Taking risk to create value and managing risk to protect value is key to how organisations can transform to survive and prosper in these uncertain times.
PwC’s Global Risk Survey 2023 report analyses how top-performing organisations align how they navigate risk with their business strategy to achieve positive outcomes and derive value from risk management.
Our survey found notable differences in how companies approach risk. A deeper analysis helped us identify several solutions organisations can take to turn risk into an enabler of change and growth by.
Take our real-time benchmarking survey
This ten-minute survey will compare your responses with our global study data to help you explore your approach to risk and reveal your risk archetype.
Empowering growth through risk
Enhancing crisis and resilience practices
Which risks have a low probability of occurring, but can hit your organisation with hazardous consequences if they come to fruition? It can, therefore, be more prudent to omit the probability of occurrence concept and focus on worst-case scenarios to foster resilience and be prepared for crisis situations.
Timely identification, adequate impact assessment and implementation of proper response measures are all important ways of building business resilience and readying an organisation for crisis-related risks.
How can PwC help?
Identify key business resilience and crisis-related risks relevant to the organisation’s activities—such as production, commerce and supporting functions.
Design an overall approach, or business impact analysis, to assess the magnitude of potential impacts of business resilience and crisis-related risks.
Outline governance, organisational, operational, technical and other response measures which can be considered when managing risk.
Our experience: Enhancing relevant business resilience and crisis management practices
- Our client
- Our role
- How we helped
- Outcome and impact
Our client
A global pharmaceutical manufacturer with an extensive presence in Ukraine.
Our role
To conduct a comprehensive review of the client’s operations in Ukraine including production, commerce, global and supporting functions.
How we helped
Our approach combined:
Identification of key business resilience and crisis-related risks and the related response measures in place.
Business impact analysis on the magnitude of the potential impact of the residual business resilience and crisis-related risks and outlining recommendations on outstanding governance, organisational, operational, technical and other relevant response measures to consider.
Development of a response plan and preparation for implementation.
Learn more here.
Outcome and impact
We helped the client to be prepared for risks related to war and strengthen their business resilience. Our client received a roadmap for the introduction of outstanding response measures. Each initiative enclosed in the roadmap was supplemented with the design of a dedicated project passport, which consists of all necessary planning information, including potential synergies with other initiatives in the roadmap.
Accounting impact of risks
Increased market volatility and an economic downturn can trigger numerous accounting issues with significant cash flow implications and the potential to create volatility in the income statement.
The following key areas are impacted:
Increased risk of impairment losses with profit and loss impact arising from impairment charges
Margins and net profit due to unpredictability in commodity prices, currency risk movements and interest rate changes
Significant changes in the fair value of foreign-denominated assets and liabilities leading to a revaluation impact on profit and loss. These changes can have tax consequences in many tax jurisdictions, as well as fair value movements in commodity, interest rate and currency risk derivatives.
Remaining innovative while being compliant with the EU Artificial Intelligence (AI) Act
The EU AI Act establishes a model for the regulation of AI and may set a baseline for global regulations, similar to GDPR for data regulation since it came into effect five years ago. Though the proposed regulation may be seen as a challenge for compliance, it is likely to instil confidence in consumers and drive AI adoption as a catalyst for innovation.
Our PwC Global Risk Survey 2023 reveals technology-driven innovation as a major trend of the digitalisation era. The survey also shows organisations face serious challenges to stay relevant in the market and in building and retaining customer confidence.
Market relevance and customer confidence represent valuable metrics for businesses. Fines for non-compliance with the EU AI Act are up to €35 million or up to 7% of annual turnover. Organisations falling under the EU AI Act are expected to comply with its requirements by 2026. In some cases, however, the term is significantly shorter. For instance, it can be six months in the case of prohibited AI systems (Title II, Art. 5).
How can PwC help?
Performance of AI risk assessment: identification and classification of AI systems, gap analysis and drafting of compliance action plan
Implementation of governance and compliance systems to ensure compliance with the EU AI Act / Set up of necessary compliance governance and compliance systems / Set up of best practices, policies and controls in the AI lifecycle form development, operations and monitoring
Provision of customised trainings addressing legal and technical matters
Assessment of the AI systems under IP and data protection laws; provision of relevant trainings
For further information, see our Responsible AI services and our recent thought leadership on the EU AI Act.
Your PwC CEE contacts
PwC Legal Partner, PwC Poland
Anda Rojanschi
Partner, D&B DAVID si BAIAS S.C.A., Romania
Peter Durojaiye
Partner, CEE Cybersecurity Leader, PwC Hungary
Daniel Vinerean
Assessing sustainability maturity
Sustainability risks play a central role in the definition of strategies and business plans, as well as the risk appetite of companies. Sustainability risks must be systematically analysed as part of risk inventories and taken into account in risk-bearing capacity calculations.
Internal Audit (IA) functions are increasing, including environmental, social and governance (ESG) outcomes in audit plans. PwC is able to use its Connected Risk Engine (CRE) technology to help IA assess and benchmark the maturity of the ESG control environment and processes in organisations. Outputs can be used to update ESG strategies, target areas of higher priority, and gauge the success of investment in ESG.
