skip to Main Content
An Integrated Approach to Risk Management
An Integrated Yet Modular Approach to Implement Governance, Risk and Compliance across the Organization, At Your Own Pace
Worldwide Regulatory Change Impact

Worldwide Regulatory Change Impact

The massive worldwide regulatory changes that resulted from the 2008 financial crisis have impacted financial markets in a big way. Mandated oversight, detailed regulatory reporting, frequent and rigorous regulator examinations and heavy fines for non-compliance drive the markets. Boards and Senior Management face serious challenges in keeping the businesses protected against risks of various kinds including operational, cyber security, vendor risk, compliance risk, market and interest rate risks and beyond that reputation loss and litigation risk. The number of regulations that apply to each area of the institution, volume of data to monitor, manage and report to regulators have become overwhelming for the risk and compliance management staff.

What Does Your Organization Need

What does your Organization Need

You need a solution that can help you cut across organizational silos, enabling a holistic and collaborative approach not only within the organization but also with outside entitities like vendors, service providers and customers to help identify risks, issues and violations. You need a single source of truth of violations and identify risks as early as they occur so you can take corrective action and reduce cost of mitigation.  You need to have a seamless process to manage and implement governance, risk and compliance management across departments, locations, lines of business, user groups  in an business as usual way. You need a system that provides information to all levels in a way that is actionable, be it the departmental staff, the senior management or board from a single source of truth.

 

How GRACE Empowers Your Organization

How GRACE Empowers your organization

GRACE Enterprise GRC is designed for financial institutions to have a simple to use, web based / tablet enabled / mobile  Anywhere Anytime system for all risk, governance and compliance data making it visible, transparent and integrated from a single source of truth for the organization as well as the regulators.

GRACE  can help your organization make the process manageable through its modular yet integrated approach to comprehensively address the needs of the Risk and Compliance Staff, Compliance Managers and IT Governance Managers, Heads of Risk and Compliance, Operational Risk Managers, Audit Leaders and the Board.  Built on industry standards  from Basel III, COSO and COBIT, GRACE   can help you implement at your own pace and grow it to an enterprise level without costing large sums of money.

GRACE Enterprise GRC functions
Modular Implementation Leading up to Enterprise Risk Management

Manage Policies and Procedures

Build GRACE as the central repository of the latest policy and procedure documents, manage their review and release, track them against regulations, and keep track of all the drafts and comments versions

Centralized Policy and Procedures Management allows the organization to work with the single source of truth that addresses the latest regulatory requirements for operational groups and regulators and becomes the guideline for all business to follow.

Manage Attestation Online

The Latest Policies and Procedures can be sent out for Online attestation when they get released to all the relevant staff to ensure that they are aware of the changes and can follow the new process in their work. Other Forms and Templates for Attestation by staff can also be set up on the system and sent for Online Attestation.Periodic Attestation and reminders sent to staff, ensures compliance of the latest requirements and regulations. Assessment dashboards help manage and monitor that everyone in the organization has read and agreed to the processes

Manage Regulations and Regulatory Change

Understand the large number of regulations, regulatory expectations that impact your business and keeping track of regulatory change is a big task.  Build  the central regulatory database for each of your business lines  in GRACE. Keep track of the regulatory change, identify impact and manage change through task management. Task owners can report status on action taken. Mapping of regulations to current policies and procedures ensures that the organizational policies and procedures comprehensively cover the regulatory requirements.

Conduct Risk Assessments

Keep track of Assessment Calendar, define assessment checklists, assign owners across departments, business lines, functions, IT, vendors, locations, branches and build your repository of assessment findings . Use the Survey like functions to collect information and documents on-line. Use risk scoring to automatically score risks in findings and classify in a standardized way to understand level of risk to the organization.

Manage mitigation thru risk ownership, project definition and tasks and receive online status reports to track mitigation. Risk Assessment dashboard helps monitor and manage

Conduct Internal Controls Monitoring

GRACE can help set up different internal controls,  schedule and ownership for internal controls testing process. The control definitions and testing process can also be recorded in the system and assigned to different people for various periodic testing. Control testers can report online on the tests undertaken, issues seen if any and any supporting documents.

Issues raised can be escalated to relevant people and alerted to bring it to their attention. Review process can lead to resolution or issue recording for further action

Conduct Compliance Monitoring

Compliance monitoring activities can be setup on GRACE for ongoing verification for various periodic frequencies and responsibility can be assigned to various members of the staff. Alerts to task owners owners on due dates.

