Enterprise Risk Management (ERM) and Compliance software both facilitates and automates critical tasks such as risk identification, Key Risk Indicator operation, incident management, regulatory change management and regulatory compliance.

 

Effective use of technology ensures that ERM and Compliance activities are fully embedded in the front line and are applied in a near continuous manner. With the right strategy and investment, automation ensures that business leaders and risk and compliance officers are alerted to critical changes in market conditions, a change in regulation or an external event that impacts one of their partners or suppliers. 

 

The opportunities presented by technology to ERM and Compliance leaders have led to a continuous stream of in-house developed solutions and third-party product launches over the past 20 years. However, user experience has been mixed with many deployments now becoming outdated and ineffective or other times never achieving the benefits envisioned.  Challenges encountered depend on business size and sector as well as the maturity of the underlying risk and compliance processes. For example:

​

• Changing business dynamics are making established risk software solutions ineffective – Many businesses are now compelled to move faster and enter new markets to stay ahead. Previous generation risk solutions, that were typically inward looking and focused on business-as-usual risks, are now becoming insufficient and need to be supplemented with external looking, horizon risk scanning capability.

• Risk and regulatory portfolios are too diverse for a one-size-fits-all solution – Solutions launched and implemented 10-15 years ago were lauded for their ability to manage and support multiple risks and compliance functions both centrally and in the front line. These solutions have often proven too compromised to meet the diverse needs of multiple functions, leading to investment write-off. A new approach is required.

• There’s no respite from regulators - The pressure of compliance deadlines has often caused those on the hook to develop tactical, siloed solutions. Isolated and hurried development plans have left many organisations with a series of costly solutions to manage, that fail to capitalise on the best available technical capabilities (such as artificial intelligence).

• The volume and complexity of risk data continues to make automation challenging - risk management and compliance exercises typically generate high volumes of data with varying quality and no common standard. Interpretation can be a complex task and system limitations can mean that the reports and insights generated are of questionable value.

• Navigating the technology market – ERM and Compliance software investment typically operates on a seven-year cycle. Many program stakeholders have struggled to navigate the complex software market and determine the optimal solution mix for them, which may actually comprise a combination of in-house/bespoke and off-the-shelf capabilities.

​

How do we help?

​

Our support is aligned to the specific and wide-ranging needs of our clients. For example, where an organisation is due to become publicly listed, automation support may be part of a broader engagement to help develop risk and compliance frameworks to meet regulatory needs for the first time.  Conversely, for a more established business, we might be engaged to assess and overhaul existing risk and compliance technologies that are no longer effective. Our team has previously been engaged on technology programs focused on automating specific risk thematics (IT, Supply Chain, Finance) and/or specific regulations (Sarbanes-Oxley, Basel II, GDPR). These have been performed in all major industry sectors with program budgets ranging from £100k to £15m+.

​

Our services include:

​

• Assessment and benchmarking of existing technology use

• Technology strategy development that reflects future business direction, and emerging risk and regulatory needs

• Cost benefit analysis and investment case for new or replacement technology

• Technology options including both self-development and third-party options

• Vendor selection – program scoping, solution requirements, RFP support, vendor shortlist and proposal benchmarking (including cost benchmarks)

• Implementation support – program governance, delivery plan development and execution

 

Our commercial model is such that we remain truly independent of the software vendors in this market. We hold no reseller agreements but, moreover, do not retain a bench of product implementation specialists that would otherwise introduce bias into any strategy or selection support.