Lockton warns tech firms on hidden change management risks

Lockton has published a new guide addressing the risks associated with organisational change management, focusing on the challenges facing Australia’s technology sector in 2025.

The guide highlighted that as technology firms adapt to ongoing market shifts, economic pressures, and rapid technological advancements, the process of managing restructures and redundancies is becoming increasingly complex and risk-laden.

According to Lockton, insufficient planning and communication during workforce changes can expose organisations to a range of operational, legal, and reputational risks.

The guide noted that these risks are particularly pronounced for technology companies, where the pace of change is accelerating and the stakes for talent retention and compliance are high.

Key risk factors identified

Lockton’s report outlined several major risks that technology firms should address when managing organisational change:

• Loss of critical talent – poorly managed redundancies may result in the departure of key employees, affecting business continuity and knowledge retention.
• Increase in psychological injury claims – inadequate change processes can lead to a rise in workers’ compensation claims related to mental health.
• Employment practices liability (EPL) exposures – there is a growing incidence of claims relating to unfair dismissal and workplace discrimination during periods of restructuring.
• Reputational impact – mishandled redundancies can damage the employer brand, making it more difficult to attract and retain skilled staff.
• Cultural and productivity challenges – lack of clear communication and planning can disrupt employee morale and hinder innovation.
• Legal and regulatory risks – non-compliance with Fair Work legislation and other employment regulations can result in litigation and financial penalties.

The guide warned that failing to address these risks can have lasting consequences for a company’s financial stability and market position.

Recommendations for effective risk management

To mitigate these risks, Lockton recommended that organisations:

• Prioritise transparent and consistent communication throughout the change process.
• Use data analytics to support workforce planning and scenario modelling.
• Engage HR and legal advisors early to ensure compliance with employment laws.
• Balance technology investments, such as artificial intelligence, with human oversight.
• Regularly review directors and officers (D&O) and EPL insurance coverage.
• Establish clear protocols for escalating and addressing issues as they arise.

Lockton suggested that a proactive approach to these areas can help organisations maintain resilience and competitiveness during periods of change.

Practices of leading technology firms

The guide also examined how high-performing technology companies manage organisational change. These firms typically:

• Place a strong emphasis on people-centric change management, with open communication and inclusive planning.
• Utilise data-driven tools to identify workforce efficiencies while maintaining core capabilities.
• Develop flexible workforce strategies that allow for scaling while retaining essential expertise.
• Engage legal and risk professionals early to align change initiatives with corporate values and regulatory requirements.
• Invest in rebuilding trust and psychological safety after organisational changes, including visible leadership and targeted internal communications.

Board and executive responsibilities

Lockton’s report advises directors and officers that they remain accountable for people-related risks, regardless of changes in the external environment.

The guide encourages boards to review insurance arrangements and update policies to address the evolving risk landscape in 2025.

Cybersecurity and data protection trends

The release of Lockton’s guide coincides with a shift in cybersecurity priorities for organisations in Australia and New Zealand.

Recent research indicated that local businesses are increasingly focused on protecting intellectual property, data privacy, and regulatory compliance, diverging from global trends that prioritise artificial intelligence adoption.

A global survey commissioned by Arctic Wolf found that 45% of IT and cybersecurity leaders in Australia and New Zealand identified data protection and compliance as their top security concerns.

The survey also reported that 85% of organisations in the region experienced at least one cyber incident in the past year, a higher rate than the global average.

Additionally, a significant proportion of local firms reported paying ransomware demands, often with the involvement of external negotiators.