Chief risk officers adapt strategies amid mounting disruption and change
Chief risk officers (CROs) in the Asia-Pacific insurance industry are redefining their roles amid increasing operational pressures and a more interconnected risk landscape.
A recent survey by EY and the Institute of International Finance (IIF) revealed that risk functions are becoming more central to business strategy, as insurance companies adapt to macroeconomic volatility, regulatory shifts, and rising digital exposure.
The findings indicated a growing emphasis on operational resilience, which is becoming a guiding principle in risk planning and execution.
As digital transformation accelerates and third-party dependencies deepen, insurers are focusing on ensuring continuity and control across business operations.
Cybersecurity and conduct risk top regional concerns
Cybersecurity
Survey data showed that cybersecurity is the foremost concern for APAC CROs over the next year, cited by 62% of participants.
This elevated concern was attributed to increasing geopolitical tensions, more frequent cyber incidents, and the expanding digital footprint of insurers.
The sensitivity of customer data further compounded the risk profile in the region.
Conduct risk
Conduct risk has also emerged as a distinctive priority for APAC, noted by 46% of CROs – well above global averages.
This trend reflects heightened regulatory scrutiny in countries including Australia, Hong Kong, and Indonesia.
Authorities in these markets have placed new focus on fairness, transparency, and accountability, particularly in sales and product design.
Operational resilience gains urgency amid regulatory shifts
Operational resilience ranked as a top-three concern for 31% of regional CROs, driven in part by compliance requirements such as Australia’s new CPS 230 standards and concerns about business continuity across increasingly complex operational structures.
Stacey Hooper, EY’s Oceania insurance leader, noted that local insurers face a convergence of risks.
“The risk landscape for Australian insurers has never been more complex, with heightened cybersecurity threats, macroeconomic and geopolitical uncertainty, continued regulatory scrutiny from [the Australian Securities and Investments Commission (ASIC) and the Australian Prudential Regulation Authority (APRA)], and the need for greater operational resilience all adding to the challenges faced by insurance CROs and boards,” she said.
Talent, technology, and forward-looking risk strategies
To meet current and future challenges, insurers are investing in emerging technologies and skills development. Artificial intelligence, data analytics, and automation are being integrated into risk management frameworks to enhance efficiency and improve control capabilities.
At the same time, CROs are prioritising talent acquisition and training. The survey pointed to a growing demand for professionals with expertise in cybersecurity, data science, and operational risk.
Soft skills such as leadership and business acumen are also in focus as risk teams engage more closely with senior executives on strategic initiatives.
According to the report, successful CROs are expected to bridge the gap between technical risk insights and business decision-making.
“As we look ahead to the ever-evolving risk landscape, these risks also bring with them new opportunities. However, insurance CROs will need to be laser focused in order to help protect their organisations and enable growth. This requires a strategic approach to risk management – one that addresses both immediate threats and long-term uncertainties. Given the complexity of the risk landscape, talent and upskilling will be a key priority for CROs for the next 12 months,” Hooper said.
Broader risk trends demand integrated management approaches
The report also identified several longer-term risk themes. Over the next three years, APAC CROs expect cybersecurity and geopolitical instability to remain top concerns, along with AI adoption, global regulatory developments, and workforce capability gaps.
These findings align with insights from Aon’s 2025 Client Trends report, which highlighted four intersecting forces reshaping business risk: trade, technology, climate, and labour market dynamics.
The convergence of these megatrends, according to Aon, requires organisations to adopt integrated, cross-disciplinary approaches to risk management.
Source: InsuranceBusiness Magazine
