The importance of governance, risk management and compliance

Governance, risk management and compliance (GRC) have evolved as top business priorities for financial services organisations. A new evolution in business is being driven by increased stakeholder demands, heightened public scrutiny and new performance expectations. In the financial services industry, Basel II and Solvency II and their provisions on risk management reflect the growing focus on building governance structures and frameworks. The new Capital Accord reaches beyond earlier initiatives and their GRC requirements. The components and building blocks of Basel II cover a wide range of managerial and technical aspects, including challenges to information technology, security and business continuity, thus providing a sense of direction to specialist disciplines within banking and financial services organizations. According to Rolf von Roessing *, Chair of the BCM Working Group at NIFIS, a German NGO for the protection of critical infrastructures, financial services firms should take an integrated approach to GRC. He warns that organizations addressing each GRC area in a different way are likely to experience significant cost increases and duplication of effort. Taking a reactive, backward-looking approach to GRC could negatively affect efficiency and make the implementation of proactive, process-driven initiatives difficult, if not impossible