BDO Jordan Perspective on the Global Risk Landscape 2026
BDO Jordan Perspective on the Global Risk Landscape 2026
The BDO Global Risk Landscape 2026 report, “Risk Everywhere: Extending Ownership Beyond the Risk Function,” provides a timely and highly relevant assessment of the risk environment currently facing organisations globally and regionally. The report is based on a survey of 500 C-suite executives worldwide conducted between December 2025 and January 2026, and its findings confirm a clear shift in the role of risk management: risk is no longer a discrete function, a compliance exercise, or a matter confined to risk specialists. It has become a core strategic, operational, financial, technological, and governance consideration that must be owned across the organisation.
The report’s central message is that uncertainty has become structural. Eight in ten business leaders state that the global risk landscape is now more defined by crisis than ever before, while 52% say they struggle to distinguish material risk signals from background noise. This confirms that the main challenge is no longer the existence of risk itself, but the ability of organisations to identify the right signals early, interpret them correctly, and convert them into timely decisions.
The current risk environment is characterised by geopolitical volatility, accelerated digital transformation, rising cyber exposure, AI-driven disruption, fraud sophistication, regulatory complexity, supply chain pressure, and economic uncertainty. These risks do not operate independently. The report confirms that 89% of business leaders consider the interdependencies between risks — including geopolitical, supply chain, cyber, and economic risks — when assessing threats. This reinforces the need for organisations to move from fragmented and reactive risk responses to integrated, forward-looking, and decision-oriented risk management.
From a Risk Advisory perspective, one of the most important implications of the report is the need to redefine risk management as a strategic enabler rather than a defensive control function. The report shows that only 9% of respondents describe their risk management as “very proactive” in 2026, compared with 29% in 2023. At the same time, most organisations remain in a protective posture, with 53% categorising themselves as risk-minimising, while 36% are now willing to take risks when necessary. This indicates that while organisations recognise the need for agility, many have not yet developed the governance, data, controls, and decision models required to act with confidence.
The report also highlights the operational barriers preventing more mature risk management. 55% of business leaders say short-term operational pressures frequently override long-term or predictive risk planning. 52% struggle to identify which risk signals truly matter, 50% report that risk information remains siloed across departments or functions, 49% lack consistent early-warning indicators, and 45% have limited visibility into deeper-tier suppliers and external dependencies. These findings are highly relevant to the Jordanian and regional market, where organisations are navigating geopolitical sensitivity, regulatory reform, fiscal pressure, digitalisation, ESG expectations, cybersecurity exposure, and increasing stakeholder scrutiny.
Cyber risk is identified in the report as the leading area where organisations feel underprepared. 40% of business leaders cite cyber as a top risk they are unprepared for, up from 23% in 2025. The report also notes that cyber teams are often involved too late in business transformation, with only 10% involved at the ideation stage, compared with 57% during planning and 26% during execution. This confirms that cyber risk should not be treated as a technical issue owned only by IT. It requires enterprise-level governance, early involvement in transformation initiatives, defined risk appetite, incident response planning, business continuity, data protection, third-party risk management, and continuous awareness across the organisation.
AI governance is another critical area highlighted by the report. Business confidence in AI is increasing, with 66% of leaders seeing the evolution of AI as an opportunity to the business, compared with 57% in 2025. At the same time, the proportion of leaders viewing AI as a risk has declined from 30% in 2025 to 24% in 2026. This optimism must be balanced with stronger governance, as AI adoption can amplify existing weaknesses in data quality, controls, compliance, accountability, and decision-making. The top five AI risks identified by business leaders are data privacy at 61%, compliance challenges at 51%, cybersecurity at 50%, integration challenges at 47%, and inaccurate predictions at 44%. For organisations deploying AI, this reinforces the need for clear policies, defined ownership, control testing, data governance, compliance oversight, and cross-functional accountability.
Fraud risk is another area where the report identifies a significant gap between actual exposure and executive attention. 93% of business leaders do not rank fraud as one of the major threats they are unprepared for, despite the rapid emergence of AI-enabled fraud, deepfake technologies, automated scams, and digital manipulation techniques. The report further notes that while 79% of leaders said in 2025 that they had a plan to defend against AI-driven fraud, only 13% in 2026 say they are actively monitoring and updating their defences specifically for AI-enabled fraud. This is a material governance concern. Organisations that wait for technology alone to solve fraud risk are likely to remain reactive and exposed.
