Insights

Fresh thinking and actionable insights that address critical issues your organization faces.

Learn more

Resources

Services

KPMG's multi-disciplinary approach and deep, practical industry knowledge help clients meet challenges and respond to opportunities.

Services to meet your business goals

Technology Alliances

KPMG has market-leading alliances with many of the world's leading software and services vendors.

View all Alliances

Industries

Helping clients meet their business challenges begins with an in-depth understanding of the industries in which they work. That’s why KPMG LLP established its industry-driven structure. In fact, KPMG LLP was the first of the Big Four firms to organize itself along the same industry lines as clients.

How We Work

We bring together passionate problem-solvers, innovative technologies, and full-service capabilities to create opportunity with every insight.

Learn more

Careers & Culture

What is culture? Culture is how we do things around here. It is the combination of a predominant mindset, actions (both big and small) that we all commit to every day, and the underlying processes, programs and systems supporting how work gets done.

Learn more
Relevant Results
Sorry, there are no results matching your search.
Autocomplete suggestions are available. Use up and down arrows to review and enter to select.
See more results

Enterprise Risk: A New Frontier for Private Company CFOs

CFOs now face the challenge of managing top risks, adding pressure to their financial duties. Learn how top CFOs tackle this issue.

What is ERM?
Enterprise risk management (ERM) a more holistic approach to managing risk that accounts for the multifaceted aspect of risk and specifies more structured processes for mitigation.
Read more

Private company chief financial officers (CFOs) are increasingly being called upon to help the enterprise manage their top risks. And that is creating new pressures for today’s finance professionals. In this edition of Privately Speaking, we explain how leading CFOs are dealing with the challenge.

The multiplicity of today’s CFO 

The pressure on private company CFOs is massive. On the one hand, you are expected to be an effective steward of the company’s finances, profit and loss reporting, and balance sheets. But increasingly, you are also under pressure to help the organization manage risks. 

The problem is that, in most companies, there is a disconnect between the functional risk owners and the board and executive team. And the CFO is often the one who needs to bridge that gap.

For private company CFOs, therefore, enterprise risk management (ERM) has become a hot topic with many different connections and players—as well as consequences for inaction. 

CFOs play a crucial role in managing enterprise risk by bridging the gap between functional risk owners and the board and executive team. By prioritizing risks, allocating capital, and making informed decisions, CFOs can effectively manage risk and ensure the long-term success of their organizations.

Francois Chadwick

Partner, Tax, KPMG Private Enterprise

Are you ready?

For CFOs, the top risks vary based on the industry their business operates in. For a company with a strong emphasis on employees, talent is a top risk. For another organization, the CFO may see reputational risk entering their top 10.

So where should you be focusing in order to ensure you remain on top of your risks? Here are five key areas based on our experience working with private market CFOs and risk managers:

1

Risk prioritization: CFOs need to lead their organizations in prioritizing the risks to focus risk mitigation efforts on. Our conversations with CFOs indicate there is consensus on a couple of points. First, don’t overwhelm the board with too many risks. Rather than presenting 10 risks, perhaps a better number is three to five. Second, all top risks need risk owners or committees, as well as mitigation plans that are regularly reviewed and updated.

2

Enterprise risk management toolset: Risk managers use many tools, including metrics, heat maps, bowtie analysis, tabletop exercises, and scenario planning, as well as various governance, risk management, and compliance platforms. CFOs need to fund the tools that address the top risks without losing sight of lower tiered risks that might warrant attention later. CFOs armed with risk personnel, risk committees, and risk tools are well equipped to communicate with the board and senior leadership about the status of the ERM program.

3

Climate reporting: CFOs with global operations are well aware of climate reporting requirements. In the US, CFOs need to be aware of Securities and Exchange Commission standing with its climate initiative. For CFOs with global operations, climate reporting isn’t coming in the future; it’s here. For those doing business in the European Union, compliance with the Corporate Sustainability Reporting Directive (CSRD) may begin January 1, 2025.1 Closer to home is California’s rules on emissions disclosures, which are also effective January 1, 2025.2

4

Third-party risk management: CFOs need to be aware where the risk of incidents is higher. Risks posed by third-party vendors require special attention. Some CFOs are changing their vendor management program; instead of staffing a large team to manage vendors, they put the onus on vendors to meet the company’s standard for doing business. Other companies may want to follow that logic when onboarding new vendors.

5

Cybersecurity risk management: As companies modernize operations, there is an increasing demand on AI and digital that increases the risk of cyber incidents. And as cyber threats grow in volume and sophistication and technology becomes essential for meeting the needs of your customers, employees, suppliers, and society, your cybersecurity must build resilience and trust. Special plans are needed to mitigate the enterprise risk from cyber.