The tasks and assignments show up with different colors on My Portal . The task owner can conduct compliance tasks for verification, report the results and issues into the system, send them for reviews, escalate them and ensure compliance violations and risks are notified for early action. Methodical , ongoing compliance ensures timely monitoring all across the organization.

Manage Audits

Audits both internal and external are a big component of oversight of the organization. Audit calendars, audit checklists, audit tasks can all be assigned and tracked on GRACE.  As Audits are conducted, the findings from the audits can be recorded and risk and issues entered and classified in a standardized way.The compilation of all findings can be had at all times along with their materiality and risks to the organizations

Audit Dashboards provide the organization a one place for tracking and managing audits, findings and risk management

Manage IT Infrastructure Risk Management

GRACE IT Risk management helps you manage keep track of key risks in your IT Infrastructure, Cyber security, Data Management, Software Release Cycles, Business Continuity, Disaster recovery and others and meets the mandates of GDPR, California Privacy Act and other privacy regulations.

It helps you manage IT Policies and Procedures, conduct periodic security and other IT and vendor risk assessments and monitor risks through a survey model. GRACE helps you build inventory of IT assets and keep them updated.  It also helps you with incident reporting and management . IT dashboards and Incident dashboards together can help the organization stay on top of its key data assets and their protection

Manage Vendors / Conduct Third Party Risk Management

Create and manage Vendor Database of vendor locations, contact persons, SLAs and Contract documents,Conduct Vendor Risk Assessments,Record risk findings and risks, manage and monitor their mitigation. Generate a Vendor Risk Profile

Set up Periodic Monitoring Calendar and follow up items on a periodic basis, identify issues and record risks.  Look at risk trends with vendors and ensure that high risk vendor contracts  are not renewed until the high risks are mitigated.

Use Vendor Dashboard to monitor issues and risks and view trends

Conduct Loss Event Management

GRACE can help you record all the loss events that occur whether it be ID theft, portfolio losses , credit losses, or legal events.Standardized loss classifications can be used to categories the losses. Loss event can be classified based on loss categories, insurance coverage, write off mounts and and other measures. Loss Owners can also manage the process of loss recovery and report on their actions

Loss event dashboard can help monitor losses through various trend analysis charts drilling down to detail data across department, business lines, business processes to provide comprehensive analysis and monitoring.

Centralized Issue Management

GRACE provides a standardized way to record and manage issues across all functions. Issues can be recorded into the issues pool and allocated to different issue owners depending on their functions. Notes and case management including reviews, escalation and follow up alerts workflows enable proactive issue management

Issues Dashboard can be used by management to monitor issues and view trends

User Management and Data Administration

GRACE offers complete user management functionality to add  and manage users, grant them rights to their specific function and removal of their access rights when they leave. It provides user password resets, enabling, disabling users and changing of rights as and when needed.GRACE provides functions for maintenance and management of master  and seed data to allow the system to be configured by the administrators. These include state, location, countries, currencies, and all other specific function related master data information

Access to such functions are also controlled by the access rights to enable only users who have the defined role doing it.Audit trails of all  changes will be available to ensure that master data changes can be traced

Do Key Risk Indicators (KRI) monitoring

GRACE helps you record Key risk indicators (KRIs) definitions to enhance the monitoring of risks. Effective KRIs, are measurable and quantifiable (e.g., number, count, percentage, dollar volume, etc.). KRIs enable firms to identify current risk exposure and emerging risk trends, highlight control weaknesses and allow for the strengthening of poor controls and facilitate the risk reporting and escalation process

GRACE can help you set up KRIs and allow staff to report on a periodic basis from data that is measured by individual groups, be it with respect to customer acquisition, customer complaints, regulatory violations, incidents and many others to see trends and issues.

Conduct Standardized Risk Monitoring

GRACE offers the standards based on Basel II / Basel III classifications to  classify risks based on their impact to the organization. Risks Owners have the responsibility to create projects and tasks for risk mitigation and providing  status reports. Task owners , Project Owners report on the task, project status including costs to ensure projects,tasks are on track.

Risk Dashboards offer real time information slice and dice information on departments, regulations, operational risk, locations, business lines, owners,status etc . with deep drill down on current risk grade,project status and costs, task status for early action,  reducing mitigation costs, reputation damage and legal risks.

