Case Study

Prominent National Bank Achieves Greater Efficiency in Policy Management


As a trusted financial services provider, the bank is committed to maintaining a strong culture of compliance across its enterprise. One of the best ways to do that is through effective policies. Earlier however, the bank’s policies were inconsistently formatted, difficult to locate, and challenging to update. The need of the hour was a system that would make it easier to manage, communicate, implement, and amend all policies and documents across the organization.

  • Understanding the Problem

Each business group such as Legal, Information Security, and HR used different formats and templates to create their policies. This fragmented approach gave rise to multiple policy inconsistencies across locations and regulatory jurisdictions.

Although the bank had a policy repository in place, employees often found it difficult to access the right policy at the right time. In addition, there was no tracking mechanism to determine if a policy had been reviewed, approved, communicated, and attested to by employees. It often took weeks to report on the status of policy management.

Meanwhile, as regulatory and corporate requirements changed, policies had to be updated in a dynamic manner. Compliance teams needed to ensure that the latest versions of the policies were made available to the relevant employees. To do that, they needed an agile and robust policy management solution.

After reviewing multiple solution providers, the company selected MetricStream based on our experience in policy management technology, coupled with the simplicity, scalability, transparency, and accountability enabled by our policy management app. The extensibility of the underlying GRC platform, as well as its potential to be deployed rapidly were major factors that influenced the company’s choice.

The MetricStream Policy and Document Management App was deployed on the cloud at the bank’s headquarters. The cloud hosting model helped ensure that employees had access to relevant policies and documents from different locations at all times. MetricStream was able to migrate all the client’s existing policies and documents from the existing repository onto the new app efficiently and quickly.

Today, the app has enabled the bank to streamline policy management processes, while also automating many of the tasks that were previously manual. Policy templates have been standardized across the enterprise for greater consistency. Using the app, the bank can effectively communicate its policies to all employees or to specific business groups, strengthening compliance with regulatory and corporate requirements.

  • Faster Policy Creation, Review, and Approval

The app enables the bank to effectively create, categorize, and update all policies and documents. It also helps users map these policies and documents to changing compliance requirements and standards, so that gaps or inconsistencies can be easily identified.

The bank can efficiently upload supporting documents with internal and external reference links. Streamlined workflows make it easy to route policies for review and approval to the relevant personnel who can then enter their comments, and red-line sections for additional amendments.

  • Effective Policy Communication and Attestation

Once a policy has been approved, the app helps the bank communicate it to employees using automatic email notifications. If there are any policy updates or changes, the relevant personnel can be easily notified. The app also enables employees to attest to their understanding of each policy.

  • Consistent Policy Exception Tracking

The app has helped standardize the process of capturing and tracking policy exceptions. Graphical reports and dashboards provide real-time insights into the overall status of policy exceptions.

  • Easy Policy Discovery

The app provides a common, centralized repository to store and integrate policies and documents. Users can retrieve the latest policies from any location, and quickly search for others based on various attributes, content, authors, owners, etc. They can also mark important policies as favorites and save their searches for future reference. Secure role-based access controls help ensure that only authorized users can access a particular policy.

  • Comprehensive Reporting and Dashboards

Through the app’s reporting engine, the bank has real-time visibility into the policy and document management lifecycle. Dashboards and reports with drill-down capabilities offer a clear view of policy data and statistics, policy.


  • Manual approach - policies were created and tracked on word documents/ spreadsheets, and manually consolidated into a single report every month
  • Inconsistent policy formats across business units
  • Lack of speed and visibility – The monthly policy report took 1 - 2 weeks to generate due to data inconsistencies and fragmentation


  • Policy and Document Management

Value Delivered

  • Policy approval process time has shrunk by 60%
  • Policy search time has reduced from 50+ hours to minutes
  • Policy version issues have been eliminated
  • Employees have faster, simpler access to policies through a central repository
  • Monthly policy report creation takes just one hour
  • Trust with the board and leadership team has been strengthened due to real-time policy status insights

Ready to get started?

Speak to our experts Let’s talk