For years, retail businesses prioritised competitiveness and profits over robust risk management, compliance, and operational resilience, unlike sectors such as financial services. This approach has persisted until January 2025, when new regulations came into force, forcing the industry to face a long-overdue reckoning.
According to RiskSmart, in the last decade, the fragility of the retail ecosystem has been repeatedly exposed. Disruptions from global pandemics to shipping crises and trade wars have highlighted the industry’s vulnerability. In 2024, the UK Corporate Governance Code announced changes, including Provision 29, requiring boards to confirm the effectiveness of risk management and internal controls, with the rules coming into force in January 2025. As a result, retailers of all sizes have had to reassess their approaches to risk and stakeholder accountability.
Provision 29 has brought governance, risk, compliance, and internal audit to the forefront across the retail sector. According to RiskSmart, which works closely with retail firms, this shift has come at a critical time for the industry, opening new conversations around risk management and operational resilience.
Despite the changes, risk management in retail often remains reactive. Senior leaders and board executives frequently remain distant from day-to-day risk management, leading to regulatory fatigue and potential fines due to non-compliance. The need for retail businesses to address these challenges is now more urgent than ever.
Retailers are increasingly facing additional pressures, from managing returns and maintaining consumer duty to GDPR compliance and financial risks, all under the watchful eye of regulatory bodies. While many brands still view risk as a matter of avoiding fines, effective risk management can be a competitive advantage, strengthening profitability and resilience in a challenging market.
Provision 29 has prompted many in the retail industry to confront risk management head-on. Even publications like Vogue have begun to spotlight the risks within high-end supply chains, indicating that risk is no longer a back-office issue but a mainstream concern that can impact brand reputation and operational continuity.
Retailers are rethinking their reliance on spreadsheets, turning to governance, risk and compliance management software to handle increasingly complex compliance needs. According to RiskSmart, this shift towards streamlined, automated systems is helping brands simplify their processes while staying ahead of regulatory changes.
Interest in retail risk management is growing rapidly. RiskSmart reports a 140% increase in retail companies in its sales pipeline over the past year. The company is already supporting major names like ASOS, Autotrader, JD Sports and Skyscanner, helping these brands adopt proactive risk monitoring and use key risk indicators to inform business decisions.
Retail customers using advanced risk management solutions are seeing clear benefits, including real-time risk monitoring, enhanced financial forecasting, better reporting, and seamless company-wide communication through automated notifications. These systems allow teams to manage third-party due diligence data while saving hundreds of hours in manual administrative work.
The most notable benefit, however, lies in engaging leadership in meaningful risk discussions. Jensten chief risk and compliance officer Steve Folkard said, “RiskSmart engages senior leaders in risk management. It’s changed how people think about risk – something spreadsheets could never achieve – and helped cascade that mindset across the business. I wouldn’t underestimate the value of that.”
Keep up with all the latest FinTech news here
Copyright © 2025 FinTech Global