Geopolitical risk is also positioned in the report as a risk multiplier rather than a standalone exposure. It cuts across supply chains, regulation, cyber risk, data restrictions, market access, financial planning, and operational resilience. The report identifies geopolitical risk as a top-three risk that business leaders feel unprepared for. It also shows that regional priorities differ: in the Middle East, the leading geopolitical threats include cross-border technology and data restrictions, regulatory divergence, and supply chain fragmentation. This is directly relevant to organisations operating in Jordan, Iraq, and the wider region, where geopolitical developments can rapidly affect operations, compliance requirements, funding flows, procurement, stakeholder confidence, and business continuity.
The report also demonstrates that although organisations are aware of increasing risk complexity, leadership teams are not always aligned on the severity or nature of the problem. For example, 83% of business leaders believe risks are becoming increasingly interconnected and complex, 76% use predictive indicators as part of risk monitoring, 71% routinely analyse how external risks could trigger secondary impacts across the business, and 69% say they have tools and processes to identify early risk signals before escalation. However, the report also finds that 81% of business leaders are not prioritising balanced, shared risk decision-making for the future. This gap between awareness and institutionalised action is precisely where advisory support is required.
BDO Jordan’s consulting and advisory services are directly aligned with these priorities. Our work across Management Consultancy, Financial Consultancy, Risk Advisory, Internal Control, Governance, Compliance, Cybersecurity Readiness, Digital Transformation, ESG and Sustainability, Institutional Development, and Training and Capacity Building enables clients to translate global risk insights into practical, implementable frameworks. We support organisations in assessing their risk posture, strengthening governance and control environments, improving resilience, embedding compliance, enhancing fraud prevention, and building the institutional capability required to respond to complex and interconnected risks.
In cyber and technology risk, BDO Jordan supports clients in moving beyond technical protection alone toward enterprise-wide cyber resilience. This includes governance and accountability structures, risk assessments, incident response readiness, data protection controls, third-party risk management, business continuity alignment, user awareness, and integration of cyber considerations into digital transformation initiatives from the outset.
In AI governance, BDO Jordan can support clients in assessing AI readiness, identifying governance and control gaps, defining responsible adoption principles, strengthening data governance, reviewing compliance implications, and establishing oversight models that balance innovation with risk mitigation. The report’s findings make clear that AI does not correct weak governance; it amplifies it. This makes early-stage advisory intervention essential.
In fraud, compliance, and internal control, BDO Jordan’s capabilities are highly relevant to the report’s warning that fraud is being under-prioritised. Our services can support clients through fraud risk assessments, internal control reviews, segregation of duties analysis, third-party due diligence, whistleblowing mechanisms, forensic readiness, compliance frameworks, and continuous monitoring approaches that address both traditional and technology-enabled fraud risks.
In geopolitical and enterprise risk, BDO Jordan can assist organisations in scenario planning, risk appetite definition, resilience assessments, crisis response protocols, supply chain risk reviews, regulatory impact assessments, and integrated decision-making frameworks. This is particularly important for organisations operating across Jordan, Iraq, and the wider Middle East, where external shocks can quickly translate into operational, financial, regulatory, and reputational exposure.
Overall, the report confirms that the future of risk management is integrated, cross-functional, data-informed, and strategically embedded. For BDO Jordan, this represents a clear advisory opportunity: to help clients move from reactive risk management to proactive risk intelligence. Our role is to support organisations in building the governance structures, control frameworks, analytical tools, institutional capacity, and implementation discipline required to identify material risk signals, prioritise mitigation measures, and make better decisions under uncertainty.
In practical terms, BDO Jordan can support clients by developing enterprise risk management frameworks, conducting risk maturity assessments, reviewing governance and internal control systems, strengthening cyber and digital risk governance, designing fraud prevention and compliance mechanisms, integrating ESG and sustainability risks, supporting scenario planning, and delivering capacity building for boards, executive management, and technical teams.
