Global survey report from Protiviti and North Carolina State University’s ERM Initiative identifies economic conditions, regulatory change and cyber threats as top risks for businesses
MENLO PARK, CA – December 8, 2016 - Recent global uncertainties and their potential effects on businesses are top of mind for board members and executive management teams as they assess their risks for 2017, according to the results of the fifth annual survey of business executives by global consulting firm Protiviti and the Enterprise Risk Management (ERM) Initiative at the North Carolina State University Poole College of Management.
Executive Perspectives on Top Risks for 2017 (www.protiviti.com/toprisks), released today, assesses the concerns of 735 board members and executives across a variety of industries who participated in the global survey. The respondents rated the perceived severity of macroeconomic, strategic and operational risks to their businesses for the coming year.
Nearly three-quarters of the survey respondents (72 percent) indicated that uncertainties related to economic conditions may have a significant impact on their businesses in 2017 to a greater extent than in previous years. Cumulatively, the overall scores for the top 10 risks have increased since last year’s survey, with the economy being even more of a concern in markets outside the U.S.
“Our survey results support a shift we’ve seen in the focus of board members and c-suite executives towards risks associated with international and domestic economic conditions, regulatory scrutiny and cyber threats,” said Dr. Mark Beasley, Deloitte Professor of Enterprise Risk Management and NC State ERM Initiative director. This shift is especially highlighted for organizations in the Asia-Pacific and European regions. Interestingly, results indicate, however, that organizations are not planning to invest additional resources in enhancing their approaches to risk management over the next 12 months.”
The Top 10 Risks for 2017
Following are the top 10 risks identified in this annual risk survey, along with the percentages of respondents who identified each risk as having a “Significant Impact” on their business*.
Economic conditions in markets we currently serve may significantly restrict growth opportunities for our organization. (72 percent)
Regulatory changes and regulatory scrutiny may heighten, noticeably affecting the manner in which our products or services will be produced or delivered. (66 percent)
Our organization may not be sufficiently prepared to manage cyber threats that have the potential to significantly disrupt core operations and/or damage our brand. (60 percent)
Rapid speed of disruptive innovations and/or new technologies within the industry may outpace our organization’s ability to compete and/or manage the risk appropriately, without making significant changes to our business model. (63 percent)
Ensuring privacy/identity management and information security/system protection may require significant resources for us. (57 percent)
Our organization’s succession challenges and ability to attract and retain top talent may limit our ability to achieve operational targets. (55 percent)
Anticipated volatility in global financial markets and currencies may create significantly challenging issues for our organization to address. (53 percent)
Our organization’s culture may not sufficiently encourage the timely identification and escalation of risk issues that have the potential to significantly affect our core operations and achievement of strategic objectives. (55 percent)
Resistance to change may restrict our organization from making necessary adjustments to the business model and core operations. (54 percent)
Sustaining customer loyalty and retention may be increasingly difficult due to evolving customer preferences and/or demographic shifts in our existing customer base. (57 percent)
“Executives are concerned about their companies’ ability to keep pace with the rapid speed of change, including disruptive innovations and new technologies within their industries,” said Patrick Scott, Protiviti EVP of Industry Groups. “While the effects may vary across industry groups in terms of different risk profiles, our study shows that no industry is immune to future uncertainty in a changing world.”
“The need for greater transparency around the nature and magnitude of the risks associated with executing an organization’s corporate strategy will continue to be high into next year,” said Jim DeLoach, a managing director with Protiviti. “Volatile markets, intensifying competition, demanding regulatory requirements, fear of catastrophic events and other dynamic forces are leading to an increasing imperative for management to identify and assess the organization’s key risk exposures and then design and implement effective capabilities to manage those exposures. This imperative sets a powerful context for strong board-level engagement and risk oversight in 2017.”
The survey was conducted in the fall of 2016. Respondents represent both U.S.-based and non-U.S. organizations across public and private sectors. The survey report also provides detailed insights broken out by size and type of company, respondent role and industry.
The “Executive Perspectives on Top Risks for 2017” report from Protiviti and the NC State Poole College ERM Initiative, along with an infographic and a podcast highlighting the survey results, are available for complimentary download at www.protiviti.com/toprisks. A complimentary 60-minute webinar exploring the implications of the survey results will be held December 15, 2016 at 10:00 a.m. PST, featuring NC State’s Dr. Mark Beasley and Protiviti’s Patrick Scott and Jim DeLoach.
About the NC State University Poole College ERM Initiative
The Enterprise Risk Management (ERM) Initiative in the Poole College of Management at North Carolina State University provides thought leadership about ERM practices and their integration with strategy and corporate governance. Faculty in the ERM Initiative frequently work with boards of directors and senior management teams helping them link ERM to strategy and governance, host executive workshops and educational training sessions, and issue research and thought papers on practical approaches to implementing more effective risk oversight techniques (www.erm.ncsu.edu).