Risk and opportunity management
Deloitte has a robust process for identifying, assessing, managing and monitoring risks and opportunities, both at the Deloitte Global level and at the member firm level through their respective Enterprise Risk Frameworks (ERFs).
The Deloitte Global ERF sets out the Deloitte Global Executive’s assessment of the priority risks facing Deloitte—specifically, those that could impact the ability of Deloitte to meet its strategy and public interest obligations, as well as those that could impact the reputation of the organization. The member firm ERFs are managed in coordination with the Deloitte Global ERF.
There is ongoing and frequent dialogue between the Deloitte Global ERF team, which facilitates the operation of the ERF, the risk owners and other Deloitte Global teams to help ensure early identification and escalation of any matters requiring consideration by the risk owner or the Deloitte Global chief risk officer (CRO). This is complemented by a regular cadence of meetings between the Deloitte Global CRO and each risk owner at which the exposure to each risk is assessed. Emerging issues also are discussed, and any necessary mitigation actions are agreed upon.
The Deloitte Global CRO reports on Deloitte’s priority risks on a regular cadence to the Deloitte Global Executive, enabling discussion of risk exposures and mitigation actions. Priority risks are also regularly reviewed by the Risk and Ethics Committee of the Deloitte Global Board of Directors.
In addition to assessing priority risks, the Deloitte Global ERF process identifies emerging risks. For example, in the last two years, climate change has been identified as an emerging risk. As such, it has been assigned an executive sponsor (the Deloitte Global deputy CEO and chief people and purpose officer). The environmental section of the Deloitte 2021 Global Impact Report has more information about Deloitte’s climate-related commitments and initiatives.
Priority risks and opportunities
Listed are the enterprise risks and opportunities that, as of August 2021, are considered to have the most potential for significant impact on Deloitte’s ability to realize its strategy and public interest obligations and on its ability to protect its reputation, should they materialize.
These risks and opportunities have been considered based on the primary impact, including those where the impact is a loss of opportunity. The risks and opportunities have been categorized into the following impact dimensions:
- Risks impacting our brand, reputation and/or public interest obligations;
- Risks impacting our strategic success or market differentiation; and
- Risks impacting our people, Purpose and Shared Values.
It is recognized that risks don't operate in discrete categories and they may have more than one impact. However, for the purposes of the categorization, it is focused on the primary impact. Each of Deloitte’s enterprise risks and opportunities have been linked to one or more ESG categories included in Deloitte’s materiality matrix.
The way forward
In Deloitte’s journey of continuous improvement, additional focus will be placed on understanding the ESG implications on Deloitte’s risks and opportunities. In addition, we are considering ways we can enhance transparency in reporting going forward, including through providing additional disclosure regarding the trending of our key risks and opportunities, our response to those trends, and our appetite in respect of our risks.