More Risk Appetite Isn’t Reckless—It’s Reality

9 May 2025:

Here’s something I’ve come to believe , "most businesses don’t struggle with risk itself they struggle with how people react to it".

We still associate visible risk with recklessness. But in reality, visibility is the first step toward progress. Surfacing risk early, talking about it openly, and acting on it that’s not a red flag. That’s maturity. That’s leadership.

According to the latest Gartner® report on risk analytics, 58% of boards expect to increase their risk appetite in 2024–2025. That’s not a theoretical shift it’s a real change in how business is being done. The idea that risk teams are here to slow things down is outdated. The best risk leaders I know are sharp, commercially minded, and focused on enabling the business not just protecting it.

This shift can feel uncomfortable at first. Suddenly, your risk register looks heavier. But that’s not because you’re taking on more risk it’s because you’re finally seeing what’s really there. You’re being honest. And that’s a good thing.

Too often, we throw controls at people who don’t feel safe to speak up. That’s not risk management,it’s performance art. A real risk culture isn’t built on templates or checklists. It’s built in conversations especially the uncomfortable ones. When someone says, this isn’t working, and leadership listens.

The goal isn’t to eliminate risk. It’s to understand it well enough to make bold, informed decisions. To balance growth and resilience. To lead with clarity, not fear.

I’ve seen it firsthand: when leaders welcome tough questions, when sales teams start raising red flags instead of avoiding them, when compliance isn’t just a gatekeeper but a thought partner that’s when the business starts to move with real confidence.

More risk appetite doesn’t mean we’re being careless. It means we’re being real. And that’s where smarter decisions begin.

The Future of Risk Management: Redefining Risk

In a rapidly evolving global landscape, the way we approach risk management is undergoing a significant transformation. Traditionally, risk has been seen as a liability, something to be avoided or mitigated. However, the next wave of risk management is all about redefining risk as an asset and turning it into a force for positive change. This new perspective encourages stakeholders to engage with risk, rather than fear it, and holds the potential to unlock opportunities.

Redefining Risk as an Asset : To embark on this journey, organizations need to shift their mindset from viewing risk as an impending threat to recognizing it as a strategic asset. This transformation can be achieved through 1) embracing risk as an opportunity. Calculated risks can lead to innovation, increased competitiveness, and a more agile approach to decision-making; 2) Engaging stakeholders, by fostering open communication and collaboration, organizations can create a shared responsibility for identifying, mitigating, and exploiting risks; 3) more informed decision-making and more effective resource allocation through data-driven insights ; and 4) cultural shift i.e. transforming an organization's culture to embrace calculated risk-taking fostering innovation and adaptability.

Prioritizing Risks in the Immediate Future : As we look ahead to the immediate future, there are several critical risks that organizations should prioritize beyond the well-known challenges such as cyber threats and data breaches. These include Geopolitical-Related Risks i.e. geopolitical instability, trade tensions, and shifting international relations can have far-reaching impacts on businesses; Vendors and Third-Party Risks i.e. In an interconnected world, a disruption in the supply chain or a cybersecurity breach at a vendor can have cascading effects; Business Resiliency Risk i.e. rather than asking "if" a crisis will occur, organizations should be prepared to address the question of "when" and "how quickly" they can respond. Building resilience and adaptability into business strategies is becoming paramount, ensuring that operations can continue even during crises; and Sustainability Risks i.e. Climate change and environmental issues impact should be considered in operations and supply chains, and proactively work to mitigate these risks.

The future of risk management is a dynamic and ever-evolving field. By redefining risk as an asset, organizations can thrive in an era of uncertainty and complexity. The immediate focus should be on prioritizing risks beyond the traditional cybersecurity and data concerns, encompassing geopolitical challenges, ecosystem vendor dependencies, and business resiliency. By addressing these issues, organizations can not only safeguard their operations but also seize opportunities for growth and innovation in an increasingly complex world.

