As FERMA celebrates its 50th birthday, StrategicRISK Magazine spoke to its board members and risk leaders about how the risk landscape is changing and the priorities for the future. Here Professor Simon Grima, associate professor, head department of insurance, Faculty of Economics, Management and Accountancy, University of Malta shares his insights

This is the fifth in a series of interviews, which are being published weekly.

Simon-Grima

How has the risk landscape changed in the last 50 Years?

The risk landscape has transformed dramatically over the past 50 years due to globalisation, technological advancements, environmental challenges, and evolving societal expectations.

Globalisation has interconnected economies and supply chains, making businesses vulnerable to geopolitical risks, economic fluctuations, and supply chain disruptions on a global scale.

Technological advancements, particularly the rise of the internet, big data, artificial intelligence (AI), and the Internet of Things (IoT), have introduced new risks such as cyber threats, data breaches, and digital fraud, which have evolved from niche concerns to critical areas of focus.

Environmental and climate risks have become more pronounced, with climate change driving an increase in the frequency and severity of natural disasters, leading to both physical and regulatory risks.

“Globalisation has interconnected economies and supply chains, making businesses vulnerable to geopolitical risks, economic fluctuations, and supply chain disruptions”

Additionally, the rise in regulatory scrutiny across industries, particularly in areas such as data protection, financial services, and environmental compliance, has introduced complex compliance risks.

Social and ethical risks have also emerged, with greater emphasis on corporate governance, diversity, and ethical behavior, exposing companies to reputational risks if they fail to meet societal expectations. The COVID-19 pandemic has underscored the importance of health-related risks, highlighting how global health crises can disrupt economies, supply chains, and workforce dynamics on an unprecedented scale.

The rapid pace of technological and societal change is not only driving innovation but also creating significant challenges. This fast-paced transformation is leading to constraints on resources, including natural, financial, and human resources, as organisations and societies struggle to keep up with the demands of progress.

Additionally, the interconnected nature of global systems means that these resource constraints are compounded by a web of interrelated risks. For instance, the strain on natural resources can exacerbate environmental risks, while financial pressures may increase economic instability, leading to a cascade of challenges that are difficult to manage in isolation.

How has risk management as a profession changed in the last 50 years?

The profession of risk management has evolved from a reactive discipline focused primarily on loss prevention and insurance to a proactive, strategic function integral to corporate decision-making.

Over the past 50 years, risk management has shifted towards a more holistic and integrated approach, with Enterprise Risk Management (ERM) becoming the standard. ERM considers all types of risks—strategic, operational, financial, and compliance—across the entire organisation, enabling better risk aggregation and management.

The profession has also become more formalised, with specialised education programs, certifications, and professional organisations dedicated to advancing risk management practices.

“Businesses and governments are now more vigilant in managing liquidity risks to ensure financial stability in an increasingly volatile environment.”

The rise of technology and data analytics has further transformed the field, allowing risk managers to leverage big data, predictive analytics, and AI to identify, quantify, and mitigate risks in real-time.

This evolution has expanded the scope of risk management beyond traditional areas like insurance and safety to include cybersecurity, reputational risk, and ESG (Environmental, Social, and Governance) risks.

Risk managers today are expected to have a deep understanding of financial principles, regulatory requirements, and strategic thinking, making the profession more integral to corporate governance and strategic planning.

Moreover, following the latest financial crisis, liquidity risk has become a prominent concern on the global agenda. The crisis highlighted the vulnerability of financial systems to sudden shocks, where the inability to access sufficient liquid assets can lead to severe financial disruptions. As a result, businesses and governments are now more vigilant in managing liquidity risks to ensure financial stability in an increasingly volatile environment.

How FERMA has changed over the last 50 years:

The Federation of European Risk Management Associations (FERMA) has played a crucial role in advancing the risk management profession across Europe. Over the past five decades, FERMA has grown into a leading advocate for the profession, representing the interests of European risk managers at national, European, and international levels.

