Other parts of this series:
In the previous blog in this series, we looked at the emergence of complicated and interconnected new risks as described in the Accenture 2019 Global Risk Management Study. A major part of respondents’ concerns relates to the growing adoption of new technologies across the firm, ahead of the organization’s overall ability to effectively integrate and manage. While these technologies hold immense potential to unleash sustainable growth and drive efficiencies, risk functions worry about the possibility of unexpected consequences, which they are not fully skilled to identify or assess.
According to the study, risk managers say they are most concerned that adopting smart technologies like artificial intelligence (AI), blockchain and robotic process automation (RPA) will have unintended consequences. While they understand the benefits these technologies can deliver, they also understand there are risks involved, and know they will need to enter new areas with eyes wide open and with the flexibility to make course corrections as needed.
“There is a big element of the fear of the unknown. A number of companies express concern that others are running off and making use of these new technologies, while they are still struggling to find specific use cases to make them relevant, get scale and drive value.”
Steve Culp, Accenture 2019 Global Risk Management Study – Insurance Report, November 2019
Using these new and powerful technologies can be less worrisome if risk managers better knew how to mitigate the potential exposures and challenges they may cause. Almost nine in 10 respondents (89 percent) describe themselves as not fully capable of assessing the risks associated with adopting AI, while 95 percent say the same about blockchain. So, it is no surprise that, when asked which skills they should most urgently enhance, assessing and applying disruptive technologies are at the top of the list. Risk managers see the gaps in their understanding and are moving to mitigate these risks.
Obtaining the needed skills
To obtain and enhance needed skills, risk managers should:
1) Reorganize to bring new skills into the risk function
2) Learn new skills through training and development; and
3) Recruit individuals with needed skills to strengthen the team and its capabilities.
Fewer study respondents (57 percent) describe themselves as not fully capable of assessing the risks associated with using cloud technologies. This is encouraging, but risk managers should not be complacent. Many financial services firms have robust service level agreements and key performance indicators that mitigate risk associated with individual cloud providers. To keep enjoying the benefits of cloud, risk managers should actively monitor, update and enhance their protection framework so as to leverage the power of this and other emerging technologies.
Though risk managers are not burying their heads in the sand, they acknowledge being caught off guard by the rapid pace of external change to date. Over half (52 percent) of study participants describe their risk function as, at best, only somewhat effective at responding quickly to changes in the external risk environment. Acknowledging their shortcomings is a necessary first step. But now, it is time to act.
In the next blog in this series, we will examine how risk functions are adopting smart technologies to strengthen their defenses against new risks.