The stature and visibility of GRC continued to grow over the last year. Accenture’s 2016 Compliance and Risk Study concludes that GRC had gained a “seat at the table and a mandate to lead” but was now at a crossroads where Senior Management needs to see strong results making it clear that GRC can be “both an effective risk manager and a strategic advisor to the business”.
Governance, Risk and Compliance is a field that changes very quickly, perhaps more so than any other aspect of Banking and Finance, and the demands placed on GRC continue to grow in both scale and complexity. With CEOs wanting to see improved operations, making better use of fewer resources, what are the key concerns for GRC professionals this year?
The two big buzzwords in the industry continue to be Convergence and Agility, with a lot of ongoing discussion about the tension between the two ideals. Can you have a unified, centralised Compliance and Risk strategy while still being able to rapidly respond to unique incidents in an appropriate manner?
The third major talking point is Technology – both in how it creates constant new challenges for GRC teams (the ongoing rapid growth of the FinTech sector has its own ever changing set of specific Risks, while Cyber/Information Risk continues to be one of the biggest concerns for the wider Finance and Banking worlds) and how it can best be used as a tool to aide Compliance work.
Technology is undeniably a huge element in how modern GRC professionals operate, but I think organisations need to make sure they’re always putting their people and policies first and make sure they bring in and use technology solutions that perfectly fit their specific situation. Harmony and Convergence are of course important; and the ability to be able to quickly and easily share data, resources and alerts across different teams and departments is crucial.
I think a “back to basics, people first” approach may well become a big theme across GRC by the end of the year, we need to always remember that there is no “one size fits all” solution in this sector. Every company is unique and every stakeholder is different, and I think it’s much wiser to have multiple systems that work well together while tackling individual problems rather than trying to have a single system covering all areas.
Kind Consultancy partners with expert individuals who are available on an interim basis, who are able to assist with any situation, no matter how large or small, whether providing an hour of telephone guidance or 12+ months of on-site project delivery. For a confidential discussion about your organisation’s Governance, Risk and Compliance needs, or if you’re seeking career advancement within GRC, contract me on 0121 643 2100 or e-mail firstname.lastname@example.org