Organisational resilience is pushing CFOs into a larger enterprise leadership role

Over the past decade, global businesses have faced extreme weather events, a global pandemic, supply chain challenges, raw-material shortages, geopolitical instability, changing trade relations, regulations, tariffs, cyberattacks – and, on top of it all, an ongoing technological transition driven by AI. In response to this increased uncertainty, most businesses have invested in organisational resilience to strengthen their ability to withstand and recover from operational disruptions. Examples include building redundancy across supply chains and markets, as well as upgrading digital infrastructure and Security Operations capabilities. 

Past, present and future requirements

From a CFO standpoint, the persistently high level of uncertainty presents both challenges and opportunities. The challenges first.

As a key member of the C-suite operating at the intersection of strategy, operations and performance, CFOs are increasingly asked to spend more time strengthening organisational resilience. In our recent CFO survey, 57% of surveyed CFOs say their companies have focused on increasing organisational resilience. Among companies with more than DKK 1bn in revenue, nearly 70% of CFOs acknowledge this trend.

While CFOs are under growing pressure to spend more time and resources on improving organisational resilience, it is fair to ask whether these investments are paying off. And given the trajectory of the global business environment, whether CFOs have the right mindset to build the CFO organisation of the future – or whether they are still too focused on the requirements of the past and present. 

Prepping and AI-adoption

To give you an example of what I’m getting at, there has been an ongoing discussion in Denmark, where I live and work, about whether we are prepared to withstand both physical and digital attacks. There was a time when such attacks were something people joked about. Not anymore. Hybrid threats are very real, threatening both nations and businesses across the world. And yet, the level of preparedness for whatever comes next has remained relatively low. Yes, some people have stocked supplies and taken precautions, but most have remained fairly relaxed.

That same mindset seems to shape how many companies approach organisational resilience. At least when Denmark is compared with similar countries that are significantly further ahead in both strategic readiness and concrete contingency planning. 

Another example is the emerging AI space, where solutions are evolving rapidly. Compared with CFO organisations in other markets, the overall pattern in many Danish companies is still characterised by a slow adoption of AI-supported ways of working.

Two very different scenarios, but both reflect the same wait-and-see approach. 

Danish slow followers

From studies, it has been documented that we in Denmark are often framed as “Slow Followers” as opposed to the pioneering “First Movers” and the innovative “Fast Followers”. We want to be sure of what we are facing before we decide how to handle it. In other areas of life, that might be a reasonable approach. But in the business domain, it is an approach that comes with significant risk. Especially if you believe that the world will not become less, but more unstable and unpredictable.

From the interviews we recently conducted with American giant Mars and Danish medtech company Ambu, one thing is clear: companies – whether Danish, European or global – need to become far more comfortable operating under uncertainty. In areas such as AI, following competitors is rarely enough. Organisations need to position themselves at the front edge of transformation. Both Mars and Ambu recognise this and are already adapting their organisations and decision-making structures to a faster and more unpredictable business environment.

However, there are still many organisations where decision-making remains strongly centralised and where structures are not designed to operate effectively under uncertainty. In many cases, that makes organisations slower to respond when disruptions occur. The big unknown is better addressed through more decentralised structures, greater organisational flexibility and a stronger willingness to take calculated risks.

This does not only apply to Finance. Legal, Tax, Risk, Internal Audit, Procurement, Technology, Operations and Supply Chain functions are increasingly expected to operate with greater agility.

The profile of future CFOs

If we circle back to what is in store for the CFO of the future, I believe it will be a function that cuts across many functional domains. This includes potentially moving beyond managing financial resilience to becoming involved in future-proofing multiple dimensions of the business, including embedding resilience into strategic planning, capital allocation, performance management and risk management. 

If we picture an organisational resilience matrix with risk willingness on the Y-axis and organisational adaptability on the X-axis, it would probably be a valuable exercise for CFOs to plot both their current and future role within that framework. From there, they can begin building a plan for how to move from one position to the next.

I suspect that framework will become increasingly relevant in the years ahead. 

Three steps for managing organisational resilience

While there is no easy path to future-proofing the CFO role, here are some thoughts on how to approach the CFO mandate for existing CFOs.

• Step #1 

The right place to start is often the Enterprise Risk Management process, ensuring that key risks are identified and existing mitigation measures are properly assessed. We often experience that many Danish companies take a very narrow lens on what they focus on. All major risks need to be analysed. The ERM process should also involve not only Risk & Legal, but all key business and functional owners, including Sales, Marketing, R&D, Supply Chain, Digital & Technology, HR and Finance. 

• Step #2

Once risks have been identified and key mitigations described, they need to be anchored in the organisation with clear ownership and accountability. The next step is to embed organisational resilience into strategic, business and financial planning. Most, if not all, strategic choices carry a resilience dimension. The same applies to many large capital investments. Those dimensions need to be analysed and understood. This is often where scenario planning and stress-testing come into play. Many of our clients are placing significantly greater focus on this area. Here, the CFO needs to be comfortable with the fact that the objective is less about predicting precise outcomes and more about understanding how the organisation will respond under different scenarios. A key part of this is naturally also the ability to balance short- and long-term perspectives. Publicly and privately owned companies operate under different conditions, which naturally also need to be taken into account.

• Step #3

The final step is likely the most difficult one: strengthening the organisation’s ability to manage resilience across both the business itself and the broader ecosystem in which it operates – including customers, suppliers, employees, regulators and other stakeholders. This involves improving the ability to detect and analyse sources of disruption, increasing the organisation’s capacity, flexibility and agility to respond quickly and close to where events occur, and ensuring greater adaptability in agreements with customers, suppliers and employees. It is not a task that is ever truly completed. It also aligns with the growing need to rethink work and organisational structures in light of emerging autonomous digital agents and physical robots in the workforce. More broadly, the CFO needs to be comfortable championing an adaptable organisation where decision-making is pushed closer to the front line, the production, technology operations etc.