60%Organizations believe that the volume and complexity of risks is increasing extensively over time1
65%Organizations indicate that they have recently experienced an operational surprise due to a risk they did not adequately anticipate1
36%Banks and financial services institutions reported that the CRO is responsible for IT risk management programs2
 The State of Risk Oversight – An Overview of Enterprise Risk Management Practices, 9th Edition | March 2018,  MetricStream Research - Moving Up the IT Risk Management Maturity Curve: An In-Depth Look at How Enterprises Are Managing and Mitigating Their IT Risks,  McKinsey Working Papers on Risk, Number 18 - A Board Perspective on Enterprise Risk Management
With enterprise digitization and tectonic market disruptions taking place, the responsibilities of Chief Risk Officers (CROs) are evolving. Today’s CROs are expected to provide timely visibility into emerging and evolving risks, guiding the business towards risk-reward optimized decisions. They are also being relied on to protect the long-term value of the enterprise, as well as its reputation and integrity. Fulfilling these responsibilities requires CROs to provide credible challenge to business growth strategies, while also being invested in them.
As risks evolve in terms of their potential impact on business outcomes, CROs are seeking more agile approaches to risk management and mitigation. Their aim is twofold -- to ensure that business owners have better risk visibility, and to facilitate risk-aware decision-making across organizational echelons.
Reduce variabilities in key performance indicators caused by unforeseen events or disruptions
Reduce the number of risk events and their impact in terms of monetary, reputational, and customer related losses
Reduce the cost of capital by increasing market and board-level confidence in enterprise performance
Improve shareholder perceptions of the enterprise brand