The Challenge

  • Siloed Approach To Risk – very few lending institutions have mature and structured processes and reporting on GRC that brings together an integrated and orchestrated view of GRC processes and information. Most organizations have fragmented approach where some aspects of enterprise and operational risk are more mature than others but fail to have an overall coordinated strategy where distributed business units and processes maintain their own data, modeling, frameworks and systems. This results in functional departments and business unit’s areas focus on their own view of risk and not the aggregate picture, unable to recognize substantial and preventable losses.
  • Existing GRC Tools That Cannot be Replaced – When a lending institution approaches risk in scattered silos that do not collaborate, there is no opportunity to be intelligent about risk as risk interrelates and compounds to create a larger risk exposure than each silo is independently aware of. This happens because organization have existing governance, risk, information security, compliance and audit tools and legacy governance and risk structures which is hard to replace immediately with an overarching integrated governance, risk, Information, compliance and audit management system because of various reasons including resistant to adopting new technologies.
  • Lack of vision to have a federated view of risk – Lending Institutions are faced with a major concern of intentionally or unintentionally encouraging defensive, “siloed” behavior. Undermining collective decision making and leading back to a more tick-box approach to governance, information security, risk and compliance management: precisely the opposite of the legislators’ and regulators’ intention. This challenge is due to the lack of vision at the top to integrate and have visibility into all risks and their relationships between business units and continue to allow legacy GRC tools across multiple business units. This often relates to vision and cultural boundaries within an organization rather than technical possibility.

The Solution

  • GRC Business Intelligence tool to sit on your enterprise landing data zone- While data is powerful, it is akin to raw material in construction. To achieve the desired outcome, one must refine and compose the raw material into something useful. Analytics are that critical step in unlocking and revealing the insights within data. Since legacy Governance, risk and compliance tools within each business unit are going to be hard to displace and a tough sell to all business unit manager to replace their individual tools with an integrated governance, risk, information security and compliance management system all at once, an ideal solution can be to have a tool like Predict360 to sit on top of an enterprise landing data zone which can tie various risk and compliance data from all the business units through a common information and technology architecture to support overall risk management activities as well as you can get a view of the inter relationships of risk , compliance, action plans across all the business, understand the depth and breadth of risk and predict risk using artificial intelligence technology and leveraging all the risk data feeds.

Value

  • You will become an intelligent lending institution once you understand the risk exposure to each individual process, project or an asset and how it intersects with other risks within each business unit and aggregate the risk to get enterprise perspective on risk without replacing all the existing tools that the functional managers and business units are using to meet their day to day risk & compliance needs. This alleviates the change management issue and less disruption to the organization.
  • The Company is going to be able to achieve optimal performance since now it can impact risk on strategy, performance, project, process, department, division, and enterprise levels.
  • It will further allow your lending institution to be competitive and gain efficiencies in an environment where every process and efficiency gains matters.

A Case Study

Challenge:

  • EVP of Innovation of one of the top 10 lending institution which is also a bank with multiple product lines and business units was interested in having an aggregated risk from multiple inputs, governance structures and risk models so that they get a better understanding of relationships of risks, its interdependencies where it intersects, get a holistic enterprise view of the risk so it becomes easy to assess impact of various decisions to each business unit.
  • Another challenge they had is that implementing a companywide integrated governance, risk, information and compliance management platform was not an option and a tough sell to business unit leaders internally – Legacy tools, historical governance cultures, exposing their risk, compliance and action plans to other departments, managing their egos were among the reasons that were legitimate concerns.

Solution:

  • This required a Governance, Risk and Compliance intelligence approach — this lending bank had recognized their challenges and build an enterprise data landing zone. Predict360, 360factors GRC Intelligence platform build on artificial intelligence technology was designed to sit on an enterprise landing data zone which can tie various risk and compliance data from all the business units through a common information and technology architecture to support overall risk management activities.
  • This is a big change across an entire organization since it will question long-embedded internal cultures that tended toward bureaucratic, committee-based and silo approaches to managing governance, risk and compliance. It would further expose accountability and responsibility metrics and make people understand that they’re going to be held accountable