Five topics shaping the risk agenda

What’s important to the chief risk officer in 2025

CRO hero

EB new styles XF

Embracing the CRO’s new mandate

Charged with helping organizations navigate evolving risks and uncertainty, chief risk officers (CROs) and other risk management executives identify, assess and mitigate threats to the business while helping it balance risks in pursuit of new opportunities. As a result, today's CROs need to be agile, strategic and collaborative. They must balance a growing focus on responsible value creation alongside stronger value protection. How? By bringing strategic business insights to help unlock the potential of transformation initiatives with a human-led, tech-enabled approach to risk management.

In the spotlight

Election complicates risk outlook, planning

Risk executives are no strangers to uncertainty, but they’re now in uncharted waters. Nearly 90% say new risks, regulations and talent challenges are barriers to their goals, finds PwC’s October 2024 Pulse Survey. The US election has added more pressure, with most expecting a rise in litigation, regulations and executive orders.

{{filterContent.facetedTitle}}

[90%] of risk leaders say managing new risks is an obstacle to achieving their priorities

Explore related C-suite insights

What to focus on in 2025

Strategy & growth

Align on need for risk-informed strategy

To help the business balance risk effectively, CROs are reaching across the three lines of defense to harmonize and reinforce their messaging to the board, CEO and senior leaders. The most influential risk leaders also participate in early strategic and transformation decisions, when risk insights can mean the difference between success and failure. By aligning on risk factors and using technology and data insights to inform key decisions, you can empower your organization to make bold moves with confidence.

Begin by coordinating with other risk leaders across the three lines on risk standards, terminology and messaging. Define a vision for risk management that supports your organization’s goals. Sharpen communication and other soft skills to collaborate more effectively and demonstrate the business value of risk-informed decision-making.

Additional ways to align on risk-informed strategy

Strategy and growth

Risk leaders, clear-eyed about perils and priorities, face obstacles

With business transformation introducing new risks, find out how executives are vying to bring risk perspectives to the planning and design phases.

Strategy and growth

Risk professionals’ influence is growing — but unevenly

Risk professionals need to grow their C-suite influence — start with engaging early in major initiatives.

Regulation and compliance

Risk and compliance reimagined: Unlock hidden savings and performance

Learn how organizations can cut costs and improve quality by reimagining risk management and compliance programs.

[89%] of risk executives are prioritizing expanding their function’s influence across the entire C-suite

Explore related C-suite insights

Technology

Innovate with emerging tech

Artificial intelligence and other emerging technologies are creating a growing appetite for risk and a corresponding imperative to deploy them to manage risk. Embracing this challenge, today’s risk executives are reframing risk as a value-creation opportunity for their organizations. They’re innovating with a human-led, tech-powered approach to risk management that helps drive sustainable growth while also improving program quality, performance and efficiency.

To get there, collaborate across the three lines to transform risk and compliance programs with an enterprise-wide approach to rationalizing technology and controls. Integrate advanced analytics, predictive modeling, automation and cloud to replace legacy tools and manual processes. Leverage AI and machine learning for risk insights to inform strategy and drive growth.

Additional ways to innovate with emerging tech

Artificial intelligence

Good governance for AI: 5 real-world insights for risk professionals

Learn why AI governance matters and the key elements for risk, compliance, legal and security leaders.

Cyber and privacy transformation

The C-suite playbook: Bridging the gaps to cyber resilience

The demand for enhanced cybersecurity is intensifying. Establishing a shared vision for preparedness is a key step to bridging to a more secure future.

Risk management

Quantum next: Navigating a new cyber threat landscape

Is your organization ready for a post-quantum world? Learn the steps to take to adopt quantum-resistant tech.

Risk

Technology risk: So pervasive, it’s hard to see

How industry leaders can align to better manage the many vulnerabilities associated with an organization’s use of technology.

[81%] of risk executives say leveraging data and technology to assess and quantify risk is a priority for their function

Explore related C-suite insights

Resilience

Build operational resilience

Operational resilience requires your organization to evolve continuously, protected from shocks while maintaining its ability to adapt, create value and stay competitive. However, tension can exist between the diverging goals of resilience versus agility. Balancing these competing demands requires a strategic, enterprise-wide approach to resilience that’s centrally governed and embedded into operations and the corporate culture.

