the most important factors for non-financial sector depositors when choosing where to place their funds.
• Key barriers to switching financial institutions include existing relationships, concerns about switching costs, potential service disruptions, and the perceived complexity of the process.

48% of GRC professionals struggle to keep pace with compliance changes

Nearly half of GRC professionals are finding it difficult to stay current with updates to existing compliance frameworks, according to new research from Drata, a compliance automation provider. The company’s research reveals that 96% of respondents cite high-profile breaches and compliance fines as reasons GRC is getting more attention within organizations.

Despite these challenges, 98% of professionals surveyed believe GRC achievements are worth highlighting to customers and other stakeholders to build trust. The research also found that GRC teams spend an average of 14 hours per week on manual interventions, while 45% of respondents worry about balancing compliance with innovation, data privacy protection and maintaining operational resilience.

“Governance, risk, and compliance has long been a pain point for organizations, and despite the improvements we’ve seen in recent years, it’s clear many of those challenges still exist today, making it difficult for business to properly maintain their GRC program and effectively maintain trust,” said Matt Hillary, Drata’s chief information security officer and VP.

Other key findings:

• 51% of businesses experienced brand safety and reputation issues due to inadequate compliance postures and processes.
• 49% reported security or data breaches resulting from compliance shortcomings.
• While 100% of companies surveyed expect employees to increase their use of AI technologies in the next 12 months, only 10% have a GRC program fully prepared to manage it.
• 46% believe AI will improve regulatory compliance, but 43% fear AI biases impacting GRC decision making and 39% worry about AI hallucinations giving improper GRC guidance.

Ransomware attacks increase as threat actors double, report finds

The number of cyber threat actors nearly doubled in 2024, rising 96% from 27 to 53 separate groups, according to new research from global cybersecurity consultancy S-RM. The firm’s 2025 “Cyber Incidents Insights Report” reveals that ransomware remained the leading attack type for the third consecutive year, accounting for over one-third of all incidents the company responded to.

Despite the proliferation of threat actors, organizations are becoming more resilient to ransom demands. The proportion of incidents resulting in ransom payments has nearly halved since 2022, indicating improved organizational defenses and recovery capabilities.

“Last year was about staying nimble and adaptable as the number of threat actors proliferated,” said Paul Caron, head of cybersecurity for the Americas at S-RM. “With increased competition for potential targets, cybercriminals sought out a wider variety of targets, going beyond large companies to include small and medium-sized businesses.”

Other key findings:

• Exploited vulnerabilities in public-facing systems accounted for 39% of entry methods in extortion cases S-RM supported in 2024.
• The number of organizations posted on ransomware and data-theft leak sites grew by 13% in 2024, down from 70% growth the prior year.
• Small businesses are increasingly in the crosshairs, with a 53% increase in the number of small businesses named on ransomware leak sites.