AssociationsRisk Management

Chief risk officers of the future

Authored by: Sidney Mongala, CRM Prac Member at (IRMSA) The Institute of Risk Management South Africa

The way we do business today is 1000 times more advanced than it was done in the last millennium, 100 times more advanced than was done in the last century and 10 times more advanced than was done in the last decade. This is an indication of how rapid life changes.

The more our lives are advancing, the more the need for advanced ways of doing things, the more complex the risk environment evolves.

This is therefore the driver of future business successes and determinant of future business traits and trends. As futurists and trend analysts project the future ahead, businesses should likewise be positioned for the advanced and sophisticated ways of doing business.

Future Chief Risk Officers (CRO) should thus not be left behind but partner with businesses in crafting future fit business models and strategies.

Thus competing with AI and Robotics in this 4IR era which might lead to diminishing credibility and relevance of human intervention and interface.

The way we do business has changed such that we don’t use much physical money anymore to do business as we venture into this 4IR era.

Cryptocurrencies are here to disrupt the old way of transacting and they are the future waves of doing business.

Likewise CROs should continue evolving the way they are doing things and improving their competencies to feed the new waves of doing business and be able with reasonable certainty to advice businesses to be competitive and business savvy to capture the rapidly changing 4IR market share.

With these advancements in the way business is done these days, surely I can safely say disappearing are the days of our lives wherein CROs:

  • Have a corner office waiting for a bell to ring to attend to problems;
  • Compile risk reports and present them to Risk and Audit Committees and Boards;
  • Are required to do anything and everything that could not be done elsewhere like Business Continuity Plans (BCPs), Fraud Prevention Plans, Investigations, Compliance, etc;
  • Are called after strategic directions and plans have already been finalised and are expected to identify and analyse risks;
  • Are carriers of jargon filled risk registers, reports, dashboards, etc;
  • Are seen as “Mr know it all” and find themselves running around fixing anything and everything they have identified as risky; and
  • Have the last item in an agenda that is ‘taken as read’ or ‘will be considered in the next meeting’.

Thus, the future relevance of CROs lie in the strategic partnering and value add to businesses.

Future CROs therefore need to position themselves to be business partners and advisers on business strategies, operations and decisions on the go; “Just In Time (JIT) Risk Management Advisory System and Processes”.

The CROs of the future should therefore possess the following traits:

  • Be mind full of and align to the business vision, mission, direction, strategy and operations including but not limited to future advancements and complexities of doing business;
  • Must be visible and embracing of the entire business vision, mission, direction, strategy and operations;
  • Have sentiments around opportunities for growth and/or service delivery exploitations;
  • Get involved and invested in the strategic projects from initiation to execution to legacy;
  • Walk, talk, sleep, eat and live everything about risks and opportunities;
  • Be the voices that are heard and supported by everyone;
  • Inspire, nurture and bring along direct supports;
  • Carry the best knowledge to advice the entire business’s current and future risks and opportunities;
  • Be active participants in strategic decision making structures, meetings, etc;
  • Act as Anti-Virus software to influence and protect the entire business systems and processes from disruptive technologies in this 4IR era; and
  • Have the audacity and steadfast to point the hidden, speak the unspoken and address the most hard-felt truths about business lessons learned and failures, flaws, improprieties, etc.

Future CROs are those that will not wait for risk agenda items to be included in strategic and operational meetings but influence consideration of risks in all strategic decisions and operations.

The future CROs should be engaged in every discussions, planning, decisions, projects, etc. for growth in business and/or service delivery.

Future CROs should be future risk visionaries of businesses and be able to advice of the future fit business strategies, decisions and plans in the 4IR wave of doing business.

Although future CROs are not expected to be “Drs Of All Problems and Mr/Ms/Mrs Know It All”, future CROs should be able to know where the business is going and be able to advice throughout the business journey.

The future CROs should be the library of risks and opportunities required to build future proof strategies for successful, growing and service delivery savvy businesses.

Like Artificial Intelligence (AI) and 4th Industrial Revolution, future CROs should:

  • Be the backbone of their organisations’ intelligence to predict the future and advice on the perfect alignment to future business directions;
  • At least have answers for all key decisions;
  • Position themselves to fit and thrive in the AI and 4IR era;
  • Upgrade and update processes to be responsive to the rapidly changing and disruptive technologies
  • Be the transformation their organisations need to meet future business needs;
  • Be readily available and prepared to advice on new business ideas; and
  • Be able to timely gauge circumstances and advice on solutions.

For businesses to be future business savvy, it will be critical that they place the right value and investment in the advancement of future risk management systems and processes and ensure that these systems and processes are driven by capable hands of future-programmed CROs.

This means that businesses should understand and put risk management as part and parcel of everything they do lest they fall on a double sharp-edged sword that cut the throats of big businesses such as Bearings Bank, Washington Mutual Bank, VBS Mutual Bank, WorldCom, Enron, Lehman Brothers, Arthur Andersen, etc.

A lot of businesses that are not fine-tuning to the new wave of doing business will suffer the consequences of business intelligence risks such as AI and 4IR in the next ten to fifty years.

These include mostly the labour intensive businesses, ICT businesses that have heavily invested in old ICT Infrastructure, Financial Institutions that are in denial of the arrival of the cryptocurrencies and other disruptive technologies, and so forth.

Likewise, to have future CROs that are equivalent to the old technology and are stuck in the old and safe way of doing business will not survive the use of rapidly evolving and competitive 4IR era of Robotics, AI, Big Data, IoT, etc.

This will be like running a financial institution wherein people queue for cash withdrawals and deposits in this era of EFTs, Banking Apps, Smart Banking, Cradles Transacting, cryptocurrency, virtual banking, etc. These kinds of future CROs will fall with their business ideas and may find it very difficult to fit anywhere in the future wave of doing business.

Another key question to be answered is “how prepared and advanced will our education system be to ensure that future CROs are relevant and fit into the rapidly changing business environment”.

How will the bridge between our education system and the future wave of doing business be closed in order to supply the business world with the bright minds for future fit CROs.

How prepared and adaptable is the education system to fit the future way of doing business and thus bridging the gap between the demand and the supply for future fit CROs, risk managers and assurance providers.

Let me leave you by saying “If we don’t take care of the future, the future will take care of us and we will suffer the consequences”.

Related posts
CyberRisk Management

Increasing levels of commercial crime highlight need for formal risk management processes


Sasria clarifies call to finalise claims


Driving consumer’s right to information

ReinsuranceRisk Management

The state of the riot wrap market in South Africa