Prior to MDOS, the company used a traditional approach to streamline its organizational hierarchy. It chose the hierarchy primarily based on risk reporting relationships while also reflecting the human resources and financial reporting hierarchies. It resulted in approximately 310 organizations within the overarching five-level organizational structure:
Level 1: Top of the house structure, providing visibility into all child organizations within the enterprise. This is where all the reports roll up to.
Level 2: Offers a regional view which also includes the oversight functions.
Level 3: The Divisional level (or the company level for European and Reinsurance companies).
Level 4: The line of business level (or the divisional level for European and Reinsurance companies).
Level 5: The Departmental level.
The company, with its many layers, regions, dual reporting relationships, and so on, found the legacy framework to be inefficient as it led to a number of duplicate functions or lines of business both within a region and across all regions. It also made it difficult to search and report, control granular data access, and maintain and accommodate changes to the organizational structure. It also made it difficult for risk and compliance data aggregation at various levels of its complex organization structure.
To overcome these challenges, the company started looking at ways in which it could optimize the organizational structure and implemented MetricStream MDOS.
MetricStream MDOS offers a more robust organizational structure with a flexible data model that supports up to 6 dimensions. Enterprises can setup multiple multi-hierarchy structures mirroring their actual organizational multi-hierarchy structures with each multi-hierarchy structure as a dimension. The MDOS dimensions are fully configurable, meaning that organizations can decide what dimensions they want to use depending on their needs and organizational structure. This means that for one owner organization there could be six dimensions or attributes such as company, legal entity, function, location, line of defense, restricted, language, and others.
Each dimension could be linked to the organization’s golden source of data. The dimensions don’t come pre-populated out-of-the-box and any company can define up to 6 dimensions that are relevant to their business model.
Rationalized organizational structure with elimination of duplicate organizational nodes
Unified, single screen visualization of organizational structure simplifying node selection
Flexibility to maintain independent dimensions
Simpler maintenance compared to the legacy organization framework
Aggregation of risk data at any level of the organization
The financial giant evaluated MDOS between April and June 2019 to understand this capability and what benefits it could engender. This was followed by sandbox prototyping, deciding the dimensions, data migration, and training sessions. The company went live with MDOS in November 2019. It chose two dimensions –
With the implementation, the company rationalized organizational units to reduce it to 113 from 130 organizational units mapped in the MetricStream Platform, successfully eliminating node duplication and redundancies. In the new structure, Level 1 is still the top of the house, but Level 2 has been replaced by key functions or lines of business and Level 3 represents sub-functions and departments.
MDOS helped the company close three key gaps related to GRC data governance and reporting by enabling a clear segregation of access (view and report) between the three lines of defense, reporting for legal entities, and access restriction to privileged and confidential information. This has helped to streamline and improve risk and compliance management activities across the locations they operate in.
MetricStream enables the organization to perform risk assessments for specific business units, functions, locations, etc., generate detailed reports, and provide actionable insights.
MDOS offers the company a lot of flexibility with reporting which didn’t exist with the traditional approach. It provides additional filtering capability in reporting that allows to filter all the dimensions as well, meaning that instead of just focusing on a particular owner organization, the company can now look at any combination. In other words, the company can now run reports on a particular legal entity regardless of the organization, look at all of the issues pertaining to a particular location or function, such as all risk-related issues, compliance-related issues, etc.
This feature enables the customer to efficiently measure organizational risk exposure by slicing, dicing, and aggregating the data at any defined level of the organization.
With MDOS, the company has successfully optimized its organizational structure. The implementation has helped ensure that their GRC solution continues to provide a common view of the organizational hierarchy while improving risk and compliance decision-making, even with constant changes in the organizational design. The result was a 30 percent improvement in reporting and analytics for legal entities and a lower overall cost of ownership.