Seek opportunities to collaborate on and shape your enterprise resilience strategy. Identify your critical business services, map their dependencies and integrate your resilience capabilities and reporting around those services. Align your program with your organization’s strategy, values and investment priorities. Leverage advanced technology and mine intelligence from data to help you anticipate, prevent, manage, simulate and learn from risks and disruption.

Additional ways to build operational resilience

Resilience

Enterprise resilience considerations: Questions for board members to consider

What is enterprise resilience and how can you balance the challenging demands it creates? Find out more.

Risk and regulation

Mining risk intelligence to deliver actionable insights

Learn how to balance competing priorities and evolving risk — to make confident decisions that are consistent with your organization's risk appetite.

Workforce strategy

Workforce Radar: To build the workforce of tomorrow, the time to act is now

Learn about the five workforce signals leaders can act on to successfully drive their desired workforce transformation and business outcomes.

Strategy and growth

Risk leaders, clear-eyed about perils and priorities, face obstacles

With business transformation introducing new risks, find out how executives are vying to bring risk perspectives to the planning and design phases.

[Only 31%] of risk executives are involved in defining resilience strategy around operations or technology and IT management

Reporting

Improve transparency and reporting

Transparent, accurate disclosure is critical to establishing trust and driving shareholder value, but it’s becoming increasingly complex. Effective reporting on regulatory obligations — covering cybersecurity, data protection, privacy, supply chain, ESG and AI — as well as voluntary disclosure are key to maintaining credibility with investors, regulators, customers and employees. The same goes for internal reporting to the board, especially on risks to strategic priorities like transformation and business model reinvention. Integrating risk with reporting bolsters accuracy and consistency in communications, uniting teams internally and building trust externally.

Consider how automation and tech-enabled data management can build an agile, robust reporting function that seamlessly adapts to evolving disclosure obligations. Coordinate with other teams to make sure that messaging is consistent. Enhance your risk quantification capabilities to drive informed internal decisions and foster greater external transparency.

Additional ways to improve transparency and reporting

Reporting

SEC’s cyber disclosure rule: How to prepare for disclosures in a new era of transparency

Navigating SEC cyber disclosure rules? Start here to enhance cybersecurity and fulfill the reporting requirements.

Regulatory risk

Next Move: Practical insights on regulatory and policy developments in technology

Learn about the latest regulatory and technology policy developments and how risk leaders can react.

ESG reporting

ESG regulations and your company

Prepare for the SEC climate disclosure rules and other regulations that expand ESG reporting requirements.

[About 70%] of both consumers and employees say it’s important that companies disclose their climate-related risks

Regulatory risk

Manage regulatory risk

Regulatory change at the federal, state and global level is accelerating. Compounding the complexity is the uncertainty introduced by the recent election and the Supreme Court’s Chevron ruling. Savvy risk leaders understand that managing evolving regulatory expectations requires agility, automation, strong data quality and governance, rationalized controls and alignment across the enterprise.

Start by confirming your regulatory change management processes are functioning effectively, enabling you to monitor new developments, assess their business impact and communicate implications to leadership. Update your enterprise risk assessment and resulting risk inventory to account for the impact and interdependencies of regulatory uncertainty on business strategies and enterprise risks. Consider adopting an AI-powered regulatory risk intelligence platform for real-time alerts and data-driven insights.

Additional ways to manage regulatory risk

Regulatory risk

Next Move: Practical insights on regulatory and policy developments in technology

Learn about the latest regulatory and technology policy developments and how risk leaders can react.

Regulatory risk

Our Take: The changing regulatory landscape

Change remains a constant in financial services regulation. Read our take on the latest developments and what they mean.

Artificial intelligence

Harnessing the power of AI in internal audit

Find out how AI can help drive elevated automation and efficiency within internal audit.

Regulation and compliance

Risk and compliance reimagined: Unlock hidden savings and performance

Learn how organizations can cut costs and improve quality by reimagining risk management and compliance programs.

[87%] of risk leaders consider evolving their capabilities to address emerging risks and regulatory requirements a priority

Explore related C-Suite insights

Explore executive insights

Identify the key focus areas of your colleagues.

Follow us

Required fields are marked with an asterisk(*)

By submitting your email address, you acknowledge that you have read the Privacy Statement and that you consent to our processing data in accordance with the Privacy Statement (including international transfers). If you change your mind at any time about wishing to receive the information from us, you can send us an email message using the Contact Us page.

Hide