Skip to content

AI and Cloud Computing top tech risks in 2024 Horizon


AI and Cloud Computing top tech risks for firms in 2024 Horizon report

The 2024 Operational Risk Horizon study of 48 global banking and insurance firms identifies technology, cybercrime, and business disruption as the foremost emerging risks facing these institutions. These are being driven by the explosion in AI and for the first time in this annual report, concerns about the use of cloud computing. 

The report revealed that Cybercrime remains as the top emerging risk for the 3rd year, followed by Technology & Digital Strategy and Business Service Disruption in third place.  

Figure 11 - 3 topics updated (800 x 800 px) (800 x 400 px) (4)

See the full chart on Figure 1, page 6 of the report

In a further breakdown, respondents were asked to select and rank the five technologies that pose the greatest risk to their firms over the next 12-36 months and five years. AI and cloud computing were the forerunners with both being cited as an immediate priority.  

Figure 11 - 3 topics updated (800 x 800 px) (800 x 400 px) (2)

See the full chart on Figure 11, page 16 of the report

AI has risen greatly in prominence over the last year with the emergence of natural language processing chatbots driven by generative AI technology. How this technology will be leveraged, potentially by criminals, or how it could impact current business practices remain key concerns for the future. With an increasing resilience by the financial industry on cloud computing, firms also fear for the potential concentration risk of the industry relying on key technology suppliers. 

Steve Bishop, ORX Research & Information Director comments:


“The high levels of concern about technology & digital strategy as an emerging risk factor points to an increasingly integrated, digital and data-driven working environment and risks around the growing reliance on key technology service providers."  

“Firms are telling us that the rapid development of generative AI is speeding up the adoption of new tools to keep pace with innovation and maintain competitiveness. But there are significant risks around this, including those related to data protection and regulatory compliance. Firms also want assurance over the design, integrity and reliability of AI based models. All this needs significant investment in risk management capability.”


Key risk challenges in AI adoption highlighted in the report include: 

Monitoring and control  

  1. ‘Loss of control’ over outputs from AI and machine learning tools  
  2. Unexpected or inaccurate algorithmic results causing potential reputational damage  
  3. Skills shortages or lack of training
  4. Reliance on manual controls to ensure accuracy of AI outputs  

Ethics, data privacy and regulation  

  1. Unregulated nature of AI increases the risk of fraud or cyberattacks 
  2. Data privacy concerns due to a lack of confidence in data storage, transmission and use 
  3. Guidance on the ethical use of AI in business decision-making is limited 
  4. Generative AI may use data that is protected by copyrights or IP rights, which could be breached  

Cybersecurity threats  

  1. AI tools are reducing the barriers to entry for cyberattacks
  2. The capability for AI tools to be used to by-pass existing controls, identifying vulnerabilities  

Key risk challenges around cloud computing cited in the report include: 

Limited number of suppliers and the associated concentration risk  

  1. Disruption or cyberattacks on these suppliers can cause widespread outages
  2. Supplier performance issues may have downstream impacts 
  3. Limited supplier resources may restrict growth opportunities  

Data security, management, and control  

  1. Firms report a lack of visibility and monitoring around cloud service providers’ 
  2. Security and availability of client and customer data 
  3. Monitoring and maintaining compliance with cross-border regulations  

Effective supplier management  

  1. Switching between suppliers may be prohibitive due to cost and complexity  
  2. Ineffective monitoring of supplier usage may lead to unbudgeted or unexpected costs  

Steve Bishop also adds:


“We need to be closely monitoring the development and application of AI – tackling the challenge of managing the increasing reliance on third parties, whilst also boosting technical expertise inhouse with education and training to help mitigate the risk. 

“It is a watching brief with both AI and the evolving use of cloud computing. We need to be continuously adapting and evolving our risk frameworks to keep up with the pace of change."