Top Operational Risks 2023
As always, new year brings a set of challenges, some new and others very familiar. This year’s view of the risk landscape, with input from Best Practice Operational risk forum comprised of practitioners from over 50 national and international organisations, is presented below.
1.?Change risk:?emanating from the need for organisations to?orient in the world challenged by macroeconomic and geopolitical factors, recession and rising interest rates; pushing to revisit the resilience of the business models and thus impacting people, their workload and priorities; as well as systems and processes. Those rising to the challenge will need to apply situational awareness, show adaptability, innovation and a clear sense of direction.?
2.?Supply chain / third-party risk:?failures in the supply chain impacting service delivery; and concentration?risk, especially as it relates to cloud service providers. Core supply chain ecosystems are becoming more complex, with lack of firms’ visibility over 4th?and 5th?parties.?
3.?Cyber:?widespread cybercrime and cyber insecurity is quoted by the WEF Global Risk Report(1)?as a key risk for near- and longer-term horizon (2 and 10 years). It continues to top the charts in terms of impact and likelihood, and is now firmly seen as a business risk, rather than solely an IT problem.?
4.?Financial Crime control weaknesses:?inability to evidence robust control environment, in addition to acts of fraud and money laundering. Based on the analysis of 2022 ORX top Operational risk losses, there are significantly more fines received by firms due to inadequate control environment rather than as a result of being implicated in criminal activities as such. Organisations are required to continuously invest in processes and controls in this area.
5.?Technology failures:?system downtime, inadequate use of new technologies or poor change and integration could result in potential customer and market detriment.?ORX Top Risk review(2)?ranks technology failures amongst the top 5 Operational risk challenges.
6.?People?risk:?skills set, succession & well-being.?As per Forbes report(3), ‘there’s not enough succession planning or workforce replacement’. In tightening talent market, attracting new skills in short supply, for example caused by the adoption of digital technologies, as well as retaining top talent will remain problematic. Additionally, mental health issues which increased during the pandemic will continue to manifest, with workplaces potentially not prepared to provide phycological support. As stated in the World Health Organisation’s mental health report(4), ‘business as usual for mental health simply will not do’. More needs to be done to ensure employee well-being.
领英推荐
7.?Data mis-management:?data breaches, acts of non-compliance with GDPR as well as inadequate data management frameworks will pose challenges, given the amount of data continues to raise.?This is a broad inherent risk not only in financial services, which is expected to firmly remain in the leading place.
8.?Regulatory risk:?fines and penalties due to inability to timely identify and implement regulatory?requirements. Not new, and remains high on the agenda.?
9. Risk culture:?employee?disengagement and decline in organisational risk culture leading to acts of misconduct.?Since the beginning of the pandemic,?enforced and prolonged working from home led to partial loss of?informal interactions, which in turn, somewhat eroded corporate cohesiveness. The full impact of?hybrid/WFH?environment has not yet been fully studied and understood. This raises the questions on the future workplace and mode of working, and the impact on employee loyalty.?Culture-related issues occupy 2 out of 10 places in Protiviti’s executive perspectives on top risks(5), with particular concerns over sustaining the culture and ensuring open and honest escalation of issues.
10.?Climate action failure:?insufficient progress, inability to embed the requirements beyond the regulatory minimum.?While the need is well understood and everyone agrees more needs to be done, as KPMG CEO Outlook(6)?demonstrated, economic pressures could see ESG side-lined. The position of the risk reflects many chief executives’ focus on immediate pressures of uncertain economic conditions and change risk, with?‘50 percent pausing or reconsidering their existing or planned ESG efforts’, based on KPMG survey.
As for?Emerging Operational Risks?considered by the Best Practice Forum, the majority of risks are related to people, technological developments or further intense change agendas impacting on business models.??The reason, and the inspiration for Operational risk professionals to remain at the heart of the change agendas and continue embedding robust risk management practices with new found energy and enthusiasm.?
Per Benjamin Franklin, ‘Energy and persistence conquer all things.’?
Risk & Project Management Trainer, Project Manager at ICEPRONAV ENGINEERING SRL
1 年Dear Elena,? I am following your posts and articles on LinkedIn, and I find them very well documented and informative, not only for Risk Managers, but also for Senior Management and Project Managers as well. Right now, I am writing an article about operational risks and why these risks should be studied and understood also by Project Managers. In this article, I emphasize that Organizational Process Assets (processes and systems) and the Enterprise Environmental Factors (market and external condition to the organization) are not only basic/important input for project management processes, but also potential causes of operational risks. Furthermore, the impact of the operational risks is often cascading from organizational level to project level as external factors in the RBS. To reinforce this point of view, I intend to present few operational risks and how these are impacting the projects.? Therefore, I would like to ask for your permission to quote this article regarding the top 10 Operational Risks in 2023, and the permission to use the image "Top Operational Risks 2023 with input from Best Practice Operational Risk Forum" within the article I am writing. Looking forward to your reply, Daniel
Risk Manager, Corporate role and fatherhood juggling, Liverpool fan..
1 年Risk Culture decline is a super interesting concept, and not one I’ve come across before. Can see how it is intrinsically linked to the change in ways of working and increased People risk.. Definitely one to take into consideration more going forwards!
Head of Third Party Risk Management - TPRM at National Bank of Egypt| CTPRP - Certified Third Party Risk Professional| MBA| Credit Certified| Enterprise Risk Management PGDiploma| Instructor-EBI&EIOD| GRC| ORM | ERM
1 年I see that Third-Party Risk has become an important topic than ever. I believe that Third-Part Risk Managers will face new challenges while mitigating TP risks. Thanks for sharing Elena Pykhova !
Good overview for priorities!
Risk Management / Cybersecurity executive enhancing resilience for institutions | Engaging leadership teams with risk quant methodologies, AI Automation and strategies for optimizing risk programs.
1 年Great 1st pass and saved some folks time in the identification phase! Now the real work begins - https://www.dhirubhai.net/pulse/right-capabilities-time-risks-chris-cpat-patteson-