Artificial intelligence, IoT and other fourth industrial revolution (4IR) technologies are helping companies to move more quickly and to become highly connected. And, as they do, risks become more complex and interconnected—and more challenging for risk function (internal audit, compliance, risk management, etc) professionals to identify and monitor.
PwC’s 2020 Global Risk Study, an annual research project which I have led for the past seven years, showed that many companies feel they have blind spots to risk. Just 50% of participants said their company has the right data, today, to anticipate and manage existing and emerging risk. Only 33% said they have the right technology and tools to do so.
It’s not surprising that companies feel unprepared for the risks of the 4IR. In a connected world, it takes comprehensive risk intelligence to provide the strongest and most timely risk insights to those who are running strategic initiatives and day-to-day operations. Studying business risks only in silos, such as by risk function or business unit, can lead to less than full visibility to business risk and a lack of understanding of risk inter-relationships. It is now more critical than ever for risk management, compliance, internal audit and other risk-related teams across the organization—which PwC refers to as risk functions—to closely collaborate.
What does close collaboration mean? Far more than keeping each other informed, or even communicating on a regular cadence. It means risk functions are constantly coordinating using a common risk language, a common data source, a consolidated view of risks and a shared technology platform. With this common base, risk functions can work together to provide sophisticated risk insights to support quick actions that protect value, keep programs on track and enable strategies.
Granted, few, if any, risk functions are truly collaborating by this definition, but the more than 120 interviews we conducted as part of our 2020 Global Risk Study found that some are well along in the journey. For example, in response to board and senior executive pressure to do so, all of a global bank’s second line risk functions, including compliance, now present one integrated view of risks to stakeholders. And, a pharmaceutical company now has a single data repository available to all risk functions and a growing portfolio of advanced analytics to provide the business with the insights needed to get ahead of risk.
Collaboration can be hard to achieve—and it takes new approaches and smart technology-enabled mechanisms to make it happen—but every organization can progress in the journey. Here are three actions to improve risk function collaboration and, simultaneously, improve the risk insights influencing the organization’s decision making.
Getting risk functions to truly collaborate may be challenging for some organizations and require risk functions to step out of their comfort zone. But, in this business environment, it’s no longer sufficient to go it alone. When risk functions across the company work in lock step supported by shared data, analytics and technology, they can bring stronger risk insights and more strategic assurance to stakeholders.
Look for subsequent blogs in this series to learn more about how risk functions are collaborating for stronger risk insights.