Its role has expanded from promoting basic risk management principles to developing and harmonising risk management standards and best practices across Europe. FERMA has also become a key provider of professional development and education, offering certifications like the European Certified Risk Manager (Rimap) and providing ongoing training and resources to keep risk managers informed of emerging trends and challenges.

The organisation has facilitated greater networking and collaboration among risk management professionals, enabling them to share knowledge and discuss challenges through its conferences, webinars, and other events.

As new risks such as cyber threats, climate change, and digital transformation have emerged, FERMA has expanded its focus areas to provide guidance on these complex challenges. In recent years, FERMA has placed a greater emphasis on ESG risks and sustainability, encouraging risk managers to incorporate these considerations into their risk assessments and decision-making processes, reflecting broader societal and regulatory shifts.

The manifesto of FERMA (Federation of European Risk Management Associations) underscores the pivotal role of risk management in ensuring business resilience and sustainability across Europe. It advocates for the integration of risk management into corporate governance and decision-making processes, positioning it as a strategic function essential for anticipating and mitigating emerging risks.

FERMA is committed to supporting risk managers through education, resources, and professional development while actively engaging with European regulatory bodies to influence balanced policy-making. The manifesto also highlights the importance of addressing sustainability and ESG (Environmental, Social, and Governance) challenges, encouraging innovation and digitalization in risk management practices.

By fostering collaboration and networking among risk professionals, FERMA aims to strengthen the risk management community and promote best practices across the continent.

What are the top risk management priorities for the future?

Looking ahead, several key priorities are likely to dominate the risk management agenda. Cybersecurity and data protection will remain top priorities as cyber threats become increasingly sophisticated.

Risk managers will need to focus on strengthening defenses, ensuring data protection, and preparing for potential cyber incidents such as ransomware attacks and data breaches.

Climate change and sustainability will also be critical, as organizations must address physical risks like extreme weather events, as well as transition risks associated with the shift to a low-carbon economy.

“The COVID-19 pandemic has highlighted the importance of preparing for health-related risks, with risk managers needing to ensure business continuity in the face of potential future pandemics”

Digital transformation and innovation present both opportunities and risks, requiring risk managers to address the challenges associated with emerging technologies like AI, IoT, and automation. Supply chain resilience has become a priority following the COVID-19 pandemic, with organizations focusing on building more resilient, agile supply chains that can withstand disruptions.

Geopolitical risks are increasingly volatile, with risk managers needing to closely monitor developments and assess their potential impact on business operations.

Talent and workforce risks, including skills shortages, workforce diversity, and changing work environments, will also require attention as organisations adapt to a rapidly changing job market. Lastly, the COVID-19 pandemic has highlighted the importance of preparing for health-related risks, with risk managers needing to ensure business continuity in the face of potential future pandemics.

How does the industry need to adapt to keep pace with changing risks?

To keep pace with the evolving risk landscape, the risk management industry must adapt in several key ways.

Embracing technology and innovation is essential, as the industry must fully leverage tools such as AI, machine learning, and big data analytics to enhance risk identification, assessment, and management. This includes investing in cybersecurity tools, digital risk management platforms, and real-time monitoring systems.

Risk managers will also need to develop cross-disciplinary skills, incorporating knowledge of technology, data science, and sustainability into their traditional risk management competencies. Organisations must enhance their agility and flexibility, adopting more dynamic risk management frameworks that can quickly adapt to new risks as they emerge.

Strengthening collaboration and communication across functions and with external stakeholders is crucial, as effective risk management requires strong partnerships between risk managers, IT, finance, and other departments, as well as with regulators, industry bodies, and external experts. The industry must also focus on ESG and long-term value creation, integrating ESG considerations into risk management strategies and aligning practices with broader corporate social responsibility goals.

Continuous learning and adaptation will be key, with the industry prioritising ongoing education, professional development, and knowledge sharing to stay ahead of emerging risks. Finally, promoting a risk-aware culture where risk management is embedded in all aspects of decision-making will be essential for organisations to effectively navigate the challenges of the future.