AI's Impact on Risk Management
Is It a Factor of Uncertainty or an Enabler of Better Management?

The pace of change around organizational risk has accelerated sharply in recent years. Rapid shifts in geopolitical alignments, the frequency and severity of natural disasters, the lingering effects of pandemic-era disruption, and cascading volatility in global supply chains have created an operating environment in which the traditional toolkit of risk management - built around historical data, stable categories, and predictable event sequences - is being tested at its limits. Something new has entered this landscape, and it is simultaneously a contributor to that uncertainty and, potentially, its most powerful countermeasure: artificial intelligence.

On April 7, 2026, Anthropic unveiled what it called the most capable artificial intelligence system it had ever built, and then refused to make it available to the public. Claude Mythos Preview had, during testing, autonomously discovered and exploited a seventeen-year-old zero-day vulnerability buried in FreeBSD's Network File System, a flaw that had been sitting undetected since 2009. On Anthropic's CyberGym vulnerability-reproduction benchmark, the model succeeded roughly 83 percent of the time. Earlier versions had also shown alarming behavior in separate safety tests, including a sandbox escape and an attempt to hide unauthorized file changes from git history. Anthropic judged the system too dangerous for general release and opened it only to a narrow circle of defenders, including Microsoft, Amazon Web Services, Google, Apple, Nvidia, and other firms, under a program called Project Glasswing. Within days, the Bank of England had intensified its AI risk testing, while German banks entered urgent consultations with regulators and cyber experts.

That single episode captures the core question this article addresses. The same capability that finds a flaw no one caught in seventeen years can, in the wrong hands or under weak controls, become the attack itself. AI is simultaneously the most powerful risk management instrument now available to organizations and the most consequential new source of operational and strategic risk they face. The question is not which of these it is - it is both. What matters is what determines which side of that duality dominates in any given organization. The answer is almost entirely organizational, not algorithmic. What follows explains why, starting with a conceptual framework for understanding where AI changes the risk landscape most fundamentally.

AI did not create organizational risk. Corporations have managed operational failures, regulatory violations, reputational damage, and strategic miscalculation long before the first machine learning model was deployed in a production system. What AI has done is alter the distribution of risk across two properties that risk disciplines have always treated as diagnostic: how visible is the risk before it materializes, and how fast will it spread once it does?

Each iteration of AI tools brings enhanced capacity, so there cannot be a static answer to the question of how much autonomy should be given to these tools to keep risk in check. Risk disciplines vary in their vocabulary and methods, but mostly converge on these two diagnostic properties: can we see the risk coming, and how fast will it move once it has arrived? Visibility determines how early you can act; velocity determines whether that early action is sufficient. AI is notable because it routinely pushes risks toward a corner of the map that previous technologies treated as exceptional - making them fast and opaque simultaneously.

This is the analytic lens the rest of this article uses. Plotting visibility against velocity yields four quadrants (see Figure 1). Each quadrant maps to a distinct failure mode and, correspondingly, to a distinct managerial response. The decisive shift of the current decade is not that AI has created an entirely new category of risk. It is that AI routinely produces risks in the fast-and-opaque quadrant that previous generations of managers could treat as exceptional.

Codified (slow and visible). The Moffatt v. Air Canada ruling, in which the British Columbia Civil Resolution Tribunal found the airline liable for misleading advice provided by its chatbot, is a representative example (American Bar Association, 2024). The risk was slow (the chatbot had been in service for months), visible (the misinformation was in plain text), and fully within the reach of the existing liability regime. The EU AI Act (European Commission, 2024) and the NIST AI Risk Management Framework (NIST, 2023) extend the same logic across the regulatory perimeter. Codified risks are the easiest to manage because both precedent and process already exist. They are also the cheapest to ignore, which is why so many organizations still do.

Silent (slow and opaque). When a model crashes, the failure is obvious. When a model produces plausible, even convincing output that is subtly wrong, it can be very difficult to detect. The rise of agentic AI has intensified this problem. Upstart Holdings, a financial technology firm, relied on a proprietary AI-based underwriting model to predict consumer loan defaults. However, the algorithm overreacted to negative economic signals, leading to loss in sales, and it was forced to absorb massive financial losses incurred by the stakeholders (Ennis, 2026). Isik, Joshi, and Goutas (2024) classify four such failure modes - misuse, misapplication, misrepresentation, and misadventure - depending on whether the error was intentional or accidental and where in the production-to-consumption pipeline it occurred. The deeper problem is that probabilistic models drift in the absence of periodic retraining. Unity Technologies lost a reported $110 million and thirty-seven percent of its market capitalization in 2022 when its Audience Pinpointer algorithm drifted on weak upstream data. The technology worked as designed; what was missing was any organizational mechanism to ask whether the design was still right.

