CEE findings from the Global Risk Survey

CEE findings from PWC's global risk survey
  • Report
  • 15 minute read
  • April 18, 2024

Business leaders globally—and particularly in Central and Eastern Europe—are aware their organisations face increasingly complex and interconnected risks. What’s less obvious is how to assess risk intelligently so that organisations can transform—and build resilience, create value and prosper during this time of uncertainty. 

PwC’s Global Risk Survey 2023 explores how leading organisations are changing the way they perceive risk by adopting a human-led and technology-powered mindset. For this year’s report, we surveyed 3,910 business and risk leaders—including 218 boardroom and C-suite respondents in the CEE region—from across tech, operations and finance, as well as risk and audit. CEE respondents are based in the Czech Republic, Hungary, Moldova, Poland, Romania and Slovakia, providing a truly regional view of risk and what matters to businesses both in CEE and globally.

anda rojanschi photo

Our PwC Global Risk Survey 2023 reveals companies need to take risks to transform. Technology is playing an increasingly significant role in shaping an organisation’s exposure to risk, their appetite for taking risk in pursuit of new opportunities, and the tools they are using to mitigate it and see risk differently. Our conversations with CEE clients also lead us to conclude that when used the right way, risk is the fuel that can help drive growth to create value and build resilience to protect value.

Anda Rojanschi, CEE Risk & Regulatory Leader, PwC CEE

Executives recognise that some external disruptors bring opportunities while others still pose more of a risk. The transition to new energy sources, cited by 43% of respondents in CEE (globally: 54%), is seen as the biggest opportunity among external disruptors. This is closely followed by changes in customer demand and preference (CEE: 40%; globally: 47%). However, supply chain disruption (42% globally and in CEE) and changes in regulation (CEE: 39%; globally: 28%) are the main external factors seen as more of a risk than an opportunity. 

Global analysis shows that the industry sector also has an impact on whether organisations sit at the value protection or value creation end of the risk appetite scale. Those in faster-moving sectors, such as retail and tech, are more likely to embrace risk and seek opportunity. Those in regulatory-driven sectors, such as government and pharmaceuticals, however, are more likely to prioritise compliance and focus on risk avoidance. Different functions within the organisation also have different perspectives on risk, with those in finance roles more likely than others to say their organisation is focused on risk avoidance over a high risk appetite.

Regulation is another external factor that influences the risk landscape. A raft of new regulations on emerging technologies have been introduced recently—with more in the pipeline—and this process will continue. CEE EU member countries must navigate a complex regulatory framework, with the EU's implementation of the Pillar Two tax rules, the EU AI Act, Foreign Subsidies Regulation, the NIS2 Cybersecurity Directive, the Digital Operational Resilience Act (DORA), the Cyber Resilience Act and more. Staying innovative and compliant is, therefore, more relevant than ever. 


Technology is creating an appetite for risk

Cyber and digital and technology risks rank high in executives’ threat landscape in CEE, with 29% and 20% respectively feeling extremely or highly exposed.

  • These risks, however, are not putting organisations off investing in technology, with around half planning to invest in cybersecurity tools and AI, machine learning and automation technologies (CEE: 42%; globally: 51%).

  • The main factor triggering a review of an organisation’s risk landscape is in preparation for technology investments.

  • Technology disruptors are also much more likely to be seen as opportunities compared to other external non-tech disruptors, with 49% of CEE executives seeing generative AI  fully as an opportunity rather than something to be afraid of.


of CEE organisations predominantly seek to uncover opportunities inherent in risks

Globally: 62%

of organisations in CEE see GenAI as mostly or fully as opportunities rather than risks

Globally: 60%

of CEE organisations say preparing for technology investments is the single biggest motivating factor to review their risk landscape

Globally: 57%

Only inflation and macroeconomic volatility rank higher than cyber (the top tech-related threat) in terms of the risks respondents feel most exposed to, while other digital and tech risks are on a par with geopolitical threats. As many as 29% and 20% of CEE executives respectively felt that they were extremely or highly exposed to cyber and digital risks (globally: 37% and 32%).

chart  1

Q. How exposed do you believe your organisation will be to the following key threats in the next 12 months?

There is a clear ambition among organisations to take a more tech-powered approach to risk, as seen by their intention to invest in AI, machine learning, and cybersecurity. Forward-thinking companies are already investing in AI-driven tools for better threat detection and response, thus using AI to stay ahead of threat actors.

