Mastering the Art and Science of Governance, Risk, and Compliance, Part 2
Organizational Strategies, Solution Trends, and IT Investments for Effective Risk Oversight
Abstract
Globally, Celent expects firms to spend in excess of $4.8 billion annually by 2017 on GRC activities towards strengthening firmwide governance, streamlining controls and risk assessments, executing remediation efforts, and embracing next-generation governance, risk, and compliance practices and technologies.
In recent years, the paradigm for supervisory activities and nonfinancial risk management has evolved: conventional rules-based paradigms of approaching risk and compliance obligations are giving way to risk based-approaches, where greater supervision intensity is placed on high-risk/systemically important financial institutions, right conduct, and emergent systemic risks. This will drive global IT investments across North America, Europe and Asia-Pacific for governance, operational risk, and compliance (GRC) to grow at a compound annual rate of 8.7% overall, from US$3.5 billion in 2013 to US$4.8 billion in 2017.
With the short- to mid-term technology spending trajectory characterized by hefty regulatory fines, spiraling costs, and onerous burdens of delivering to GRC obligations, the imperative for firms to remove barriers to collaboration, increase efficacies, and make smarter investments around technology and operations in GRC activities is no longer a nice-to-have.
Forward-looking firms that have gone beyond their first and second iterations of GRC initiatives are also looking to “operationalize” risk and compliance practices “into the business.” These will require not just snapshot-based risk and control assessments, analytics, and measurements, but also embedding of information about risk in a joint and “live” manner as part of day-to-day front line actions taken.
In the report Mastering the Art and Science of Governance, Risk, and Compliance (Part 2), Celent follows the trends, industry practices, technology investment priorities, and vendor solutions adopted by financial firms in their next-generation GRC initiatives.
“With governance, risk, and compliance initiatives, there are no one-size-fits-all approaches,” says Cubillas Ding, Research Director with Celent’s Securities & Investments Group and author of the report. “It entails a journey where firms need to examine where they are, their own ambitions, the complexity of their business and operations, local regulator expectations, and the scope/velocity of risk factors that they are exposed to.”
In this report, Celent highlights industry GRC practices, strategic considerations and learnings, and vendor solutions that enable firms to achieve effective governance, operational risk, and compliance. Vendors covered include Bwise, Chase Cooper, Cura Software, EMC RSA Archer, IBM Openpages / Algorithmics, Mega, Metricstream, Oracle, Protiviti, SAS, Thomson Reuters Accelus, Wolters Kluwer, and Wynyard Methodware. The report also presents global GRC IT spending and technology priorities across banks/dealers, insurance firms, asset managers, and hedge funds, and across North America, Europe, and the Asia-Pacific region.