Vasily Kudrin, Partner, Head of advisory (risk management, control, corporate governance) at HLB Vneshaudit, presentation on trends, forecasts and prospects in corporate governance, control and risk management on traditional “December Debates” conference.

Presentation (ENG | RUS)

Coherent exposition of the presentation

1. Context of the speech and retrospective validation of forecasts. Vasily Kudrin’s presentation focused on trends and prospects in corporate governance, risk management, and control/compliance (GRC). It was recalled by the host of the conference that Mr. Kudrin delivered a similar presentation several years ago, where his forecasts initially appeared radical. However, many of those projections were later confirmed in practice. This historical accuracy set a high level of expectation for the current speech. From the outset, the presentation was positioned as a forward-looking expert assessment rather than a purely academic exercise.

2. Updating trends in light of new realities. Mr. Kudrin emphasized that the objective of this presentation was to update previously identified GRC trends given recent global developments. While the pandemic itself could not realistically have been predicted, it significantly accelerated many structural shifts that were already underway. In particular, trends related to remote and distributed work materialized far faster than anticipated. In this sense, the pandemic acted as a catalyst rather than a root cause of transformation. This distinction is critical for understanding the underlying drivers of change.

3. Professional background as the foundation of analysis. The speaker briefly outlined his extensive experience in corporate governance, risk, control, and compliance. His career spans senior roles in the real sector as well as advisory work, including experience with a Big Four firm and AO HLB Vneshaudit. Mr. Kudrin has also served on boards and within professional associations such as the Institute of Internal Auditors and ACFE. This combination of operational and advisory experience underpins his analytical perspective. It enables him to bridge theory, regulation, and business practice.

4. Focus on research and foresight methodologies. Vasily Kudrin noted his deep involvement in international research initiatives related to trends and forecasting in GRC. He has both analyzed and helped organize studies conducted by investment banks, consulting firms, and technology companies. By the end of 2020, he had also completed his own independent research. This allowed him to compare divergent expert views and identify common patterns. The resulting synthesis forms the analytical backbone of the presentation.

5. Lack of a unified vision of the future. According to the speaker, there is no clear consensus among professionals regarding the future of corporate governance and compliance. Different experts use different terminology and emphasize varying aspects—technology, regulation, or organizational culture. This reflects a high level of uncertainty and fragmentation in professional understanding. Mr. Kudrin characterizes this state as a form of informational and technological singularity. Even seasoned specialists struggle to clearly define future trajectories.

6. Areas of partial consensus among experts. Despite fragmentation, several common themes emerge across most forecasts. These include the digital agenda, the transformation of labor organization, and the evolving role of regulators. There is broad agreement that traditional approaches to organizing human work are becoming obsolete. Likewise, legal and regulatory systems are widely perceived as lagging behind technological and social change. These shared assumptions provide a practical framework for further analysis. Mr. Kudrin encourages practitioners to anchor their actions in these points of convergence.

7. Structuring nine key trends. The expert identified nine major trends, grouped into three overarching blocks. The first relates to law and compliance, the second to business transformation, and the third to labor organization and the digital agenda. A distinct emphasis is placed on life and health safety. This structure allows abstract trends to be translated into practical implications. The ultimate goal is to clarify what GRC professionals can do today to create value.

8. Regulatory transformation as a systemic challenge. The first major trend discussed is regulatory transformation. Mr. Kudrin argued that the inefficiency of traditional legal systems is steadily increasing. This became especially evident during the pandemic, when regulatory responses were often delayed, inconsistent, or excessive. Businesses and individuals alike experienced this through rigid requirements and automated digital penalties. As a result, regulatory risk has taken on a new qualitative dimension.

9. A new role for compliance and risk assessment. The speaker stressed that modern compliance systems must be flexible and materially focused. Simply maintaining risk registers for reporting purposes is no longer sufficient. As borders between states, technologies, and social groups continue to blur, companies must prioritize only those risks that truly matter. Government and law-enforcement systems, in his view, will remain structurally inefficient. This necessitates a fundamentally different approach to regulatory interaction.

10. GRC professionals as participants in regulatory evolution. Mr. Kudrin emphasized that GRC professionals can derive tangible benefits from regulatory transformation. They may engage in regulatory initiatives, contribute to consultations, and help businesses properly assess regulatory exposure. This shifts the GRC function from a defensive posture to a strategic advisory role. Compliance thus evolves from a control mechanism into a source of strategic insight. The profession gains greater influence within organizations.

