GRC special report: editor's letter

Alexander Campbell

Governance, risk and compliance (GRC) supporters are slowly gaining ground. The need for a GRC system is now accepted by half the financial market, with 38% of institutions already using one and another 12% set to put one in place, as revealed in a recent Operational Risk & Regulation survey. The focus has now shifted to the mechanics of setting up GRC systems and, more importantly, the politics of persuading everyone involved to support them.

“There is nothing more difficult to carry out, nor more doubtful of success, nor more dangerous to handle, than to initiate a new order of things” – many operational risk managers will recognise the sense behind Niccolo Machiavelli’s advice to would-be reformers. And Machiavelli, in turn, would recognise that senior managers, no less than Renaissance noblemen, would be much more likely to support a reform when they could see a clear benefit in doing so. Making the case for GRC can involve using the threat of regulatory action – a threat which grows as new financial oversight laws like the US Dodd-Frank Wall Street Reform and Consumer Protection Act come into force and impose more exigent and wide-ranging demands for compliance reporting and oversight. But operational risk managers are finding that citing benefits – easier data collection for internal analysis, a better reputation with credit rating agencies and counterparties, and ultimately lower compliance costs in the long term – can be even more effective as a persuasive technique.

And this applies at all levels of the company. While a major project like a GRC system isn’t going to make much headway without an influential patron at the board or C-suite level, getting buy-in from managers further down the chain of command will make the implementation process faster and smoother as well, not least by making sure the company’s own processes and needs are fully understood well in advance. Changing requirements halfway through a complex project is the surest way to drive up cost, delay completion and lose support. Delay brings the risk that the final product may, nevertheless, have become obsolete before its completion.

Click here to view the article in PDF format.

Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.

To access these options, along with all other subscription benefits, please contact info@risk.net or view our subscription options here: http://subscriptions.risk.net/subscribe

You are currently unable to copy this content. Please contact info@risk.net to find out more.

Financial crime and compliance50 2024

The detailed analysis for the Financial crime and compliance50 considers firms’ technological advances and strategic direction to provide a complete view of how market leaders are driving transformation in this sector

Investment banks: the future of risk control

This Risk.net survey report explores the current state of risk controls in investment banks, the challenges of effective engagement across the three lines of defence, and the opportunity to develop a more dynamic approach to first-line risk control

Op risk outlook 2022: the legal perspective

Christoph Kurth, partner of the global financial institutions leadership team at Baker McKenzie, discusses the key themes emerging from Risk.net’s Top 10 op risks 2022 survey and how financial firms can better manage and mitigate the impact of…

Emerging trends in op risk

Karen Man, partner and member of the global financial institutions leadership team at Baker McKenzie, discusses emerging op risks in the wake of the Covid‑19 pandemic, a rise in cyber attacks, concerns around conduct and culture, and the complexities of…

Moving targets: the new rules of conduct risk

How are capital markets firms adapting their approaches to monitoring and managing conduct risk following the Covid‑19 pandemic? In a Risk.net webinar in association with NICE Actimize, the panel discusses changing regulatory requirements, the essentials…

Most read articles loading...

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here