CROs’ evolving role: How are top Chief Risk Officers adapting to new risks?

Matteo Coppola, Global Risk and Compliance Leader, Managing Director and Senior Partner at BCG, discusses the greatest challenges Chief Risk Officers are facing today.

He identifies geopolitical risks, deregulatory trends, and AI introduction as key themes occupying CROs and shares how they’re adapting their approaches to address these critical issues. Discover how CROs’ roles are shifting from protection to strategic steering of the business.

Navigating geopolitical and regulatory risks

Reflecting on recent years, particularly 2025, Matteo stresses the complexity CROs face, largely due to persistent geopolitical risks. These risks intertwine with various factors such as artificial intelligence (AI), regulatory changes, and deregulation. Different nations' diverging regulatory frameworks further complicate operations for global banks, adding layers of complexity and potential risk.

Private credit – the elephant in the room – has been a focal point of recent discussions, with increasing exposure and potential issues requiring careful management across sectors, including the banking, pension fund, and insurance industries.

Evolving risk management practices

To tackle these challenges, CROs are increasingly turning to structured and quantitative approaches. As Matteo mentions, banks are "building geopolitical muscles," improving their organisational capabilities and developing methodologies to quantify impacts.

Despite having no crystal ball to predict future events, scenario planning enables CROs to prepare for "what if" scenarios and assess potential impacts. This process informs strategic, fact-based discussions with leadership teams, allowing for proactive response planning.

AI: New risks and opportunities

AI presents both opportunities and new risks, particularly in risk management. Scaling AI solutions is a complex endeavour due to issues like bias, output quality, and model performance. The industry is moving towards robust methodologies distinct from traditional statistical models, addressing challenges such as AI bias and data integrity.

Cybersecurity and compliance are also top-of-the-agenda concerns, with the regulatory landscape evolving alongside technological advancements. Addressing these issues is essential for CROs and other key stakeholders in today's digital age.

The strategic rise of the CRO

The CRO role traditionally focused on caution and restraint. However, today this role is increasingly part of strategic conversations at the CEO level. Matteo points out this evolution from being seen as a gatekeeper to an enabler, providing critical insights that guide organisational decision-making and strategy.

CROs now require curiosity and courage to elevate discussions with executive teams, influencing better decision-making processes. This evolution signifies a shift from pure protection to actively steering company strategy, making the role more intriguing and dynamic.

As industries evolve due to geopolitical and technological shifts, the journey of the CRO is just as transformative.

Be part of the conversation at RiskMinds International. Save the date – 16-19 November 2026, London!