The strategic conclusion is clear: risk management is no longer about avoiding risk. It is about understanding risk, owning it across the organisation, and using it to support resilience, performance, and long-term value creation. This is precisely where BDO Jordan’s consulting and risk advisory capabilities can provide practical and measurable value to clients.
To download the report: Global Risk Landscape 2026 - BDO
The report’s central message is that uncertainty has become structural. Eight in ten business leaders state that the global risk landscape is now more defined by crisis than ever before, while 52% say they struggle to distinguish material risk signals from background noise. This confirms that the main challenge is no longer the existence of risk itself, but the ability of organisations to identify the right signals early, interpret them correctly, and convert them into timely decisions.
The current risk environment is characterised by geopolitical volatility, accelerated digital transformation, rising cyber exposure, AI-driven disruption, fraud sophistication, regulatory complexity, supply chain pressure, and economic uncertainty. These risks do not operate independently. The report confirms that 89% of business leaders consider the interdependencies between risks — including geopolitical, supply chain, cyber, and economic risks — when assessing threats. This reinforces the need for organisations to move from fragmented and reactive risk responses to integrated, forward-looking, and decision-oriented risk management.
From a Risk Advisory perspective, one of the most important implications of the report is the need to redefine risk management as a strategic enabler rather than a defensive control function. The report shows that only 9% of respondents describe their risk management as “very proactive” in 2026, compared with 29% in 2023. At the same time, most organisations remain in a protective posture, with 53% categorising themselves as risk-minimising, while 36% are now willing to take risks when necessary. This indicates that while organisations recognise the need for agility, many have not yet developed the governance, data, controls, and decision models required to act with confidence.
The report also highlights the operational barriers preventing more mature risk management. 55% of business leaders say short-term operational pressures frequently override long-term or predictive risk planning. 52% struggle to identify which risk signals truly matter, 50% report that risk information remains siloed across departments or functions, 49% lack consistent early-warning indicators, and 45% have limited visibility into deeper-tier suppliers and external dependencies. These findings are highly relevant to the Jordanian and regional market, where organisations are navigating geopolitical sensitivity, regulatory reform, fiscal pressure, digitalisation, ESG expectations, cybersecurity exposure, and increasing stakeholder scrutiny.
Cyber risk is identified in the report as the leading area where organisations feel underprepared. 40% of business leaders cite cyber as a top risk they are unprepared for, up from 23% in 2025. The report also notes that cyber teams are often involved too late in business transformation, with only 10% involved at the ideation stage, compared with 57% during planning and 26% during execution. This confirms that cyber risk should not be treated as a technical issue owned only by IT. It requires enterprise-level governance, early involvement in transformation initiatives, defined risk appetite, incident response planning, business continuity, data protection, third-party risk management, and continuous awareness across the organisation.
AI governance is another critical area highlighted by the report. Business confidence in AI is increasing, with 66% of leaders seeing the evolution of AI as an opportunity to the business, compared with 57% in 2025. At the same time, the proportion of leaders viewing AI as a risk has declined from 30% in 2025 to 24% in 2026. This optimism must be balanced with stronger governance, as AI adoption can amplify existing weaknesses in data quality, controls, compliance, accountability, and decision-making. The top five AI risks identified by business leaders are data privacy at 61%, compliance challenges at 51%, cybersecurity at 50%, integration challenges at 47%, and inaccurate predictions at 44%. For organisations deploying AI, this reinforces the need for clear policies, defined ownership, control testing, data governance, compliance oversight, and cross-functional accountability.
Fraud risk is another area where the report identifies a significant gap between actual exposure and executive attention. 93% of business leaders do not rank fraud as one of the major threats they are unprepared for, despite the rapid emergence of AI-enabled fraud, deepfake technologies, automated scams, and digital manipulation techniques. The report further notes that while 79% of leaders said in 2025 that they had a plan to defend against AI-driven fraud, only 13% in 2026 say they are actively monitoring and updating their defences specifically for AI-enabled fraud. This is a material governance concern. Organisations that wait for technology alone to solve fraud risk are likely to remain reactive and exposed.