Three quick tips on risk management for private company finance professionals:

  1. Review and adjust top risks quarterly or annually based on your company needs.
  2. Give extra attention to cyber and third-party risks due to higher incident rates.
  3. Remember that statements on climate disclosures turn into disclosure risks.

Is your business highly regulated?

CFOs with highly regulated businesses have double duty: compliance and risk management. Compliance designed to address a known risk can help lessen risk, but residual risk remains.

“We have a dual model—check-the-box for regulators, and then we have our ERM program that drives value for the company,” noted the CFO of one US insurance company.3

Risk identification and prioritization is a never-ending critical process. Many finance professionals perform an annual risk assessment that is reviewed with audit and risk committees. This leads to identifying new risks, new metrics to add and risks to drop from the list.

Three core steps to staying on top of your risks:

  • Step 1: Review last year’s ERM key risks with leaders and cover what’s changed and what’s new.
  • Step 2: Take the outcomes of that review to risk owners and ask, “Do we need to mitigate this? If the answer is yes, then what’s the plan? If the answer is no, then do we accept the risk at some level?”
  • Step 3: Develop your mitigation plans and check in on mitigation efforts. Have risk owners report to the board.

Footnote

  1. Voice of the CFO, KPMG LLP, June 2024.
  2. Ibid.
  3. Ibid.

Private companies can effectively manage risk by reviewing and adjusting their top risks quarterly or annually based on their company needs. This allows them to stay ahead of potential risks and challenges, and better prepare for the future.

Conor Moore

Global Head, KPMG Private Enterprise

Explore more

Insight
Webcast Replay Webcast Upcoming Listen Now

Voice of the CFO

KPMG regularly convenes chief financial officers to discuss emerging trends, exchange leading practices, and interact on key challenges.

Read more
Insight
Webcast Replay Webcast Upcoming Listen Now

Privately Speaking Series

Practical insights for private market leaders from private company advisors.

Read more

Meet our team

Image of Conor Moore
Conor Moore
Global Head of KPMG Private Enterprise, KPMG International, and Head of KPMG Private Enterprise, KPMG US
Read bio
Image of Francois Chadwick
Francois Chadwick
Partner, Tax, KPMG US
Read bio
Image of Conor Moore
Conor Moore
Global Head of KPMG Private Enterprise, KPMG International, and Head of KPMG Private Enterprise, KPMG US
Read bio
Image of Francois Chadwick
Francois Chadwick
Partner, Tax, KPMG US
Read bio

Subscribe to Private Enterprise insights

Subscribe to receive pertinent information that will help you drive value for your private company.

Subscribe

Thank you

You are now subscribed and will begin receiving insights from KPMG's Private Markets Group. You will receive a confirmation email in your inbox.

Private Enterprise Insights

Complete the form and select your interests to receive pertinent information to help you drive value for your private company.

By submitting, you agree that KPMG LLP may process any personal information you provide pursuant to KPMG LLP's Privacy Statement.

An error occurred. Please contact customer support.

Explore other services tailored to your business

Service
Enterprise risk management
Read more
Service
Enhance stakeholder trust that makes the difference.
Read more

KPMG. Make the Difference.


Some or all of the services described herein may not be permissible for KPMG audit clients and their affiliates or related entities.

The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act upon such information without appropriate professional advice after a thorough examination of the particular situation. KPMG LLP does not provide legal services.

The information contained herein is not intended to be “written advice concerning one or more Federal tax matters” subject to the requirements of section 10.37(a)(2) of Treasury Department Circular 230.

© 2024 KPMG LLP, a Delaware limited liability partnership and a member firm of the KPMG global organization of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.

For more detail about the structure of the KPMG global organization please visit https://home.kpmg/governance.

Thank you!

Thank you for contacting KPMG. We will respond to you as soon as possible.

Contact KPMG

Use this form to submit general inquiries to KPMG. We will respond to you as soon as possible.

By submitting, you agree that KPMG LLP may process any personal information you provide pursuant to KPMG LLP's Privacy Statement.

An error occurred. Please contact customer support.

Job seekers

Visit our careers section or search our jobs database.

Search now!

Submit RFP

Use the RFP submission form to detail the services KPMG can help assist you with.

Submit

Office locations

View locations

International hotline

You can confidentially report concerns to the KPMG International hotline

Learn more

Press contacts

Do you need to speak with our Press Office? Here's how to get in touch.

Contact

Headline