ESG maturity assessment allows organisations to:
Identify opportunities for improvement by benchmarking against good practice
Highlight areas of higher risk or priority to focus effort and investment
Contribute to assurance and monitoring activities, which support strong governance
Provide insights to prepare or update your ESG strategy and plan
Determine the success of ESG initiatives over time (where follow-up assessments are performed).
This can give you a blueprint to help navigate complexity, manage risk, and plan for the next stage of ESG maturity.
Learn more here.
Your PwC CEE contacts
Applying Intelligent Risk Monitoring
The broad availability of data on business partners makes it easier to identify risky business partners, while at the same time, the volume of data makes it more complicated.
Our PwC Global Risk Survey 2023 reveals that technology can effectively replace manual repetitive work. Periodic and mass screening across jurisdictions can detect risky suppliers and prevent unexpected visits from regulatory bodies.
If you recognise one of the following cases, our Intelligent Risk Monitoring tool is a solution:
Your company has branches across CEE
Your company has a large number of suppliers
Your company is threatened by VAT fraud schemes.
How can PwC help?
PwC operates an online portal that aggregates data sources across the CEE region.
Clients either screen a single company, for example, during the onboarding process or upload their full portfolios of business partners to screen them periodically to identify fraud, tax and reputational risks.
A key output is that clients receive documentation detailing the checks in the form of a digitally signed report suitable for regulatory enquiries.
Learn more here.
Navigating new regulations and adjusting to international investment developments
In CEE, an avalanche of new regulations impacting groups of companies has made regulatory adherence more complex.
Foreign Subsidies Regulation/Foreign Direct Investment control
On 12 January 2023, the Foreign Subsidies Regulation (FSR) entered into force, and it has been applicable since 12 July 2023. FSR contains substantial and procedural rules on tackling distortive foreign subsidies on internal markets. The regulation requires that, when exceeding certain financial thresholds, companies involved in transaction or public procurement procedures must declare financial contributions received from non-EU public authorities. This declaration must occur prior to concluding any transactions or signing any public procurement contracts. There are serious consequences of failing to comply with the obligations which include, but are not limited to, fines and transactions being declared null and void.
On 11 October 2020, the Foreign Direct Investment (FDI) Regulation became fully operational within the EU with the aim to better tackle potential risks to security or public order triggered by foreign investments. Following the enactment of FDI, EU Member States have developed new national FDI screening regimes or have amended existing ones. Appointed FDI authorities have been granted the power to screen investments made by non-EU investors in strategic sectors, being entitled to apply serious fines and to declare the problematic investments/transactions null and void. In some Member States, EU investors are also subject to these controls.
Informing clients in advance is key. Organisations should be properly informed through preliminary analysis, compilation of data required, counselling and representation during the notification procedure prior to transactions. A separate budget should also be dedicated to FSR/FDI compliance issues. These actions are likely to make notification obligations more manageable.
How can PwC help?
Setting up internal rules, reporting lines and databases to assist with compliance and awareness within the organisations
In case of a transaction: preliminary analysis, assessment of whether a transaction falls under the scope of relevant regulations
Tailoring the transaction structure and documentation to best scope these obligations
Preparation of the necessary documents and collecting necessary information for the notification procedure.
Pillar Two
Pillar Two is a set of rules developed by the Organisation for Economic Co-operation and Development (OECD) for large multinational enterprises (MNEs). Companies in scope have an obligation to pay a top-up tax so that the group's effective tax rate is not lower than 15% in a given country.
It is expected that more than 140 countries around the world will implement the Pillar Two minimum tax, which shall enter into force in 2024 or 2025.
The impact of Pillar Two on the end-to-end operations of tax departments is monumental. Companies will be required to ensure they have the relevant data to forecast and model in the interim, as well as to maintain reporting and compliance requirements upon enactment.
In addition to tax departments, there are several key stakeholder groups within the organisation, including controllership, financial planning and analysis, that will be impacted by the impending changes. Companies within scope will need to understand, evaluate, and model the impacts of Pillar Two across the organisation. This includes but is not limited to assessing the additional data and reporting/compliance requirements, evaluating the existing technology ecosystem and capabilities, establishing processes and controls, preparing and training resources, and managing stakeholder expectations.
How can PwC help?
To support our clients, PwC has made available two free tools for companies that will be subject to the global minimum tax.
The Pillar Two Country Tracker enables monitoring of the progress on the implementation of the minimum tax in different jurisdictions.
The Pillar Two Data Input Catalogue helps identify whether the company has all the data necessary for determining the minimum tax.
We can help you assess and model the likely financial and operational consequences of Pillar Two.
Your PwC CEE contacts
Péter Dr. Zalai
Attorney-at-law, Budapest, PwC Hungary
Take our real-time benchmarking survey
This ten-minute survey will compare your responses with our global study data to help you explore your approach to risk and reveal your risk archetype.
