PwC finds risk management challenges rising

Top executives are having trouble keeping up with an ever-growing array of risks, as surging inflation, supply chain constraints and the war in Ukraine add to earlier worries about cybersecurity, ransomware and rapid technology changes.

A recent survey from PricewaterhouseCoopers found that 79% of the 3,584 business and risk, audit, compliance executives polled in February and March indicated that keeping up with the speed of digital and other transformations presents a significant challenge. 

“We found that some of the top risks related to revenue growth are overall macro market risks, business and operational models and changes to business operational models,” said Elizabeth McNichol, enterprise tech leader of PwC’s Cyber, Risk & Regulatory practice. “Of course cyber and information management pose significant risks.”

PricewaterhouseCoopers LLP's building stands in the financial district of Toronto, Ontario, Canada
PricewaterhouseCoopers LLP's building stands in the financial district of Toronto, Ontario, Canada, on Wednesday, July 18, 2012. Photographer: Brent Lewin/Bloomberg
Brent Lewin/Bloomberg

Companies are leaning more on risk management technology, with 72% planning on increasing their spending on technology to support the detection and management of risks. The survey found that 39% of the business executive respondents said they are making better decisions and achieving sustained outcomes by consulting with risk professionals early.

“Including risk management capabilities at the start of new projects or other strategic initiatives is something that many of our respondents thought was absolutely critical,” said McNichol. “They’re able to make better decisions because of it. They’re able to achieve more sustained outcomes. Essentially what they’re doing is embedding risk as part of the culture of the organization and having everyone become a risk minded professional.”

Diversity has become more important as well, with 70% of the respondents saying they are prioritizing diversity in their risk teams. 

“The overall objective here is that you have to achieve a panoramic view of risk,” said McNichol. “It’s really a 360-degree view of risk. The way I think of it as a head on a swivel to be able to see what’s coming from all angles. What is critical in being able to achieve that panoramic view is a diverse team that is going to bring diversity of thought. You’ll be better able to achieve that complete view of the risks your organization is facing if you come to the table with a team that has diverse points of view.”

While 38% of the respondents reported that their risk function is not actively seeking external insights to assess and monitor risks, accountants and auditors can play an important role in the risk management process. 

“If I put my auditor hat on, not only looking at it from a financial standpoint, but looking at it operationally, including operational audit, I think what I’d be looking for in terms of the audit of the risk function, is that function truly embedded in the lifecycle of a major project or a strategic initiative?” said McNichol. “For example, within an ERP transformation or a business transformation that is technology enabled, is there a workstream focused on risk, not only the risk in the program itself? Am I thinking about new risks that may exist because of that transformation I’m going through and how am I going to start to prepare for those new risks?”

Adjustments are necessary to risk management, with 22% of the survey respondents indicating they’re realizing benefits from defining or resetting their risk appetite and risk thresholds, wole 56% are investing in risk culture and considering behavioral risk in 2022. Despite the concerns, 47% of the respondents said they’re very confident in their risk function’s ability to build a more risk-aware culture.

“The key takeaway is that panoramic view,” said McNichol. “It’s having the right team embedded in the strategic initiatives that the organization has going on. Whether they’re the transformative initiatives like an ERP implementation or projects related to strategy, it’s critical that a risk team is involved, and then just raising the overall risk IQ of the organization so that you create more risk-minded professionals is important as well.”

For reprint and licensing requests for this article, click here.
Audit Risk management PwC Risk analysis
MORE FROM ACCOUNTING TODAY