Risk in Focus 2026
- Katarzyna Celińska
- Oct 13
- 2 min read
The Risk in Focus 2026 Report from ECIIA | European Confederation of Institutes of Internal Auditing surveys 834 Chief Audit Executives across Europe. It captures their views on the biggest risks facing organizations — and sets priorities for boards, audit committees, and internal auditors.
As always, I find the report insightful, but this year I also approach the results with some skepticism. Of course, it’s the CAEs’ perspective — but when I look globally, I interpret risks differently.
What the Report Highlights
According to CAEs across Europe, the Top 5 risks for 2026 are:
1️⃣ Cybersecurity & Data Security – top risk for the 6th year in a row.
79% of CAEs rank it among their top five.
Concerns include AI-powered attacks, ransomware, and escalating regulatory demands.
2️⃣ Digital Disruption & New Technologies – 53% rank it in their top five.
Driven by AI adoption, automation, and hasztag#cloud transformation.
Balancing innovation with operational resilience is a central challenge.
3️⃣ Human Capital, Diversity & Talent Management – 46% of CAEs highlight it.
Skills shortages, generational workforce shifts, and hybrid working models remain priorities.
4️⃣ Macroeconomic & Geopolitical Uncertainty – 43% of CAEs raise this.
Inflation, war, supply chain disruptions, and fragile trade relations are shaping risk.
5️⃣ Climate Change, Biodiversity & Environmental Sustainability – 39% include this in their top risks.
ESG reporting mandates and rising stakeholder expectations increase pressure.
Other emerging themes include regulatory change, fraud & financial crime, and supply chain disruption.
My Perspective
From my viewpoint, three risks outweigh all others:
1️⃣ Macroeconomic, Social & Geopolitical Uncertainty
With the new U.S. administration, the rise of authoritarian regimes, and polarized societies, this is a systemic threat.
Add to this the growing influence of big tech corporations on politics and public opinion, and the destabilization power of social media — this is the highest global risk in my view.
2️⃣ Climate Change, Biodiversity & Environmental Sustainability
The climate crisis is no longer theoretical.
Water scarcity, energy instability, biodiversity loss, and global warming are disrupting supply chains and entire economies.
Much like in Don’t Look Up, societies and politicians still “choose not to see”.
3️⃣ Cybersecurity & Technology Risks
AI, ransomware, and state-backed cyber operations are escalating.
Complexity of digital infrastructures and supply chains multiplies vulnerabilities.
Meanwhile, HR management, while important, is in my view part of normal business cycles. It’s not at the same systemic level as climate or geopolitical risks.
Author: Sebastian Burgemejster
Comments