The RTJ Bridge - The Research Platform Created by the Publishers of The RiskTech Journal
The RTJ Bridge is an independent research platform delivering institutional-grade IRM market intelligence, vendor competitive assessments, and strategic risk technology analysis. Built by the analyst who created the Integrated Risk Management category at Gartner, The RTJ Bridge gives risk leaders, technology executives, and solution providers the same caliber of competitive intelligence that major analyst firms charge $25,000 to $50,000+ per year to access.
Subscribers to The RTJ Bridge receive full access to:
IRM50 OnWatch Vendor Assessments — Competitive analysis of leading IRM vendors as market events unfold, covering platform strategy shifts, M&A impact, earnings signals, and positioning changes.
Autonomous IRM and AI Governance Research — Original research on how agentic AI is reshaping risk management operating models, from production deployment patterns to the structural implications for vendor platforms and enterprise programs.
Analyst Firm and Market Critiques — Independent assessments of research from Gartner, Forrester, and other major analyst firms, viewed through the IRM Navigator Model to identify gaps, validate signals, and challenge conventional positioning.
Board Governance and Audit Committee Intelligence — Research on oversight effectiveness, emerging risk response gaps, audit committee workload challenges, and the disconnect between risk reporting and executive action.
M&A and Strategic Alliance Analysis — Same-week analysis of acquisitions, partnerships, and PE investment moves reshaping the IRM competitive landscape, with implications for buyers, vendors, and investors.
Regulatory, ESG, and Sustainability Risk — Research on how evolving regulatory frameworks (SEC cyber disclosure, EU CSRD/CSDDD, AI regulation) affect enterprise risk programs and technology requirements.
IRM Navigator™ Market Intelligence — Strategic previews and deep dives from the IRM Navigator Model, the only independent model built specifically to evaluate integrated risk management maturity and vendor alignment.
Cyber Risk, Insurance, and Third-Party Risk — Analysis of cyber risk quantification, insurance market dynamics, and the convergence of third-party risk management into enterprise IRM programs.
Subscribe to get access now
The RTJ Bridge is an independent IRM research platform published by Wheelhouse Advisors. Subscribers receive ongoing access to vendor competitive assessments, AI disruption analysis, M&A and partnership impact research, and IRM Navigator™ market intelligence. This is the only research platform built and led by the analyst who created the Integrated Risk Management category, a market now valued at over $61 billion and projected to reach $133 billion by 2031.
Agentic Operational Risk: How AI Is Reshaping Control, Performance, and Resilience
Operational risk management is evolving from reactive oversight to intelligent orchestration. Agentic AI, systems that can plan, tool, and act with bounded autonomy, is at the center of this shift. These agents compress cycle times, expand control coverage, and deliver evidence with audit grade traceability. Within the IRM Navigator™ Model, they strengthen the connection between Performance and Resilience, the two objectives where ORM delivers the most tangible value.
The Exponential Ripple: How JLR’s Cyber Incident Exposed the Interconnected Matrix of Risk, and How PRAC Stops the Spread
A month after Jaguar Land Rover’s cyber incident, the story is no longer only about one company’s outage. It is about the exponential ripple that travels through a tightly coupled production and supplier network, then into finance, regulation, and public policy. The United Kingdom moved to stabilize the sector with a £1.5 billion loan guarantee through UK Export Finance, a partial backstop intended to unlock working capital from commercial banks and push liquidity down the supply chain. Reporting also confirms that JLR had no cyber insurance at the time of the attack, and that recovery will take months rather than days, with additional bank facilities arranged alongside the guarantee.
Operational Intelligence — How IRM Solves Connected Risk Failures
Agility and resilience are everything when is comes to digital business today. Risk events once considered unlikely—global cyber disruptions, third-party failures, data breaches, operational breakdowns—now occur with alarming frequency. As these risks grow more interconnected, traditional Governance, Risk and Compliance (GRC) frameworks, often built around static risk registers and slow reporting cycles, are no longer sufficient.