This enthusiasm for GenAI echoes the Global Digital Trust Insights Survey. This survey found that 40% of CEE respondents plan to use generative artificial intelligence for cyber defence in the next 12 months. This jumps to nearly 65% across Europe.

Peter Durojaiye

Taking proactive steps regarding GenAI will help organisations achieve compliance in an increasingly regulated environment. The EU AI Act, for example, stresses the importance of human oversight in developing and operating AI systems. This highlights the need for continuous training and development for the skilled cybersecurity professionals who will manage and oversee AI systems. The Cyber Resilience Act, expected to come into force in 2024, and the NIS2 framework will introduce mandatory cybersecurity requirements for manufacturers and retailers of digital products.

Peter Durojaiye, PwC CEE Cybersecurity Leader

Confidence in managing risk is high—but there may be a disconnect between perception and readiness

  • As many as 31% of CEE executives (globally: 40%) are very confident their organisation can balance growth with managing risk effectively, and a further 50% (globally: 51%) are somewhat confident.

  • While global results show mixed views between economic buyer groups, with 50% of CEOs/board members ‘very confident’ compared to 34% of Operations and 30% of Audit leaders, we see far greater alignment in CEE (32%, 34% and 40% respectively).

  • In CEE, as well as globally, there is a misalignment between CEOs and risk executives on the strategic value the risk function provides. CEOs are generally less likely to agree the risk function is demonstrating strategic behaviours, compared to how risk executives rate themselves.

Most organisations (CEE: 81%; globally: 91%) are confident they can balance growth ambitions with managing risk effectively. However, survey responses show differences in perceptions across different job roles and functions. Compared to risk executives, CEOs are less likely to agree the risk function is demonstrating behaviours such as bringing risk insights to the board for better oversight, guiding the business through complex change and challenging senior management. For example, 51% of risk executives in CEE say they are challenging senior management on strategy and risk appetite, whereas 33% of respondents from the CEO/Board level state that this is the case.

This leadership disconnect needs to be resolved if risk management is to amount to more than value protection and a reactive response to threats. Fostering greater collaboration between the risk function, leadership and the wider business and having more strategic conversations earlier in the process are key if organisations are to find opportunities where competitors only see risk. 

There's an opportunity for more targeted conversations between these groups on what's really valuable to the business and how to get some or more alignment on risk appetite. In other words, there are opportunities to demonstrate new ways to create value from risk.

This conclusion is echoed in PwC’s Global Internal Audit Study 2023. Our survey found that, in addition to better governance, more risk awareness, and stronger internal control, executives believe that a high-performing internal audit (IA) function can help to optimise business processes and systems. Well-deployed IA can also help instil confidence to make better and faster management decisions and to obtain trust from external stakeholders, including investors, regulators, and customers. When equipped with the right technology, vision and talent, IA's 'superpowers' can not only protect value but also create value by ensuring organisations can capture the upsides of risk.

Krzysztof Szuldrzynski

“Organisations need to recognise the whole structure has a role to play in navigating risk, from increasing collaboration internally and externally across supply chains and ecosystems to challenging their risk appetite and collectively building resilience. This presents the opportunity for a new role for risk teams in putting forward a more strategic use for their insights and experience.”

Krzysztof Szuldrzynski, CEE Broader Assurance Services Leader

Risk Pioneers: those who are forging the path

Global analysis reveals a top performing 5% of organisations spread across all industry sectors—identified in the research as “Risk Pioneers”—who are forging ahead in the pursuit of opportunity. Underpinned by strategic enterprise-wide resilience and guided by a human-led, tech-powered approach, these pioneers are significantly more likely than other organisations to be upskilling internal teams. The pioneers are also likely to be making greater use of advanced analytics, predictive modelling, cybersecurity tools and cloud to navigate risk—and more likely to see emerging technologies such as GenAI as an opportunity rather than a risk.

This leading group is better aligning the navigation of risk with business strategy to achieve a greater range of outcomes and value—from more robust regulatory compliance and streamlined reporting to enhanced customer trust and identifying new commercial opportunities.

