IBM RegTech Innovations

General Motors is shifting gears with powerful GRC technology

Share this post:

As technology like IoT and AI continue to revolutionize the automotive industry, cyberattacks, natural disasters, changes in industry regulations, supply chain disruption, and product recalls all are just a small sample of the catalog of risks that can negatively impact an automotive company’s reputation, and affect its bottom line. To avoid or mitigate these risks, car manufacturers must constantly monitor potential threats to their businesses, and continuously evolve their audit, risk, and control activities as new challenges arise.

Business challenges faced by GM

General Motors (GM) is one of the world’s largest global automotive companies, and have been pushing the boundaries of manufacturing and technology for over 100 years. GM relied on four separate systems to support its audit, risk and control activities, which made it difficult to gain a real-time view of and understand relationships between risks, controls and issues across the company. The company has had a focus on risk right at the top at a CRO level who established a risk committee of the board in 2014 as per Angela Hoon, Executive Director, Strategic Risk Management at GM. The organization invests time and resources into identifying, mitigating and monitoring risk.

With IBM OpenPages providing a more comprehensive view of risks, controls and issues across the company, we are much better positioned to meet our strategic objectives. As well as providing a macro view of all risks that we currently face, the solution also enables us to drill down and assess the specific risks in one manufacturing process or link in our supply chain.”  – Angela Hoon, Executive Director, Strategic Risk Management, GM

GM found that the existing systems and processes used by its audit, operational risk management, Sarbanes-Oxley Compliance (SOX), and strategic risk management teams were acting in silos. This creates difficulty to inventory, track and monitor risks, controls and issue resolution across functions and analyze the broader implications. Each department had its own unique workflows and a different set of technical challenges. For instance, the SOX team was using a highly customized system that was complex to manage, the audit team was on a system that was reaching end-of-life and the operational risk. Management team needed a powerful survey function to support its regular risk and control assessments.

GM chooses IBM to unify its audit, risk and control activities

To manage risk more effectively and efficiently across its global operations, GM decided to consolidate its audit, risk and control processes and procedures using the IBM OpenPages with Watson platform.

GM adopted an agile-like approach to implementing the OpenPages solution. After the initial planning phase, the GM IT department was trained to lead the implementation, with support from IBM for technical aspects as needed. Next, they began implementing the OpenPages software as a shared platform that the audit, risk and control groups could use to share data. As a result, the organization, in contrast to their erstwhile situation where these departments interpreted the company structure and processes differently, the departments, now, have a common understanding, making it easier to investigate risks that affect multiple departments. As GM continues to roll out the solution, the company hopes to unify its practices and procedures even further.

Driving a holistic GRC Strategy with IBM OpenPages with Watson

By using the OpenPages with Watson platform to support Audit, Risk and Control activities, GM has gained a more granular, but at the same time enterprise-wide, view of potential threats to its business — empowering the company to control and mitigate risk and prevent losses and reputational damage. And by consolidating to a single system, the teams stand to reduce their IT maintenance costs significantly.

Read GM’s transformational story in detail at

Portfolio Marketing Lead, Watson Financial Services

More IBM RegTech Innovations stories

The cloud advantage: Three approaches for implementing cloud for risk management

Compared to traditional data centers, I believe that cloud computing has several characteristics that make it an attractive platform for risk management. First of all, the compute requirements for risk management can vary over time. Cloud provides the ability to scale up resources during peak periods and scale them back down when they are not […]

Continue reading

Beware of data “science projects” turned fraud prevention solutions

As e-commerce has revolutionized the way we buy and sell online, we are no longer bounded by borders or time zones. Goods can be purchased from anywhere around the world at any time of day. Because of this, traditional rules-based fraud detection systems have become outdated and no longer work. Today, real-time payments require real-time […]

Continue reading

BNZ protects customers (and the customer experience) with IBM Safer Payments

Bank of New Zealand (BNZ), one of the leading banks in ANZ, announced late last year that they have selected IBM Safer Payments to deliver cross-channel fraud protection to its customers. The multi-million-dollar deal supports BNZ’s efforts to provide frictionless and safer payments experience to their customers. Growing fraud requires new approach Many conveniences that […]

Continue reading