The pressing issue for most insurance Chief Risk Officers (CROs) in the upcoming year is cybersecurity, as revealed by a comprehensive study conducted by EY, a renowned professional services entity. Additionally, a considerable number of CROs have ranked third-party and vendor cyber risks among their top five concerns. This highlights the critical nature of cybersecurity in contemporary risk management strategies.
In a bid to enhance risk management, many are turning towards generative AI-enabled solutions, with the integration of chatbots and large language models gaining popularity. This shift is coupled with a notable anticipation of reducing manual roles within risk functions, while simultaneously boosting investments in data, analytics, and AI proficiencies.
This data stems from EY’s third annual Global Insurance Risk Management Survey, conducted alongside the Institute of International Finance (IIF). Authored by Stu Doyle, EY Americas Insurance Nonfinancial Risk Leader, and Jonathan Zhao, EY Global Insurance Leader, the report encapsulates insights from CROs across diverse regions, business sectors, and organisational scales.
Evidently, the risk landscape is marked by accelerated speed, complexity, and heightened interconnectivity. The survey outlines how geopolitical changes, technological shifts, climate challenges, and dynamic regulations collectively result in risks that rapidly emerge and propagate across organisations.
CROs are shifting their focus beyond traditional risks, foreseeing disruptions and innovations as transformative forces redefining business models and operational paradigms. In response to the elevated cyber threats, insurers are strategically integrating cyber, third-party, and operational resilience risks into coherent frameworks. This involves expansion in continuous monitoring, fortifying governance, and conducting rigorous scenario testing, whilst vigilantly overseeing third and fourth-party affiliations.
Moreover, insurance firms are prioritizing governance and controls, especially as artificial intelligence adoption accelerates and regulatory landscapes diverge across regions. Updating control frameworks, delineating accountability, and employing automated monitoring and testing capabilities are key actions being undertaken.
The importance of data excellence cannot be overstated. Enhanced access to high-quality, consistent data is critical for timely, actionable risk insights. Investments in centralized data platforms are proving essential in mitigating fragmentation and optimizing the use of advanced technologies.
The survey also indicates significant changes within the risk workforce structure. Automation is expected to diminish routine task workloads while escalating the demand for data literacy, digital expertise, and deep business acumen. The emergence of hybrid roles that combine risk management with data and AI skills is projected to rise.
Conclusively, the role of CROs is evolving into a more strategic and influential position, significantly involved in pivotal business decisions and organizational transformations. Organisations that invest in strengthening governance, enhancing data capabilities, and nurturing digitally skilled teams are more likely to successfully navigate complexities and sustain resilience amidst an evolving risk environment.
