How technology can enable proactive risk management
Successfully navigating governance, risk and compliance activities in the digital landscape
One bright spot for business amid uncertain times is that consumers say they trust business more now than before COVID-19 rocked the world. In August 2021, PwC conducted a Trust in US Business Survey that asked consumers, employees and business leaders what comes to mind when they think of trust. These three groups agreed on the top four elements that engender trust: data protection and cybersecurity, treating employees well, ethical business practices and admitting mistakes. Sustainable value chain management and transparency and reporting of ESG also made notable appearances in the list of foundational trust elements.
Risk management is a significant part of a big-picture trust strategy. How your business handles activities, like audits, controls testing and monitoring, and third-party relationships, can determine reputational integrity as well as customer relationships and employee loyalty. Successful risk management strategies—and the right technologies to help your organization execute on those strategies—are critical to building trust.
As the worst of the pandemic fallout eases up, companies in all industries should focus on strengthening stakeholder trust as they execute on their strategies to emerge stronger. An important component of proactive risk management should be implementing the right technologies to help responsibly streamline the tasks involved in managing risks, such as: assessing; monitoring and detecting risks; complying with regulatory requirements; monitoring and testing controls; and centralizing data collection and document review.
Tech-enabled risk management to strengthen trust and stretch resources
A robust risk management program can play a central role in deepening stakeholder trust. Additionally, the law and culture at large are demanding higher standards in the risk management space. To answer these demands, companies can implement intelligent tech to get ahead of risks before they cause reputational, financial or societal harm.
Return on investments in risk management and compliance effectiveness can be hard to quantify, but with threats multiplying all the time, inaction is not an option. And managing risk using manual, siloed processes carried out by teams that can’t easily collaborate is an outdated approach that didn’t work well before the digital era. Today’s environment warrants a more integrated, tech-powered approach.
Technologies that enable ongoing risk visibility, monitoring and assessment have changed the risk management landscape, turning the tide in the favor of businesses that want to operate legally, ethically and in full compliance with applicable regulations for data protection and related safeguards.
Tech solutions can also help risk centers that are grappling with limited and diminishing resources. Intelligent automation and cloud-based solutions accessible to all the necessary stakeholders help risk teams do more with less. How? By making it possible to demonstrate the effectiveness of data-driven analytics in addressing risk management challenges. A proactive, tech-enabled risk management program can help companies preserve integrity, potentially stop bad actors in their tracks and further strengthen trust.
Risk management isn’t just about compliance, diligence and cybersecurity. Its purpose is to protect a company, its customers, stakeholder and business partners from involvement with, or being harmed by, people and entities engaged in illegal activity. This can include theft and fraud—or even bad behavior that’s not only against the law, but ethically reprehensible, like human trafficking and exploitation. Proactive risk management is good for the business and good for society because it fights crime and reinforces ethical business practices through prevention.
There’s been an upsurge in anti-money laundering (AML) efforts in the last five years or so, for example. In response, the US Treasury Department’s Financial Crimes Enforcement Network (FinCEN) has issued lists of AML and related priorities it expects companies to focus on.
Quantifying the value of prevention
Risk compliance effectiveness can be hard to quantify, but that’s what business leaders want before they approve investments in enterprise risk management solutions or personnel. Risk management solutions that have built-in analytics make it easy to see how the tools are being used, and what’s working, in order to paint a fuller picture of your risk posture and processes.
Traditional governance, risk and compliance (GRC) approaches can’t keep up with the pace at which bad actors are devising new schemes. But technology solutions help make it possible to level the playing field by:
Automating risk management model validation, documentation and governance
Providing data and analytics capabilities that centralize information and provide real-time insights, including monitoring third parties
Automating operation and testing of compliance activities and risk monitoring
Integrating such solutions into your risk management program can help deliver on compliance excellence, which should be the goal.
