Enterprise GRC Solutions - Market Update 2017

The concept of enterprise Governance, Risk and Compliance (GRC) – in which multiple aspects of GRC are integrated with each other across an organization – is now well established. When we last analyzed the market for enterprise GRC solutions, in 20151, we highlighted the growing importance of ‘connected’ GRC, and how end users and vendors have largely struggled with the concept. It’s easy to see why: the practicalities of integrating systems from different sources and time periods, often in different languages, make achieving true enterprise GRC a considerable task.

Broadly speaking, little has changed in the intervening years. Despite some industry-specific developments, financial institutions (FIs) still take a mostly siloed approach to GRC, with weak links between departments. However, there is currently potential for significant, widespread changes in future, driven by the current political environment, which could result in rapid changes to enterprise GRC.

The trend continues towards increasingly integrated GRC platforms. This will continue despite regulatory uncertainty and shifting definitions of what constitutes misconduct, largely driven by a set of supply side factors and costs:

  • An increasing focus on cost of GRC and compliance specific technologies. Firms’ aggressive cost prioritization programs have placed a higher than usual emphasis on the cost of GRC and compliance technology.
  • The need to keep customers front and center of all operations.
  • Developments in sophisticated data-driven technologies. A whole new ecosystem of data analytics has developed, including: standard big data platforms such as Hadoop, AI on the cloud, and new analytical languages such as Python, R, and Lua.
  • The emergence of AI and robotics as fundamental components of the workflow platforms and robotics (technological mechanisms to mimic humans).

This report gives an overview of the current state of the risk technology market for the main areas of enterprise GRC: operational and conduct risk, model risk governance, artificial Intelligence (AI) for GRC, third-party risk, IT risk management, internal audit management. Specifically, we will consider some of the trends in the areas where we believe progress toward the goal of true enterprise GRC is being made – notably conduct risk, model risk and the application of AI. We will also examine the technology vendors’ approaches in these areas.

  • LinkedIn  
  • Save this article
  • Print this page  

Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.

To access these options, along with all other subscription benefits, please contact info@risk.net or view our subscription options here: http://subscriptions.risk.net/subscribe

You are currently unable to copy this content. Please contact info@chartis-research.com to find out more.

Sorry, our subscription options are not loading right now

Please try again later. Get in touch with our customer services team if this issue persists.

New to Chartis Research? View our subscription options

You need to sign in to use this feature. If you don’t have a Chartis account, please register for an account.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here.