Mastering the Art and Science of Governance, Risk, and Compliance, Part 2

Organizational Strategies, Solution Trends, and IT Investments for Effective Risk Oversight
by Cubillas Ding, August 11, 2014
Industry Trends
Asia-Pacific, EMEA, North America


Globally, Celent expects firms to spend in excess of $4.8 billion annually by 2017 on GRC activities towards strengthening firmwide governance, streamlining controls and risk assessments, executing remediation efforts, and embracing next-generation governance, risk, and compliance practices and technologies.

In recent years, the paradigm for supervisory activities and nonfinancial risk management has evolved: conventional rules-based paradigms of approaching risk and compliance obligations are giving way to risk based-approaches, where greater supervision intensity is placed on high-risk/systemically important financial institutions, right conduct, and emergent systemic risks. This will drive global IT investments across North America, Europe and Asia-Pacific for governance, operational risk, and compliance (GRC) to grow at a compound annual rate of 8.7% overall, from US$3.5 billion in 2013 to US$4.8 billion in 2017.

With the short- to mid-term technology spending trajectory characterized by hefty regulatory fines, spiraling costs, and onerous burdens of delivering to GRC obligations, the imperative for firms to remove barriers to collaboration, increase efficacies, and make smarter investments around technology and operations in GRC activities is no longer a nice-to-have.

Forward-looking firms that have gone beyond their first and second iterations of GRC initiatives are also looking to “operationalize” risk and compliance practices “into the business.” These will require not just snapshot-based risk and control assessments, analytics, and measurements, but also embedding of information about risk in a joint and “live” manner as part of day-to-day front line actions taken.

In the report Mastering the Art and Science of Governance, Risk, and Compliance (Part 2), Celent follows the trends, industry practices, technology investment priorities, and vendor solutions adopted by financial firms in their next-generation GRC initiatives.

“With governance, risk, and compliance initiatives, there are no one-size-fits-all approaches,” says Cubillas Ding, Research Director with Celent’s Securities & Investments Group and author of the report. “It entails a journey where firms need to examine where they are, their own ambitions, the complexity of their business and operations, local regulator expectations, and the scope/velocity of risk factors that they are exposed to.”

In this report, Celent highlights industry GRC practices, strategic considerations and learnings, and vendor solutions that enable firms to achieve effective governance, operational risk, and compliance. Vendors covered include Bwise, Chase Cooper, Cura Software, EMC RSA Archer, IBM Openpages / Algorithmics, Mega, Metricstream, Oracle, Protiviti, SAS, Thomson Reuters Accelus, Wolters Kluwer, and Wynyard Methodware. The report also presents global GRC IT spending and technology priorities across banks/dealers, insurance firms, asset managers, and hedge funds, and across North America, Europe, and the Asia-Pacific region.

Celent is a research and advisory firm dedicated to helping financial institutions formulate comprehensive business and technology strategies. Celent publishes reports identifying trends and best practices in financial services technology and conducts consulting engagements for financial institutions looking to use technology to enhance existing business processes or launch new business strategies. With a team of internationally based analysts, Celent is uniquely positioned to offer strategic advice and market insights on a global basis. Celent is a member of the Oliver Wyman Group, which is a wholly-owned operating unit of Marsh & McLennan Companies [NYSE: MMC].

Media Contacts

North America
Michele Pace
Tel: +1 212 345 1366

Europe (London)
Chris Williams
Tel: +44 (0)782 448 3336

Asia (Tokyo)
Yumi Nagaoka
Tel.: +81 3 3500 3023

Table of Contents

Executive Summary


Towards a Dynamic, Forward-Looking, Data-Driven Paradigm of GRC



Regulatory Expectations and Supervisory Paradigms



Functional and Technology Foundations



The Next Frontier in GRC Technology


Global GRC Priorities and Technology Investments


Assessing Firm-Level and Industry Maturity: Progress and the Road Ahead



Organization and Governance



Monitoring and Reporting



“In the Business” GRC Capabilities



Systems, Data, and Infrastructure



Charting the Journey Ahead


An Evolving Solution Ecosystem



Solution Spectrum and Positioning



Vendor Overviews



Core, Complementary, and Value-Added GRC Capabilities



Next-Generation Solutions: Where Are Things Headed?


Looking Forward



Action Points for Financial Institutions



Action Points for Solution Providers





Leveraging Celent’s Expertise



Support for Financial Institutions



Support for Vendors


Related Celent Research


Sign in to download reports and access personalized information