Complex regulatory requirements. Digital innovation. Dynamic workforces. These are challenging times for chief risk officers and their teams. They must navigate a quickly changing and threatening landscape—all while trying to manage costs.
But the right compliance processes, powered by technology, can make all the difference. Here’s a look at how that can work in practice.
Risks are multiplying
Risk managers can often feel overwhelmed by the growing number of risks facing their business. There are some finance and non-financial risks that have always existed such as a mistaken double payment or employee fraud. But now there are new and emerging risks around cybersecurity, data privacy, and ESG (Environmental, Social, Corporate Governance).
<<< Start >>>
of global risk leaders say they believe that complex, interconnected risks are emerging faster than ever before, according to our Global Risk Management Study.
<<< End >>>
And the pandemic has only exacerbated those risks because of economic uncertainty, supply-chain disruptions, and the move to remote work.
When we talked to risk leaders at large organizations about their cybersecurity risk mitigation plans, they said that better understanding how the move to remote work is heightening cyber threats is their top priority.
believe their teams are “fully capable” of assessing risks associated with their firm’s move to cloud.
<<< End >>>
Building a risk management framework
Managing these risks means putting in place an ever-growing number of controls and compliance processes. At most organizations today, testing of controls, compliance and quality is done manually because operations risk management teams haven’t adopted the latest and best technology. More than half of businesses don’t use cloud to manage risk. By embracing cloud, businesses can benefit from the agility it brings to risk management, while reducing the cost. It’s time to scale back on manual processes and replace them with an integrated modular platform powered by control automation that’s capable of testing and tracking end-to-end processes. Additional lifecycle management tools can track issue identification and remediation. Automated sampling can lead to quicker and more reliable results.
Newer technology that’s deployed to automate controls testing and reporting reduces costs and improves accuracy. And it frees up risk professionals to instead focus on new and emerging threats. For example, digitizing and automating Know You Client (KYC) checks can make it easier to monitor and report risks. Or in a call center setting, where companies need to make sure employees only ask need-to-know questions, integrating AI and automated sampling can increase the number of calls that can be reviewed from roughly 30 per day to 300.
Tailor-made control dashboards are another important part of the solution. They can provide trend analysis and show where there are opportunities for improvement. Separate dashboards can be used to plan, track and execute control requirements.
Beyond control automation and control dashboards, businesses need effective control governance. Any strong governance model should stretch across operational, tactical and strategic matters to help deliver the right outcome.
<<< Start >>>
Risks run across every part of a business, so an enterprise-wide risk management approach to identify, assess and monitor risks is key.
<<< End >>>
It’s important to drill down, identifying risks not just at the business unit level, or the process level, but at the specific activity level. For example, in the human resources department, in the onboarding process, controls around an online application experience could verify that a resume is from a genuine candidate.
Being aware of the serious responsibility of the control function helps reduce errors and increase compliance. It’s imperative that employees who perform control and compliance tasks get effective, continuous training. And employees at all levels of the business should understand the impact of non-compliance.
The advantage of working with a strategic managed service provider
Audit committees and boards expect companies to have strong controls in place but few businesses can build and deploy this technology on their own. A service provider like Accenture can run controls on behalf of a company by pushing tech automations into the cloud. That can help drive down costs while their experts benchmark services on an ongoing basis to stay up-to-date on emerging risks.
By working with a strategic managed services to manage operational risk, businesses can see cost savings of up to 50%. For companies struggling with managing ongoing risks in a cost-effective manner, it’s time to take a proactive approach to risk management and implement this new line of defense.
Contributor: Lalitha Satheesh, Principal Director, Digital Risk and Compliance – Accenture Operations