The top risk management trends for 2023 — and what they mean for finance teams - SystemsAccountants

Estimated reading time: 5 minutes The top risk management trends for 2023 — and what they mean for finance teams

The past few years have shown us that trying to avoid all risk is an unrealistic business strategy.

Companies were hit with a perfect storm when the COVID-19 pandemic led to supply chain disruptions, worldwide inflation, and a volatile talent market. The businesses that came out on top engaged in what MIT’s Donald Sull has called “agile absorption.” They were risk-resilient, seizing the opportunities that arose while simultaneously cutting costs and taking other measures to withstand the turbulence.

With these lessons in mind, it’s time to reframe enterprise risk management (ERM). As the traditional seat of risk management, finance teams can lead the charge in embracing new ERM practices that benefit the business. Here are the risk management trends finance teams should pay attention to now:

Risk Management Is Everyone’s Job — but Finance Is Still the Leader

The pandemic served as a reminder that risk is never isolated to a single location, organisation, or department. Consider the key risks organisations face today, like supply chain disruptions. A single COVID outbreak in Shanghai can lead to prolonged inventory shortages worldwide. Those inventory shortages, in turn, can stifle company cash flow and lead to liquidity crises. And a liquidity crisis can spur layoffs and restrictions in valuable and often time-sensitive internal investment.

Other persistent risks, like inflation and talent shortages, can have similarly wide-reaching effects across the organisation. Consider how the lax internet security practices of a front-line customer service representative could open the door to a ransomware attack that brings the entire company to a halt. That may be a particularly striking example, but the nature of risk today is such that its consequences are never limited to one team or function. No function or department is ever truly isolated from the risks a company faces, which is why organisations are adopting interdisciplinary approaches to risk management. One popular model is the collaborative risk council, which brings together leaders from across the organisation so companies can identify risks sooner and respond with more agility.

Finance teams can play a vital role in these councils because risk management has long been a key responsibility of finance, meaning they can draw on their expertise in this domain to introduce risk management best practices — such as goal-oriented ERM processes — to the rest of the organisation. By focusing on strategic objectives, understanding how risk may affect those objectives, and figuring out how to adapt to those risks, finance can set collaborative ERM processes up for success.

Digital Transformation Comes to Risk Management

Finance teams have been using artificial intelligence (AI) and machine learning (ML) for years to automate rote tasks, such as reviewing payment processes for abnormal activity. Now, however, ERM tools capable of leveraging big data to improve risk assessments and financial forecasts are coming to market, and finance teams can lead the charge in bringing these solutions to their organisations.

For example, a venture capital firm in Hong Kong recently appointed an algorithm to its board of directors. The algorithm crunches data on prospective companies to determine whether an investment would be a good idea. While finance teams don’t have to go that far, they can and should take advantage of new technology. Finance teams are sitting on treasure troves of historical data regarding past spending, external economic factors, and overall company performance. With the help of the right tools, they can use this data to inform smarter, safer choices about inherently risky decisions like allocating capital and entering new markets.

Building Your Risk Register

As organisations adopt new tools and strategies to manage risk, they must also focus on the right risks. Each organisation’s risk profile is unique, but in general, there are three broad categories worth thinking about:

  • Short-term business risks: These include risks to the day-to-day operations of the business. Many of the risks of the post-pandemic era — supply chain disruptions, liquidity management, inflation, talent and skills shortages — fall into this bucket. Finance teams should help their risk management partners think through how daily operations could be vulnerable to these and other risks.
  • Long-term strategic risks: These are risks that could affect the long-term life of the business, such as environmental, social, and governance (ESG) risks. Increasingly, shareholders, employees, and consumers demand that organisations prioritise social and environmental welfare in their business decisions. Failure to meet these expectations can cause reputational harm and long-term revenue losses. Finance can play a key role in managing ESG risk by, for example, directing investments toward sustainable companies.
  • Emergency risks: This category includes risks largely beyond the company’s immediate control — like pandemics, cyberattacks, and natural disasters. While companies may not be able to prevent these risks from manifesting, they can adapt to them — for example, the way many organisations quickly adopted remote work during the initial COVID shutdowns.

Treat Risk Like an Opportunity

To borrow the words of Winston Churchill, “never let a good crisis go to waste.” In the post-pandemic world, organisations need to reframe risk management as a proactive process and a strategic asset. As well as being prepared to mitigate the negative impact of challenges, they should be prepared to seize the opportunities those challenges unearth. Well-versed in balancing risk and reward, finance teams will be vital in promoting a more goal-oriented approach to ERM that gives their organisations a competitive advantage.

As organisations plan for the uncertainties of 2023, it’s important to keep in mind that risk can’t be avoided entirely. However, it can be caught sooner and managed more effectively with an interdisciplinary risk management strategy and the right technology tools in place.