Managing risks and enabling growth in the age of innovation

2018 Risk in Review Study

Innovation, effective risk management and growth: striking the right balance

As organizations face pressure to innovate, risk executives need to help them strike the right risk-reward balance to succeed. PwC explored this challenge in its 2018 Risk in Review Study of more than 1,500 senior risk executives, globally. Adapters — those with programs that tackle innovation-related risks somewhat or very effectively — practice five actions that set them apart. And their programs exert much more influence over decisions about innovation.


Risk management program's ability to influence decisions about innovation

Q. What is your risk management program's level of influence and ability to effect a change in decision-making about the listed activities?
Base range: 522-1,036
Source: PwC, 2018 Risk in Review Study

Five ways Adapters tackle innovation risk

Adapters engage early and often across the innovation cycle

Risk executives need to weigh in early about novel initiatives as the pace of innovation accelerates and the appetite for the accompanying risks grow. Thus, the Adapters differ in when and how they engage in innovative activities.


Adapters and their programs differ in when and how they engage in innovation

Q. With regards to the risk management function’s performance today, to what extent do you agree or disagree with these statements?
Base: 1,183 (excludes disagree and neither/nor)
Source: PwC, 2018 Risk in Review Study

Adapters take more actions to manage innovation risk exposure

Adapters use a range of approaches to manage risk exposure from new initiatives. Entering a new industry or forging a partnership, for example, may require sharing the risk. By contrast accepting the risk, adjusting the risk appetite or revisiting goals for deploying AI or IoT are potentially more suitable.



Adapters more often take multiple actions to manage innovation risk exposure


4 or more actions

Q. Which of the following actions has your organization undertaken to manage your organization’s risk exposure from the innovative activities you selected?
Base range: 220-830
Source: PwC, 2018 Risk in Review Study

 

Actions

  • Accepted the risk
  • Adjusted the risk appetite
  • Postponed the activity to avoid assessed risk
  • Reduced the risk
  • Revisited the objectives and strategy
  • Shared the risk

Adapters adjust risk appetite and tolerances with frequency

An organization’s risk appetite is grounded in opportunity and competitive pressures. To capture value from innovation while closely tracking risk, quick, calibrated and disciplined adjustments to risk appetite and tolerances are critical. Continuously communicating such changes with the board, internal auditors and business leaders helps them act on incoming data.


Adapters more often adjust their risk appetite and share the risk


Create new products or services outside our core offerings to enter a new industry
Implement new technologies to develop new products or to target new customers
Implement new technologies to materially improve existing products or customer experience


Q. Which of the following actions has your organization undertaken to manage your organization’s risk exposure from the innovative activities you selected?
Base range: 177-644
Source: PwC, 2018 Risk in Review Study

Adapters harness new skills, competencies and tools to support innovation

Adapters are much more likely to say they add new skill sets, expand continuous risk assessment, and leverage new technology for more real-time information.


How risk executives are adapting capabilities to support innovation strategy


Adding new skill sets

Expanding continuous risk assessment

Leveraging new technology for more real-time information


Q. How are you adapting your risk management capabilities to more effectively influence and enable your organization’s innovation strategy?
Base: 1,183 (excludes none of the above/don’t know/not adapting)
Source: PwC, 2018 Risk in Review Study

Adapters monitor and assess effectiveness in multiple ways

Examining effectiveness using multiple metrics can help risk executives shore up areas where they fall short or are vulnerable, so that the C-Suite and board can rapidly make decisions about strategic initiatives while the business steps in to address any risk profile misalignments against risk appetite.


Metrics used to measure effectiveness of risk management activities


Q. Which financial or operational metrics does your organization use to measure the effectiveness of its risk management activities?
Base 1,183 (excludes do not plan to use/don’t know)
Source: PwC, 2018 Risk in Review Study

“Risks from innovation rise in complexity and potential impact daily. Our study shows that risk executives who successfully tackle innovation-related risk do so with a distinct set of practices. These ‘Adapters’ are also nearly twice as likely to say that their function helps boost the odds of success across the business.”

Brian SchwartzFinancial Services Internal Audit, Compliance and Risk Management Solutions Leader and GRC Enablement Leader, PwC US

About PwC's Risk in Review research

Survey respondents hold the titles of Chief Audit Executive, General Auditor, Board or Audit Committee Member, Audit Committee Chair; Chief Compliance Officer, Head of Compliance, Chief Ethics and Compliance Officer, Chief Financial Officer, Chief Executive Officer, Chief Operations Officer, Chief Risk Officer, Head of Risk Management, Director of Risk, Chief Information Officer, and Chief Technology Officer.

The research for the study was undertaken by PwC Research, our global center of excellence for primary research and evidence-based consulting service. The base for all figures is 1,535 (all respondents) unless otherwise stated. For some questions in which the number of responses may vary, we provide a base range. This is often because response options branch from an earlier question and thus change the sample size per response. 

Contact us

Jason Pett
Risk Assurance Leader, PwC US
Tel: +1 (410) 659 3380
Email

Brian Schwartz
Financial Services Internal Audit, Compliance and Risk Management Solutions Leader and GRC Enablement Leader, PwC US
Tel: +1 (202) 729 1627
Email

Scott Greenfield
Digital Risk Solutions Leader, PwC US
Tel: +1 (646) 471 5383
Email

Jim Woods
Global and China/Hong Kong Risk Assurance Leader
Tel: +[852] 2289 2316
Email

Follow us