Future of risk

Building a trusted risk function to succeed in a riskier world.

26 September 2024

Key themes and statistics Risk transformation steps Related services Contacts

Managing risk is riskier than ever.

In a year marked with both new and ongoing challenges, the demand for strong and robust risk governance and management capabilities has become more crucial than ever for many organisations across Aotearoa New Zealand.

This shift in perception is paving the way for organisations to integrate risk management into their strategies, allowing them to navigate uncertainties more effectively while seizing new opportunities for growth and innovation.

The role of risk functions is broadening to ensure organisations stay resilient and adaptable in a continuously evolving environment.

KPMG’s 2024 global survey of 400 executives reveals that their top priorities for the next few years are adapting to new risk types and adopting advanced analytics and AI. As organisations align risk management with strategic objectives, closer collaboration across the business will be essential.

Building a trusted risk function to succeed in a riskier world.

Download report (PDF 1.6MB)

Three notable focus areas include:

Linking strategy and risk

Facilitating a regular and clearer dialogue between Boards and Management, for integrating strategy and risk to better manage uncertainties and seize opportunities. The traditional C-suite is now evolving into an R-Suite, where executives take an active and collaborative role in managing risks to align to the business strategy.

Driving informed decisions through digital enablement

Equipping business leaders with accurate, timely and comprehensive information that is future focused is critical to making informed decisions. Digital enablement plays an essential role in this transformation, driving the evolution of the risk function to meet the demands of a rapidly changing environment.

Viewing risk as a value enabler

By articulating the value that risk management brings, leaders can effectively shift the perception of the risk function from being the ‘department of NO’ to a wider service embraced by all employees. To successfully navigate the current complex world we live in, the C-suite should embrace risk as an enabler of value, and view risk as an opportunity for growth to fundamentally transform their approach.

Key themes and statistics

Risk is the business of every member of the C-suite, and CROs should spread risk ownership across the organisation, working with business leaders to build risk into their strategy and make it part of their everyday thinking.

61% of executives surveyed inside and outside the risk function expect to see a significant increase in the level of risk they will be responsible for in the next 3-5 years.

Key decisions by the risk function should begin and end by answering the question: how will this next step add value to the business?

Such an approach can help transform risk from the “department of ’no’” to a service that consistently creates value–inspiring everyone across the organisation to incorporate risk into their everyday decision-making.

66% of CEOs and COOs and 57% of CROs and Risk Managers point to a need for cross-functional task forces, collaboration, and communication.

Decisions affecting one office or department can have a ripple effect on all the others, and this applies to risk, too. This means that risk management should be effectively embedded in decision-making throughout the organisation, ideally as part of an “ERP for risk” system.

65% of C-suite executives — and 71% of CROs and Risk Managers — say that the integration of systems, domains, and processes can significantly enhance the effectiveness of risk-related decision-making.

New technology can help risk professionals to manage change better–although it also brings fresh risks like cybersecurity and AI bias. As organisations digitize and embrace AI, they should be seeking to gain trust in its application, preferable via fewer platforms that use common data.

98% of executives in our survey say digital acceleration has improved their organisation's approach to risk, particularly in the fields of identification, monitoring and mitigation.

Investments in AI and gen AI call for a workforce with the skills to deploy these technologies. To do this, organisations should identify the impact of technology, upskill workers, and re-orient the operating model towards value.

45% of C-suite executives prioritise optimising cybersecurity, while 36% of CROs and Risk Managers are focusing on improving IT risk management and integrating data analytics and predictive modeling.

Steps to transform risk management

These are the five key steps towards transforming your risk management function:

Establish a risk vision

To foster a risk-aware culture, conduct a workshop with key stakeholders to discuss key threats, setting a vision, objectives and guiding principles to align the executive team for the transformation.
Develop an enterprise-wide risk management strategy

The risk strategy — which should align directly with the organisation's strategic goals — outlines key risk areas and integrates risk management into business processes
Develop a communication plan

This plan should set out the objectives of risk management transformation, along with appropriate communication channels, to gain support across the C-suite and throughout the organisation.
Identify risk management skills and plan to fill any gaps

A risk management mentorship program can stimulate interest in training and explain how risk impacts people in their daily jobs.
Create a data quality improvement plan

Enhance the accuracy, timeliness and completeness of risk management data by assessing and improving data governance, collection, storage and analysis.