Notably, this group was also more likely to describe their risk appetite as “eager” or “hungry.” This clearly links to one of the underlying themes of the study—that companies need to approach risks intelligently to transform and thrive. 

“An approach based on adherence to minimum regulatory standards and avoidance of financial loss creates risk in itself.”

CTO, European technology company, PwC Global Risk Survey respondent


Organisations can no longer afford to rely on a reactive approach to risk that focuses primarily on avoidance. According to the CEE edition of PwC’s Global CEO Survey, almost half (48%) of CEOs believe their company will no longer be economically viable over a decade from now if it continues on its current path. From climate and geopolitical risk to macroeconomic volatility and the disruptive power of technology, organisations, therefore, must change and reframe the way they see risk to build resilience and unlock opportunity. The ability to adapt and reinvent at pace amid this constant change and uncertainty is vital for survival and sustainable growth. 

PwC's Global Risk Survey 2023 reveals how leading organisations are changing the way they perceive risk by embracing the transformative power of technology and data. Technology and data-led solutions are playing an increasingly significant role in shaping organisations’ exposure to risk, their appetite for taking risk in pursuit of new opportunities and the tools they are using to mitigate it and build resilience.

Our survey highlights that, whilst CEE executives see technology investments as a trigger to review their organisations' risk exposure, technology disruptors were more likely to be seen as opportunities compared to other disruptors. Global analysis shows organisations that had been successful in changing their approach to risk and achieving better outcomes were almost three times as likely to be using the most current technology and data to navigate risk.

There is an ambition among most CEE organisations to take a more tech-powered approach to risk, which is demonstrated in their intention to invest in AI, machine learning, automation, cybersecurity and cloud. When this ambition is seen through the lens of value creation, this allows them to consider risk intelligently. This, in turn, helps them reinvent, transform and prosper in the face of today's complex and changing risk landscape.

About the survey

The PwC Global Risk Survey 2023 is based on 3,910 responses—including 218 respondents in the CEE region—from business and risk management leaders (CEO, board, risk management, operations, technology, finance, audit) across 67 territories providing their views on the status and direction of risk in their organisation. The respondents from Central and Eastern Europe came from the Czech Republic, Hungary, Moldova, Poland, Romania and the Slovak Republic.

Survey responses are from a range of industry sectors and organisation sizes, with over a quarter from USD$5bn+ organisations.

PwC Research, PwC’s global Centre of Excellence for market research and insight, conducted this survey.

Contact us

Anda Rojanschi

Anda Rojanschi

Partner, D&B DAVID si BAIAS S.C.A., Romania

Piotr Urban

Piotr Urban

Partner, CEE Risk Services, PwC Poland

Tel: +48 502 184 157

Krzysztof Szuldrzynski

Krzysztof Szuldrzynski

Partner, PwC Poland

Tel: +48 22 746 4103

Sirshar Qureshi

Sirshar Qureshi

Partner, Forensic Services, PwC Czech Republic

Tel: +420 602 348 926

Aleksandra Bańkowska

Aleksandra Bańkowska

PwC Legal Partner, PwC Poland

Peter Durojaiye

Peter Durojaiye

Partner, CEE Cybersecurity Leader, PwC Hungary

Olga Cilečková

Olga Cilečková

Partner, Treasury & Accounting Consultancy, PwC's Academy, PwC Czech Republic

Tel: +420 724 593 568

Gábor Balázs

Gábor Balázs

Partner, PwC Hungary

Mircea Bozga

Mircea Bozga

Risk Assurance Partner, PwC Romania

Štefan Čupil

Štefan Čupil

Partner, Risk Assurance Leader, PwC Slovakia

Tel: +421 911 964 212

Mikołaj Woźniak

Mikołaj Woźniak

Partner, CEE Tax Reporting and Strategy Leader, PwC Poland

Tel: +48 22 746 7449

Gergely  Juhász

Gergely Juhász

Partner, PwC Hungary

Tel: +36 306895487

Follow us on social media
Fields marked with * are mandatory

By submitting this form, you agree to receive commercial information, in particular newsletters from CEE PwC Member Firms as joint controllers . You have the right to withdraw this consent at any time. The data will be processed for the purpose of direct marketing through sending commercial information to you via email. Full information about processing your personal data is available in our Privacy Policy .