The best remedy for the healthcare sector – a collaborative risk culture

Jhonson discusses how the profession can help navigate the complexities of today’s “polycrisis” norm by collaborating with clinicians and other departments on raising risk awareness and informing better decision making. 

Healthcare is a resource-intensive and highly regulated sector where effective risk management depends on reliable data, ethical oversight, and sound financial stewardship – all areas where accountancy professionals can excel.  

Healthcare companies have become especially vulnerable to data theft crimes and ransomware attacks. Clinical and financial teams must confront these threats together; they must be more cognisant of their organisations’ vulnerabilities, evaluate the effectiveness of their defences, and, most importantly, determine how they would continue operations in the event of a cyberattack while minimising impact on patients.

CFOs should recognise that it is as much their responsibility as any other leader in the organisation to identify parties that it is reliant on and understand the extent of their defences. There are tough decisions to be made on where to invest scarce financial resources, and these are significant judgement calls for financial leaders in assessing the relevant trade-offs.  

COVID-19 exposed systemic bias, opaque accounting, and uncontrolled pricing in procurement processes. Faster-moving technological powers, new working practices, growing personal and financial pressures, and questions on declining ethical standards have resulted in rampant fraud and corruption, costing billions annually.

Effective control frameworks and thorough risk assessments are crucial in tackling these risks. Increased regulation and personal accountability for business leaders will also help. However, a ‘controls and compliance approach’ alone is not sufficient to address this complex issue. Finance teams should accept that fraud exists and take responsibility for implementing measures that actively look for it. They can also contribute by fostering open and transparent cultures that facilitate cooperative communication of concerns throughout the organisation. 

The healthcare industry is not immune to economic volatility. Financial professionals in healthcare must adopt dynamic forecasting and scenario planning. Today’s fast-changing landscape is also fuelling a new evolution of third- and fourth-party risk management in the sector, particularly given the extent of outsourcing.

This involves enhanced due diligence and more creative negotiating where finance teams play a leading role. This is important because there are a lot of small and medium-sized businesses in the healthcare supply chain, and these businesses may not have as many resources to manage risk or respond to complex disruptions or new cyber and data risks.

Artificial intelligence is transforming healthcare - from automating administrative tasks to enabling personalised patient care. However, AI also introduces risks, such as bias in algorithms, misuse of data, and ethical concerns. As laws and regulations continue to evolve, organisations cannot become complacent and rely solely on them.

Finance professionals play a critical role in building a risk culture to anticipate potential risks of AI adoptions. Accountants can cultivate trust and transparency, guiding the discussion, evaluation, and responsible adoption of any AI-driven operational changes. They should work with technicians and compliance officers to figure out the risks and return on investment of AI projects. They should also make sure that AI systems follow data protection laws and ethical standards. Finally, they must push for openness in the decision-making processes of AI, making sure that everyone is responsible at every step. 

Finance professionals possess a unique ability to drive meaningful change due to their deep understanding of data, budgets, and organisational priorities. They can promote cross-functional collaboration by encouraging communication between finance, IT, clinical, and compliance teams to identify and address risks holistically.

We also emphasise the importance of collaborative training to equip staff at all levels with the knowledge and tools they need to understand and mitigate risks. It is crucial to monitor and evaluate continuously, for example, by using key performance indicators (KPIs) and regular reviews to track the effectiveness of risk management strategies. Finance bosses must be visible and lead discussions on key issues while also supporting structured engagement between chief medical officers, administrators, and finance teams that allows them to find common ground and shared goals. 

By taking a proactive approach to cybersecurity, fraud prevention, economic uncertainty, and AI adoption, finance professionals can help steer the healthcare sector towards a future that is not only financially secure, but also ethically and operationally sound.

Let 2025 be the year where finance teams in healthcare take the lead in building a culture of risk awareness and preparedness. 

Main image: Rachael Johnson, global head of risk management and corporate governance for policy and insights at ACCA