The future of risk and finance

In an era of increased risk, the CFO needs to step up in even more ways, without letting any of their day-to-day responsibilities slip through the cracks, according to speakers at CFO Brew’s live event in NYC last week, Risky Business: Navigating Compliance, Risk, and Regulation in Finance.

Here are some of the risk management trends, pitfalls, and tools that panelists shared with the audience (to watch the event on demand,click here).

New role, who dis? Some of the finance leaders who appeared at our event highlighted how the CFO role is more nuanced than ever, and the need for CFOs to move beyond stereotypes.

“I do think the CFOs have to get rid of the reputation that we’re here for budget reasons only,” Josh Schauer, CFO of insightsoftware, said during a panel.

According to Tom Hood, EVP for business engagement and growth at the AICPA, the CFO role is changing from one that was purely internal to one that now has to contend with internal operations while also being aware of external opportunities and forces.

“We’re at this tipping point between a past-tense profession and a future-tense profession,” he said. “I love that, if we can bridge that and maintain that ethics and trust foundation.”

Guardrails for growth. In an era of uncertainty, risk management becomes even more important and internal controls are paramount, especially for companies looking for growth, according to Mike DePrisco, CEO of the Institute of Management Accountants (IMA).

“People perceive internal controls as constraints, especially if you’re looking to grow or scale a business,” he said. “At IMA, we really think about internal controls as growth accelerators.”

Internal controls make order out of the chaos of an uncertain, frequently shifting, and complex marketplace, DePrisco said. By putting those warning bells in place, companies can pursue opportunities at full speed, knowing that if risks start to spiral, there are guardrails, he and Hood agreed.

Omri Mor, co-founder and CEO of Routable, chimed in: “If we can get our engineering team to value compliance, we can build really fast,” he said.

Risk is okay, actually. CFOs have increasingly become collaborative partners with cybersecurity and IT specialists in evaluating the risk versus reward of new technologies, like AI. But CFOs still need to draw some lines with collaborators.

“You have to make sure you communicate what your risk appetite is,” Meryem Erzi, chief compliance officer at Pagaya, said. “What level of risk are you willing to accept while pursuing growth opportunities?”

“Security professionals are paranoid,” Ann Irvine, chief data and analytics officer at Resilience, said. According to her, IT pros’ mindset tends to be inflexible on risk tolerance. But she warns that this approach means that they focus too much of their time and effort on prevention, and not enough on “incident response planning” for when a breach inevitably occurs.

“Sometimes businesses have to take risk, accept some of that risk, and transfer some of that risk to insurance,” she said.

Deregulation ups the stakes. The Trump Administration’s deregulatory push may lead some CFOs to think that means they can take a *cough, cough* breather from disclosures, reporting, and compliance concerns, but that’s not the case, according to keynote speaker Erica Y. Williams, former chair of the Public Company Accounting Oversight Board.

Williams said that while some sectors will get deregulated, others may get hyper-regulated. Either way, that “puts even more pressure on your CFOs and your audit committees now than ever before,” because even if a government regulator doesn’t come knocking, that doesn’t mean a shareholder won’t, she cautions.

“This is not the time not to be internally vigilant, even though you might not have the government coming and breathing down your neck,” she said. “But no matter what, I do believe the shareholders are going to continue to be very vigilant…It is time to double down on compliance.”