Why New Governance, Risk, and Compliance Models Are Needed

  • Chiara Gelmini, Business Practice Manager at Appway

  • 21.07.2017 12:45 pm
  • Compliance , Banking

The financial industry is experiencing serious changes. New market trends, disruptive technologies, evolving economic structures, and increasing regulatory requirements are pushing the sector towards business models that emphasize an ecosystem of holistic governance, risk, and compliance (GRC) management. As the financial landscape continues to transform, banks must review and assess how they manage and reduce risks.


GRC-modelA holistic approach to GRC

With the move towards a more comprehensive GRC model, compliance has acquired a new role and weight in the corporate ecosystem. More than ever before, it must manage uncertainty around legal and regulatory requirements and incorporate these into market trends and internal policies throughout the organization. Compliance must now take a driver’s seat within a financial institution. Banks need to proactively identify potential needs and problems and ensure the compliance function is an integral component of any initiatives from the start. Because of the new responsibility that compliance has taken on, the compliance officer has evolved into a risk manager, with growing powers and responsibilities.


However, while compliance is essential, it’s only one aspect of GRC. Here’s a brief breakdown of GRC’s three main pillars:


The overall approach and processes established and executed by a business’ management and projected across the entire organization.

Risk Management

The set of procedures and activities put in place to spot, assess, and respond to risks that might affect–directly or indirectly–the achievement of goals.


Conforming to legal and regulatory requirements by putting in place the needed structures and policies.

In order for GRC to be successful, it must be carried out based on its four critical building blocks: resources, strategy, technology, and procedures. GRC also touches many departments and stakeholders. This means that the three main pillars, their building blocks, and the various departments involved have to connect in a holistic and integrated way so that the right people get the right info and can take the necessary actions.

Segregating GRC initiatives from the rest of the organization will lead to noticeable inefficiencies. This is why financial institutions must create GRC models that ensure their organizations work properly and ethically. By adhering to these corporate values and risk appetites, banks will be able to achieve great resilience in the wake of financial industry changes.

Want to learn more about what’s impacting the financial industry and how banks can prepare? Check out our compliance series for lots of helpful tips.

Other Blogs