Sprawling (fast and visible). Here the organization can see the problem; what it cannot do is catch up. Shadow AI - artificial intelligence tools that employees adopt and use without the knowledge, sanction, or oversight of the organization's IT or risk function - is not invisible. It is simply faster than the governance process. The Purple Book Community and ArmorCode (2026) documented this 'confidence gap' directly: eighty-six percent of security leaders claim a complete AI inventory, while fifty-nine percent simultaneously admit that unsanctioned AI is already present and ungoverned. The same pattern appears in human-capital risk. Bedard et al. (2026) documented 'AI brain fry' - cognitive fatigue generated not by using AI but by supervising it - and found that productivity falls and attrition rises when employees must monitor multiple agents simultaneously. Managers can see the problem; they simply cannot respond fast enough.

Cascading (fast and opaque). Andrew Burt (2026) argues that agentic AI deployed at scale behaves much like malware - persistent, propagating, completing actions before a human reviewer could intervene even in principle. The analogy is apt once an enterprise runs thousands of agents in parallel, because the failure mode is no longer a failure of attention or commitment. It is a failure of clock speed and legibility simultaneously: oversight assumes a pace at which intervention is possible; agentic systems operating at machine speed do not offer that opportunity. And unlike the sprawling category, where the problem is at least visible, agentic failures frequently are not - the decision logic is buried and the actions are distributed. Without kill switches and mandatory logging, a misbehaving agent becomes an incident that can neither be rolled back manually nor fully explained after the fact. The Mythos episode is only the most public instance of this pattern; the same dynamic is present, at lower intensity, in any organization deploying autonomous agents across production systems.

The left half of Figure 1 - codified and silent risks - is fundamentally a compliance discipline. The right half - sprawling and cascading - is a design discipline. These quadrants are also not equally important: the lower-right (cascading) is where organizations will either get ahead of the problem or fall irreversibly behind it.

The preceding sections establish what can go wrong. That is only half the argument. The stronger case for taking AI seriously in risk management rests on a shift in orientation: the function moves from looking backward to looking forward. Risk management as traditionally practiced is largely retrospective: something happens, it is documented, controls are updated, and the assumption is that the next incident will be similar enough for the same controls to work. AI has the potential to move the function upstream - from explaining what happened to anticipating what might.

In supply chain and logistics, Menache et al. (2025) document decision cycles compressed 'from days to minutes' as large language models conduct scenario analysis that previously required full data-science teams. Procter & Gamble's AI-powered control tower, ingesting transactional data alongside GPS feeds and rail-yard schedules, forecasts supplier lead-time deviations up to six weeks in advance and has reportedly reduced expedited freight spend by eighteen percent. IBM's Watson Supply Chain deployment at Lenovo compressed average response times to disruptions by more than ninety percent (IBM, 2020). When a tier-three chemical supplier failed, Intel's graph analytics system - which had already mapped dependencies four tiers deep - simulated alternative routes in minutes and reportedly avoided very costly downtime (Menache et al., 2025).

In financial services, the pattern is the same: speed converted into resilience. During the market turbulence of April 2025, JPMorgan Chase's AI-enabled advisory and risk monitoring tools allowed bankers to access client information ninety-five percent faster - enabling the firm to serve clients at the moment of peak need rather than after it had passed - and its asset and wealth management division reported a twenty percent year-over-year gross sales increase over the same period (Reuters, 2025).

In physical operations, AI is moving beyond software into embodied systems that can sense their surroundings and act in the real world. Recent industry work describes this as a progression from fixed, rule-based machines to systems that can adapt, learn, and eventually reason about cause and effect. The business value is already becoming visible: Foxconn uses digital twins to test robotic assembly before deployment, which has reportedly reduced deployment time by 40 percent and operating cost by 15 percent, while Amazon’s Vulcan system can handle more than 75 percent of the one million unique items in its fulfillment network, including items it has not seen before. (World Economic Forum and BCG, 2025).

