In March, Deloitte and IBM welcomed more than 300 leaders and risk management professionals from 100 invited businesses to our Risk Management 2.0 Summit in the Deloitte House. The topic the most pressing risk issues facing organisations today – and what to do about them.
Seeing hundreds of people walk through the door at DeloitteHuset is always a pleasure, the chairs slowly being occupied, people talking and networking, the speakers getting ready to go on stage, and the room buzzing with expectations for a day with insights and experiences to share among us.
Today, we’re working with risk management on the back of rising uncertainty and complexity in the world. There is regulatory complexity (a tsunami of EU regulation on the way), cyber complexity (ruthless criminals, state-sponsored cyber terrorism), operational complexity (volatile supply chains) and the geo-political complexity arising from the devastating war in Ukraine and the turmoil it has created on the international markets.
But we’re also working with risk management from an optimistic place. Companies and public organisations everywhere are stepping up to thrive in the digital economy. They are improving processes, taking advantage of new technology, considering business ethics and social responsibility, seeing risk not just as a threat, but also an opportunity, and increasing the overall sophistication as organisations are reconfiguring to meet expectations from customers and stakeholders.
The sophistication of risk management shows itself in many ways. Most importantly, more and more organisations are investing in integrated technology platforms for risk management in order to tackle a wide array of risk while also future-proofing the organisation in an ever-evolving risk landscape.
Applying a technology-driven and centralised approach to managing everything from financial to regulatory risk in one place is already proving to be a game-changer for organisations wanting to achieve effective and continuous risk management that goes beyond compliance.
One option to do this is using the Deloitte Sense tool – co-developed with IBM, who also co-hosted the summit – which is our best practice Risk and Control platform facilitating risk sensing and control automation in core business processes. The platform is built to engage everybody across the three lines of defence by combining smart workflows, chatbots, automated controls and dynamic visualizations. It builds on an open integration framework, and can integrate with all key business systems and current GRC solutions for integrated monitoring.
AI is introducing new risks
Monitoring existing risk is one thing; managing brand new risks requires even more focus on building trust, demonstrating resilience and heightening security to create enduring success.
AI, in particular, is an area that has recently introduced a whole array of risk, so it’s not surprising that the ‘black box’ of artificial intelligence is a topic that is on everyone’s lips – and naturally also a significant part of the agenda for our Risk Management 2.0 Summit.
As algorithms become more powerful and pervasive, the methods for monitoring and troubleshooting them lag behind adoption. Organisations will have to seek transparency and accountability in how decisions are made by algorithms; consider ethics, fairness and safety; and adopt new approaches to effectively manage the novel risks introduced by complex AI algorithms.
During our summit, we also talked about EU’s AI Act, which aims to introduce a common regulatory and legal framework for artificial intelligence. Casper Klynge, Senior Vice President at The Danish Chamber of Commerce, joined the summit for a very interesting talk about the EU’s ‘regulatory tsunami’ and the implications and opportunities for Danish organisations in the context of Governance, Risk and Compliance. Part of his message was that we need to create regulation that is balanced, which is why companies need to work together with authorities to find the right approach. However, he also pointed out what many others are saying: that Denmark is often the experimental lab of Europe, over-implementing or over-pacing implementation compared to our European neighbours – again, a very relevant dilemma to keep in mind as the EU is moving forward on new legislation.
From the heart
We finished an amazing day by talking about a subject that is close to many people’s hearts: the ESG agenda and the huge progress companies and public organisations are making right now to achieve more sustainable and inclusive growth while also leaving a positive legacy.
Deloitte’s Helena Barton and Kristina Wiese Tranberg gave a great presentation about how to integrate ESG risks into the existing risk framework in the organisation, how to manage compliance programmes in an ESG perspective, and how to manage internal controls and ESG reporting in a way that promotes accountability, trust and commitment.
Their advice: Integrate ESG risk in the existing risk register instead of building something new. A holistic approach removes the need for maintaining stand-alone risk and controls metrics, thereby enabling organisations to reallocate the costs to other activities. A single, consistent approach to financial, operational, compliance and ESG risks – coupled with an integrated and automated controls framework – could help unlock resources and drive shareholder and stakeholder value.
In many ways, the ESG agenda summed up our summit: Risk management is not just about identifying and mitigating potential threats. It’s also about creating opportunities, building resilience, fostering a culture of continuous improvement and insisting on leaving a positive impact and legacy through our work.
With technological advances, geopolitical uncertainty and evolving regulatory frameworks, organizations face an ever-increasing array of risks. But with the right mindset, tools and strategies, we can turn these risks into opportunities for ethical growth – with passion, purpose, responsibility, thoughtfulness and our hearts in the right place.
A big thank you to all participants, speakers, organisers and staff for making our 2023 Risk Management 2.0 Summit a memorable and inspiring day.
Forfatter spotlight
Tinnamaria Marlou Larsson-Bertelsen
Tinnamaria har mere end 25 års erfaring som konsulent og rådgiver i den offentlige sektor. Ud fra en solid baggrund som revisor, har hun indgående erfaring med transformation af økonomifunktioner gennem bl.a. implementering af administrative fællesskaber, driftsstøtte, økonomistyring, (re)strukturering af økonomifunktioner, forretningsimplementering, simulering, digitalisering og projektledelse. Tinnamaria har omfattende erfaring med at drive løsninger og sammen med kunden øge modenhedsniveauet, hvor hun særligt har fokus på sammenhængskraften mellem systemer, processer, organisering, governance og kompetencer samt dyb indsigt i og erfaring med flowet mellem budget, regnskab og forretning.