2024 felt full of risks—both new and old—for finance leaders to worry about, from sudden supply chain bottlenecks to massive IT outages.
So let’s grab our anxiety blankets and dive into CFO Brew’s review of some of the biggest stories in risk and risk management we covered this year.
Artificial intelligence. It’s no use hiding from the robots anymore. AI, especially generative AI, has saturated modern society.
Some may fear the eventual takeover of humanity (if your organization has mapped out a SkyNet scenario in your risk management plan, we’d love to hear from you!), but we assume most of the discussion around AI in board meetings and strategy sessions has been more grounded.
Kristen Peed, RIMS board VP and head of corporate risk at Sequoia, told CFO Brew that companies are thinking about how they can set up parameters and guardrails around AI so they won’t run into trouble with the technology.
“I think that that’s really the biggest risk that keeps popping up, not only at my company, but also at other risk managers’ companies,” she said.
Experts advised that companies should keep their AI processes transparent and ensure that the data they’re using is clean. When it comes down to it, a lot of the big risks with AI are similar to other technologies, Siqi Chen, CEO and CFO of finance platform Runway, told CFO Brew in October. While some may view AI as this “really scary” new thing, “it’s just a different piece of software,” he said.
Supply chains. Is it just us, or do supply chains feel as delicate and vulnerable as they’ve ever been? The reason behind that thinking is simple: 2024 showed us all the new and creative ways trade can be disrupted.
As CFO Brew reported in January, the “first major supply-chain concern of 2024” was the string of attacks on commercial ships traversing the Red Sea. Companies rerouted ships to avoid the danger, but this added weeks to shipping times. “This continues to highlight the complexity and the challenges that we see within the supply chain—that there’s always something that has an impact,” Jonathan Gold, VP of supply chain and customs policy at the National Retail Federation, told CFO Brew.
Then in March, the container ship Dali struck the Francis Scott Key Bridge in Baltimore, causing the bridge to collapse and blocking one of the busiest ports in the US. Experts explained to CFO Brew that the tragedy was a lesson for finance leaders of companies exposed to shipping risks on the importance of business interruption insurance.
“This is the exact scenario in which you might be able to rely upon it,” Kristen Teatom, team lead and VP of claims with Risk Strategies, told CFO Brew.
News built for finance pros
CFO Brew helps finance pros navigate their roles with insights into risk management, compliance, and strategy through our newsletter, virtual events, and digital guides.
Fast forward to early November, when Donald Trump was reelected to a second term. The president-elect said he plans to impose a 25% tariff on Canadian and Mexican imports, and “an additional 10%” tariff on Chinese products on top of any other tariffs, Reuters reported. Trump had already threatened to impose across-the-board tariffs of up to 20% and tariffs of 60% on goods from China, CFO Brew previously reported.
Trump doesn’t move into the Oval Office until Jan. 20, but his trade policies are already weighing on the minds of organizations. Steve Madden CEO Edward Rosenfeld, for instance, told investors his company would start sourcing a significant amount of products it now gets from China elsewhere.
Cyber and IT risks. C-suite leaders have likely heard this a million times before, but it bears repeating: Cybersecurity is not just an IT issue.
CFO Brew reported on a study from insurance broker Marsh in June that one-fifth of its clients reported at least one cyber event in 2023. Then in September, we reported that, according to Protiviti’s annual Global Finance Trends survey, three in five finance pros ranked data privacy and security as a high priority for next year.
Cyber insurer Resilience found ransomware actors to be a major culprit last year; nearly half of the claims it received in 2023 involved ransomware. And in September, a pair of insurance industry giants urged the public and private sector to come together and address the cyber risk protection gap.
But perhaps the biggest headline-grabbing cyber event this year didn’t come from a cybercriminal organization. It was actually a (very major) oopsie from cybersecurity firm CrowdStrike. A “botched update” led to service disruptions in all sorts of industries, including airlines, as CFO Brew previously reported. Delta CEO Ed Bastian told CNBC the July 19 outage would set the airline back about $500 million.
Accounting shortages and errors. Sometimes, the biggest risks come from within.
Take the industrywide accounting shortage as a painful example. Like Tupperware in April, businesses have had to delay filings due to a lack of accounting staff. More than 70 companies delayed filing annual reports this year, compared to just 42 last year, according to research from Intelligize in March.
But then there was a case of accounting oversights at Macy’s. The company announced it had to delay its Q3 earnings to December after it learned one of its accountants intentionally hid up to $154 million in delivery expenses going back to late 2021.
There’s much to think about enterprise risk heading into the New Year. Let’s see what new and exciting risks 2025 will bring (or maybe let’s not).