Governance Compliance Risk

1. Gain the support and cooperation of the users and IT professionals

2. Check project management tools for proper usage

3. Perform project reviews at the end of each phase

4. Assess readiness for implementation

5. Present findings to management

Organizations must address the increased risks associated with geopolitical instability, globalization, aggressive growth targets, increased competition and the information explosion. Risk management has always been a core competency in financial institutions. Today, integrated enterprisewide risk management practices are a regulatory imperative. Entrepreneurial activity and risk are not mutually exclusive. Integrated risk management is an instrument that enables informed managerial decisions and conscious acceptance of tolerable and acceptable level of risk. Therefore, risk management as a part of corporate governance will strengthen stakeholder confidence and provide a clear sense of direction to organizations engaging in entrepreneurial activities.

Compliance has evolved from a tick-box, reactive approach to a forwardlooking, proactive discipline that supports good governance. Compliance is now far broader than simply working through a list of all-or-nothing requirements, although rules-based compliance is still an important subset of overall compliance. In most cases, the compliance requirements set down in regulations or standards are maturity-driven and designed for continuous improvement over time. Market practice, benchmarks and new developments in business must be factored into the notion of compliance, given the constant changes and challenges of global business.

GRC has become a top business priority. The trend toward improved corporate governance is seen in many initiatives, including the following:

1. Protecting corporate reputation and brand value
2. Meeting the increased demands and expectations of investors, legislators, regulators, customers, employees, analysts, consumers and other key stakeholders
3. Driving value and managing performance expectations for governance, ethics, risk management and compliance
4. Managing crisis and remediation while defending the organization, its executives and board members against the increased scope of legal enforcement and the rising impact of fines, penalties and business disruption
5. Exercising good corporate stewardship and discharging fiduciary duties in a transparent and proactive manner

Organizations are required to address the impact of these initiatives. Some may have had a positive experience in terms of GRC, but are unsure about their ability to

Regulations of all types have evolved into detailed frameworks covering many aspects of financial services and technology. In recent years, national and international regulations have increasingly addressed issues of information management, information technology and specialist disciplines within these fields. As a result, both senior management and specialist practitioners are now in a position to transform existing regulations into practical and manageable concepts that support GRC at the organizational level. The drivers for regulatory change include:

1. Growing sophistication of financial technology, leading to more complex activities and risk profiles in financial services organizations
2. Globalization of banking and the geographic spread of financial operations across national borders
3. Increased collaboration between regulators across geographic jurisdictions, driven by the need for market oversight and supervision
4. Widening of compliance requirements into other sectors of the financial services industry, such as anti-money laundering legislation and regulation