Finally, Lu and Serafeim (2026) describe how generative models convert 'reams of text' - annual reports, supplier contracts, regulatory filings - into structured strategic intelligence. A fine-tuned model can now read thousands of 10-K filings in hours, mapping which competitors have deployed which technologies, and which suppliers are quietly flagging distress, catching signals weeks before traditional analytics would surface them.

The cases in the risk sections and the cases here share the same underlying logic; the difference is direction. Risk management fails when AI operates without boundaries, but it succeeds when the organization has built the conditions for AI to work well. The executive question has shifted from whether the capability exists to whether three conditions are in place: governance to constrain it, data infrastructure to sustain it, and clear decision rights to direct it. Those three elements determine whether AI works for the organization or against it.

The difference between AI as a liability and AI as an asset is organizational, not algorithmic. A close reading of the governance literature points to four pillars, and the sequence in which organizations typically neglect them is predictable enough to be worth spelling out.

The first pillar is to make the business machine-readable. Boston Consulting Group's (2025) 'enterprise as code' framework argues that the implicit operating logic of the firm - its risk thresholds, compliance rules, ethical boundaries - must be built into how AI agents operate, not reviewed after the fact. This is easier to say than to do, but the logic is simple: research on AI alignment shows that agents behave more reliably when they can trace the consequences of their actions than when they receive only abstract ethical rules (Bojja and Feiyu, 2026). For organizations, this means governance cannot sit outside the AI system as policy alone. It must be built into architecture, so the rules are kept in practice.

The second pillar is to grant autonomy only where trust has been earned The OECD AI Principles (OECD, 2019, updated 2024) identify traceability and explainability as the two properties that make an autonomous system auditable in practice. Traceability means you can reconstruct what the system did and why - every input, every decision point, every output is logged and recoverable. Explainability means the reasoning behind a decision can be stated in terms a human reviewer can actually evaluate. A system that scores low on both belongs in an advisory role only - it can inform decisions but not make them. One that scores high on both can act, with monitoring rather than prior approval. That distinction underpins the permission map made explicit in Figure 2.

Granting autonomy is not enough. Someone still must watch how the system performs. The three lines of defense drawn from the NIST AI Risk Management Framework (NIST, 2023) and ISO/IEC 42001 (2023) provide the structure: business units monitor day-to-day performance, risk and compliance validate outputs and audit for bias, and internal audit provides independent assurance that the first two are doing their jobs. For that audit trail to mean anything, it must be tamper-proof. Zoldi and Levine (2025) report that FICO’s blockchain-based model registry, which records every dataset, parameter change, and production update, reduced model support issues and recalls by more than 90 percent. In a world where capable AI systems can obscure their own decision logic, that kind of verifiable record forms the foundation of any credible governance posture.

The third pillar is to replace consensus with explicit decision rights. Rosenthal and Zuckerman (2026) argue that consensus-based decision-making is the slowest possible response to an agentic environment because it filters out weak signals, rewards political safety over accuracy, and produces what they call 'success theater.' Rogers and Blenko’s RAPID model (2006) offers a clear structure for decision rights. It centers on one accountable Decider, supported by Agreers with veto power and by Recommenders and Inputters whose views inform the choice. Agentic deployment needs that same discipline: one accountable owner, clear veto rights, and consensus only where it is truly needed. Stuart (2026) extends the point to the executive level, arguing that the real challenge is not who “owns AI” as a whole, but who owns each AI-related decision. In that view, the Chief AI Officer’s role is less to control AI outright than to maintain a clear map of decision rights across the C-suite.

The fourth pillar is moral review. Blackman (2021) made the case for adapting the medical Institutional Review Board (IRB) model to AI deployments. The body he describes is cross-functional - strategists, lawyers, technologists, and ethicists - with formal veto power over high-risk deployments before they go live. The analogy to medicine is apt: the IRB exists because the consequences of certain decisions are serious enough to require a structured second opinion before anyone acts. Aon's AI Risk 2026 survey adds empirical weight: firms with a formal AI review body are measurably less likely to appear in enforcement actions in the following year. The impact of governance structure shows up in outcomes.

When these four pillars work together, they produce a foundation that boards and regulators can evaluate objectively. Trust, in this context, is demonstrable - a log of what the system did, an explanation of why it did it, a record that has not been tampered with, and a person whose job it is to notice when things go wrong. Those four elements determine how far an AI system is allowed to go before a human must sign off on the next step.

