The risk landscape is constantly evolving. The challenge for organizations is to find a way to cope not only with business as usual, but also navigate through disruptive forces to successfully meet strategic objectives. When risks materialize and culminate in crisis, the organization’s response and resilience go through a litmus test.
Boards of Directors are increasingly interested in understanding the overall risk governance framework that runs throughout the organization’s value chain. From a monitoring and oversight perspective, the expectation is to demonstrate an integrated management framework with a proactive and efficiency-oriented philosophy that leverages artificial intelligence, data analytics, and other digital enablers.
Organizations must have a balanced view of the drivers of change and disruptors, as they will bring a whole set of new opportunities in their wake. To drive performance, risk management transformation is imperative. For this transformation, risk management functions should consider the following actions:
- Creation of a comprehensive enterprise risk management (ERM) framework) with basic elements such as governance frameworks, risk management tools and procedures for operational discipline.
- Capacity building for continuous risk detection and fostering collective risk management across the extended value chain, the network economy requires collective risk management. As organizations become deeply involved with a large number of external stakeholders (suppliers, business partners, regulators, etc.), organizations must develop risk detection capacity and use this collective ecosystem or extended value chain to identify , manage and mitigate risks.
- Implementation of cognitive technology in a digitally secure way for risk analysis and detection, driven by the development of artificial intelligence, robotics and easy access to big data.
- Digital risk management through the implementation of extended controls through technology as part of products, services and business models to monitor and manage risks in real time.
- Developing surveillance and resilience to complement risk prevention through continuous monitoring.
- Creation of an integrated risk management and control organization enabled by robotics, machine learning and artificial intelligence for integrated assurance across all lines of defense (LOD), predictive risk management and continuous improvement of controls.
- Use behavioral science to obtain risk information, behavioral science can be used to understand risk perception, influence risk behavior, and improve risk-related decision making.
- Increase the use of risk transfer instruments to offset the costs involved in recovering from a risk event.
- Develop the digital capabilities of risk management professionals. Risk management professionals must be trained to work with emerging technology and in new disciplines such as automation, blockchain, cybersecurity, cloud to manage associated risks.
In the future, risk management will transcend the mechanics of metrics, measurements, and models and enable information-rich approaches to support business strategies and processes. The risk agenda is expected to be driven by convergence among the three lines of defense, with the common goal of keeping risks within the organization’s appetite.