The compliance excellence imperative
Risk teams in companies subject to European Union regulations are familiar with the EU’s General Data Protection Regulation (GDPR), which requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states—and imposes steep fines for noncompliance. According to the GDPR Enforcement Tracker, between July 2018 and October 2021, the EU has issued 807 fines for GDPR noncompliance totaling €1,279,414,052, an average fine of €1.59 million each.
In the US, the Department of Justice (DOJ) is stepping up its compliance expectations as well. Updated guidance from the DOJ released in July 2020 hones in on whether companies are using data effectively to improve and track how well their compliance programs are doing. In other words, the DOJ expects companies to implement policies and processes aimed at achieving compliance excellence. The ability to see actual data and data-driven diagnostics is only possible using risk management solutions with compliance excellence in mind.
If you don’t invest in compliance excellence, you could pay a steep price—literally. If your competitors are more focused on compliance excellence than you, then customers, business partners and stakeholders that put their trust in your business may jump ship.
It’s also a way to win more business. About half (49%) of the customers in our Trust in US Business Survey said they started purchasing or purchased more from a company because they trusted them.
How the right tech can help you achieve compliance excellence
In superhero films, we want the good guys to vanquish the villains and keep the world safe from disaster. Employing the right risk management solutions and approaches can help you become the vanquishing hero in a world increasingly populated by new and different villains engaged in money laundering, cybercrime, corruption or other illegal activity.
Technology can become your superpower in this quest, but you need to know what to look for, including:
A single repository that can help drive risk decisions and run analytics to gain visibility into potential risks.
Automated data ingestion to provide real-time visibility and enable ongoing monitoring of internal processes and third-party activity in a risk context.
Responsible AI models that can run risk assessments and generate recommendations across risk and compliance programs.
Digitization to enhance workflow efficiency, reduce manual errors and enable data standardization to drive reliability, maintain integrity and provide searchable audit trails for improved decision-making.
PwC is serving risk leaders with SaaS solutions that address their key challenges: staying ahead of continuous regulatory requirements, creating end-to-end wrappers around complex risk problems and lowering costs. We bring our consulting experience in the regulatory space to bear in developing solutions that help organizations address risk management challenges more effectively—even as the risk landscape continues to change. PwC can help you achieve compliance excellence with five key PwC product offerings:
Ready Assess: Empowers your organization to think faster and act quicker to stay on top of the ever-changing world of risk. It streamlines risk assessments into a single platform—making the entire process visual, interactive, trackable and actionable.
Third Party Tracker: Helps companies screen and manage third parties, identify upfront risks from potential partners, conduct due diligence, and monitor through the lifecycle of the relationship.
Interactions Hub: An inclusive digital solution that helps pharmaceutical and life sciences companies create an integrated, seamless experience for managing interactions with healthcare organizations/providers and patients while enabling global transparency reporting at scale.
Risk Detect: Gives you quick, efficient access to key data points, including transactions, loan document compliance, e-discovery and more.
Model Edge: This digital platform helps internal and external stakeholders better understand your models, making it easier to identify potential bias, detect model degradation and demonstrate how they work more effectively. Even your most advanced models become transparent and explainable, enabling stakeholders at every level across the enterprise.
Enterprise Control: This governance, risk and compliance portal has an integrated analytic engine that can be connected to your ERP or other business applications so you can automate the operation and testing of compliance activities while providing an approach to monitoring systemic risks proactively in one, end-to-end risk and control platform.
Trust: A main benefit of compliance excellence
With so much at stake, companies should make risk management excellence a priority to maintain resilience and hold on to stakeholder trust. Our Trust in US Business Survey found that 48% of business leaders said having an ethical and sustainable supply chain is extremely important—and 44% said that they’ve taken steps to achieve this as part of their overall efforts to strengthen stakeholder trust in their organization.
Lawful, ethical business practices are among the environmental, social and governance (ESG) priorities compliance leaders are looking to highlight in their efforts to deepen trust in their organizations and with their stakeholders. A robust risk management program that strives for true compliance excellence offers numerous benefits. Employing intelligent risk management solutions that complement your compliance team’s field experience can help you achieve these payoffs faster and more affordably.