IBM RegTech Innovations

Reimagining the first line of defense with next-gen GRC

Share this post:

The global financial crisis of 2008 and 2009 brought a renewed focus on the governance, risk and compliance (GRC) processes within the financial institutions, who, not very long ago, viewed GRC as little more than a necessary evil – cost of doing business, which added little value. In today’s rapidly changing business environment, managing responsiveness and the proliferation of regulations and IT systems, as well as rapidly expanding volumes and data variety, has become a high stakes balancing act. Financial services organizations are now under increased pressure to significantly transform governance, risk and compliance processes. Given the advancement in technology and dynamic business scenarios, firms have started to look at technology to get more insightful, efficient and faster since traditional mechanisms of effective risk management and regulatory compliance are fast becoming outdated.

 Engaging and empowering the first line of defense in the 3LOD model

Defining the first line of defense and its responsibilities remains a challenge even within most financial institutions that are employing the 3LOD model. Previously, risk teams consisted of a relatively small number of specialists in the organization who only engaged with people in the first line of defense periodically, typically within the context of an annual audit. The relationship was largely an interview, or based from a questionnaire, and treated as a “check box” exercise by many. However, with the changing perceptions of industry leaders and business professionals over the time, there is better participation from the first line of defense stakeholders.

As the scale of risk and compliance challenges has grown—along with the volume of data—so, too, has the number of business managers and subject matter experts who have taken on first line of defense responsibilities. First line of defense business users have increasingly come to realize that risk is not only everyone’s responsibility but also a key part of business operations today. The importance of the front office in the broader control framework was also reinforced by guidance on Jan 4, 2018 from the Federal Reserve Board (FRB), and the Financial Conduct Authority (FCA). Leaders of financial institutions have started to reevaluate their organizations for better clarity of the roles and responsibilities of the three lines of defense, to see how they can be fully engaged in their organization’s integrated risk framework.

Implementing next-gen integrated GRC to manage risk and regulatory challenges with ease

Firms are looking for GRC solutions that are accurate in their risk reporting, flexible in adapting to regulatory change, and easy enough to use so that they can be deployed to large numbers of users without extensive training. These next-generation GRC solutions offer the potential to ensure compliance with evolving regulations through transformative business capabilities

Experts advise, before implementing a GRC solution, financial services organizations need to redesign their processes in the manner they want it to work. Besides, it is advisable for firms to adopt a multi-strategy approach with a strong understanding of their current state of the organization as well as the culture while designing your integrated GRC processes and defining the roles & responsibilities for the three lines of defense will help in creating an agile and robust GRC.

Managing risk in silos does not provide a true picture of the overall risk at an enterprise level and therefore is not an optimal approach in the long run – an integrated next-gen GRC solution is.

IBM OpenPages with Watson 8.0 is the market’s only cognitive-driven integrated GRC portfolio that provides core services and functional components spanning operational risk, regulatory compliance, IT risk and security, internal audit, vendor risk, policy management, model risk management and financial controls management.

This next-generation GRC platform features the business intelligence capabilities and is integrated with IBM Watson natural language processing and machine learning capabilities, within a UI developed with IBM Enterprise Design Thinking for optimal user interaction.

The solution is designed to be easy to use, adopt and deploy. Designed to increase overall productivity and efficiency, the solution supports agile implementation for rapid time to value. While business administrators can configure workflows to automate GRC processes in minutes, the embedded guidance provides timely information to the user. This enables businesses to meet deadlines and use solutions sooner to stay in front of fast-changing regulatory and business demands.

To watch a live demo of IBM OpenPages with Watson and learn more about the next-gen integrated GRC solution, please join us for episode two of the IBM RegTalk webinar series, scheduled for Feb 21, 2019 at 11 AM EST / 4 PM GMT.

For RegTalk episode 2, Alistair Rennie, Watson Financial Services General Manager, will discuss with leading industry experts:

  • The need for a fully engaged 3 lines of defense for effective enterprise risk management.
  • How user experience design (UXD) is empowering the first line of defense,  and enabling the business to realize the value of “owning” risk.
  • The strategies and practices to engage the first line of defense.
  • How a reimagined user experience in IBM OpenPages with Watson 8.0 is helping business users to clearly understand required tasks with no  training required.

Click here to register for RegTalk episode 2.

For previous and future episodes of IBM RegTalk, please visit

Portfolio Marketing Lead, Watson Financial Services

More IBM RegTech Innovations stories

Ask the expert: 20 questions fraud fighters want to know

In our webinar yesterday, the first in the series AI Fraud Detection — Beyond the Textbooks, we ran out of time and weren’t able to address some great questions we had from the audience. Instead of waiting until the next episode, I hope these brief answers will be of help and interest to both those […]

Continue reading

Thinking in cloud microservices – Reshaping how firms architect risk and investment management

One of the privileges of the innovation team is that we get to evangelize concepts that are poised to reshape how our business will function. For the last year or two, we’ve been encouraging and enabling our organization to “think in microservices”. While fundamentally an architectural paradigm, technology designed as microservices has the potential to […]

Continue reading

Payments modernization: Addressing threats and assessing new opportunities

Payments modernization initiatives around the globe have long been a topic of huge interest and are at different stages of implementation in different countries. Time and again, it has proven to be a catalyst for transformation that has fueled innovation. Canada is now completely into this modernization party, driven by the modernization agenda and timeline […]

Continue reading