Can Risk Be Strategic?

I attended PwC’s annual client and analyst risk summit in Boston earlier this spring. The theme of this year’s summit was innovation, which the firm addressed at two levels. One was operational, for which the firm demoed several proprietary products for innovating risk monitoring and compliance processes such as automating know-your-customer compliance, plumbing the dark web for threats, and visualizing risks across supplier tiers. PwC also spotlighted a risk and regulatory services innovation center operated in conjunction with Carnegie Mellon University, where clients are collaborating with PwC and CMU on developing bespoke technology solutions for information privacy and security, audit, and data analytics. The other level was strategic, which PwC addressed through case examples in which engagement with policymakers and regulators shaped innovation opportunities.

While I observe more clients looking to consultants to help them protect their strategies against risks, most prominently in cybersecurity, I rarely see the inverse. I spoke with many consultants and clients this year as part of the update of our innovation strategy and business strategy and planning consulting ratings; one theme that did not emerge was risk. This is a conundrum, because return is a function of risk; those who better understand the risk environment and can manage it, win.