Vendor Highlights: Aravo Solutions - Third-Party Risk Management 2017

This report provides an independent evaluation and description of Aravo Solutions’ leading practices and competitive position. The analysis is based on information in the Chartis Report Enterprise GRC Solutions: Market Update 2017, and the RiskTech Quadrant® for third-party risk management solutions.

The report also includes brief coverage of:

  • The main demand-side trends in this market, with an analysis of the key business and regulatory challenges.
  • The supply-side dynamics, with a focus on the vendor landscape.

Enterprise Governance, Risk and Compliance (GRC) is now well established. The concept of ‘connected’ GRC is becoming more important, but end users and vendors are largely struggling with the concept; financial institutions in particular are still taking a mostly siloed approach to GRC, with weak links between departments. There is, however, potential for significant and widespread changes to enterprise GRC. The trend continues toward increasingly integrated GRC platforms, despite regulatory uncertainty and shifting definitions of what constitutes misconduct. This trend is driven largely by costs and supply-side factors, including:

  • An increasing focus on the cost of GRC and compliance-specific technologies. Firms’ aggressive cost prioritization programs have placed a greater than usual emphasis on the cost of GRC and compliance technology.
  • The need to keep customers front and center of all operations.
  • Developments in sophisticated data-driven technologies. A whole new ecosystem of data analytics has developed, including standard Big Data platforms such as Hadoop, Artificial Intelligence (AI) in the cloud, and analytical languages such as Python, R and Lua.
  • The emergence of AI and robotics (software that controls and automates rule-based processes, removing the need for human supervision) as fundamental components of workflow platforms.

A particular focus within Enterprise GRC is conduct risk; regulators are giving out larger fines and increasingly targeting individuals for misconduct. And tightening regulations mean that firms, in addition to managing misconduct within their own organizations, are increasingly required to deal with misconduct originating from their business and supply chain partners, as well as other sources of disruption, including data breaches and natural disasters. Doing this requires third-party risk management: firms must apply due diligence when selecting and evaluating their business partners, which relies heavily on access to data from internal and external sources. To protect themselves from third-party failures, firms must generate their own data, or get it from other sources. This focus on data gives vendors with strong data provision and management backgrounds a distinct advantage.

  • LinkedIn  
  • Save this article
  • Print this page  

Only users who have a paid subscription or are part of a corporate subscription are able to print or copy content.

To access these options, along with all other subscription benefits, please contact or view our subscription options here:

You are currently unable to copy this content. Please contact to find out more.

Sorry, our subscription options are not loading right now

Please try again later. Get in touch with our customer services team if this issue persists.

New to Chartis Research? View our subscription options

You need to sign in to use this feature. If you don’t have a Chartis account, please register for an account.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here.