Which risks do chief financial officers need to scenario-plan for, monitor, and manage in 2024? Probably too many to count. However, we chose five highly prevalent areas that could expose an organization to significant loss.
The CFO may be unable to control or even mitigate some of the following hazards and threats, but they can prepare the organization to survive the impact.
1. Economic Uncertainty
Instead of humming along, the U.S. economy will likely be filled with bumps that mess with the finance chief’s forecasts and budget assumptions. Most CFOs would like to see inflation brought down to earth so that costs stabilize and the Federal Reserve can start to cut interest rates.
“As the Dow Jones [Industrial Index] hits another record high, it would seem that we should all be ready to turn on the song from The Cars — ‘Good Times Roll,’” said Anthony Rose, chief financial officer of Kapitus. But he said small businesses, in particular, should be aware of the possibility the Fed won’t be able to pull off the “soft landing,” that is, “reducing what was once red-hot inflation without causing a recession.”
As Rose points out, the Fed has achieved only one soft landing (in 1994-95) over the past 60 years, “so while the results right now seem promising, we are not out of the woods yet,” he told CFO.
The optimism of markets that the Fed will soon lower the Fed funds rate (as early as March, according to Fed funds futures) is also probably not something to count on. As Robert Phipps, director and partner of Per Stirling Capital Management, pointed out in his November note, “The Fed normally only cuts rates in response to significant recessions, large job losses, or a financial crisis.”
BofA Securities’ global economists expect a soft landing but also below-potential economic growth for the next six quarters, as inflation recedes gradually and the unemployment rate rises to over 4% at year’s end. That would allow the Fed to cut rates by 25 basis points per quarter starting in June.
2. Unmet Capital Needs
While financing conditions have eased moderately in some markets, U.S. financial institutions are unlikely to loosen credit standards substantially in 2024. Asset quality and operating profits will be pressured, and higher deposit costs and unrealized losses on securities portfolios from 2023 will linger, according to Fitch Ratings’ U.S. Banks Outlook. Regional banks may be focused on balance-sheet optimization rather than lending, as regulatory changes in the amount and kinds of capital they have to hold loom.
The Fed’s extended pause on rates, meanwhile, could have a knock-on effect on the credit markets, according to Capital Advisors Group’s Lance Pan, because “the high pile of corporate debt issued at low coupon rates in the lean COVID-19 years” will have to be refinanced at much higher costs.
But it’s the companies that rely on venture capital funding that may face the biggest risk of running out of capital. The hope is the slow U.S. IPO market of 2023 (108 deals raising $19.4 billion — besides 2022, the lowest dollar amount since 2016) turns around this year. Venture capitalists depend on more than 720 U.S. unicorns to provide liquidity to their investors once the IPO market reopens, according to Pitchbook.
Anything short of that could mean another “prolonged period of challenging fundraising” for other venture-stage companies in 2024. “[The limited partners] in venture funds wait to see returns before allocating cash to a new [venture] fund,” according to PitchBook. Many growth startups could run out of cash runway, requiring CFOs to tighten spending controls or drastically cut headcount.
Managing cash successfully is the number one priority of most growth companies now, Anna Brunelle, CFO of autonomous vehicle company May Mobility, told CFO. While May Mobility raised a $105 million series D funding round not long after Brunelle joined, she’s focused on a financial plan that gets the company to profitability in a series of steps. In an environment where “funding is almost impossible … there’s no other option we have but to be careful,” she said.
3. Geopolitical Tensions
Armed conflicts are certainly on the minds of business leaders in 2024 as the war in Ukraine and the Israel-Gaza conflict rage on.
Domestically, an acrimonious presidential election could disrupt the economy. “Presidential elections are always a source of volatility, but the uncertainty associated with presidential elections has been in crescendo in the last decade,” according to BofA Securities economists. The uncertainty could make businesses and consumers “want to stay on the sidelines this year, cutting spending,” said CFO Rose.
Elections are also a global story, happening in more than 20 countries this year that represent more than 60% of global GDP, according to BofA Securities. The results could heighten what experts at the BlackRock Investment Institute call a year of “deeper fragmentation, heightened competition, and less cooperation between major nations” as “competing geopolitical and economic blocs [harden].”
“While every geopolitical event cannot be anticipated, the board and the C-suite should define in advance the circumstances that would prompt messaging to the organization or the broader market.”
“Top Risks for 2024 and Beyond”
The alliances — U.S., Europe, and parts of Asia unifying while China, Russia, and Iran cooperate more closely than in the past — “are accelerating the rewiring of globalization, creating risks as well as investment opportunities,” said BlackRock.
The U.S.’s relationship with China, of course, is a problem all its own. Tensions could escalate over U.S. support of Taiwan, and on the economic front, the U.S. and China are “decoupling” trading ties as the U.S. seeks to protect and extend its lead in areas like artificial intelligence and semiconductors. In 2024, the U.S. could impose “more advanced export controls and a proposed mechanism to review outbound investment in advanced Chinese technologies,” which could affect the private sector.
