{{item.title}}
{{item.text}}
{{item.title}}
{{item.text}}
The world is different than it was three years ago. The pandemic has caused disturbances in health, economics and markets with strong impacts on the labour market and supply chains. The current volatile geopolitical environment is further exacerbating supply constraints with rapidly evolving sanctions. Ransomware attacks are more frequent and more sophisticated and remain one of the top threats to business over the next five years according to CEOs in PwC’s 26th CEO Survey.
Another key impact of this period is in the social arena, bringing safety and humanity to the forefront of many decisions. Customers, investors and other stakeholders are also laser-focused on ESG, particularly in light of recent proposed SEC climate disclosures.
There has also been an acceleration in the view of what is possible, with many organisations making significant changes to their strategy and operations over this time and now having an impatience to move on opportunities. This is no more so than in the area of digital transformation where PwC’s 2022 Global Risk Survey found that 79% of executives believe keeping up with the speed of digital transformation is a significant risk management challenge for their organisation.
In short, this period is changing how we see risk and opportunity. While any of these quite diverse changes or risks can cause significant impacts alone, it is their degree of interconnectedness that has caused far-reaching implications.
Leading organisations have used this time to enhance their resilience, but also their risk maturity so they are ready today to seize new opportunities for the future with greater confidence. It is clear how valuable risk-informed decisions are, and that risks are no longer something that can be well-handled within organisational silos or a central function. Navigating the risk landscape takes CEO oversight and board-level accountability. To that end, here are four ways many CEOs are changing their thinking about risk.
Strong risk and resilience capabilities provide an edge, allowing an organisation to grow and deliver on their outcomes with confidence by anticipating risk, making risk-informed decisions and cost-effectively mitigating when incidents occur. Leaders should have a handle on all of the moving pieces that contribute to strategic, operational, regulatory and technological risk, the impacts they have across the organisation and how each is being controlled. The Chief Risk Officer is key to curating this, but the entire executive team gets great value from understanding and leveraging it. Data is a key tool in the arsenal to detect changes in the risk landscape and create actionable risk intelligence for them all.
Risk appetite is a key tool to help leaders and people in an organisation understand where they are able to take more risk in pursuit of the strategy, new opportunities and growth. Setting a risk appetite supports agility, clarity and alignment throughout the organisation and we are now seeing this be done across all sectors. It is also a key mechanism to remind everyone of the need for care for broader societal considerations as organisations face decisions and risks.
A strong risk culture also plays a key role in leveraging the upside of risks in an agile manner, aligned to the organisation's purpose and values. More sophisticated techniques are now being used to understand the impact of organisation culture on risk and compliance (and vice versa), and to optimise these.
In a world changing so quickly, one can’t always anticipate future risk by studying the past. Too often risk management relies primarily on wisdom, judgement, past experience and long-held techniques to look at likely risks and consequences. Far less often is the organisation and risk function using significant data to look forward, identify patterns and detect warning signals of new threats across the risk spectrum, and to analyse the potential for and impact of risks.
We are seeing more and more leaders are positioning to anticipate risks and to see changes in them real time, leveraging making more use of internal and external data and new risk technologies to monitor and anticipate risk, and to analyse it more carefully. Real-time data is now used in many aspects of business. Digital marketing responds to consumer data to plan the next best action. And, while self-driving cars may appear magical, they are not - they operate on sensors and real-time data to guide their next move. While applied differently, these techniques and tools can be adopted to anticipate risk and respond with agility. It’s time for risk functions to transform to enable this and in our Global Risk Study, 72% of organisations plan to increase spending on technology to support the detection and monitoring of risks.
It takes diverse perspectives working together to seize opportunities in a risk aware way, and to predict and manage risks. Risk is a team sport. For example, a key component of successful risk management is understanding psychology and human-centred design, yet these are not skills typically found in risk and compliance functions. Such skills have been used in sales, safety, and other functions to motivate and incent people to do, or not do, certain things and to design systems and processes accordingly.
Our Global Risk Survey showed organisations are moving in the right direction with 70% now prioritising diversity in risk teams, making use of alliances to bring diverse expertise and technology to the organisation and enhancing the risk awareness of operational areas more broadly.
In summary, managing risk isn't about responding to change. It's about changing the way we see, shifting our perspective and considering different angles to anticipate and be agile. When we look in new ways, we unlock new possibilities. At PwC we’re helping our clients change the way they see risk.
Partner, Cybersecurity, Privacy and Financial Crime National Leader, PwC Canada, PwC Canada