Skip to content
About Us Insight platform ORX News platform Create an account
Login

Showing results for ""

Unfortunately, no results match your current query

    Geopolitics, AI, and third parties drive surge in op risk materiality

    POSTED BY
    false
    Geopolitics, AI, and third parties drive surge in op risk materiality
    5:40

    Ongoing geopolitical turmoil, artificial intelligence (AI) and third-party ecosystem vulnerabilities are driving a significant increase in risk materiality scores across the risk profile, according to the latest Top Risk Review benchmark report

    While the ranking of the industry’s major risks remains relatively stable since the last review in November 2024, risk materiality scores have risen sharply — with all but one (People) seeing an increase. The findings suggest that external factors are not only heightening existing risks but are also narrowing the gap between traditionally top-ranking and lower-tier risks.

    Data Management saw the highest year-on-year increase (5.93%), and by far the greatest increase in the top five since the last review. This highlights its importance for operational resilience, governance, and strategic decision-making. However, challenges such as data quality, accuracy, and availability are difficult to resolve at pace, and continue to present significant issues. These challenges are a barrier to unlocking opportunities and efficiencies associated with data-driven technology such as AI.

    Steve Bishop, ORX Research and Information Director explains:

    "The increasing move to digitalisation and data driven decision making means that the need for effective data management goes way beyond being a technical necessity. Firms face significant hurdles, including legacy systems, fragmented data ownership and the additional burden of regulatory demands.” 

     

    Figure 2 TRR 2025-1

    Figure 1 - Top 5 ranked risks: % change in materiality score since H1 2024 and year-on-year, in ranking order

    Other key findings from the report include:

    Geopolitical instability is a primary driver behind the surge in risk materiality scores. Survey respondents recognise the transversal nature of geopolitical drivers with potential overlapping or cascading risks, e.g. cyberattacks on third parties leading to outages. The geopolitical threat landscape is developing rapidly and there is a sense that risks could materialise very suddenly, with little direct control or influence by firms.

    AI adoption continues to create challenges around data management, conduct and model risk. The top three specific concerns centre around cyberattacks leveraging AI capabilities e.g. deepfakes, data breaches; Data privacy concerns, leakage/inclusion in (internal/public) AI models and AI-enabled fraud, circumvention of controls (e.g. voice recognition) using deepfake voice cloning.

    Third-party and ecosystem risks are intensifying, particularly regarding cybersecurity and business continuity. Lack of direct oversight, supply chain complexity, concerns around the adequacy of cybersecurity controls and a growing focus on addressing concentration risk all featured prominently.

    Steve Bishop adds:

    “We are seeing a pattern emerge whereby organisations are identifying and managing risk themes, such as for ‘Third Party’. They are identifying third-party touch points with other risks, clarifying roles and responsibilities, uplifting governance frameworks and policies, and focusing efforts to strengthen control environments on an end-to-end basis.”

     

    ORX members can read the latest H1 2025 Top Risk Review to find out the entire risk rankings. 

     
    contact-icon

    See our latest resources for risk management

    Latest blogs and updates