Governance, Risk and Compliance
Governance, Risk and Compliance continues to be complex business challenge. With an ever changing and complex regulatory landscape, it can be hard to stay up to date. Regulatory requirements challenge boards to greater levels of transparency, objectivity and professionalism with governance, culture and reporting increasingly an area of focus.
The Senior Managers and Certification Regime (SM&CR) has put corporate governance and culture firmly in the regulatory spotlight with increased accountability and potential exposure to liability means directors need to ensure that corporate governance standards are adhered to and robust compliance management systems are in place.
In addition to good corporate governance, regulators throughout Europe are increasingly keen for firms to change culture, moving away from commission-based sales structures towards models that operate in the customer’s best interests for the long term.
Conduct Risk builds on the ‘Treating Customers Fairly’ regime and looks to not only provide protections at the point of sale, but on a long-term basis throughout the client’s relationship with the company. As a firm you are expected to:
- Have a strategy that puts the customer first and which produces long term sustainable profitability;
- Develop products that operate in the interests of customers, ensuring they are understood by the target audience;
- Have a culture throughout the firm that supports good, long term consumer outcomes, driven at board level and disseminated throughout the organisation; and
- Ensure products and services are appropriate, with regular stress testing taking place.
What are the dangers of poor GRC practices?
Poor GRC practices are dangerous for all business, whether large or small.
Failure to meet legal and regulatory obligations can often lead to public censure, fines or even to imprisonment in the worst cases. It is likely to cause reputational damage to the business and endanger the viability of businesses.
There are myriad warning signs of poor GRC practices, but they can include repeated errors, poor productivity, lack of risk appetite, lack of information (MI), poor service Legal or regulatory breaches and lack of risk management.
Do you have a problem with GRC in your business?
Many businesses don’t recognise they have a GRC problem until it’s too late. Fire-fighting can be very disruptive and expensive and many businesses do not survive such a catastrophe – whether self-inflicted or caused by external risk.
So, what business issues keep you awake at night?
How can we help?
We have extensive experience of assessing GRC standards across a wide range of firms. We don’t apply a one size fits all and bespoke our solution to the size and complexity of the firm. Our team of highly experienced and knowledgeable practitioners will carry out investigation work to determine your level of compliance with expected GRC standards and can assist you to implement practical solutions to any problems that are identified. We can provide you with assurance on the standards achieved to support senior managers under the Senior Managers and Certification Regime and specialised training to ensure your Board is kept up to date on the most pressing issues.