CRO 2020: Our Top Five Risks

2019 has already seen significant change across the Governance, Risk and Compliance space and, as it comes to a close, more regulatory pressure will come about due to the further roll out of SMCR.  With other new and evolving regulatory initiatives plus the regular BAU challenges, many CROs will no doubt be feeling the pressure!

FCA Business plan 2019/2020

Looking ahead to 2020, we thought it would be interesting to survey a range of clients to understand what they think the main challenges will be for the coming year.


With the deadline in December, we expect the Regulator to allow some leeway into Q1 of next year. However, we can also envisage a situation where there may be enforcement early on, to underline the importance of the framework, as well as the increased obligations on the Board and Exco. Our clients are telling us they are mostly ready, but we still have to question if the Board, especially the Independent NEDS, are fully aware of their responsibilities.

Prediction: Watch out for an enforcement of a major player in Q2.


This is a tough one as business (like the Country) has no clarity on what the commercial landscape will look like when we leave the EU. However, it is fair to assume there some businesses will struggle as the economy adjusts to a new norm. This will increase all levels of risk, from cybercrime through to fraud, collections, and defaults. Although the UK is the world’s sixth largest economy and well placed to cope over the medium term, next year will be challenging.

Prediction: The first serious impact will be felt in Q2, and H2 reporting will be down.

Tech Disruption

This challenge will only grow as we see more illicit activity, greater ‘criminal creativity’, and legacy systems at the end of their useful lives enabling criminality.  DDos, ransomware, and software failure events will increase. With GDPR now established, and various enforcement actions from EU and US regulators around Data breaches, the role of the CISO has never been more important.

Prediction: Expect to hear about the first ‘database ransom’ by Q4 next year


The correlation between an economy in recession and fraud is well proven. Whilst the UK economy is showing some signs of dipping into recession, it is likely that levels of fraud and theft will increase. This will affect the entire business enterprise, from employee theft, to fraudulent claims, through to increased IT intrusions.

Prediction: Levels of crime and black market activity to rise to 2012 levels

Talent Risk

It is clear the skill profile of those needed to manage risk in complex and commercially aggressive environments is changing dramatically.  Not only do you need to be fit for today’s challenges, but also fit for the future.  Our clients are increasingly asking for a new breed of Risk Manager, one that understands the role of a board director as much as a material risk taker. We are seeing a flexible resourcing model surge ahead, with firms needing immediate support on breaches, enforcements, and organisational change.  In addition with IR35 landing in April, we will see a change in the way firms engage with Interim and Temporary staff.

Prediction: Firms that deploy a flexible resourcing model will – in the main we believe – outperform those stuck with legacy full-time employees.

To find out how Norman Broadbent Interim Management may help your business,  or to discuss this topic further, please contact in confidence Mike Davies, Director of Norman Broadbent’s Risk Practice, via +44 (0) 20 7484 0067 or