IBM RegTech Innovations

GRC is everyone’s business

Share this post:

In my May 2019 blog, “Has GRC Reached Its Tipping Point? Observations From The Front Lines”, I described a set of common patterns that are driving business initiatives in Governance, Risk & Compliance. These highlighted that:

  • Organizations are transforming their GRC frameworks,
  • They are driving to realize greater benefits from already significant GRC investments, and
  • There is an increasing focus on GRC solutions that are more forward-looking in their guidance

These patterns can be summed up in one phrase: “GRC is Everyone’s Business”. This applies to every industry, especially highly regulated ones, such as Financial Services, Healthcare, and Industrial organizations.  We see clients with this enterprise view of GRC looking to cover Operational Risk, IT Risk, Supplier Risk, Model Risk, SOX, Policy Management, Compliance, and Internal Audit in a connected, integrated approach.

This statement is not an exaggeration as we are witnessing first-hand client, after client, emphasizing a desired culture for risk and compliance that is inclusive, consistent, and one which drives performance with confidence. Specifically, we see the execution of a “GRC is Everyone’s Business” strategy manifesting itself in three areas: Confidence, Efficiency, and Transparency.

IBM OpenPages with Watson continues to invest in providing our clients with what they need to move forward in each of these areas.

Confidence – Why GRC needs to get more personal

Organizational confidence is driven by many factors such as data accuracy, transparency of operational risks, connecting those risk to processes and ensuring the right people are engaged in thoughtful risk management. As such, the market is demanding more participation from all levels in their businesses, especially the first line on defense (Line Management) (see Figure 1).  IBM has enabled OpenPages with Watson (OpenPages) to engage all lines of defense with a new task-oriented user interface and embedded visual workflow designed to engage the first line of defense without training. We have invested in new views, visualizations and a personalized workspace engaging everyone to be more productive and effective in managing risk. The result of this approach to GRC ensures a risk-aware culture and allows everyone to efficiently participate in managing important risk and compliance activities.

Improving the Culture for Risk & Compliance through personalization

Figure 1: GRC Gets Personal – Improving the Culture for Risk & Compliance through personalization

 

From our experience in the fields, we believe that for organizations to engage more users, their GRC system must become more relevant and personalized.  This user personalization can be seen throughout OpenPages starting with the new personalized workspace that is fully customizable by each user through panels that can be added, removed and hidden (see Figure 2).

Figure 2: OpenPages Homepage Workspace

Figure 2: OpenPages Homepage Workspace

 

Increased confidence starts with accurate and complete data. OpenPages Task Focused User Interface uses visual cues, validation messages, floating guidance and can make classification recommendations to ensure the first line of defense can easily and accurately capture needed information (see Figure 3).

Figure 3: Visual cues for improved data entry and quality

Figure 3: Visual cues for improved data entry and quality

 

Users can always see their tasks, and the tasks of their team, to ensure risk activities, such as assessments or tests, are proceeding as expected to conclusion (see Figure 4) . This allows for more coaching and less policing of activities.

Figure 4: OpenPages Task Oversight View

Figure 4: OpenPages Task Oversight View

 

Efficiency – Agile GRC and pre-built solutions drive efficiency

Clients are also demanding that new use cases be delivered faster and to be updated more frequently to reflect the volatility in their business. With our recent release of OpenPages, we have delivered a truly agile GRC. OpenPages uses visual design for UI and embedded workflow promoting a transformative, agile collaboration between business and IT (see Figure 5).

Figure 5: Visual studio for creating guided task workflow and user interface

Figure 5: Visual studio for creating guided task workflow and user interface

 

Built on top of OpenPages UI and workflow the solution delivers pre-built content that can be further configured or customized improving the time to market for client’s risk programs. For example, for Regulatory Change Monitoring/Horizon Scanning application, there is a prebuilt integration to Thomson Reuters Regulatory Intelligence (TRRI) that support over 900 regulatory sources to both monitor and map regulatory events within OpenPages (see Figure 6).

 Figure 6: Pre-built content example for Regulatory Change Monitoring

Figure 6: Pre-built content example for Regulatory Change Monitoring

 

With this integration and agile workflow, we are able to identify and triage applicable events and alert the appropriate stakeholders. This allows for appropriate prioritization and classification of events and reveal the potential impact to their obligations, associated policies, procedures and controls (see Figure 7). This enables organizations to more effectively manage the over 58,000 regulatory events that occur annually.

 Figure 7: Regulatory Change Monitoring and Impact


Figure 7: Regulatory Change Monitoring and Impact

 

Transparency – Designed for single view of risk across all domains for all users

Finally, customers need a better, holistic view of risk and compliance across the enterprise down to every employee and supplier. OpenPages common risk library and single data model ensure consistency and holistic views of risk and compliance.  The result is a powerful shift for our clients away from purely “What’s Happened?” to also include “What’s Coming?” using advanced analytics, visualizations and AI.

For example, OpenPages applies interactive tree maps to explore how information such as assessments, business entities, processes, resources, products and controls are all connected in the organization allowing a complete view (see Figure 8).

Figure 8: OpenPages Tree Map

Figure 8: OpenPages Tree Map

 

OpenPages also provides new styles of embedded heat maps and charts that can be either zone or count based providing individuals a fast way of determining areas of focus and impact (see Figures 9, 10).

Figure 9: OpenPages Heat Map

Figure 9: OpenPages Heat Map

 

Figure 10: OpenPages embedded charts

Figure 10: OpenPages embedded charts

 

All of these innovations have come from working with our clients and partners, through our Design Thinking practices, which allows for frequent input and playbacks with our sponsor users. We are grateful that we have outstanding participation and collaboration across our client base. OpenPages with Watson continues to change the game for our clients, enabling the transformation of their GRC framework through standardization, faster use case delivery, greater user adoption and satisfaction.

 

More IBM RegTech Innovations stories

Is “openness” the next big word in financial crime?

About a month ago, I attended the IBM RegTech Summit in London, which brought together a mix of financial services professionals, regulatory experts and technologists. But the terminology was markedly different than most financial crime and compliance events I’ve attended. With terms like “AI,” “machine learning,” “cloud” and “innovation,” you could make a successful run […]

Continue reading

IBM Algo FIRST becomes IBM FIRST Risk Case Studies

In the continued evolution of the IBM Governance Risk and Compliance (GRC) product line, I am pleased to announce that effective today, Algo FIRST (FIRST) is rebranded to IBM FIRST Risk Case Studies. Algo FIRST was acquired by IBM as part of the Algorithmics acquisition which took place in October 2011. During its time at […]

Continue reading

The Thomson Reuters and IBM Exclusive Breakfast Briefing, Oct. 2, 2019 in Toronto

How do compliance professionals manage more than 57,000 regulatory alerts in one year? IBM OpenPages with Watson recently had the opportunity to join host Thomson Reuters for a morning of regulatory compliance thought leadership to explore this very topic. The day began on the 29th floor of Thomson Reuters client center bringing together more than […]

Continue reading