Before committing to a governance roadmap, organizations should assess where they actually stand on three dimensions that will determine whether any roadmap is executable.

1. Who owns AI decisions? The first question is simple: who is accountable for AI governance? That authority may sit with a Chief AI Officer or within another C-suite role, but the mandate must be clear. The board should also be able to see which function owns which AI-related decisions. If there is no clear answer to either question, that is a finding in itself.

2. Is the AI inventory complete? The second test is factual. The Purple Book Community and ArmorCode (2026) found that 59 percent of security leaders suspect unsanctioned AI is already operating in their organizations, even though 86 percent claim a complete inventory. That gap makes an audit necessary. The starting point is a full review of AI use across the enterprise, including consumer tools accessed through personal accounts. The review should then test whether the data architecture can support the controls the organization wants to enforce. Weak data lineage and poor upstream controls often show up later as drift, hallucination, and unreliable outputs.

3. Does governance match actual AI risk? The third test is fit between risk and governance. Not every AI system creates the same level of risk, and governance should reflect that. A scheduling chatbot and an autonomous trading agent do not require the same controls. Low-stakes internal tools can move faster. High-stakes or autonomous systems should face adversarial testing and meet the trust thresholds in Figure 2 before entering production. The same principle applies to accountability: where risk is high, decision rights, escalation paths, and ownership must be explicit.

These three tests will not answer every question. But they do show whether governance is real or merely formal.

The corporate conversation about AI still shifts between overconfidence and hesitation, and neither posture is useful to a senior leader trying to make real decisions. The broader uncertainty environment that organizations already navigate - volatile geopolitics, rapid technological change, supply chain fragility, the increasing frequency of extreme events - means that risk management functions are already under pressure. AI compounds that pressure from two directions simultaneously: it increases the velocity and opacity of certain risk categories, and it offers the most powerful suite of anticipatory tools the risk management profession has ever had available. The organizations that navigate this well are not those that move fastest or most cautiously. They are the ones that govern most clearly.

The Mythos episode was a reminder that the same system capable of finding a seventeen-year-old flaw in global infrastructure can, under weak governance, become the flaw itself. That is not a reason to slow AI adoption - adoption is accelerating regardless of whether any individual organization is ready. It is a reason to govern seriously, because the gap between organizations that do and organizations that do not is widening faster than most boards have recognized.

AI is powerful, but its effect depends on the organization using it. What matters is whether the organization has clear trust rules, clear decision rights, and clear accountability for important AI decisions. It also needs to avoid what Reeves, Moldoveanu, and Job (2024) call “dataism,” the belief that more data will automatically produce the right answer. AI can make decisions within goals, limits, and incentives set by people. But people still decide what the system should optimize, what risks it may take, and who is responsible when things go wrong. What matters now is whether governance is keeping pace, and that will show up in outcomes, not intentions.

American Bar Association. (2024, February). BC Tribunal confirms companies remain liable for information provided by AI chatbot (Moffatt v. Air Canada). Business Law Today.
https://www.americanbar.org/groups/business_law/resources/business-law-today/2024-february/bc-tribunal-confirms-companies-remain-liable-information-provided-ai-chatbot/

Aon. (2026). AI Risk 2026: What business leaders need to know. Aon Insights. https://www.aon.com/en/insights/articles/ai-risk-2026-practical-agenda

Bedard, J., Kropp, M., Hsu, M., Karaman, O. T., Hawes, J., & Rosen Kellerman, G. (2026, March 5). When using AI leads to 'brain fry.' Harvard Business Review. https://hbr.org/2026/03/when-using-ai-leads-to-brain-fry

Blackman, R. (2021, April 1). If your company uses AI, it needs an institutional review board. Harvard Business Review.
https://hbr.org/2021/04/if-your-company-uses-ai-it-needs-an-institutional-review-board

Bojja, Giridhar R. and E, Feiyu. "Learning to Behave: The Paradox of Compliance and Structural Inertia in Large Language Model Agents". (2026). PACIS 2026 Proceedings (forthcoming).

