Remembering Top 10 Risks

success_looking_out_400_clr_8177Four years on we thought it was time to remember the analysis we did on an article on the Top 10 Risks and Trends for 2009.

In 2009 the article,  Top Ten Risk Management Lessons and Trends from 2009, identified 10 risks and trends that were considered critical for organisations across the globe.  We thought it was time to revisit these risks to see how applicable they are today.

1. Social networking


Risk Newstand has a dedicated feed searching for social media articles on the web and provides a heat map of articles across the world regarding social media.

The heat map details that the usage by organisations of social media has continued to grow and we are not seeing any signs of this risk diminishing in importance, particularly in the USA and Australia.

Some of the articles included in this feed during 2012 detail that organisations internal policies and procedures are becoming critical components of an effective mechanism to educate and inform their employees about social media and how to use social media, such as LinkedIn, Twitter and Facebook, as a competitive advantage.

We expect to continue to see social networking on the list of key topics for all organisations.

2. Cyber risk 

This will forever be a hot topic from a risk perspective.  The hackers of this world get smarter ever day and the networks they have established enable the easy sharing of their techniques and tools.

screenshot101The trends in Google searches relating to “cyber risk” highlight that cyber security, cyber fraud and cyber crime are rising as key topics for all organisations across the globe.  Over the last 12 months we have continued to see articles relating to hacker attacks of both government and commercial organisations.  Attacks appear to either be specifically targeted  (either in retaliation or to “out” people / organisations) or to be highlighting the vulnerability of systems and organisations.

Cyber risk though extends beyond hacking attacks, to include compromises designed to obtain insider information, customer records and details for usage in perpetrating fraud.  With all these different types of cyber threats, it is not surprising that this risk is an ever present hot topic.
3. Baby Boomer retirement (knowledge transfer & loss risk)

There have been a number of recent articles such as this recent article in AdelaideNow, “Older workers can fill the gaps“, highlighting the ongoing risks surrounding mature workers leaving organisations and taking their knowledge and experience with them.  This knowledge transfer & loss risk could become an achilles heel for many organisations as they continue to deal with economic uncertainty and rising workforce costs.  Mature workers could provide the transitional expertise for many organisations to navigate the risks of today and be better prepared for the risks of tomorrow.

4. Regulatory restraints 

Organisations will continue to feel and experience the regulatory response to the global financial crisis (GFC) and the commercial events since the GFC for many years to come.  Citizens of many countries are now able to be more active through social media, thereby increasing the government and regulatory response pressure.  This means that this particular risk remains on the radar for all organisations across the globe.

5. Government privatisation

As detailed in our original posting this is definitely happening but perhaps in a less impactful manner than originally expected in 2009.  Therefore, from a global perspective this has probably shifted outside the top 10 for most organisations.

6.  Disruptive threats

This particular risk has definitely risen in potential with constant examples of models being changed through disruptive technologies and models.  In particular, it is some of the smaller, nimbler players that will have the biggest impact and it is going to be important for incumbent organisations to consider how to stay in the game.  To counter this risk we are seeing many organisations developing their own internal “Start-ups” so they can compete in an ever changing environment.

7. Workers’ compensation insurance 

As detailed in our original posting, this has not become a significant global risk and therefore would not be in a top 10.  Interestingly though, this is a risk that can easily be forgotten in risk assessments and that does make it a potential “blind-side” risk.

8. Medical costs for workers’ compensation 

Consistent with the workers compensation insurance risk, this is another risk that would not be in our top 10.

9. Employment litigation 

This is probably an ongoing “watch list” risk rather than a top 10 risk.  Litigation in general, particularly in times of economic stress, can become a mechanism utilised to achieve organisation instability.  This is particularly evident in the technology industry at the moment.  From an employee litigation perspective, this is currently not a key risk but is once again a risk to always keep in mind.

10. Conduct Risk

We have renamed this risk from 2009 from “The employee non-disclosure risk” to conduct risk.  This is the eternal risk for all organisations, as every day decisions and processes occur and therefore process errors are made.  Human beings respond to their surroundings and the organisation culture in how they deal with these events.  Every organisation must ensure it understands that errors happen and people may try to hide what they have done.  This is even more present in cost reduction times where employees feel insecure in their roles.   The focus must be on providing assurance over key activities/controls from a risk perspective,  encouraging and rewarding escalation of incidents and issues, and employee education on culture and behaviour.

In addition to the 10 risks detailed above, we considered two additional risks in the 2009 article.

11. Human carelessness

As detailed in 2009, although we have moved to a world of computer automation humans are still involved in almost every process. Therefore the risk of human carelessness increases in proportion to the automation of activities, the expectation of multi-tasking and the merging of personal and work life.  In 2012 this risk has only increased in probability.

12. Innovation for innovations sake

In 2009 we highlighted a fear that organisations change & innovate almost everything because it is fashionable rather than for a true customer purpose.  This type of innovation creates risks on the operations of the business as well as the customer experience and employee frustration.  In 2012 the continual pressure to innovate, simplify and improve processes, particularly to reduce cost and wastage, increases the ever present risk of error and failure.  Organisations must manage the expectation of change with a balanced approach to manage the business risks associated with that change.

So, in four years what have we learnt?

The analysis we did on an article on the Top 10 Risks and Trends for 2009 could just as easily be an analysis of the top risks for 2013!  Risk management may be evolving but it is clear that the risks faced by organisations across the globe are ever present no matter if it is 2009 or 2013.

Scott North
Scott North
Scott North has extensive executive and board experience in risk management, internal audit, operational risk and compliance, governance, risk strategy, scenario planning, technology risk, technology architecture, systems design, financial accounting, and management accounting. With Chief Risk Officers roles across financial services in Australia, Scott is an accomplished and experienced senior risk executive with extraordinary results in leading risk management teams. An innovative and process-focused leader, with an entrepreneurial style. Scott has a passion for innovation and digital. Scott is an experienced project leader across multiple disciplines including risk, finance and enterprise systems.

Read More

Related Articles

How to Ensure Your Sustainability Strategy Stays Clean

As we embrace the shift towards a greener economy, sustainability products are on the rise. However, with this growth, we've also seen an increase...

The Future of Australia’s Financial Services Industry: Embracing the Financial Accountability Regime

APRA and ASIC Spearhead a Revolutionary Change in the Financial Sector Introduction Today marks a significant milestone for the Australian financial services industry as the Australian...

Effective Risk Committees

Every Risk Moment Matters