×
Case Study

Global Fortune 500 Bank Builds Trust and Credibility by Improving Compliance Maturity

As a large global enterprise with diverse business interests, the bank is subject to a complex and highly dynamic web of regulations. Earlier, these requirements were dealt with reactively i.e. by developing multiple, disconnected compliance programs and systems without any integration between them. The result was a maze of compliance siloes that failed to provide an accurate picture of enterprise-level compliance.

In response, the bank began looking for a way to integrate their compliance initiatives into a single source of truth. Their aim was to reduce process redundancies, while enhancing cross-functional coordination on both regulatory and corporate compliance processes.

The Compliance Quandary

For many years, the bank managed their compliance processes manually – an approach that was not only prone to data errors, but also highly cumbersome, given the number of global and local regulations that had to be complied with.

In addition, the bank didn’t have an efficient mechanism to manage regulatory changes. Alerts from various regulatory information sources were captured in an ad-hoc manner using multiple different spreadsheets rather than standard templates. This model wasn’t a sustainable one, especially as the pace of regulatory change increased.

None of these challenges could be solved manually or disparately. The bank wanted a system that would integrate compliance processes, so that the insights that ultimately rolled up to the senior management and board would provide a complete, accurate, and real-time view of the enterprise’s compliance posture. To meet these requirements, the bank chose the MetricStream Compliance Management, built on a scalable, extensible M7 Integrated Risk Platform – intelligent by design.

Efficient Obligation Mapping and Policy Management

Using MetricStream’s M7 Integrated Risk Platform’s data foundation, the bank has been able to map all regulatory rules or obligations in a structured, multi-dimensional, relational, and non-redundant compliance data universe that serves as a common source of compliance information for all functions. Each obligation is linked to the applicable lines of business, policies, and controls. In addition, roles and responsibilities are clearly defined to ensure accountability.

The product also helps the bank manage the complete lifecycle of organizational policies across business units, divisions, and global locations. It standardizes policy workflows, while integrating data in a way that enables users to easily understand the impact of regulations, risks, and controls on policies

 

Challenge

  • Lack of collaboration across compliance teams
  • Disconnected compliance processes
  • Fragmented visibility into global regulatory engagements

Business Value Realized

 

Improved communication and coordination on compliance processes across the organization

 

Efficient management and oversight of the bank’s relationships with regulators globally

 

Efficient and accurate management reporting capabilities

 

 

Streamlined Regulatory Change Management

Through the product, the bank has set up regulatory feed channels which automatically pull regulatory updates from multiple sources. These changes are tracked efficiently, while all impacted stakeholders (identified through the underlying relationships to organizational structures) are notified and involved in various stages of the regulatory development process.

The product also streamlines the process of analyzing the impact of regulatory changes. It helps in assessing the associated risks, reviewing and approving change management tasks, updating policies, testing controls, and resolving issues.

Regulatory development tasks are assigned, tracked, reviewed, and approved in a systematic and consistent manner. Automated updates and alerts help ensure that all regulatory developments and corresponding actions are monitored through to closure.

Improved Visibility Into Compliance Risks and Issues

The product enables the bank to assess compliance risks based on configurable methodologies and algorithms. It delivers both quantitative and qualitative ratings on risk impact and likelihood, allowing users to identify potential issues and areas of concern.

Meanwhile, compliance risk dashboards, heat maps, and color-coded charts highlight areas that require attention through a simplified visualization of risk data sorted by country, risk type, and other parameters. Any issues that are found are routed through a coordinated remediation process.

Simplified Case Management

Using the product, the bank can capture, investigate, and resolve compliance cases or violations that are found. Intuitive reports and dashboards make it easy for stakeholders to identify the cases that need immediate action and investigation.

Enhanced Credibility With Regulators

With the MetricStream product, the bank can successfully manage and coordinate multiple types of regulatory engagements, including exams, meetings, and information requests.

The product streamlines and automates engagement workflows – right from when a regulatory notification is received by the bank, till the response is submitted and the findings are addressed.

Interactive dashboards and reports provide comprehensive visibility into all regulatory engagements, enabling the bank to proactively identify and respond to trends, areas of concern, and opportunities.

Engagement managers can swiftly track and address regulatory findings, issues, and concerns.

Related Stories

Article

Effectively Navigating Regulatory Change

Article

Reboot. Realign. Reimagine: Internal Auditors’ Approach to Beat Risks

Article

State of Internal Audit Survey Report 2021

lets-talk-img

Ready to get started?

Speak to our experts Let’s talk