Geopolitical risk is also positioned in the report as a risk multiplier rather than a standalone exposure. It cuts across supply chains, regulation, cyber risk, data restrictions, market access, financial planning, and operational resilience. The report identifies geopolitical risk as a top-three risk that business leaders feel unprepared for. It also shows that regional priorities differ: in the Middle East, the leading geopolitical threats include cross-border technology and data restrictions, regulatory divergence, and supply chain fragmentation. This is directly relevant to organisations operating in Jordan, Iraq, and the wider region, where geopolitical developments can rapidly affect operations, compliance requirements, funding flows, procurement, stakeholder confidence, and business continuity.
The report also demonstrates that although organisations are aware of increasing risk complexity, leadership teams are not always aligned on the severity or nature of the problem. For example, 83% of business leaders believe risks are becoming increasingly interconnected and complex, 76% use predictive indicators as part of risk monitoring, 71% routinely analyse how external risks could trigger secondary impacts across the business, and 69% say they have tools and processes to identify early risk signals before escalation. However, the report also finds that 81% of business leaders are not prioritising balanced, shared risk decision-making for the future. This gap between awareness and institutionalised action is precisely where advisory support is required.
BDO Jordan’s consulting and advisory services are directly aligned with these priorities. Our work across Management Consultancy, Financial Consultancy, Risk Advisory, Internal Control, Governance, Compliance, Cybersecurity Readiness, Digital Transformation, ESG and Sustainability, Institutional Development, and Training and Capacity Building enables clients to translate global risk insights into practical, implementable frameworks. We support organisations in assessing their risk posture, strengthening governance and control environments, improving resilience, embedding compliance, enhancing fraud prevention, and building the institutional capability required to respond to complex and interconnected risks.
In cyber and technology risk, BDO Jordan supports clients in moving beyond technical protection alone toward enterprise-wide cyber resilience. This includes governance and accountability structures, risk assessments, incident response readiness, data protection controls, third-party risk management, business continuity alignment, user awareness, and integration of cyber considerations into digital transformation initiatives from the outset.
In AI governance, BDO Jordan can support clients in assessing AI readiness, identifying governance and control gaps, defining responsible adoption principles, strengthening data governance, reviewing compliance implications, and establishing oversight models that balance innovation with risk mitigation. The report’s findings make clear that AI does not correct weak governance; it amplifies it. This makes early-stage advisory intervention essential.
In fraud, compliance, and internal control, BDO Jordan’s capabilities are highly relevant to the report’s warning that fraud is being under-prioritised. Our services can support clients through fraud risk assessments, internal control reviews, segregation of duties analysis, third-party due diligence, whistleblowing mechanisms, forensic readiness, compliance frameworks, and continuous monitoring approaches that address both traditional and technology-enabled fraud risks.
In geopolitical and enterprise risk, BDO Jordan can assist organisations in scenario planning, risk appetite definition, resilience assessments, crisis response protocols, supply chain risk reviews, regulatory impact assessments, and integrated decision-making frameworks. This is particularly important for organisations operating across Jordan, Iraq, and the wider Middle East, where external shocks can quickly translate into operational, financial, regulatory, and reputational exposure.
Overall, the report confirms that the future of risk management is integrated, cross-functional, data-informed, and strategically embedded. For BDO Jordan, this represents a clear advisory opportunity: to help clients move from reactive risk management to proactive risk intelligence. Our role is to support organisations in building the governance structures, control frameworks, analytical tools, institutional capacity, and implementation discipline required to identify material risk signals, prioritise mitigation measures, and make better decisions under uncertainty.
In practical terms, BDO Jordan can support clients by developing enterprise risk management frameworks, conducting risk maturity assessments, reviewing governance and internal control systems, strengthening cyber and digital risk governance, designing fraud prevention and compliance mechanisms, integrating ESG and sustainability risks, supporting scenario planning, and delivering capacity building for boards, executive management, and technical teams.
The strategic conclusion is clear: risk management is no longer about avoiding risk. It is about understanding risk, owning it across the organisation, and using it to support resilience, performance, and long-term value creation. This is precisely where BDO Jordan’s consulting and risk advisory capabilities can provide practical and measurable value to clients.
To download the report: Global Risk Landscape 2026 - BDO