This is true how you explained. But you focused on the technical development part. Also other possible risk areas are easier to manage in iterative/incremental methods. E.g. budget, schedule, dependencies. Most important discovery contribute to business risk mitigation is: Ensuring building the right thing what customer wants.
By some definitions (e.g., go back to some of Steve McConnell's definition of software risk management) this is aligned with much of how an agile team would identify and manage risks. "Risk of missing requirements", "Risk of not understanding and therefore misreporting progress", etc.)