11. Distributed labor economics as a lasting trend. The second major trend is the rise of the distributed labor economy. The pandemic merely accelerated an already existing shift. Government mandates related to safety and remote work may reappear in future global crises. At the same time, legal frameworks—such as remote work legislation—are adapting to these realities. Distributed work is becoming a structural feature of the modern economy rather than a temporary exception.

12. Economic and managerial effects of remote work. According to Vasily Kudrin, remote work delivers direct economic benefits to companies. These include reduced personnel and logistics costs, and in many cases improved managerial control. Simultaneously, the gig economy and freelance models are expanding. This is particularly evident among millennials, who do not perceive long-term attachment to a single employer as necessary. Cloud technologies serve as the technological backbone of this shift.

13. Project-based management and organizational flexibility. For GRC professionals, distributed work naturally aligns with a project-based operating model. Risk, audit, and compliance functions have long relied on project logic. This approach enables faster and more effective responses to change. Mr. Kudrin noted that such changes will occur with increasing frequency. Consequently, organizational flexibility becomes a core professional competency.

14. Life, health, and safety as long-term risk categories. Another critical trend relates to life safety, environmental risks, and business reputation. Mr. Kudrin argued that pandemic-type risks will remain central for at least the next decade. He cited an example, when pandemic risks were assessed for an air transportation company but largely dismissed internally. Within a few years, those risks materialized catastrophically. This demonstrates systemic underestimation of low-probability, high-impact risks.

15. Institutionalizing safety-related risks. The speaker emphasized that such risks must be fully embedded into corporate risk agendas. They cannot be reduced to formal documentation maintained by health or safety departments. Instead, they must be treated as core strategic risks. For GRC professionals, this represents a significant area for future development. Life and health safety thus become integral to corporate resilience.

16. The disruptive and beneficial nature of innovation. Mr. Kudrin next addressed innovation and technological transformation. He observed that the speed at which new ideas emerge and spread makes innovation increasingly disruptive. New business models are proliferating, including subscription services, freemium models, and decentralized systems. Digital finance, ecosystems, and alternative forms of coordination are reshaping human interaction. As a result, uncertainty continues to increase.

17. Positive transformation effects for GRC functions. Despite disruption, innovation also creates substantial benefits. It enables process optimization, cost reduction, and improved control mechanisms. Additionally, it allows companies to enter new markets and geographically distribute operations. Mr. Kudrin argued that transformation initiatives should account for at least 50% of the workload of internal control, audit, and compliance functions. This represents a fundamental shift in professional priorities.

18. A constructive approach to transformation. The speaker presented his own framework for constructive transformation. It begins with understanding how different technologies affect an industry and a specific company. The next steps involve prioritization, roadmap development, and competency definition. Implementation is followed by continuous monitoring of growth effects. This approach links strategic vision with execution discipline.

19. The anti-crisis role and outlook for a future downturn. Mr. Kudrin noted the possibility that the crisis could still manifest itself in one form or another, despite the obvious recovery of international and domestic financial markets. He pointed to inflated valuation multiples that do not correspond to fundamental or psychological norms: even major technology companies may face sharp corrections. In his view, deeper economic or social shocks could emerge within the next two or three years. Such a scenario would significantly increase demand for GRC expertise.

20. The digital agenda and final recommendations. Concluding his speech, Vasily Kudrin described the digital agenda as the primary driving force of the new economic cycle. He referenced Kondratiev waves, arguing that a new long-term technological cycle is only beginning. Key focus areas include data, digital hygiene, cloud and decentralized technologies, and digital investigations. Mr. Kudrin emphasized that digital footprints inevitably become visible over time. Finally, he encouraged GRC professionals to use these trends as a foundation for sustainable professional and institutional development.

About Vasily V. Kudrin.

Partner of the advisory (consulting) department of AO HLB Vneshaudit; audit and consulting in management and business.

  • Professional in finance and business with perennial experience in real sectors’ business, finance and business and management consulting.
  • More than 300 professional projects and educational events in the area of process organization, risk management, and transformation of corporate systems.
  • Vasily Kudrin holds valid professional international diplomas: CIA (internal audit, since 2004 года), CFE (anti-fraud investigations/examinations, с 2007 года), (c)CSA (control/risk self-/assessments, c 2004 года).

Professional expertise.

  • Experience in the field of corporate finance, corporate governance and internal control/audit according to international and generally recognized standards and recommended practices since 2002.
  • Participated in the professional boards (councils) and working groups (taskforces) of a number of professional public organizations, such as the Institute of Internal Auditors, Association of Certified Fraud Examiners (ACFE), Institie of Directors.
  • Take part in associations of coraporate governance (NAND, RID) and risk management, ongoing participation in the work of Debates Club, which deals with issues of innovation in corporate governance, risk management and control/compliance (GRC).