“As companies review and update their corporate risk management practices, governance risk and compliance software is gaining recognition as a key component of GRC software application suite within enterprise risk management”

Governance Risk and Compliance Reporting – The Digital Revolution

Banks and Financial Institutions continue to face challenges as Regulators, both a domestic and international scale ramp up the reporting requirements for operational risk management and control, and information security.

The enforcement of Basel III, Solvency II, Liquidity Risk BCBS 239 and Sarbanes Oxley has ensured that GRC continues to have as much importance for top executives as the maintenance of critical applications that provide information security and brand protection. The stark reality, is the financial sector is struggling keep up with the increasingly onerous reporting requirements of regulators.

Historically, banks and financial institutions monitored and reported risk through excel spreadsheets and access, allowing banks to ‘data capture’ and report back. However, current regulatory requirements demand more than a snapshot or a report on past activities; reports are required to provide a wide range of information including trends, emerging risks and evidence demonstrating the inter-connection and active management of operational, credit and market risk. Also, for banks and insurers a loss event report system is becoming necessary as part of the overall report requirement.

Many banks and other financial institutions do not have in place a fully integrated enterprise wide GRC e-platform to enable the Governance Risk and Compliance teams to   better manage the ever increasing reporting requirements of regulators.  As regulatory pressure continues to grow, several GRC software suppliers have brought to market a new range of digitised products, designed to both plug the regulatory reporting gaps and to enable the assessment of operational risk and compliance across the commercial organisation.

Typically, modern GRC software products require a team of IT professionals to enable effective service delivery, integration, training and maintenance of the new digitised platform. Like most transformational projects, the team will consist of a number of subject matter experts, to ensure the successful integration of the new products.

In the short to medium term, there will continue to be a significant requirement across the banking and finance industry for experienced teams of GRC technology experts, to introduce and maintain a GRC e-platforms, on a global scale.

The new e-platforms are unlikely to replace the traditional roles and responsibilities within in the short to medium term as the new wave of GRC software is still very much in its early stages. The systems are more likely to be considered as enablers to assist GRC teams to satisfy the ever increasing reporting requirements of the regulators and senior management.