The champagne has been drunk, and the New Year has been rung in. What trends are predicted in risk management as we welcome the new decade?

“In 2020, we’ll likely see significant changes in risk models, processes and functions,” predicts Brenda Boultwood, Risk Advisory Partner at Deloitte. As a senior expert in risk culture and corporate governance, she published an article online January 10, 2020, for the Global Association of Risk Professionals (GARP). We present the highlights and a link to the full article below.

  1. The three lines of defense business model, as we know it, will end

This is actually good news. “Second-line-of-defense functions, such as risk management and compliance, will continue to thrive and prosper,” Boultwood says, “with a focus on framework, policy, methodology and analytics.”

In risk governance, the three lines of defense model is comprised of (1) departments that own and manage risk; (2) departments that oversee or specialise in risk management, compliance; and (3) departments that provide independent assurance, above all internal audit.  Internal audit, she says, will become a “thin layer.”

  1. Business process automation will be reimagined

With daily advances in robotics, artificial intelligence and fintech, this is only to be expected. Boultwood predicts more “managed services through consortiums or third-party services” including “third-party management, regulatory changes, cyber threat monitoring and AML bad-guy profiling through cross-industry consortiums.” AML refers to measures against money laundering.

  1. Sustainability will emerge as a top risk

From Greta Thunberg to citizens of many nations: a groundswell of support is calling attention to issues of climate change and sustainability.

Boultwood writes, “A sustainability risk taxonomy should be developed to evaluate not only a firm’s environmental risks but also its operational resilience and reputation.”

  1. Enterprise risk management (ERM) will be integrated through critical economic functions

She ties this in with the disappearance of three lines of defense (above). “Financial and nonfinancial risks will be tied to the critical, customer-centric economic function.”

  1. The chief risk officer (CRO) will sometimes play the role of futurist

She says the old ways of a very narrow focus of the CRO must give way to a person with insight and imagination, one who can foresee how a “process increases financial and nonfinancial risk exposures in unexpected ways.”

new-years-eve-holiday-party-pocket-watch-clock-at-royalty-free-image-1575406797

Like all New Year’s predictions, these come with their own probabilities of occurrence. But the list provides a very interesting perspective on risk management at the start of the new decade.   ♠️

 

Click here to read the full article on the GARP website. The author is Brenda Boultwood, who is a Risk Advisory Partner at Deloitte. She is the former SVP and CRO at Constellation Energy, and has served as a board member at both the Committee of Chief Risk Officers (CCRO) and GARP. Prior to joining Deloitte, she was SVP of industry solutions at MetricStream.

Disclosure: TextMedic has previously done contract work with MetricStream.