Global Risk Register, November 4, 2020
U.S. regulators have hit Citigroup with a $400 million fine because it failed to address long-standing deficiencies in its risk and control systems and has been told to upgrade its IT systems and processes.
According to Riskonnect CEO Jim Wetekamp, this Citigroup situation highlights the real need for organizations to provide tangible evidence of strong risk and governance structures and controls. Regulators are increasingly paying attention to the processes companies have in place to manage risk holistically. The value of taking this integrated approach isn’t isolated to highly regulated industries.
Viewing risk disparately, or department by department, hurts an organization’s competitive position, reputation, and strategic growth. While insurable risks have become highly predictable, noninsurable threats, like those to the brand, are incredibly unpredictable and have the potential to inflict the most damage on the business.
We’re seeing increased scrutiny of risk management systems, especially in the wake of COVID-19, which has exposed substantial gaps and weak spots in organizations’ current approaches. In fact, 48% of organizations recognize the urgent need to overhaul their governance, risk, and compliance processes and technology.