Global survey of boards and executives identifies potential regulatory changes and economic uncertainty as top risks for organizations in the ever-advancing digital age
MENLO PARK, CA — December 12, 2019 — Entering into a new decade, boards and C-suite leaders around the globe are concerned with the escalating competition for specialized talent, their organizations’ culture and the ability to advance their digital maturity and embrace the transformative opportunities of technology. According to a new survey from Protiviti and North Carolina State University, business leaders contend that coupled with the ongoing economic uncertainty and unknown future regulatory changes, these risks could impact their ability to effectively compete, grow their business and achieve operational targets in 2020 and beyond.
This is according to findings from the “Executive Perspectives on Top Risks 2020” survey conducted recently by global consulting firm Protiviti and North Carolina State University Poole College of Management’s Enterprise Risk Management (ERM) Initiative. Now in its eighth year, the latest survey identified top concerns on the minds of over 1,000 board members and C-suite executives from organizations in a variety of industries around the globe. Nearly sixty-eight percent of survey respondents’ organizations have annual revenues between $100 million and $10 billion.
The Top 10 Risks for 2020
Survey respondents were asked to rate 30 macroeconomic, strategic and operational risks. Of those, the top 10 risks identified are as follows:
- Regulatory changes and scrutiny may impact operational resilience and production and delivery of products and services
- Economic conditions may significantly restrict growth opportunities
- Succession challenges and ability to attract and retain top talent may be more difficult
- Limited operational resilience of legacy IT infrastructure and digital capabilities may restrict the organization’s ability to compete with “born digital” players
- Resistance to change may restrict organizational agility
- Preparedness to manage cyber threats may be insufficient
- Ensuring privacy/identity management and information security/system protection may be challenging
- Company culture may not empower timely identification and escalation of risk issues
- Sustaining customer loyalty and retention may be increasingly difficult
- Adoption of AI-enabled technologies may require new skills that are either in short supply or require significant upskilling/reskilling of existing employees
“Nearly half of the top risks this year are related to culture and attracting and retaining top talent. This is happening at a time when organizations need to execute increasingly complex strategies to navigate the rapidly changing digitally-based business environment,” said Jim DeLoach, a Protiviti managing director and co-author of the report. “As the future of work evolves, businesses need to upskill and reskill existing employees ‑ particularly as digital innovations, such as artificial intelligence, natural language processing and robotics become a mainstay in organizations ‑ to ensure they remain competitive with ‘born digital’ companies and are future-proofed for the next decade.”
While several of the risks remain consistent with findings from previous years, including concerns around regulation, cyber threats, operational resilience, privacy management and information security, this year’s results show an escalation of anxiety related to overall economic issues across domestic and international markets – climbing from number 11 last year to the number two risk concern for 2020.
Dr. Mark Beasley, professor of Enterprise Risk Management and director of NC State’s ERM Initiative and co-author of the report said, “As expectations of key stakeholders regarding risk management and oversight remain high, organizations need to offer greater transparency about the nature and magnitude of risks undertaken in executing an organization’s corporate strategy. Dynamic forces including board pressure, volatile markets, intensifying competition, changing workplace dynamics and shifting customer preferences are leading to increasing calls for management to design and implement effective risk management capabilities and response mechanisms, to identify, assess and manage the organization’s key risk exposures.”
Given the relative riskiness of the business environment, now may be the time for boards and C-suites to closely examine how their organizations approach risk management and oversight in the digital age to pinpoint aspects requiring significant improvement. To that end, the Protiviti-NC State report includes a call to action, offering executives and directors diagnostic questions to consider when evaluating their own risk assessment and risk management processes. These diagnostic questions address five topical areas:
- Assessing impact of leadership and culture on our risk management process, e.g., is the organization’s culture affecting how employees engage in risk management processes and conversations and, if so, how do we know?
- Ensuring a sufficiently robust risk management approach, e.g., is the risk management process supported by an effective, robust methodology that is definable, repeatable and understood by key stakeholders?
- Evaluating whether the risk focus is sufficiently comprehensive, e.g., to what extent is the company’s focus on external risks linked to geopolitical shifts, emerging disruptive innovations and changes in macroeconomic factors?
- Clarifying accountabilities for managing risks, e.g., is there actionable, current risk information that is widely shared to enable more informed decision-making?
- Communicating an enterprise view of top risks and board risk oversight, e.g., is there a periodic board-level dialogue regarding management’s appetite for risk-taking and whether the organization’s risk profile is consistent with that risk appetite?
Resources Available; Webinar on December 18
The “Executive Perspectives on Top Risks 2020” report from Protiviti and North Carolina State University provides respondent details broken out by company size, industry and geographical region and respondent role. The report, along with an infographic and a podcast series, are available for complimentary download from Protiviti here and from NC State here. A complimentary 75-minute webinar exploring the implications of the survey results will be held on December 18, 2019 at 1:00 p.m. PST, featuring Protiviti’s DeLoach and EVP Pat Scott with NC State’s Dr. Beasley. Please register for the webinar here.
About the NC State University Poole College of Management’s ERM Initiative
The Enterprise Risk Management (ERM) Initiative in the Poole College of Management at North Carolina State University provides thought leadership about ERM practices and their integration with strategy and corporate governance. Faculty in the ERM Initiative frequently work with boards of directors and senior management teams helping them link ERM to strategy and governance, host executive workshops and educational training sessions, and issue research and thought papers on practical approaches to implementing more effective risk oversight techniques (www.erm.ncsu.edu).