While businesses around the globe struggle to survive, business resiliency is being tested by a corporation’s agility to align with changing demand, supply chains, work force, policies and regulations, to name a few during the biggest disruption of the 21st century which is COVID. The overarching metric in this world of “unknown unknowns” is a corporation’s ability to dynamically measure all aspects of risk – enterprise, operational and reputational risk – when dealing with a global workforce and supply chain. Over the last few decades, businesses have become more dependent on low cost offshore development centers which have given rise to the huge growth of offshore system integrators.

Corporations have raced to set up shop in developing countries like Brazil, Russia, India, China and South Africa. Today, given the new WFH (Work from Home) paradigm in developing countries, organizations are struggling with addressing new infrastructure demands, security impacts, changes to policies – both internal and external – and new and evolving government regulations, all creating huge stresses to an organization’s ability to be compliant while addressing business continuity.

Many organizations are revisiting their business models and evaluating their option to:

Re-shore – Bringing back critical and major business processes inhouse

Offshore – Identifying processes which can be executed offshore

Automate – Injecting RPA and other AI tools to automate business functions

Risk – The main driver which will enable the above evaluation process.

The ability for an organization to identify, assess, calibrate, aggregate and report risk in real time will be key to surviving in these uncertain times.

Evolving government policies and transparency will directly impact “re-shore and offshore” decisions. Data and IP security will be other key factors which are now at the forefront, given that many company’s workforces are now Working from Home. Government benefits (PPP) and restrictions will also play a role in the re-shoring decision. Organizations will have to work closely with global SIs to come up with a risk mitigation plan by moving sensitive and critical functions onshore (re-shore). Policies will have to be re-written to ensure that internal and external compliance requirements are met. Organizations will have to closely review offshore tasks to evaluate automation opportunities to mitigate risk.

Organizations, in order to be resilient, will have to take a risk-based holistic approach to conduct their businesses as a passive, siloed approach is bound to be disastrous. Front lines must be empowered with the first line of defense and have the ability to identify and report deviations (observations) in business processes – a critical step in identifying risk. Observations will need to be evaluated, calibrated and aggregated using risk models to dynamically score observations and report risk in real time to decision makers. Sensors need to be embedded using IoT and other technologies to monitor business functions (supply chains), country specific news feeds, and other structured and un-structured data sources, to evaluate risks to global business models in real time.

Organizations need to act now and evaluate their GRC platforms to ensure agile decision making based on risk!

About the author:

Sarojit has 25+ years of business development, consulting and program management experience in the Banking and Financial sector.