There is a quiet but decisive shift underway in governance. For years, organisations have focused on frameworks, controls, and oversight structures. Today, regulators and boards are asking a more uncomfortable question:
Not “Is governance in place?” — but “Who is truly accountable when it fails?” This is where the next frontier of risk culture is emerging — accountability culture.
The Accountability Illusion
Most organisations believe accountability is clearly defined. Role descriptions exist. Committees are structured. Reporting lines are mapped. And yet, when something goes wrong, accountability becomes… diffused.
Decisions were “collective.” Ownership was “shared.” Escalations were “assumed.”
In my experience across boards and governance reviews, this is the new culture gap: Responsibility is documented. Accountability is not lived.
What Has Changed — Globally
The shift is not theoretical. It is regulatory. Across jurisdictions, there is a clear move toward individual accountability embedded in governance frameworks:
- Responsibility mapping frameworks are being formalised to eliminate ambiguity in senior management roles
- Regulatory reviews are increasingly linking failures to named individuals, not just institutions
- Enforcement patterns show a stronger focus on conduct, oversight lapses, and decision ownership
This reflects a deeper realisation: Governance failures are rarely systemic accidents — they are often failures of ownership. At the same time, global risk data is reinforcing the pressure on leadership.
According to the latest global risk outlook, digital disruption (including AI) and geopolitical uncertainty are rising sharply alongside cybersecurity as top organisational risks. These are not risks that can be managed by policy alone. They require judgement, escalation, and ownership at the leadership level.
The New Culture-Governance Gap
We are now seeing a second-order governance gap emerge:
- AI systems are deployed — but no one owns model risk outcomes
- Strategic decisions are made under geopolitical uncertainty — but risk ownership is unclear
- Cyber incidents occur — but accountability sits somewhere between IT, risk, and business
The result? High-complexity risks with low clarity of ownership.
Boardroom Cue
Ask this at your next meeting:
“For our top three risks today, can we name — without ambiguity — the individual ultimately accountable for each?”
If the answer requires explanation, alignment, or interpretation. You do not have accountability. You have structure without ownership.
One Idea Worth Sharing
“Risk frameworks allocate responsibility. Strong cultures assign accountability.”
Final Thought
The next generation of governance will not be defined by better frameworks. It will be defined by clear ownership, visible accountability, and leadership courage.
Because in the moments that matter — during crises, failures, and difficult decisions — governance does not operate as a system. It operates through people. And when accountability is unclear, risk does not disappear.
Is accountability in your organisation clearly owned — or conveniently shared? That is the question worth confronting now.