The job of Risk Manager is becoming increasingly cross-disciplinary and digital in response to a fast-changing economic and regulatory environment.
of risk managers interviewed had direct contact with their CEO
of risk managers have seen improved recognition of their role within their company
of risk managers make risk assessment and management an integral part of their company culture
Already the risk management experts within their company, risk managers have for some years now taken on a more cross-disciplinary role as other functions have become increasingly involved in organisational risk management. The « FERMA European Risk Manager Survey » conducted in partnership with PwC provides an overview of the responsibilities, concerns and practices of risk managers in Europe.
Over and above their traditional responsibilities of risk control and insurance management, risk managers are increasingly occupying a central role of strategic importance within their companies. This new role takes the form of wider responsibilities, which in most cases involve more frequent interaction with other corporate functions. These interactions have become more wide-ranging in recent years as a result of regulatory changes and social trends, including security (terrorism, cybersecurity), compliance (corruption) and social and environmental responsibility (increased obligations).
« The risk manager can be in the driver seat of risk management for the organisation. [...] For this purpose, the risk manager needs a clear understanding of the company’s business, organisation and more important, of its daily operations difficulties. »
Companies must address risks that have become increasingly complex to the point where they require to be managed by multiple departments within the company. Until recently the dedicated risk management expert, the risk manager gains two new hats as a result of this changing landscape: that of the orchestral conductor who must coordinate the initiatives implemented by all stakeholders in a given issue, and that of the business partner capable of consolidating a vision and strategy, and communicating them to the executive management team.
37 % of them are involved in the upstream assessment of risks relating to the adoption of new technologies, making them leading stakeholders in corporate digital transformation. Combined with the introduction of the GDPR in 2018 and increasing concerns over cyber-risks, this new role has made the IT department a major point of interactive contact for risk managers. Their relationship is a close one that is also integral to their mandate, whereas in 2016, it was still being described by most interviewees as occasional.
Risk managers are also using the latest technologies more often to do their jobs: this could be for data analysis and visualisation or, in some cases, blockchain, artificial intelligence or robotic process automation. This in turn is driving a transformation of the profession, the need to process larger volumes of data and, above all, the need to understand the increasing complexity of today’s economic environment.
European risk managers cite 3 main risks, beginning with cyber-risks (37 % of European risk managers). Then come uncertainties over economic growth, and lastly geopolitical risks. The two latter issues were also in the 2016 Top 3.
Since then, three new risks have entered the Top 10: the speed of technological change, the availability of appropriate skills and climate/environmental risks.
In responding to these uncertainties, 57 % of risk managers are introducing combined bottom-up and top-down risk maps, and many are also using risk-specific maps (16 % for corruption and 13 % for security issues).
In terms of insurance, 85 % of risk managers are particularly concerned by policy limits and exclusions for emerging risks, while 80 % are concerned about regulatory changes. 67 % make risk retention their main strategy for countering emerging and specific risks, and 50 % of risk managers also opt to encourage insurers to develop more innovative solutions.