Cyberattacks, safety concerns, climate change, regulatory demands, declining oil prices, less demand from China, a crumbling and volatile stock market: There is no lack of risks in doing business, and at the start of 2016, they are ever- present for corporations small and large.
KPMG has identified key risks for companies and how they can proactively address them. “You have only to pick up the paper and see that it is a pretty risky environment [to be] doing business in,” says Kelly Watson, national service group leader at KPMG’s risk consulting practice for the US. The list of risk areas that KPMG has identified covers many different scenarios.
“Common traits in the identification and management of risk are emerging regardless of industry and company size,” Watson adds. Among the major concerns of the chief risk officer (CRO) is the risk to a company resulting from technology. “One of the most concerning things about technology is that it is an area that most people feel uncomfortable with, because they do not know what they do not know,” explains Watson.
Technology risk is driven by the speed at which technology is changing, the adoption of emerging and disruptive technologies—such as the Cloud and mobile—and the need to understand and comply with changing regulations.
“Another risk faced by all companies is third-party risk,” says Watson. “While faced by companies of all sizes and types, third-party risk is of particular concern to global companies dealing with third parties abroad.”
Crisis management plans are put in place to deal with anything that can be disruptive to a company. Such plans are becoming de rigueur, even at smaller firms. “With a crisis management plan, if something happens, the company has a strategy to deal with it,” says Watson. “With the 24-hour news cycle, everything happening is immediately known, and this is different from what was happening in previous generations—added to an increasing number of regulatory and reporting challenges. These are all things that keep a CRO up at night.”