Regulatory Changes, Economic Uncertainty, Culture Among Top Risks for Organizations, According to New Survey

Entering into a new decade, boards and C-suite leaders around the globe are concerned with the escalating competition for specialized talent, their organizations’ culture and the ability to advance their digital maturity and embrace the transformative opportunities of technology. Business leaders contend that, coupled with the ongoing economic uncertainty and unknown future regulatory changes, these risks could impact their ability to effectively compete, grow their business and achieve operational targets in 2020 and beyond.

This is according to findings from the “Executive Perspectives on Top Risks 2020” survey, released yesterday, by Protiviti and North Carolina State University Poole College of Management’s Enterprise Risk Management (ERM) Initiative. Now in its eighth year, the latest survey identified top concerns on the minds of over 1,000 board members and C-suite executives from large organizations in a variety of industries around the globe.

The Top 10 Risks for 2020

Survey respondents were asked to rate 30 macroeconomic, strategic and operational risks. The top 10 risks are as follows:

  1. Regulatory changes and scrutiny may impact operational resilience and production and delivery of products and services.
  2. Economic conditions may significantly restrict growth opportunities.
  3. Succession challenges and ability to attract and retain top talent may be more difficult.
  4. Limited operational resilience of legacy IT infrastructure and digital capabilities may restrict the organization’s ability to compete with “born digital” players.
  5. Resistance to change may restrict organizational agility.
  6. Preparedness to manage cyber threats may be insufficient.
  7. Ensuring privacy/identity management and information security/system protection may be challenging.
  8. Company culture may not empower timely identification and escalation of risk issues.
  9. Sustaining customer loyalty and retention may be increasingly difficult.
  10. Adoption of AI-enabled technologies may require new skills that are either in short supply or require significant upskilling/reskilling of existing employees.

While several of the risks remain consistent with findings from previous years, including concerns around regulation, cyber threats, operational resilience, privacy management and information security, this year’s results show an escalation of anxiety related to overall economic issues across domestic and international markets – climbing from number 11 last year to the number two risk concern for 2020.

Listen to the podcast with Jim DeLoach and Mark Beasley. (19 min)

Given the relative riskiness of the business environment, now may be the time for boards and C-suites to closely examine how their organizations approach risk management and oversight in the digital age to pinpoint aspects requiring significant improvement. To that end, the Protiviti-NC State report includes a call to action, offering executives and directors diagnostic questions to consider when evaluating their own risk assessment and risk management processes. These diagnostic questions address five topical areas:

  • Assessing impact of leadership and culture on our risk management process, e.g., is the organization’s culture affecting how employees engage in risk management processes and conversations and, if so, how do we know?
  • Ensuring a sufficiently robust risk management approach, e.g., is the risk management process supported by an effective, robust methodology that is definable, repeatable and understood by key stakeholders?
  • Evaluating whether the risk focus is sufficiently comprehensive, e.g., to what extent is the company’s focus on external risks linked to geopolitical shifts, emerging disruptive innovations and changes in macroeconomic factors?
  • Clarifying accountabilities for managing risks, e.g., is there actionable, current risk information that is widely shared to enable more informed decision-making?
  • Communicating an enterprise view of top risks and board risk oversight, e.g., is there a periodic board-level dialogue regarding management’s appetite for risk-taking and whether the organization’s risk profile is consistent with that risk appetite?

Protiviti held a 75-minute webinar exploring the implications of the survey results on December 18, 2019 at 1:00 p.m. PST, featuring DeLoach, Protiviti Managing Director, co-author of the report and blog host, Protiviti Executive Vice President Pat Scott, and NC State’s Dr. Mark Beasley, professor of Enterprise Risk Management and director of NC State’s ERM Initiative and co-author of the report. Watch the webinar on-demand here.

Learn about Protiviti’s Risk Management Consulting Services and read posts on The Protiviti View related to risk management.

Add comment