Enterprise GRC – Time for GFRC


10 April 2014

Chartis, the leading provider of research and analysis on the global market for risk technology, has issued a new report on the market for Enterprise GRC technology.

Firms need to develop a more sophisticated approach to GRC by moving away from a focus on controls toward an approach that incorporates people and behavior.

To drive a behavior-driven approach to GRC, firms need to incorporate performance and remuneration measurements into GRC. Chartis believes that firms should replace ‘GRC’ as a concept with ‘GFRC’ – Governance, Finance, Risk, and Compliance

“Traditional GRC is outdated and fails to manage risk and prevent serious compliance breaches,” comments Peyman Mestchian, Managing Partner at Chartis. “Firms need to move beyond traditional GRC and take a more dynamic approach to governance, risk, and compliance.”

Chartis also believes that firms should do more to incorporate areas currently overlooked by GRC, including model risk, conduct risk, reputational risk, and stress testing.

The Chartis report provides in-depth coverage of the market for Enterprise GRC systems, including the business requirements of financial institutions, areas for innovation, regulatory drivers, technology requirements, and the competitive landscape for leading GRC vendors.

The report examines the role of data management tools, assessment tools, monitoring tools, stress testing engines, shared services and analytics, BI and visualization tools, and cloud and software-as-a-service options. The report is an update to Chartis’s Enterprise GRC Solutions 2012 report.

The report uses Chartis’s RiskTech Quadrant® to explain the structure of the market and the vendor landscape. The RiskTech Quadrant® uses a comprehensive methodology of in-depth independent research and a clear scoring system to explain which technology solutions meet an organization’s needs.