Boston Consulting Group. (2025, December 2). Enterprise as code: An operating model for the AI era.
https://www.bcg.com/publications/2025/enterprise-as-code-operating-model-for-ai-era

Burt, A. (2026, March 30). AI agents act a lot like malware. Here's how to contain the risks. Harvard Business Review.
https://hbr.org/2026/03/ai-agents-act-a-lot-like-malware-heres-how-to-contain-the-risks

Capgemini Research Institute. (2025). Strategy, governance, and the future of agentic AI adoption.
https://www.capgemini.com/insights/research-library/strategy-governance-and-the-agentic-future

Ennis, D. (2026, April). Upstart sued over AI model’s ‘overreaction’. https://www.bankingdive.com/news/upstart-investors-sue-overreactive-ai-revenue-adjustment-damages/817226/

European Commission. (2024). Regulation (EU) 2024/1689 of the European Parliament and of the Council (The AI Act).
https://eur-lex.europa.eu/eli/reg/2024/1689/oj

Hoque, F. (2025, March 6). Two frameworks for balancing AI innovation and risk. Harvard Business Review.
https://hbr.org/2025/03/two-frameworks-for-balancing-ai-innovation-and-risk

IBM. (2020). Lenovo transforms its supply chain with AI-driven insights. IBM Case Study. Lenovo Transforms Its Supply Chain with AI-Driven Insights - IBM Mediacenter

International Organization for Standardization. (2023). ISO/IEC 42001: Information technology - Artificial intelligence - Management system. https://www.iso.org/standard/81230.html

Isik, O., Joshi, A., & Goutas, L. (2024, May 31). 4 types of gen AI risk and how to mitigate them. Harvard Business Review.
https://hbr.org/2024/05/4-types-of-gen-ai-risk-and-how-to-mitigate-them

Lu, S., & Serafeim, G. (2026, March 6). How gen AI can turn reams of text into actionable insights. Harvard Business Review. https://hbr.org/2026/03/how-gen-ai-can-turn-reams-of-text-into-actionable-insights

Menache, I., Pathuri, J., Simchi-Levi, D., & Linton, T. (2025, January). How generative AI improves supply chain management. Harvard Business Review, 104(1–2), 86–95. https://hbr.org/2025/01/how-generative-ai-improves-supply-chain-management

National Institute of Standards and Technology. (2023). Artificial Intelligence Risk Management Framework (AI RMF 1.0).
https://www.nist.gov/itl/ai-risk-management-framework

OECD. (2019, updated May 2024). Recommendation of the Council on Artificial Intelligence (OECD/LEGAL/0449).
https://legalinstruments.oecd.org/en/instruments/OECD-LEGAL-0449

Purple Book Community, & ArmorCode. (2026, March 23). State of AI Risk Management 2026: The confidence gap.
https://www.armorcode.com/report/state-of-ai-risk-management-2026-report

Reeves, M., Moldoveanu, M., & Job, A. (2024, December 11). The irreplaceable value of human decision-making in the age of AI. Harvard Business Review. https://hbr.org/2024/12/the-irreplaceable-value-of-human-decision-making-in-the-age-of-ai

Reuters. (2025, May 5). JPMorgan says AI helped boost sales, add clients in market turmoil (by N. Anand).
https://www.reuters.com/business/finance/jpmorgan-says-ai-helped-boost-sales-add-clients-market-turmoil-2025-05-05/

Rogers, P., & Blenko, M. (2006, January). Who has the D? How clear decision roles enhance organizational performance.
Harvard Business Review, 84(1), 52–61. https://hbr.org/2006/01/who-has-the-d-how-clear-decision-roles-enhance-organizational-performance

Rosenthal, J., & Zuckerman, N. (2026, April 7). Decision-making by consensus doesn't work in the AI era. Harvard Business Review. https://hbr.org/2026/04/decision-making-by-consensus-doesnt-work-in-the-ai-era

Ross, M., & Taylor, J. (2021, November 10). Managing AI decision-making tools. Harvard Business Review.
https://hbr.org/2021/11/managing-ai-decision-making-tools

Stuart, T. E. (2026, March 12). Who in the C-suite should own AI? Harvard Business Review. https://hbr.org/2026/03/who-in-the-c-suite-should-own-ai

World Economic Forum, & Boston Consulting Group. (2025). Physical AI: Powering the new age of industrial operations.
https://www.weforum.org/publications/physical-ai-powering-the-new-age-of-industrial-operations/

Zoldi, S., & Levine, J. T. (2025, January 20). Using blockchain to build customer trust in AI. Harvard Business Review.
https://hbr.org/2025/01/using-blockchain-to-build-customer-trust-in-ai