The increase in government regulations seen over the last few years, the increasing pressure from financial markets and statutory compliance requirements has surcharged the focus on an integrated governance, risk and compliance approach for all public and soon to become public companies. Traditional approaches to governance, risk and compliance have relied upon disparate and disjointed solutions to address the requirements of each business process and each new statutory requirement. This fragmented approach has lead to inefficiencies, additional costs and lack of a cohesive and combined effort from all stakeholders to maintain compliance initiatives and provide an accurate assessment of the risks faced by the organization resulting in inaccurate or ill informed judgements.
Governance Governance implies the policies and procedures as well as the management philosophy that is prevalent in any organization. These rules and the level of their administration set the tone in the organization and for any governance to be effective, proper and effective communication is extremely essential.
Risk Each organization is faced by different sets of risks based upon the type of industry, geographical locations and the business model adopted by them. The risks can be broadly classified into Financial Reporting Risks or Operational Risks. Financial reporting risks are that subset of risks that any enterprise faces relative to their published financial statements. Thus, the focus here is only to ensure that no material errors or misstatements flow through undetected to the published financial statements. While financial reporting risks relate only to the published financial statements of an enterprise, the operating risks relate to the safety, economic health, growth and survival of an entity.
Compliance Organizations across the globe struggle to comply with new compliance regulations in various areas such as securities, money laundering, health and financial reporting management. Traditional approach to compliance relies upon specialist groups to cope with each new regulation individually. The various specialist groups approach the requirements with similar but different definitions, data capture, storage and review methods to determine compliance effectiveness. This creates a divided approach that is expensive and onerous to maintain. This also increases the risk of not establishing a sufficiently sustainable control environment to ensure achievement of compliance regulations.
