Business leaders are not sufficiently investing in their organisation’s risk oversight even amid risks that are increasing globally in volume and complexity, regardless of geography.
This is the findings of the latest report by AICPA & CIMA and North Carolina State University’s Enterprise Risk Management (ERM) Initiative, revealing that 68% of respondents from Asia and Australasia report concerns on volume and complexities of risk increasing globally.
However, the study, titled 2024 Global State of Risk Oversight: Managing the Rapidly Evolving Risk Landscape, found that only 25% in Asia & Australasia, describe their organisation’s risk oversight practices as “mature” or “robust.”
These results come as participants also revealed that their organisation had faced a significant operational surprise in the past five years with 48%, with a similar percentage of respondents in Asia & Australasia, indicating that their organisation has experienced a major, unexpected risk event impacting the organisation.
The occurrence of an actual significant risk event suggests a potential breakdown in organisational risk management processes.
Among the key findings from the report is the fact that organisations are recognising the need to identify a risk management leader, with 47% of respondent organisations globally appointing a single individual (Chief Risk Officer or equivalent) to lead the risk management function.
However, more organisations are found to likely have a management-level risk committee in place versus a single individual risk management leader.
"Given the rapid speed of change in the global business environment, effective enterprise-wide risk management is more crucial than ever. However, our research shows that most companies still lack mature and robust ERM processes that would allow them to keep functioning smoothly if they were to face an unexpected challenge," says Venkkat Ramanan, FCMA, CGMA, Vice President, Asia Pacific, AICPA & CIMA, together as the Association of International Certified Professional Accountants.
"While no organisation can predict next big disruptive event, they can design a more effective risk governance approach to navigate an unpredictable future where change comes quickly."
