On 23 April, BDO’s Perth office played host to a timely discussion around the challenge confronting many leaders: how to manage risk in an environment that is no longer predictable.
The firm’s Risk Sundowner brought together senior voices from business, government, and advisory, creating a forum that moved beyond theory and into the realities shaping decision-making across Western Australia. Moderated by Mark Pownall, the panel featured Mark Arena, Board Member of Intel 471 and Owner of the Perth Wildcats; Andrew Hillbeck, Partner in Risk Advisory Services at BDO; and Tony Longhorn, Assistant Commissioner of the Western Australian Police Force, each bringing a distinct perspective to what is fast becoming a shared challenge.
Drawing on perspectives from cyber intelligence, advisory, and law enforcement, the discussion pointed to a shared reality: the pace of change has accelerated to the point where traditional risk models are struggling to keep up, leaving organisations to consistently operate with a high degree of uncertainty.
The ongoing conflict in the Middle East and its impact on diesel supply provided a clear example of how global forces are translating into local risk. For a state heavily reliant on fuel across mining, agriculture, logistics and regional services, any disruption carries immediate operational consequences.
Mr Hillbeck noted that while there are parallels with the pandemic, the current environment is less defined and more difficult to forecast. “Agility is similar to what we saw during COVID, but the uncertainty is different,” he said. “We don’t know what is going to happen, but we do know things are going to change and businesses need to be asking how they are looking at their operations in that context.”
He pointed to the varied impact across industries, with those heavily reliant on diesel more exposed than others. The takeaway for business, he said, is not to attempt to predict outcomes, but to build flexibility into how they operate.
Mr Longhorn framed the environment more bluntly, describing it as a “permacrisis,” where geopolitical shifts, cost-of-living pressures and social issues are constantly evolving and compounding. “Every week something is changing in the political environment, and that has an impact locally,” he said. “We’re seeing social and financial pressures flow through communities, and that manifests in different ways, including crime.”
The rising cost and constrained availability of diesel, for example, is already having tangible impacts, including increases in fuel theft and added pressure on policing resources. At the same time, Mr Longhorn noted that forecasting in such an environment is becoming increasingly difficult. “We’re not entirely sure how it will affect us, but we know it will,” he said.
The panel also reflected on the lessons from COVID, particularly around supply chain resilience and organisational agility. For Mr Hillbeck, one of the key questions for businesses is whether they have truly embedded those lessons or simply returned to pre-pandemic operating models.
“What can businesses do with this kind of shock?” he said. “Have you diversified your supply chain? Do you understand where the impacts are going to be and how that translates into your business?”
He emphasised that while external events cannot be controlled, organisations can control their own preparedness, including how often they review their risk exposure and how quickly they can respond to change. “You need to review this regularly, because things will keep changing,” he said.
For government and law enforcement, the reliance on stable supply chains is just as critical. Mr Longhorn pointed to the practical realities of policing in a geographically vast state, where vehicles and fuel are essential to service delivery. “Supply chain and business continuity planning is significant for us,” he said. “We rely on vehicles to provide services, particularly in remote areas, so safeguarding that supply is critical.”
Alongside geopolitical and operational risks, cyber security remains one of the most pressing challenges for organisations. Mr Arena described the threat environment as inherently asymmetric, with cyber criminals operating in a fast-moving landscape. “We are dealing with an asymmetric cyber threat, it’s a wild world,” he said.
He stressed that cyber risk should be treated like any other core business risk, requiring board-level oversight and investment. “What does your skills matrix look like at board level?” he said. “If you’re not investing adequately in security, it becomes very difficult to manage that risk.”
At the same time, he acknowledged that no organisation can completely eliminate cyber risk. The focus instead should be on reducing impact and improving resilience. “You can’t stop every event from happening, but you can reduce the consequences,” he said.
From a law enforcement perspective, Mr Longhorn noted that the cyber landscape is evolving rapidly, with criminals increasingly using encrypted platforms. However, he said digital activity often leaves traceable patterns. “Encrypted apps still leave breadcrumbs,” he said. “It becomes a game of cat and mouse staying close to the technology, identifying vulnerabilities and responding accordingly.”
Artificial intelligence adds another layer of complexity to the risk environment. While the technology offers significant productivity gains, its broader implications remain uncertain. Mr Hillbeck pointed to both the opportunity and the challenge. “We’re going to become more efficient and more productive,” he said. “But the key issues will be around data, privacy and how organisations use the output.”
He emphasised the need for businesses to think beyond short-term adoption and consider long-term strategy. “What tools are you using? What is your policy and governance framework? What does your workforce look like in five to ten years?” he said.
Mr Longhorn added that AI is also reshaping law enforcement, requiring a balance between innovation and ethical governance. “We need to embrace it, but we also need to remain ethical and maintain strong governance.” he said.
The discussion also touched on financial crime and the evolving role of data. Mr Longhorn highlighted that while digital currencies are often perceived as unregulated, they can provide valuable insights for enforcement agencies. “There is significant financial data available, and it can be used effectively,” he said.
He also challenged the perception that cryptocurrency is untraceable. “People think you don’t know where it’s going, but that couldn’t be further from the truth,” he said. “It’s possible to follow the trail and map it using analytics.”
Mr Hillbeck reinforced the distinction between compliance and risk management, noting that while regulatory requirements continue to evolve, they should not be confused with a broader risk strategy. “Compliance is something you have to do,” he said. “But risk management is about being prepared for what is coming.”
The conversation extended to structural changes in energy policy, with Mr Hillbeck observing that the narrative has moved from energy transition to energy security as a reflection of geopolitical realities and supply constraints. While the long-term direction remains, he said the pace and certainty of the energy transition are now more moderated.
Workforce dynamics were also identified as a growing area of risk. Mr Arena pointed to the lasting impact of COVID on labour mobility, highlighting that organisations have never operated in a more fluid employment environment. “We’ve never been more mobile,” he said. “Every role is changing, and there is a real need to upskill across the board.”
Throughout the discussion, the role of advisory firms such as BDO Australia was positioned as increasingly central. With its advisory practice spanning transaction services, risk, cyber security and executive services, the firm is supporting organisations to navigate an expanding range of challenges while identifying opportunities within disruption.
The key message from the evening was not that risk can be eliminated, but that it must be actively managed as a core part of strategy. In an environment defined by geopolitical uncertainty, the acceleration of technology adoption, and changing workforce dynamics, the ability to anticipate, adapt and respond has become a defining capability.
As the discussion made clear, Western Australian businesses are no longer operating in a world where stability can be assumed. The challenge now is to build organisations that are resilient enough to operate without it.
