Future of risk

Managing risk is riskier than ever

Enterprises are facing an array of reputational, environmental, regulatory, and societal forces. To navigate this complex landscape, the C-suite should seek to embrace risk as an enabler of value and fundamentally transform their approach.

KPMG’s 2024 global survey of 400 executives reveals that their top priorities for the next few years are adapting to new risk types and adopting advanced analytics and AI. As organisations align risk management with strategic objectives, closer collaboration across the enterprise will be essential.

Download report

Future of risk

Building a trusted risk function to succeed in a risker world

Download

Key themes and statistics

looks_one

The C-suite must become the R-suite

Risk is the business of every member of the C-suite, and CROs should spread risk ownership across the organisation, working with business leaders to build risk into their strategy and make it part of their everyday thinking.

61% of executives surveyed inside and outside the risk function expect to see a significant increase in the level of risk they will be responsible for in the next 3-5 years.

looks_two

Risk as a value creator across the business

Key decisions by the risk function should begin and end by answering the question: how will this next step add value to the business?

Such an approach can help transform risk from the “department of ’no’” to a service that consistently creates value – inspiring everyone across the organisation to incorporate risk into their everyday decision-making.

66% of CEOs and COOs and 57% of CROs and Risk Managers point to a need for cross-functional task forces, collaboration, and communication.

looks_3

Integrate and connect risk into business decision making

Decisions affecting one office or department can have a ripple effect on all the others, and this applies to risk, too. This means that risk management should be effectively embedded in decision-making throughout the organisation, ideally as part of an "ERP for risk" system.

65% of C-suite executives — and 71% of CROs and Risk Managers — say that the integration of systems, domains, and processes can significantly enhance the effectiveness of risk-related decision-making.

looks_4

Leverage digital acceleration and data analytics

New technology can help risk professionals to manage change better although it also brings fresh risks like cyber security and AI bias. As organisations digitise and embrace AI, they should be seeking to gain trust in its application, preferable via fewer platforms that use common data.

98% of executives in our survey say digital acceleration has improved their organisation's approach to risk, particularly in the fields of identification, monitoring and mitigation.

looks_5

Build a risk-centric workforce

Investments in AI and gen AI call for a workforce with the skills to deploy these technologies. To do this, organisations should identify the impact of technology, upskill workers, and re-orient the operating model towards value.

45% of C-suite executives prioritise optimising cyber security, while 36% of CROs and Risk Managers are focusing on improving IT risk management and integrating data analytics and predictive modelling.

download

Read the full Future of Risk report.

Download report

Steps to transform risk management

These are the five key steps towards transforming your risk management function:

Establish a risk vision

To foster a risk-aware culture, conduct a workshop with key stakeholders to discuss key threats, setting a vision, objectives and guiding principles to align the executive team for the transformation.
Develop an enterprise-wide risk management strategy

The risk strategy — which should align directly with the organisation's strategic goals — outlines key risk areas and integrates risk management into business processes.
Develop a communication plan

This plan should set out the objectives of risk management transformation, along with appropriate communication channels, to gain support across the C-suite and throughout the organisation.
Identify risk management skills and plan to fill any gaps

A risk management mentorship program can stimulate interest in training and explain how risk impacts people in their daily jobs.
Create a data quality improvement plan

Enhance the accuracy, timeliness and completeness of risk management data by assessing and improving data governance, collection, storage and analysis.