COBIT® 2019 explicitly recognizes compliance requirements as a core design factor that significantly influences governance system design. Enterprises operating in highly regulated environments must place stronger emphasis on compliance-related governance and management objectives, controls, and assurance mechanisms.
The Design Guide consistently uses the financial sector as a canonical example of a high-compliance environment due to stringent regulatory oversight related to data protection, financial reporting, risk management, anti-money laundering, and operational resilience. Banks, insurance companies, and investment firms are subject to continuous regulatory scrutiny and mandatory audits, making compliance a dominant governance driver.
While public sector organizations also face regulatory requirements, the level, consistency, and enforcement intensity vary widely by jurisdiction. Educational and nonprofit sectors typically operate under fewer mandatory compliance regimes and therefore are not categorized as high-compliance by default.
COBIT emphasizes that in high-compliance environments, governance design must prioritize objectives related to compliance monitoring, internal control, assurance, and risk optimization. This directly aligns with the characteristics of the financial sector, making it the correct answer.
