<p>The concept of enterprise Governance, Risk and Compliance (GRC) – in which multiple aspects of GRC are integrated with each other across an organization – is now well established. When we last analyzed the market for enterprise GRC solutions, in 2015<sup>1</sup>, we highlighted the growing importance of ‘connected’ GRC, and how end users and vendors have largely struggled with the concept. It’s easy to see why: the practicalities of integrating systems from different sources and time periods, often in different languages, make achieving true enterprise GRC a considerable task.</p>
<p>Broadly speaking, little has changed in the intervening years. Despite some industry-specific developments, financial institutions (FIs) still take a mostly siloed approach to GRC, with weak links between departments. However, there is currently potential for significant, widespread changes in future, driven by the current political environment, which could result in rapid changes to enterprise GRC.</p>
<p>The trend continues towards increasingly integrated GRC platforms. This will continue despite regulatory uncertainty and shifting definitions of what constitutes misconduct, largely driven by a set of supply side factors and costs:</p>
<ul>
<li>An increasing focus on cost of GRC and compliance specific technologies. Firms’ aggressive cost prioritization programs have placed a higher than usual emphasis on the cost of GRC and compliance technology.</li>
</ul>
<ul>
<li>The need to keep customers front and center of all operations.</li>
</ul>
<ul>
<li>Developments in sophisticated data-driven technologies. A whole new ecosystem of data analytics has developed, including: standard big data platforms such as Hadoop, AI on the cloud, and new analytical languages such as Python, R, and Lua.</li>
</ul>
<ul>
<li>The emergence of AI and robotics as fundamental components of the workflow platforms and robotics (technological mechanisms to mimic humans).</li>
</ul>
<p>This report gives an overview of the current state of the risk technology market for the main areas of enterprise GRC: operational and conduct risk, model risk governance, artificial Intelligence (AI) for GRC, third-party risk, IT risk management, internal audit management. Specifically, we will consider some of the trends in the areas where we believe progress toward the goal of true enterprise GRC is being made – notably conduct risk, model risk and the application of AI. We will also examine the technology vendors’ approaches in these areas.</p>
Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.
To access these options, along with all other subscription benefits, please contact info@risk.net or view our subscription options here: http://subscriptions.risk.net/subscribe
You are currently unable to print this content. Please contact info@chartis-research.com to find out more.
You are currently unable to copy this content. Please contact info@chartis-research.com to find out more.
Copyright Infopro Digital Limited. All rights reserved.
As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (point 2.4), printing is limited to a single copy.
If you would like to purchase additional rights please email info@chartis-research.com
Copyright Infopro Digital Limited. All rights reserved.
You may share this content using our article tools. As outlined in our terms and conditions, https://www.infopro-digital.com/terms-and-conditions/subscriptions/ (clause 2.4), an Authorised User may only make one copy of the materials for their own personal use. You must also comply with the restrictions in clause 2.5.
If you would like to purchase additional rights please email info@chartis-research.com
