Across nearly all risk challenges, risk executives rate themselves as “well prepared” to respond, according to our survey of 390 Chief Risk Officers (CROs).
Let’s look deeper at this high level of confidence in risk preparedness, especially given the risks across today’s business landscape, which range—from rapidly changing markets to mounting compliance requirements to social and political volatility—.
In our new survey of 390 Chief Risk Officers (CROs), we were surprised to learn that despite organizations operating in an era of compound volatility, organizations generally report feeling ready to address the risks they face. Across nearly all risk challenges, risk executives rate themselves as “well prepared” to respond to each one.
As trusted business advisors with a strong pulse on the uncertainties of the current economic and political environment, this data raises some critical questions. How is the high level of confidence in risk preparedness possible, when the risks across today’s business landscape are so highly complex and volatile? When organizations face such a multitude of interrelated challenges—from rapidly changing market conditions to social and political volatility, to increasing business transformation and digitization, to mounting compliance requirements—can they truly be ready to manage their risks?
Least ready for the most complex risks
A closer analysis of the survey results reveals that risk readiness is not uniform, nor as rosy as it looks at first glance. Where confidence lags is in dealing with reducing risk exposure to especially complex, inter-connected, unpredictable, and far-reaching disruptions.
40%
of risk leaders say they do not feel well prepared to manage an economic downturn/recession.
37%
do not feel well prepared when it comes to geopolitical risks.
The two risks CROs are least prepared for have something in common: They are hard to plan for or control, and they often exacerbate or create other interrelated risks. This “compound volatility” creates potentially high exposure and impact.
Economic downturn/recession, geopolitical risks and cybersecurity threats have something in common: They are extremely complicated issues that create and exacerbate multiple other interrelated risks across sectors and portfolios. This cumulative effect of “compound volatility” creates a great deal of uncertainty, with potentially very high exposure and impact.
In contrast, risk leaders are more confident about their ability to respond to their other leading risk challenges—regulatory/compliance risks and cybersecurity threats/date breaches according to our risk survey. However, 53 percent also say optimizing cybersecurity measures to safeguard against potential threats or opportunity is the highest priority risk areas to modernize in the next two years.
Economic downturn/recession, geopolitical risks and cybersecurity threats have something in common: They are extremely complicated issues that create and exacerbate multiple other interrelated risks across sectors and portfolios. This cumulative effect of “compound volatility” creates a great deal of uncertainty, with potentially very high exposure and impact.
In contrast, risk leaders are more confident about their ability to respond to their other leading risk challenges—regulatory/compliance risks and cybersecurity threats/date breaches.
1
2
The two risks CROs are least prepared for have something in common: They are hard to plan for or control, and they often exacerbate or create other interrelated risks. This “compound volatility” creates potentially high exposure and impact.
28%
Less than 3 in 10 CROs feel unprepared to manage to regulatory/compliance risks.
21%
feel unprepared to manage cybersecurity/threats/data breaches.
Less than 3 in 10 CROs feel unprepared to manage to regulatory/compliance risks
feel unprepared to manage cybersecurity/threats/data breaches.
The two risks CROs are least prepared for have something in common: They are hard to plan for or control, and they often exacerbate or create other interrelated risks. This “compound volatility” creates potentially high exposure and impact.
28%
Less than 3 in 10 CROs feel unprepared to manage to regulatory/compliance risks, while just 21% feel unprepared to manage cybersecurity/threats/data breaches.
While 21%
feel unprepared to manage cybersecurity/threats/data breaches.
The key will be enhancing risk intelligence and data-driven decision-making. This will require shifting away from the typical approach to risk readiness, which focuses on the most likely risk events based on historic patterns.
Future-ready risk functions will reorient risk planning and response around real-time data insights and speedy, agile decision making. Here are four starting tips to help your organization on the path to improving risk preparedness in this era of compound volatility.
How can companies better anticipate, plan for and respond to the broadest and most volatile market risks, like economic, geopolitical and cybersecurity issues?
The key will be enhancing risk intelligence and data-driven decision-making. This will require shifting away from the typical approach to risk readiness, which focuses on the most likely risk events based on historic patterns.
Future-ready risk functions will reorient risk planning and response around real-time data insights and speedy, agile decision making.
Here are four starting tips to help your organization on the path to improving risk preparedness in this era of compound volatility.
Centralize the risk technology environment: Integrate and connect risk management solutions and technologies to embed risk intelligence and management closer to the point of risk origin.
Look at data more holistically: Collect and analyze data across disparate domains and systems to drive greater understanding on the interconnectedness and compounding effects of risk events across business functions to drive risk-informed business decision making.
Identify and respond to risk signals quicker with advanced risk management capabilities: Use advanced risk intelligence techniques such as real-time indicators and thresholds, continuous monitoring capabilities, and scenario planning and trend analysis to adopt a more proactive risk posture.
Improve risk awareness and involvement: Expand transparency and access to risk insights to allow more stakeholders to quickly act to respond to risks.
Centralize the risk technology environment
Integrate and connect risk management solutions and technologies to embed risk intelligence and management closer to the point of risk origin.
Look at data more holistically
Collect and analyze data across disparate domains and systems to drive greater understanding on the interconnectedness and compounding effects of risk events across business functions to drive risk-informed business decision making.
Identify and respond to risk signals quicker with advanced risk management capabilities
Use advanced risk intelligence techniques such as real-time indicators and thresholds, continuous monitoring capabilities, and scenario planning and trend analysis to adopt a more proactive risk posture.
Improve risk awareness and involvement
Expand transparency and access to risk insights to allow more stakeholders to quickly act to respond to risks.
Risk preparedness
Want to learn more about how your peers and competitors are navigating pressing risk challenges—and how your approaches and capabilities match up? Read our 2023 CRO Survey for timely insights, perspectives and recommendations for risk leaders.
A closer analysis reveals that risk readiness is not uniform, nor as rosy as it looks at first glance. Confidence lags in dealing with reducing risk exposure to especially fast-moving, unpredictable, and far-reaching disruptions.
Of the challenges risk executives identified as the biggest their organizations’ will face in the next 2-5 years, they feel least prepared to address:
In contrast, risk leaders are more confident about their ability to respond to their other leading risk challenges: regulatory/compliance risks and cybersecurity threats/date breaches. Less than 3 in 10 CROs (28%) feel unprepared to manage to regulatory/compliance risks, while just 21% feel unprepared to manage cybersecurity/threats/data breaches.
The two risks CROs are least prepared for have something in common: They are hard to plan for or control, and they often exacerbate or create other interrelated risks. This “compound volatility” creates potentially high exposure and impact.
How can companies prepare for and respond to these broad and volatile market risks?
One key is to enhance risk intelligence and data-driven decision-making?
Here are four starting tips to help your organization on the path to improving risk preparedness in this era of compound volatility:
KPMGs vision of healthcare transformation and the art of the possible
Gain next-step knowledge from KPMG action plans. Request the KPMG 2023 CRO Survey.
Building stakeholder trust in risk transformation
Service
Risk Intelligence
Navigate complex risks with a comprehensive, automated solution for confident, informed decision-making.
