Mastering the Art and Science of Governance, Risk, and Compliance, Part 2

Organizational Strategies, Solution Trends, and IT Investments for Effective Risk Oversight
by Cubillas Ding, August 11, 2014
Industry Trends
Asia-Pacific, EMEA, North America

Abstract

Globally, Celent expects firms to spend in excess of $4.8 billion annually by 2017 on GRC activities towards strengthening firmwide governance, streamlining controls and risk assessments, executing remediation efforts, and embracing next-generation governance, risk, and compliance practices and technologies.

In recent years, the paradigm for supervisory activities and nonfinancial risk management has evolved: conventional rules-based paradigms of approaching risk and compliance obligations are giving way to risk based-approaches, where greater supervision intensity is placed on high-risk/systemically important financial institutions, right conduct, and emergent systemic risks. This will drive global IT investments across North America, Europe and Asia-Pacific for governance, operational risk, and compliance (GRC) to grow at a compound annual rate of 8.7% overall, from US$3.5 billion in 2013 to US$4.8 billion in 2017.

With the short- to mid-term technology spending trajectory characterized by hefty regulatory fines, spiraling costs, and onerous burdens of delivering to GRC obligations, the imperative for firms to remove barriers to collaboration, increase efficacies, and make smarter investments around technology and operations in GRC activities is no longer a nice-to-have.

Forward-looking firms that have gone beyond their first and second iterations of GRC initiatives are also looking to “operationalize” risk and compliance practices “into the business.” These will require not just snapshot-based risk and control assessments, analytics, and measurements, but also embedding of information about risk in a joint and “live” manner as part of day-to-day front line actions taken.

In the report Mastering the Art and Science of Governance, Risk, and Compliance (Part 2), Celent follows the trends, industry practices, technology investment priorities, and vendor solutions adopted by financial firms in their next-generation GRC initiatives.

“With governance, risk, and compliance initiatives, there are no one-size-fits-all approaches,” says Cubillas Ding, Research Director with Celent’s Securities & Investments Group and author of the report. “It entails a journey where firms need to examine where they are, their own ambitions, the complexity of their business and operations, local regulator expectations, and the scope/velocity of risk factors that they are exposed to.”

In this report, Celent highlights industry GRC practices, strategic considerations and learnings, and vendor solutions that enable firms to achieve effective governance, operational risk, and compliance. Vendors covered include Bwise, Chase Cooper, Cura Software, EMC RSA Archer, IBM Openpages / Algorithmics, Mega, Metricstream, Oracle, Protiviti, SAS, Thomson Reuters Accelus, Wolters Kluwer, and Wynyard Methodware. The report also presents global GRC IT spending and technology priorities across banks/dealers, insurance firms, asset managers, and hedge funds, and across North America, Europe, and the Asia-Pacific region.

Celent is a research and advisory firm dedicated to helping financial institutions formulate comprehensive business and technology strategies. Celent publishes reports identifying trends and best practices in financial services technology and conducts consulting engagements for financial institutions looking to use technology to enhance existing business processes or launch new business strategies. With a team of internationally based analysts, Celent is uniquely positioned to offer strategic advice and market insights on a global basis. Celent is a member of the Oliver Wyman Group, which is a wholly-owned operating unit of Marsh & McLennan Companies [NYSE: MMC].

Media Contacts

North America
Michele Pace
mpace@celent.com
Tel: +1 212 345 1366

Europe (London)
Chris Williams
cwilliams@celent.com
Tel: +44 (0)782 448 3336

Asia (Tokyo)
Yumi Nagaoka
ynagaoka@celent.com
Tel.: +81 3 3500 3023

Table of Contents

Executive Summary

1

Towards a Dynamic, Forward-Looking, Data-Driven Paradigm of GRC

3

 

Regulatory Expectations and Supervisory Paradigms

3

 

Functional and Technology Foundations

4

 

The Next Frontier in GRC Technology

5

Global GRC Priorities and Technology Investments

7

Assessing Firm-Level and Industry Maturity: Progress and the Road Ahead

10

 

Organization and Governance

10

 

Monitoring and Reporting

10

 

“In the Business” GRC Capabilities

11

 

Systems, Data, and Infrastructure

12

 

Charting the Journey Ahead

13

An Evolving Solution Ecosystem

15

 

Solution Spectrum and Positioning

15

 

Vendor Overviews

16

 

Core, Complementary, and Value-Added GRC Capabilities

18

 

Next-Generation Solutions: Where Are Things Headed?

19

Looking Forward

22

 

Action Points for Financial Institutions

22

 

Action Points for Solution Providers

23

 

Conclusions

24

Leveraging Celent’s Expertise

25

 

Support for Financial Institutions

25

 

Support for Vendors

25

Related Celent Research

26

Sign in to download reports and access personalized information