Erwin Boeren 270002C43V ERWIN.BOEREN@NL.IBM.COM | | Etiquettes :  grc risk reporting ibm compliance fsr cognos regulatory solvency ii basel openpages | 0 commentaires | 3 297 visites
Convergence of Performance Management and Risk Management - Part 2
the increase of the Governance, Risk & Compliance maturity level at many of
my clients I see that clients start to realize the benefits of the integration
of GRC activities in their Performance Management cycle. Therefore a follow up
on my previous article around Risk Management and the convergence with
Let me share some insights on Risk & Performance Management initiatives that keep clients busy around Europe. The following 4 items came up in the last 3 months.
1. Cost control and process performance improvement give us the opportunity to embed controls in our process. Lessons learned from Six Sigma and Lean can give us guidance here.
2. How do I manage organizational and regulatory change and monitor the impact on business processes, policies and my risk and control framework?
3. Trending topic is emerging risks, am I able to identity risks that are coming to me over time?
4. Integrated Financial and Risk reporting, an excellent example of ‘Where Performance Management meets Risk Management’.
Cost control and Process improvements
Implementing and testing controls has become a huge cost for many organizations. That is why some of my clients are now looking for a way to reduce cost by embedding controls in their existing business processes. This goes hand in hand with the global initiative on cost reduction. While optimizing or even re designing core business processes internal controls are being embedded in the process. What I see is that the organizations that involve process owners and process contributors are most successful. This is an initiative that we have seen before in Lean Six Sigma projects. The only way to optimize processes and to reduce waste is to involve the process owners. Instead of increasing regulatory pressure we should seek a solution in this area in my opinion. Business cases around this have proven to be very successful and savings up to millions of Euros per year have been achieved.
Regulatory changes are a huge concern of many risk, compliance, legal and audit professionals. How can we monitor these changes and how can we understand the impact on our organization? Taking this together with the fact that policy management is changing from a ‘must do’ once a year to a continuous process tells us that an integrated approach to Governance, Risk & Compliance is necessary to drive performance. I come across clients that have a monthly Performance Report that shows how they derived business objectives from their policies and how they are performing on a compliance level to these objectives. What risks did they identify in this process and how will they respond to these risks? Organizations realize that they need to understand the correlation between processes, policies, regulations, business objectives, risks and controls and how they might impact each other. An integrated GRC view is the only way to face this challenge.
Emerging Risk Modelling
One of the trending topics among customers is Emerging Risks. Can we model risks that we see coming and can we follow up on risks that are getting closer or fading away? Analytical Risk modeling is an answer to this question. This also let you perform risk forecasting with different scenarios. Interesting question is how the increase of a risk exposure in an operating entity will impact my group level exposure? Risk Analytics, derived from the Performance Management area can help us answer these questions. A financial performance management cycle contains the exact same characteristics.
Integrated Financial and Risk performance reporting
Financial and Risk reporting are standard items in today’s Annual Reports, Tax statements, Management reports and Regulatory reports. The big question is how do I keep all of this information organized in such a way that I understand the source of the information, the transformation it has gone through, the owner of the information and most important when information changes at the last moment that all information output contains the latest version? No bigger reputational risk than sending out inconsistent information to stakeholders. Some organizations saw their share price drop with 25% due to inconsistent external reporting. One of my clients has implemented a solution that orchestrates all of these information sources with workflow capabilities and even XBRL output. From a risk perspective this is a great mitigation of your reputational risk and an excellent example of ‘Where Performance Management meets Risk Management’.
Blog post by Erwin Boeren
Senior Governance, Risk & Compliance specialist IBM Europe
Twitter : http
Erwin Boeren 270002C43V ERWIN.BOEREN@NL.IBM.COM | | Etiquettes :  ibm solvency insight dashboarding governance grc openpages management reporting risk basel cognos ii compliance | 0 commentaires | 2 949 visites
With the brand-new IBM Cognos Insight you can now connect to your IBM OpenPages environment from your desktop. You always have that moment that you need the information on a report but just a bit different than the standard report provides to you. The solution is here now, IBM Cognos Insight!
Insight is a powerful, intuitive desktop solution, that can read many different data sources from Excel to datawarehouses. Even your real time IBM OpenPages environment!
And it is not only reporting and dashboarding but it also lets you create what if scenarios on the fly! How would my risk exposure be if in one risk category the loss impact increases with 15%? Two clicks and you know the answer! And then you can comment on your report, which gives your colleagues more information on the context the moment you share your workspace.
How easy can risk reporting be???
For more tour on how IBM Cognos Insight please look at : http
Blog post by Erwin Boeren
Senior Governance, Risk & Compliance specialist IBM
Twitter : http
Erwin Boeren 270002C43V ERWIN.BOEREN@NL.IBM.COM | | Etiquettes :  openpages grc ipad solvency reporting | 0 commentaires | 1 478 visites
With Cognos 10.1.1 released you must have noticed the ability of having your reports and dashboards on mobile devices like iPad and iPhone.
With these mobile capabilities CROs (Chief Risk Officers) will now have the ability to measure risk from their mobile devices. For volatile risk areas like Market and Credit Risk this can make a huge difference.
IBM developed a risk monitoring system for CROs where one single version of the truth is provided of different risk areas like Credit Risk, Market Risk, Counterparty Credit Risk, Liquidity Risk, Basel II, Solvency II and Operational Risk. Not only does a CRO have the ability to monitor all these risk areas but he can also monitor the correlation between those risk areas and he is able to respond immediately to changes. Responses can immediately be formulated in the integrated social media platform.
One version of the truth and guaranteed quality of your data is simple to say but how do you govern this? This is where IBMs investment in data models starts to pay off. Since decades IBM develops and maintains data models for financial services including out of the box technical and business definitions. This enables organizations to come to one definition of risk over the entire organization. Taking definitions centrally will add value in the process of taking down the silod approach we spoke about in earlier articles. It will also help you in the accountability process of the business. Finally it is the business that should own the business definitions.
As discussed in our previous published blog (The convergence of GRC and Performance Management) Business Analytics capabilities like risk forecasting, risk adjusted profitability calculations, scenario planning and predictive risk analysis are part of this risk monitoring system called FIRM (Finance Integrated Risk Management).
The new regulation for Insurance companies, Solvency II requires organizations to plan their risk assessments and capital requirements 2 to 5 years ahead and to reflect impact on financial positions when a risk materializes. All this means that an integrated approach to risk management is a must. In next blogs we will go deeper into the Solvency II regulation.