Treasury News Network

Learn & Share the latest News & Analysis in Corporate Treasury

  1. Home
  2. Operations
  3. Control & Compliance in Operations

Wish-list for an integrated risk ecosystem

Risk and compliance executives expect real benefits from digital technology but many firms face challenges in moving towards the future, according to a report on governance, risk and compliance (GRC) by Thomson Reuters and Celent.

The report – Achieving Integrated GRC In An Interconnected Digital Age – examines the challenges facing risk and compliance executives and found that technologies such as big data, artificial intelligence (AI), machine learning and distributed ledger technology (blockchain) are expected to bring measurable increases in efficiency to risk management operations. Risk operations are not, however, finding the adoption of digital technologies straightforward; some are having trouble developing agile capabilities and continue to be hampered by inflexible technology, said the report.

The report, based on interviews with risk and compliance executives, established a wish-list of requirements for a fit-for-purpose, integrated risk ecosystem in five key areas:

1. Information & data congruence

Applications employed to capture and report information for various risk assessments and controls management activities, such as risk control self-assessments (RCSAs), key risk indicators (KRIs), risk appetite parameters and loss events. These should be connected, aligned and congruent with a firm’s taxonomy and framework.

2. Adaptability

Flexible, business-user centric capabilities to respond to evolving requirements, without the need for protracted cycles of IT development, coding and testing.

3. Rich visualization, usability and collaboration

Next-generation platforms should possess the ability to quickly analyse, chart and exchange operational and risk- related insights based on modern and intuitive user interfaces.

4. Dynamic, event-centric and timely

Ability to support multiple modes of operation, including triggering by events and operating in near-real time in order to monitor and report on the state of affairs in a firm’s risk profile in a dynamic manner.

5. Open and seamless co-existence

Platform should be open and extensible enough to connect and co-exist with other non-risk IT applications (HR, sales, security) using modular, flexible interfacing mechanisms.

Like this item? Get our Weekly Update newsletter. Subscribe today

Also see

Add a comment

New comment submissions are moderated.