Trust will be a critical differentiator among companies, says Amy Brachio

Organizations need to have a strong information security programme to protect the data and privacy of their customers and employees, says EY’s Amy Brachio


Amy Brachio, global risk advisory leader at consulting firm EY.
Amy Brachio, global risk advisory leader at consulting firm EY.

New Delhi: The rapid pace of change around technology—and the growth of the digital ecosystem, with increased capabilities such as the Internet of Things—creates the potential for increased risk and is causing significant disruption across all industries and geographies. In such a scenario, customers are looking to do business with companies they can trust and executives are looking for risk leaders to help protect the organization, while not impeding the agility and speed in enhancing customer experience, reducing cost and increasing value.

Amy Brachio, global risk advisory leader at consulting firm EY, brings with her 20 years of experience in risk management, advising CXOs and CEOs on issues related to risk management, enterprise risk transformation, and complying with rapidly escalating regulatory requirements. Edited excerpts from an interview with Mint:

How has the risk landscape evolved over the last 20 years?

What we are seeing today are mega trends driving different risks. Today we have the rapid pace of technology, changing demographics, geopolitical trends and so when you put all of that together along with real convergence of industry, this makes risk management all the more important. If you look historically, risk managers were focused on preventing things from going wrong. So if it was a compliance requirement, it was all about making sure that the organization complied. While these issues are still important, the executives at the cutting edge are those that are helping organizations take the risks that are necessary to meet the overall strategic objective of the organization. For example, technology is the biggest driver of change so companies have to see how technology is disrupting business. Organizations have to have a strong understanding of cyber security and understand that data protection and privacy are of utmost importance today. Today, cyber security is more than a technology issue and it cannot remain in the IT domain. It also cannot be the responsibility of any one member of the board—it affects every level of a business and every part of the C-Suite in different, often subtle and not easily recognized, ways.

How do businesses gear up to manage these risks?

Well, first organizations need different skill sets. You need people who understand technology and a deep understanding of how it is used to enable business. Then you need those who understand data and analytics and integration of the two.

Organizations need to be more of ongoing monitoring and even predictive, that is those using predictive analysis to understand what is working and what is not, where things may go wrong in future and correct them before hand. Also, building more agility into risk management is key as the risk function needs to keep up with change and this has been a challenge. It is also imperative that risk functions must have a seat at the table to examine how their functions are operating, whether they are using data and analytics to provide insights to their business, and can they operate up to speed while mitigating digital risk.

What would be your advice to CEOs/CXOs to manage risk in the next 6-12 months?

CXOs need to understand that in the future organizations that can differentiate on trust and protect their IP and interact with customers in the way they want to interact, but protect customers’ privacy and information are going to be the companies that are differentiated in the marketplace. This means that an organization needs to have a strong information security programme to protect the data and privacy of their customers and employees.

Thus, in addition to keeping your eye on environmental risks, CEOs would need to pay close attention to what is disrupting their and their customers’ industries. What does the new risk landscape look like and what does it take to win? Given the digital transformation and new business models that are redefining organizations, ecosystems and indeed, the playing fields across industries, trust will be a critical market differentiator going forward. So invest time and resources designing processes, systems and structures that build trust with internal and external stakeholders. Trust is poised to become an increasingly important currency for which there will be a significant market-premium.

More From Livemint