Manage Using Powerful Analytics Dashboards

GRACE offers powerful analytics through individualized and combination Dashboards for individual departmental needs as well as organizational needs. Dashboards offer all that is needed on the particular topic from queries, reports, trend analysis, charting and deep drill down information right to the lowest level.  Access to dashboards are set up using rights management so combination of dashboards can be made accessible based on need and segregation of duties

An Integrated Dashboard across the organization can be used by Senior management and boards

GRACE Features
Web based / Tablet enabled / Mobile for Anytime Anywhere Access

Visibility and Transparency to Risks

Staff and Senior Management can have a visible real time dashboard of risks in governance, risk management and compliance.

Standardization in Risk Management

Across the organization Standardization in the Risk Identification, Classification to Mitigation can be achieved by using a single system

Clear Accountability

By making risks visible and with the ability to drill down to the status of mitigation, accountability for risk management can be established and monitored

Early awareness of Risk Trends

Trends of risk in various business processes, departments, lines of business can be very quickly identified with visual analytics , dashboards and drill downs

Modular Yet Integrated By Design enables easy implementation

The comprehensive functionality of GRACE is modular but integrated by design. It allows for implementation at modular level to build up the enterprise wide implementation with ease

No spend on Integration of Spot Solutions

Organizations buy spot solutions and face tough challenges to integrate them to create a common information base. Integration proves to be costly operation because of multiple technologies, time, effort spent and resources needed. Sometimes after all the money is spent it, still does not still meet the user needs. GRACE, by being already integrated reduces the unwanted spend, at the same time providing the information users need.

Single Source of Truth for the Organization

Will all documents, data, reviews, audit trails, analytics and easy to use queries and reports, GRACE becomes the central repository of the Single Source of Truth for the organization and avoids duplication and inefficiencies from trying to find out the latest information.

Risk reporting becomes Online and Real time

With an integrated web based access anytime anywhere, there is no need for risk reports to be generated in various departments to present to senior management. All that effort, costs and time can be saved.

Regulatory examinations can be handled with confidence

Information gathering and report creation for regulatory audits is a very costly operation for all organizations. The GRACE system becomes the proof of good risk management practice in the organization and save enormous amount of money in this data gathering and report creation process.

Culture of Risk and Compliance gets Institutionalized

With a business as usual process through the GRACE system, Culture of Risk and Compliance Management becomes institutionalized across the organization.

Organization Ownership of Data

Organizations suffer when key risk and compliance staff leaves. The information is scattered if maintained solely by individuals and are lying on disks in various forms. GRACE becomes the single central repository of documents, data and processes enabling continuity even when key people leave the organization

Easy to Integrate and Customize

GRACE offers easy integration with organizational source systems to enhance the functionality and extend it at low costs. This is a great benefit for end users who can bring in all the relevant data into a single system through automated process allowing them to focus on risk management and compliance instead of data gathering

Enormous Cost Savings

Enormous costs savings in unwanted labor for audits and examinations, avoid regulatory fines, legal costs, reputation risks and empowers the organization in managing risks.

Latest News

La Meer releases GRACE Data Privacy V3.0 to address California Consumer Privacy Act

La Meer announces the GRACE for Data Privacy 3.0 to address the provisions of California…

La Meer offers GRACE SMCR for Senior Management & Certification Regime

La Meer announced the GRACE SMCR solution that addresses the needs of Financial Conduct Authority…

Regulation Best Interest (Reg BI): What to expect, and what do you need to do?

On June 5th 2019, SEC adopted the Best Interest Standard regulation Reg BI for Broker-dealer…

La Meer Announces GRACE Client Management V 4.0 to address Reg BI requirements

La Meer announces updated GRACE for Client Management that includes the requirements of Regulation Best…

La Meer Announces GRACE for Training Management

La Meer Inc. offers the GRACE Training Management system that now enables course contents to…

La Meer Inc. has been shortlisted for Best Innovative Technology for Regulatory Compliance

La Meer Inc. has been shortlisted for the Best Innovative Technology award by Regtech Insight…

NYPD’s Patternizr crime analysis tool raises AI bias concerns

The NYPD has rolled out Patternizr, a machine learning algorithm that helps analysts identify crime…

UBS hit with £27.6 million penalty over massive transaction reporting fail

UBS has been fined £27,599,400 by the Financial Conduct Authority (FCA) for failings relating to…

Back To Top