Australian business leaders are grappling with new and emerging risks, and opportunities in navigating the dynamic environment. They are still adjusting to ‘COVID-normal’ as well as further uncertainty coming from interest rate hikes, inflationary pressures, supply chain disruptions and accelerating digital and technology adoption, heightened cyber security and data risks.
The latest PwC Report, 2022 Global Risk Survey, has revealed some key insights for Australia, including:
- Australia’s business leaders are significantly more concerned about cybersecurity risks than their global counterparts (32% and 20% respectively). Local leaders rated cybersecurity risks more highly on their ‘risk radars’ than COVID-19 pandemic impacts, economic volatility, or climate change.
- Talent (attracting and recruitment) and People (managing your current workforce) is a big issue for Australia’s business leaders – this is a much lower priority for global leaders and did not even make it on the global top five concerns.
- Over half (58%) of organisations indicated that they will focus on increasing headcount in the risk function and nearly two-thirds (63%) of respondents plan to increase their spend on risk technology.
- Many Australian organisations are also intending to bridge the skills gap and add flexibility to their operating model through the use of managed services for risk, with 54% of respondents indicating they would increase their managed services spend in the coming year.
- When Australian organisations were asked about challenges to managing risks in their organisation, the highest concerns were:
- Constraints on risk management resources (87%)
- Risk owners lack of required skill sets (87%)
- Risk functions lack of required skill set (84%)
- High employee turnover (79%)
- Despite the volatile business environment, there is optimism, with 76% of Australian and global organisations expecting revenues to grow over the next 12 months.
Survey respondents top 5 risks to revenue growth
Rick Crethar, PwC Australia Cyber Leader and Risk Advisory Partner, offers the below insights.
Australia’s business leaders are significantly more concerned about cybersecurity risks compared with globally and rated it more highly than Covid impacts, economic volatility, or climate change. We’re more aware locally of our exposure to cyber threats. The government has also stepped up its focus on our national cybersecurity strategy and broader risk management obligations on our critical infrastructure.
Since our survey was conducted, geopolitical tensions have escalated in several ways. Australia’s leading organisations are performing scenario analysis and modelling to help them understand the potential implications of such strategic risks. They are leveraging the lessons learnt from the uncertainty caused by Covid to help them model possible outcomes which they may need to respond to.
In an increasingly interconnected world, rising geo-uncertainty will further challenge existing business operating models and resilience strategies. Coupling these tools with the experience of managing crises during the pandemic should enable Australia’s business leaders to manage new and emerging risks more effectively than a few years ago.
The war for talent is already having an impact on risk management functions across the country. To address talent challenges, Australia’s leaders are planning to use a combination of recruitment, technology uplift and flexible operating models.
From a recruitment perspective, over half (58%) of organisations indicated that they would focus on building capability in the risk function and nearly two-thirds (63%) of respondents plan to increase their spend on risk technology. Many businesses locally are also intending to bridge the skills gap and add flexibility to their operating model using managed services for risk, with 54% of respondents saying they would increase their managed services spend in the coming year.
A robust risk strategy can allow Australia’s business leaders to navigate uncertainty with more confidence. Based on our extensive research and work with various organisations – here and overseas – we’ve identified five high-impact areas that can help drive value, elevate risk maturity, shift mindsets, increase confidence and enable an appetite aligned approach to risk and opportunity.
Five key actions that organisations should adopt to confidently navigate this uncertainty and capitalise on opportunities whilst mitigating against downside events:
- Engage early and provide risk insights at the point of decision
- Take a panoramic view of risk – a top down view of risks and interdependencies
- Set and employ risk appetite to take advantage of the upside of risk
- Enable risk-based decision-making through systems and processes
- Double down efforts on top risks.
The environment in which organisations operate is far from static. Risk management capabilities must be agile and operate in an iterative manner to reflect the organisation’s changing risk profile. The organisations that have stood out from the pack in the past two years have not just managed risks. They’ve taken on risks, with confidence.
The COVID response showed many of Australia’s organisations can get things done in uncertain conditions and barriers can be removed across the enterprise. Use these lessons to drive end-to-end risk management and improve the ability to make mutually supportive decisions in the business ecosystem through information sharing and collaboration. Risk tolerance limits should be cascaded and embedded in key business policies, processes, and systems. Australia’s organisations are beginning to unlock the power of data and analytics to drive forward-looking and predictive risk insights.
Other emerging risks that organisations in Australia are watching closely:
- Recession or inflation? – Investors are foreseeing attempts to raise real rates might produce a large financial shock somewhere, triggering an economic recession which, in turn, will kill any inflationary pressure.
- Green Swan Events e.g. Extreme weather, climate action failure, natural disasters, biodiversity loss, human-made environmental disasters. Greater priority on sustainability.
Many of Australia’s organisations are grappling with the challenge in establishing a dynamic link between their risk appetite with their day-to-day decisions and actions. Start with the biggest decisions and most mature processes for your material risks. This requires recognition that strategic risks are desirable and are required to generate returns.
Designing a more dynamic risk management capability where upside can be realised while keeping risk to acceptable levels or managing them when they occur, is key. This should be reinforced by a culture which encourages a risk/ reward mindset. Embedding risk appetite enables organisations to make risk-informed decisions to take advantage of the upside of risk and effectively manage downside impacts.
Australia’s leading organisations are recognising they need greater skills and expertise for some of the more complex risks, such as third-party risks, privacy, data, financial crime, strategic/ modelling, cyber and ESG – the challenge is that line two headcount is still low, placing greater reliance on alternate sourcing models and greater automation to free up existing skilled resources.
You can read the full report here.