Risk Management in the AI Era

In an article published last month, EY’s Christopher Richardson, UK Financial Services Risk Consulting Leader, and Jared Chebib, Financial Services Consulting Partner, argue that agentic AI is reshaping risk management, offering Chief Risk Officers (CROs) a rare opportunity to expand risk coverage, enhance insight generation, and accelerate decision-making.

However, unlocking this value requires rethinking how risk functions operate, the authors emphasize. According to EY’s Global Risk Transformation Study, only 32% of organizations qualify as “Risk Strategists,” those with the cultural readiness, agility, and innovation mindset needed to use AI effectively. Most remain “Risk Traditionalists,” constrained by siloed structures, risk-averse cultures, and difficulty proving ROI.

Adoption barriers are significant: rising productivity pressures, regulatory scrutiny, talent shortages, and limited AI fluency. With 81% of firms citing specialist skill gaps, organizations must invest in developing teams that combine AI literacy with judgment, ethical reasoning, and business understanding, the authors write. At the same time, external threats, from customer-deployed AI to technologically sophisticated crime, increase the urgency for action.

To prepare, the authors urge risk leaders to shift from experimentation to early adoption, build strong governance and guardrails, redesign processes to support human-AI collaboration, and evolve career paths. New roles such as AI orchestrators, AI-augmented analysts, and AI governance specialists will define the future function, they argue.

“Without a proactive plan to reskill teams and adapt operating models, risk functions could become outdated — eroding trust and leaving organizations vulnerable to emerging threats,” the authors conclude. “However, those who act now can establish a new standard for risk management in the AI era.”