Risk management is evolving from a reactive back-office control utility into a strategic engine of operational intelligence. Enabled by advancements in risk technology, analytics, and real-time data integration, modern Integrated Risk Management (IRM) platforms are helping organizations detect emerging operational risks earlier, connect siloed insights, and embed resilience into the core of enterprise decision-making.
This article previews that transformation—and offers a forward look at what’s coming in the IRM Navigator™ ORM Report – Q2 2025, which evaluates key trends, capabilities, and vendors shaping the future of operational risk management (ORM).
When Culture Becomes a Control — How Supervisors Are Shaping the Future of Operational Risk
In regulatory circles, culture is no longer an abstract concept. It’s a measurable, reportable, and enforceable risk factor—viewed not as a soft HR issue, but as a core element of operational control. Across Australia, Europe, the UK, and the United States, financial and non-financial regulators are making it clear: the management of culture and conduct is now fundamental to operational risk oversight.
This shift is transforming the way Operational Risk Management (ORM) functions are being evaluated. Regulators are demanding not only documentation of controls but evidence that organizations understand how risk culture shapes operational performance, compliance behavior, and escalation pathways. In response, forward-looking ORM programs are moving beyond control testing and loss event tracking. They are building integrated risk intelligence systems that can monitor, measure, and adapt to the human dynamics of risk.
The Risk of Unheard Warnings — How Suppressed Signals Trigger Operational Failures
Today, the loudest failures often follow the quietest warnings. Not because no one saw them coming—but because someone did, and the system failed to listen.
Operational risk is no longer defined solely by failures in processes, systems, or external disruptions. Increasingly, it stems from something far harder to quantify: the failure to recognize, interpret, and elevate early signals of internal misconduct, breakdowns in oversight, or cultural deterioration. These signals are often present long before a public scandal, a regulatory penalty, or a financial collapse. But too often, they go unheard.
This article examines the phenomenon of risk signal suppression—why organizations ignore the earliest warnings of operational failure, how this risk materializes inside complex institutions, and what forward-looking ORM programs must do to identify and act on weak signals before they become systemic threats.
Culture as Capital Risk — Lessons from the ANZ Breakdown
Now that intangible risks are becoming materially consequential, few cases better illustrate the price of cultural failure than the one unfolding at ANZ. In March 2025, the Australian Prudential Regulation Authority (APRA) imposed a $1 billion capital charge on the bank, citing persistent governance failures and an organizational culture that allowed misconduct to fester unchecked.
This was not a case of financial fraud or a high-profile cyber breach. It was the slow erosion of internal accountability—fueled by poor leadership, ineffective escalation channels, and a widespread underestimation of non-financial risks. As APRA Chair John Lonsdale put it, ANZ’s problems were “persistent and prevalent,” with echoes of similar issues already observed at its peer institutions.
The implications extend far beyond Australia’s banking sector. The ANZ case is a clear signal to global risk leaders: organizational culture is now a capital issue.
Culture, Conduct, and Consequences: The Operational Risk Lens on Today’s Most Dangerous Failures
Organizations are waking up to a hard truth: operational risk isn’t just about systems and controls—it’s about people, behavior, and culture. From misconduct in trading rooms to mismanaged whistleblowing programs, the failures dominating headlines today stem less from compliance gaps and more from breakdowns in cultural awareness, risk signal interpretation, and operational accountability.
As regulatory scrutiny intensifies and stakeholder expectations evolve, organizations must move beyond the traditional confines of Governance, Risk, and Compliance (GRC). They must build Operational Risk Management (ORM) programs that are equipped to detect, interpret, and act on cultural and conduct risks as core components of enterprise risk. This editorial series, Culture, Conduct, and Consequences, explores how non-financial risks—when left unmanaged—become operational failures. It sets the stage for the 2025 IRM Navigator™ ORM Report, to be published this June, and offers risk leaders a new lens for navigating the next era of operational resilience.