Consulting firm Protiviti’s “Top Risks for 2024 and Beyond” advises C-suites to develop contingency and resilience plans for these political risks. It also recommends C-suites stay mindful of the increasing use of economic sanctions as “public policy tools.”
Given businesses' tendency to opine on social issues, Protiviti also recommends companies consider what their response might be — if anything — to domestic or global political events. “While every geopolitical event cannot be anticipated, the board and the C-suite should define in advance the circumstances that would prompt messaging to the organization or the broader market.”
4. Cyber Threats
Tensions between nation-states raise the chances of malicious attacks on critical networks and systems.
“We see cyberattacks increasing in scope, scale, and sophistication as geopolitical competition mounts,” said the BlackRock Investment Institute. “Foreign hackers have infiltrated critical U.S. infrastructure and the accounts of multiple U.S. officials, exposing key vulnerabilities.”
According to S&P Global, “the U.S. is facing a widespread ransomware issue … and the repercussions of persistent cyberattacks could have a wide-reaching impact on financial markets and the economy.”
Data from IBM on the cost of data breaches arising from cyberattacks found that organizations globally now pay $4.5 million to deal with a breach; U.S. organizations, on average, incurred more than double the cost: $9.5 million.
“New threats like dual ransomware are showing that traditional cyber risk controls are far less effective than previously believed,” James Gerber, CFO of SimSpace, told CFO. Gerber said with new artificial intelligence capabilities, “cyber criminals [can] train machine learning algorithms to detect vulnerabilities and misconfigurations, exploit them, and launch attacks with minimal to zero human oversight.”
For 2024, said Gerber, “CFOs will have two new demands in cyber to command their attention — driving out excess costs in their technology spend [including quite substantial costs for cybersecurity] and tighter integration of disclosure teams in early-stage cyber-response procedures.”
The Securities and Exchange Commission’s new cyber-disclosure rules are pushing CFOs to develop risk and impact assessment approaches for these new cyber threats. Organizations also have to ensure disclosure teams “are ready to do their job as an integrated part of incident response” to an attack. Some companies are bringing together disclosure, financial, and incident response teams as preparation.
The core ingredients for success, according to Gerber, include “demanding metrics on the efficacy of all parts of cyber spend [so the CFO and the teams] can make solid, risk-informed decisions” and “rehearsing the response to a cyberattack … to develop the muscle memory necessary to cope in the fog of a real incident.”
5. Artificial Intelligence: Pressure to Adopt
Time named “ungoverned AI” one of the top 10 risks of 2024, saying the technology will outstrip regulatory efforts to control it. For businesses, however, who largely view AI as a tool rather than a bogeyman, the risks center on how to find compelling and profitable use cases.
“CFOs have a unique vantage to see processes end-to-end, giving them an ideal position to act as the catalyst of change.”
“Companies are under tremendous pressure to incorporate AI and generative AI [GenAI] to maintain their edge in a competitive landscape,” Claire Bramley, CFO of Teradata, told CFO.
However, said Bramley, CFOs also have to be focused on cost management and investment prioritization. Given macroeconomic uncertainty, finance chiefs must ensure the right investments are made in priority areas like AI without “significantly increasing their cost profile.” She added: “CFOs have a unique vantage to see processes end-to-end, giving them an ideal position to act as the catalyst of change.”
But it won’t be easy. Organizations should be mindful of an internal skills gap when implementing AI, said Alok Ajmera, CEO of Prophix. “As organizations consider where and how to deploy AI in their finance practices, they should review internal skillsets to ensure that teams are equipped with the knowledge and training to review, monitor, and manage AI data,” he said.
A lack of understanding of AI or GenAI can lead to embedded biases and inaccurate results, Ajmera said. “When historical biases are ingrained in the data used for training AI algorithms, those biases can lead to errors in areas like credit risk analysis and other financial decision-making processes which may impact individuals,” Ajmera said.
“Companies have famously allowed proprietary information into the wild by inadvertently making it accessible to public large language models (LLMs)."
“Generative AI Strategy, Spending and Adoption Metrics”
The use of generative AI raises the question of trust. “The propensity of GenAI systems to ‘hallucinate’ (make stuff up) is well recognized, making it risky to depend on them for factual accuracy,” according to a report by Computer Economics, a service of Avasant Research.
Another risk is the potential for an employee to input proprietary or confidential information into an AI tool like ChatGPT. “Companies have famously allowed proprietary information into the wild by inadvertently making it accessible to public large language models (LLMs),” according to the report.
For these and many other reasons, “CFOs need to be at the center of AI discussions and helping to steer the organization's AI strategy,” Bramley said.