Risk management in Russian companies: Research
The practice of risk management in Russian companies, despite the uncertainty of recent years, is not sufficiently developed-a third of organizations have not yet been introduced by a function, and in the rest the level of maturity of risk management is estimated at 0.34 points out of 1 (in 2024-0.35), notes the study of “business decisions and technologies” and the risk managers Association “Russian Society for Risk Management”. The survey was conducted in April 2025 among 82 organizations of various industries. In the industry context, high results are shown by the enterprises of the consumer sector – apparently, due to high uncertainty, the worst results of pharmaceutical enterprises – there are many “young” players in this segment (see schedule). Of those who have not implemented risk management, 16% plan to rectify the situation in a year or two, another 44% for three years. The misunderstanding of the concept of leadership and the lack of resources interfere with this. Meanwhile, the role and powers of the existing risk managers are growing: 81% of respondents reported that their opinion was taken into account when making significant decisions, another 36% noted that the risk manager was invited to meetings of collegial bodies. The risk management function is more often subordinated to the general or financial director – or the internal audit department. However, the best results are shown by companies with accounting risk management to the board of directors or the director of strategy. In 19% of companies, however, risk management issues are not even considered at the meetings of the committee under the Council of Directors.
Most organizations (62%) approve the boundaries of the permissible level of risks, periodically reviewing them. During the year, up to 47% – the share of companies that conduct an enlarged qualitative analysis of the influence of risks with budget planning has increased. Quantitative is more often carried out in the management of projects (61%), investment activities, budget planning (52%). Analyze the impact of risks in strategic planning of 38% of companies. The number of companies that conduct an independent check of risk assessment, as well as backing testing with the involvement of internal auditors or external experts, has increased by half (up to 65%).
According to the survey, the companies see the main risks in 2025 in a change in business processes due to geopolitics (47%), new requirements of legislation (35%), violation of supply chains (34%), reduction of demand and loss of sales markets (31%). On the horizon of three to five years, a set of risks is different: the difficulties of hiring qualified specialists (59%), geopolitics (44%), tightening legislation (41%), cyberism (33%).
