IBM RegTech Innovations

Reimagining the first line of defense with next-gen GRC

Share this post:

The global financial crisis of 2008 and 2009 brought a renewed focus on the governance, risk and compliance (GRC) processes within the financial institutions, who, not very long ago, viewed GRC as little more than a necessary evil – cost of doing business, which added little value. In today’s rapidly changing business environment, managing responsiveness and the proliferation of regulations and IT systems, as well as rapidly expanding volumes and data variety, has become a high stakes balancing act. Financial services organizations are now under increased pressure to significantly transform governance, risk and compliance processes. Given the advancement in technology and dynamic business scenarios, firms have started to look at technology to get more insightful, efficient and faster since traditional mechanisms of effective risk management and regulatory compliance are fast becoming outdated.

 Engaging and empowering the first line of defense in the 3LOD model

Defining the first line of defense and its responsibilities remains a challenge even within most financial institutions that are employing the 3LOD model. Previously, risk teams consisted of a relatively small number of specialists in the organization who only engaged with people in the first line of defense periodically, typically within the context of an annual audit. The relationship was largely an interview, or based from a questionnaire, and treated as a “check box” exercise by many. However, with the changing perceptions of industry leaders and business professionals over the time, there is better participation from the first line of defense stakeholders.

As the scale of risk and compliance challenges has grown—along with the volume of data—so, too, has the number of business managers and subject matter experts who have taken on first line of defense responsibilities. First line of defense business users have increasingly come to realize that risk is not only everyone’s responsibility but also a key part of business operations today. The importance of the front office in the broader control framework was also reinforced by guidance on Jan 4, 2018 from the Federal Reserve Board (FRB), and the Financial Conduct Authority (FCA). Leaders of financial institutions have started to reevaluate their organizations for better clarity of the roles and responsibilities of the three lines of defense, to see how they can be fully engaged in their organization’s integrated risk framework.

Implementing next-gen integrated GRC to manage risk and regulatory challenges with ease

Firms are looking for GRC solutions that are accurate in their risk reporting, flexible in adapting to regulatory change, and easy enough to use so that they can be deployed to large numbers of users without extensive training. These next-generation GRC solutions offer the potential to ensure compliance with evolving regulations through transformative business capabilities

Experts advise, before implementing a GRC solution, financial services organizations need to redesign their processes in the manner they want it to work. Besides, it is advisable for firms to adopt a multi-strategy approach with a strong understanding of their current state of the organization as well as the culture while designing your integrated GRC processes and defining the roles & responsibilities for the three lines of defense will help in creating an agile and robust GRC.

Managing risk in silos does not provide a true picture of the overall risk at an enterprise level and therefore is not an optimal approach in the long run – an integrated next-gen GRC solution is.

IBM OpenPages with Watson 8.0 is the market’s only cognitive-driven integrated GRC portfolio that provides core services and functional components spanning operational risk, regulatory compliance, IT risk and security, internal audit, vendor risk, policy management, model risk management and financial controls management.

This next-generation GRC platform features the business intelligence capabilities and is integrated with IBM Watson natural language processing and machine learning capabilities, within a UI developed with IBM Enterprise Design Thinking for optimal user interaction.

The solution is designed to be easy to use, adopt and deploy. Designed to increase overall productivity and efficiency, the solution supports agile implementation for rapid time to value. While business administrators can configure workflows to automate GRC processes in minutes, the embedded guidance provides timely information to the user. This enables businesses to meet deadlines and use solutions sooner to stay in front of fast-changing regulatory and business demands.

To watch a live demo of IBM OpenPages with Watson and learn more about the next-gen integrated GRC solution, please join us for episode two of the IBM RegTalk webinar series, scheduled for Feb 21, 2019 at 11 AM EST / 4 PM GMT.

For RegTalk episode 2, Alistair Rennie, Watson Financial Services General Manager, will discuss with leading industry experts:

  • The need for a fully engaged 3 lines of defense for effective enterprise risk management.
  • How user experience design (UXD) is empowering the first line of defense,  and enabling the business to realize the value of “owning” risk.
  • The strategies and practices to engage the first line of defense.
  • How a reimagined user experience in IBM OpenPages with Watson 8.0 is helping business users to clearly understand required tasks with no  training required.

Click here to register for RegTalk episode 2.

For previous and future episodes of IBM RegTalk, please visit

Portfolio Marketing Lead, Watson Financial Services

More IBM RegTech Innovations stories

BNZ protects customers (and the customer experience) with IBM Safer Payments

Bank of New Zealand (BNZ), one of the leading banks in ANZ, announced late last year that they have selected IBM Safer Payments to deliver cross-channel fraud protection to its customers. The multi-million-dollar deal supports BNZ’s efforts to provide frictionless and safer payments experience to their customers. Growing fraud requires new approach Many conveniences that […]

Continue reading

Embracing the future of fraud prevention in the multi-(cloud) verse

Riddle me this? What do a large Australian bank, a leading U.S. financial payment solutions provider, and a major New Zealand bank all have in common? They all have recently deployed or will soon be deploying the IBM Safer Payments fraud prevention solution on their preferred cloud infrastructure – IBM Cloud, Amazon Web Services (AWS) […]

Continue reading

Stemming the AML crisis and seeing immediate value with AI

When it comes to AML compliance, or the lack thereof, the financial industry is having rough year. A number of money laundering schemes have come to light, including the $8.8 billion Troika Laundromat, which have exposed or implicated a large swathe of the industry. Despite wide talk of deregulation, penalties from Office of Foreign Assets […]

Continue reading