Signing Off😀

Ragini Raina

Managing Geopolitical Risk in today's environment

Geopolitical risks have become a major concern for companies, particularly those with global operations. Geopolitical risks can be numerous and varied, ranging from political instability, economic sanctions, and natural disasters to cyber attacks and pandemics. There could be a kitchen sink list of these risks, making it difficult for companies to prioritize and manage them effectively. Moreover, there is often a lack of consensus within the organization on how to approach these risks, leading to delays in decision-making and risk mitigation.

It's important to prioritize these risks, and potentially can be done into two buckets: elevated risk and increasing risk in the future. Elevated risks are those that already exist and have the potential to cause significant harm to a company's operations, reputation, and financials. For example, a company operating in a politically unstable country with a high risk of terrorism faces an elevated risk of an attack on its facilities or employees. Similarly, a company that heavily relies on a specific commodity, such as oil or rare earth minerals, faces elevated risks from price fluctuations or supply chain disruptions.

Increasing risks are those that are expected to arise in the future due to geopolitical events that have not yet occurred. For example, a company that operates in a country that is facing economic sanctions may face increasing risks if the sanctions escalate or if the country responds with retaliatory measures. Similarly, a company that relies on a specific geographic region for its supply chain may face increasing risks due to the impact of climate change, such as extreme weather events or rising sea levels.

One of the challenges of managing geopolitical risks is integrating them with business decisions. Doing so would mean severe time and cost implications for companies, which is why many organizations struggle to address these risks adequately. Nonetheless, it is crucial for companies to monitor geopolitical risks and develop a proactive approach to manage them.

There is no one-size-fits-all response to geopolitical shocks. Every company must assess its risks based on its unique circumstances, which may include its industry, size, geographic location, and operations. Companies should develop a risk management framework that includes risk identification, risk assessment, risk mitigation, and risk monitoring. This framework should be integrated into the company's decision-making process, and the relevant stakeholders, such as the board of directors and senior management, should be involved in the process.

To integrate geopolitical risks into the decision-making process, companies should develop a risk appetite statement that outlines the level of risk they are willing to take. This statement should be aligned with the company's overall strategy and objectives. Companies should also conduct regular risk assessments to identify and prioritize potential risks. In addition, companies can use scenario planning to assess the potential impact of geopolitical risks on their operations and develop contingency plans to respond to geopolitical shocks, which may include diversifying their supply chain, adjusting their operations, or seeking legal support.
While there is no one-size-fits-all approach to managing geopolitical risks, managing geopolitical risks requires a proactive approach that includes indicators, scenario planning, and contingency planning. By establishing a risk monitoring framework and using these tools, companies can identify and mitigate potential risks before they escalate, and ensure that they are prepared for any eventualities.

ESG and investors influence

25 Nov 2022:


Interesting trend going on in an environmental and sustainability space, where investors are using ESG / sustainability as a key indicator for exclusion of investment decision and driving corporate behaviour. The recent COP25 meeting has made this even more as a mandate and a future direction for the countries and corporates. However, the fundamental question is whether investors use this as a simple disqualification criterion if there is an absence of concrete ESG initiatives or framework in place. On a hindsight, any such requirements can give rises to window dressing or greenwashing by the companies in order to comply / get investors’ attention instead of actual value driven approach and outcomes.

Instead, investors should look more towards transformation and engagement approach where investors can drive their influence to work with the companies and get them to become green.

It is true that engagement has the better potential to create impact. It’s also true, however, that not everyone who claims to pursue an engagement approach is able to do so effectively. The size of an investment in a company obviously matters. Some companies are also not responsive to external investor pressure – especially in Asia, where numerous listed companies are majority-owned by deep-pocketed founders or families.

My Thoughts!!!: Disruptivetechnologies and business models changin...

My Thoughts!!!: Disruptivetechnologies and business models changin...: Disruptive technologies and business models changing the face of the world we are living in As I am writing this there are several d...