Case study at-a-glance
- Background: A multinational banking and financial services company with over 140,000 employees.
- GRC Challenges: The company’s Compliance Team needed a trusted GRC solution to optimize and reinforce its Compliance Risk Management Program. Through the RFP process, the internal GRC project stakeholders competed for the development of a solution that was catered towards each silo. The company committed to a strict project completion deadline, yet the scope of the project remained very broad.
- The Solution: The company chose SAI360 for Compliance Management by taking a center-of-excellence approach to become self-sufficient in implementing and maintaining the SAI360 environment. This approach includes a high level of configuration and strong support of the company’s intended goals.
- The Benefits: The company jump-started their configuration making use of best practices from SAI360. This provides the ability to deliver what they needed when they desired to deliver it. Moreover, the company can add aspects such as additional reporting in the future.
Battling the rapidly changing regulatory environment
In order to keep pace with the rapidly changing regulatory environment, the multinational banking and financial services organization’s Compliance Department evaluated technology to optimize and reinforce its Compliance Risk Management Program. Several distinct areas within Compliance were identified as requiring automated processes: Regulatory Inventory, Policy Management, Compliance Testing, Regulatory Examination including Issues Remediation, and Financial Crime and Compliance Risk Assessments.
After much consideration, the company's U.S.-based compliance department determined that a holistic approach was needed to support the lifecycle of Compliance Risk Management and governance, risk and compliance (GRC) vendors were reviewed.
Compliance management based on a center-of-excellence approach
The company chose SAI360 for Compliance Management, taking a center-of-excellence approach that includes compliance and risk assessment. The organization applied this model to educate the team of professionals responsible for configuring the SAI360 platform to meet its own requirements. This proved to be an effective partnership in supporting the banking and financial services company to become self-sufficient in implementing and maintaining the SAI360 environment.
Support for the end-to-end compliance management process
With the SAI360 Compliance Management Solution, the bank is able to:
- Monitor the organization’s compliance profile and conformance to regulatory requirements in easily configurable and use dashboards
- Conform to the Bank Secrecy Act requirements providing access to audits
- Stay current on regulatory activities from alerts and updates
- Relate regulatory feeds to specific corporate policies
- Reduce the likelihood of fines or regulatory action
- Inform decision making with a view on the balance between performance and risk
- Conduct risk-based scoping and gap analysis to relate regulations to internal controls
- Monitor progress of controls, their effectiveness, and issue management activities using dashboards, status tracking, and robust reporting capabilities
- Create, maintain, disseminate, and attest to organizational policies using a strong workflow engine, check-in/check-out features, and portal to manage the process
- Execute flexible assessments with powerful control testing and questionnaire capabilities enabling the risk and compliance function to understand the effects of regulatory changes
- Seamlessly integrate with other SAI360 GRC solutions and expand to meet new use cases, such as assessment functionality
Further advantages that the banking and financial services company continues to experience with SAI360 are a high level of configuration met by the off-the-shelf functionality and the ability to deliver what they needed to in a timely fashion. Moreover, the company can look to add aspects such as additional reporting in the future and not affect current project completion timing.
Strong customer reference base, flexible and configurable solutions
The organization selected SAI360 due to its deep understanding of the technical requirements and deep experience with similar types of requirements in financial services. The dynamic demo provided by the SAI360 team displayed both the expertise and functionality that SAI360 could bring to the project.
The positive outcome of customer reference calls contributed significantly alongside the flexibility of the solutions and the ability to configure on-the-fly. The company appreciated SAI360's swift responses to questions with strong answers and a collaborative global approach.
The banking and financial services company’s next steps will include further optimizing existing process flows, enhancing its assessment and reporting functionality, and continuing to integrate SAI360 with other technology platforms.