On 21 November 2025, the Chief Risk Officer Networking Group (CRONG) convened at the KWAP Main Office in Kuala Lumpur for a focused and highly engaging session on “The Rise of Intangible Risks: Reputation, Trust & Data Integrity.” The event began with remarks from Mr. Ramesh Pillai, Chairman of the IERP®, who set the tone by highlighting why intangible risks have become the defining concern for modern organisations. He reminded the group that while financial risks have established frameworks, metrics, and models, it is often the non-financial risks that destabilise organisations. Even though non-financial risks eventually lead to financial impact, they originate from breakdowns in behaviour, governance, trust, and integrity rather than traditional financial drivers.
In his address, Ramesh noted that recent corporate failures around the world consistently trace back to lapses in areas such as organisational culture, ethical judgment, or stakeholder trust. These themes have become so central that the IERP® has incorporated an entirely new component into its syllabus focusing specifically on non-financial risks. He explained that in many global institutions, the concepts of “reputational damage,” “franchise risk,” and “loss of trust” have become core topics for risk practitioners because they represent the true turning points in whether a company survives or collapses.
Following his remarks, Mr. Khairul Azwa Kamalul Bahrin, Senior Director of Risk Management & Compliance at KWAP, continued by framing the discussion around the intersection of reputation, trust, and data integrity. He highlighted that organisations today operate in an environment where perception travels faster than facts, and where digital footprints, stakeholder expectations, and public scrutiny form the basis upon which an organisation’s credibility is judged. Traditional risk frameworks, while effective for quantifiable exposures, often fall short in capturing the nuances of sentiment, behaviour, and culture. This gap leaves organisations vulnerable to risks that may not be clearly identified in risk registers but can manifest rapidly in the external environment.
Khairul Azwa emphasised that intangible risks are most dangerous because they originate from people. Human behaviour, ethical choices, communication gaps, and cultural weaknesses create exposure points that technical controls cannot fully mitigate. In a world where every action, decision, or miscommunication can quickly escalate into heated discourse in the public sphere, organisations must balance operational efficiency with responsible governance. He encouraged participants to view reputation and trust not only as risk categories but as strategic assets shaped by daily decisions across all levels of the organisation.
The session progressed into an open and interactive discussion among participants, guided jointly by Ramesh and Khairul Azwa. Attendees shared their organisational experiences, different interpretations of intangible risks, and the challenges they faced in embedding these concepts into governance structures. Many agreed that intangible risks often arose in subtle ways, such as misaligned expectations between departments, uneven communication channels, and fragmented understanding of priorities. Some shared that operational teams may favour speed and delivery, while risk teams prioritised control and assurance, creating friction that must be managed through dialogue rather than policy alone. The conversation highlighted the need for risk leaders to act as translators and facilitators who can bridge strategic intent with risk realities.
Several participants observed that reputational risks are now inherently tied to the digital ecosystem. A small misunderstanding can quickly escalate when amplified by social media or external narratives. Organisations must be proactive, not reactive, in communication, and must adopt monitoring mechanisms that allow early detection of sentiment shifts. Others raised concerns about the difficulty in distinguishing genuine information from manipulated digital content (i.e. AI generated deep fakes). This underscored the importance of strengthening digital systems data governance, enhancing employee awareness, and introducing clear verification protocols for both internal and external information flows.
As the discussion progressed, it became clear that intangible risks demand a mindset change across organisations. Risk professionals must move beyond traditional frameworks and adopt an integrated view that considers perception, culture, ethics, communication, and technology as interconnected elements of the risk environment. Participants agreed that while financial risks remain important, issues involving reputation, trust, and data integrity are more likely to affect long-term sustainability. They also recognised that leadership plays a critical role in shaping the organisational culture necessary to manage these risks effectively.
The session concluded with a collective appreciation for the depth of insights exchanged. The gathering reinforced that intangible risks cannot be addressed through technical controls alone; they require continuous engagement, careful communication, cultural alignment, and strong governance discipline. The CRONG event at KWAP served as a meaningful platform for CROs and senior risk leaders to explore these evolving challenges, reflect on real-world examples, and strengthen their perspectives on how intangible risks are reshaping the modern risk landscape.
