In this global ground-breaking research, ACCA, Airmic and PRMIA investigate risk cultures and their effects at organisations across sectors and regions
At the heart of our three-part report is a global survey of the perspectives of over 2,000 risk and finance professionals on risk management in today’s ‘perma-crisis’ norm.
While over half of the respondents believe that risk cultures have been improving for the better post-pandemic, rapid disruption has presented several new challenges for risk and finance leaders. The purpose of the report is to dig deep into what is being done and not to build risk cultures that facilitate the changes necessary for achieving objectives, including those related to environmental and social impacts.
Tick-box approaches and short-sighted views of risk were reported by respondents as obstacles to embedding risk management into decision making and strategy.
Regulatory change and cybersecurity: the pressing concerns
‘Regulatory, compliance, and legal’ risks were ranked the top risk priority overall, with ‘technology, data and cybersecurity’ coming in second. Respondents considered ‘climate change and its social and economic implications’ more through a compliance lens, having ranked it second to last. In North America, ‘technology, data and cybersecurity’ risks came first.
A risk culture that serves as an early warning system for dealing with the breadth of threats is vital but not all respondents believed in their organisation’s ability to achieve this, with the lowest levels of confidence seen in the public sector.
Behaviour change in practice
Assessing how policies and controls influence behaviour is not easy. Risk reporting as part of an organisation’s budgeting and forecasting processes was also highlighted, with only two-thirds of respondents confirming that risks are included in their internal financial processes.
Only around 60% of respondents agreed risk is sufficiently discussed at all levels in their organisation. Those in roles not explicitly in charge of risk said that interpreting volatile macro and geopolitical issues critical to the organisation were underestimated challenges.
About ACCA's risk culture research partners
The leading UK association for everyone who has a responsibility for risk management and insurance in their organisation, Airmic has over 450 corporate members and more than 1,750 individual members.
Individual members are from all sectors and include finance, sustainability, information and technology, internal audit, and legal professionals, as well as risk and insurance professionals. With our partners, and in collaboration with affiliate associations and institutes, Airmic supports members through learning and research; a diverse programme of events; developing and encouraging good practice; and lobbying on subjects that directly affect our members and their professions. Above all, we provide a platform for professionals to stay in touch, to communicate with each other, and to share ideas and information. To learn more, visit www.airmic.com
Established in 2002, the Professional Risk Managers' International Association (PRMIA) is a non-profit, member-focused and member-driven professional association represented globally by more than 50 chapters in major cities around the world. PRMIA’s mission is to provide an open forum for the development and promotion of the risk profession through credentialing, learning and development programs, online thought leadership resources, and events. To learn more, visit www.prmia.org
ACCA will publish additional research on risk culture by industry throughout 2023.
"We heard how organisations could structure governance better, particularly for the relationship between the first and second lines of defence, and how the past few years have proved the importance of collaborating while also maintaining independence for the second line in overseeing risk control..."Rachael Johnson, ACCA head of Risk Management and Corporate Governance