The 2012 State of Compliance Study of PwC indicates that:

The main idea here is how the reporting line of a compliance function affects governance and independence. The PwC 2012 State of Compliance Study found that about the same share of compliance officers report to the audit committee as to the general counsel. This balance shows that organizations value either board-level oversight or strong alignment with legal risk management, rather than pushing compliance into only one place. Reporting to the audit committee can boost independence from day-to-day management and enhance objectivity, while reporting to the general counsel ties compliance more closely to legal risk and enterprise risk management. The roughly equal distribution indicates there isn’t a single preferred model; both structures can work well depending on the organization’s context. The other statements either misstate typical roles (compliance officers aren’t universally part of internal audit) or oversimplify reporting practices (they don’t “always” coordinate with external auditors for financial reporting, nor should they be categorically excluded from management involvement).