GRC Tuesdays: What Risks to Look Out for in 2024

If you have been following these GRC Tuesdays blog, then you might have noticed that this is the fourth year that we release a blog on “What Risks to Look Out for in [current year]”.

This year again, I decided to use the very same format so that there could be comparability on what experts, analysts, journalists and business leaders have defined as being their top concerns for the different periods.

For your convenience, I have included below the graphs from previous years, but, in case you are interested in reading more, I have also shared the direct links:

Reminder of the state of Top Risk Categories as per businesses and communities from prior years:

2022 2023

Don’t be fooled by the fact that the 2024 graph looks much more skewed towards 1 single category.  It doesn’t mean that the world is less risky unfortunately! It’s simply that responses were less fragmented. Whereas 3 categories dominated last year’s reports and the following ones were split amongst many others, in 2024, there seems to be much more agreement on the top risks.


Top 5 (+1) risk categories in 2024


Source: consolidated top risk categories from 15+ recent publications

In the past, I have restricted the summary to 5 top risk categories, but it was not possible last year already since few of them had the very same number of mentions across the different reports used for this blog. As a result, as in 2023, I didn’t want to make a choice and prioritize one over the other arbitrarily, so I decided to keep the 6 risk areas that are most often cited.


Economic Conditions has been trusting the “leadership” of top risks and there are no signs that it will be degraded any time soon. Increased costs due to inflation, rising labour and energy costs is a reality in all geographies. But one thing has changed compared to last year: whereas “Energy Crisis” was a category by itself in most reports, it has been downgraded to a sub-category. Not that prices for individual and companies seem to have much decreased, but this is a separate discussion!

It seems that experts are perceiving governments’ efforts as positive measures and therefore see a reduction in likelihood of this risk turning into a full-blown crisis.

Nevertheless, many analysts report that continued “inflation shockwaves” could have a much boarder impact and trigger public anger. This, in turn, could lead to potential civil unrests and therefore increase levels for security and political risks.

Another cause often cited relates to if central banks’ attitude. If these institutions continue to tighten their monetary policy, they will further increase interest rate and could therefore accelerate the probability of a global recession.


The Geopolitical risk will also be high in 2024, especially with key elections in major countries such as the United States, India, Taiwan, European Parliament, Russia, South Africa and possibly Ukraine only to name some that will be closely monitored by geopolitical experts to understand the future balance of power. This risk will take a great dimension in Africa, where 15 general and presidential elections are planned this year across the continent.

These elections could very well redesign the geopolitical alignments in a multipolar landscape.

Furthermore, countries classified as “middle power” are among the fastest growing economies and might want new distribution of global power within reformed institutions. Which might start with the United Nations Security Council election mid-2024.

Another concern in this category relates to rogue nations. Hence countries whose political power might be in precarious position and decide to dramatically escalate local conflicts.


Information Technology – or “Digital” in some reports, was a top 5 risk in 2021 and 2022 but dropped from this short list in 2023. Originally, most reports focused on the pace of innovation, and the difficulties for companies to keep up with it, creating a competitive advantage for those able to harness it and even sometimes creating entirely new business models.

It is now back in the top 5 and brings a friend with it: Artificial Intelligence. You wouldn’t have missed the rise of Generative AI in these last few years, and opportunities initially seems limitless… But experts were quick to raise significant concerns on the threats that go with it. Not only in terms of data protection, but also the sheer magnitude of disruption that it can trigger for businesses in nearly all industries and the unknown reliability of the decisions made autonomously. Crossing to another risk category, Compliance & Regulation, some believe that AI will be easier to legislate than traditional institutions because we can mandate accountability and transparency. For instance the logging of decisions, the auditability of code as well as of training procedures. But is this really true? Relating this threat back to geopolitical tensions and rogue nations, if AI brings them advantage over others, wouldn’t they be tempted to bypass legislation? This also opens the door to questions on ethical use of technology which has been cited as a concern for the next decade.


As you will have noticed, I didn’t mention Cybersecurity in the previous paragraph. And this is simply because, year after year, it established itself as a distinct risk category. I don’t think I need to mention statistics on the number of cybersecurity events, but analysts are now raising a much more worrying possibility (reality?): the collision of Cybercriminals and advanced AI capabilities. In short: cyber attacks powered by AI.

With increased intensity of cyber warfare in in conflict zones, and taking into account the upcoming key election calendar mentioned earlier, you can imagine the level of danger this risk could pose in 2024.


I already mentioned Compliance & Regulation in relations to Information Technology, and there is no sign that regulatory superinflation will slow down. Nevertheless, even if ESG is still a “hot topic” for some analysts, many flagged that regulatory pressure in this area probably won’t be as far reaching as expected last year. They claim the same when it comes to privacy and data legislation. Regardless, one common finding is compliance and risk management functions face overload due to increased expectations from Boards, but also business partners, customers and even employees… While organisations are focused at the same time on reducing operating costs.


Last in our top risks categories for 2024 is HR & Talent Management. This risk has always been in the list of top 10. It is now back in the shortlist with 2 major root causes highlighted by HR specialists:

  • Balancing the flexibility provided through working from home and the company mandates to return to the office since many employees now expect this from their employers – it has even become a deciding criterion when applying for new roles;
  • Potential massive industrial work actions in countries where labour laws only set minimum standards to protest and demand more protection. These actions could impact productivity and disrupt supply chain, but wider impacts such as civil under that could even lead to geopolitical shifts are not to be underestimated.


What about Physical Security?


This is the question I asked myself when reading these 15+ reports: what about Security? In 2023, it was in the top 5, mostly due to the war in Ukraine, but many analysts now seem to believe that this is an established reality without further escalation.

I am not an expert, but the events in Israel and Gaza, the clear rising of global terrorism as per security agencies worldwide, and the likelihood of unrest or even conflicts over food and water scarcity combined to demographic changes indicate this is a clear and present danger in my opinion.

Nevertheless, this blog is not about my perception, but a mere summary of expert publication that often place it at the bottom of the top 10 list.

I wanted to end this blog on an optimistic note though. Next month, followers of the Chinese Zodiac will be celebrating the entry in the year of the Wood Dragon. I admit that I am not familiar with the symbolism of the cycle of animals which appear in the Chinese Zodiac so, as for the rest of this blog, I did some research. The consensus seems to be that this year will be place under most fortunate and prosperous auspices, bringing many opportunities. I can only hope this holds true!


Credits: image automatically generated by Bing, Powered by DALL·E 3

What about you, what risks do you and your organization have on the radar for the year to come? I look forward to reading your thoughts and comments either on this blog or on Twitter @TFrenehard




If you’d like to drill-down further, I have shared below the sources that I used to put together the summary graph.

Of course, if there are other reports that you use and would recommend, I’d love to hear about them so don’t hesitate to add them in the comments section!

Source link

Be the first to comment

Leave a Reply

Your email address will not be published.