Part I: AI in GRC: Re-Imagining Governance, Risk Management and Compliance with Cognitive AI Technologies

Introducing our Authors

We are delighted to have 3 highly experienced authors on Part I of this blog series, on the topic of AI in GRC: Re-imagining of GRC (Governance, Risk and Compliance) with Cognitive Artificial Intelligence – AI – technologies.

Jessica McDermott, Principal Director, Accenture, is a leader in the risk and compliance function. She has over 20 years of experience in Financial Services and demonstrated success in driving transformational change. She has extensive experience in resolving regulatory actions, reshaping risk and control environments, delivering enterprise-wide policy and technology change, and increasing operational efficiency. Her areas of expertise include enhancing controls of financial products and activities through business, risk, and regulatory program management.

Jonathan Frieder​, Principal Director – Strategy & Consulting, Accenture has a broad background in Financial Services with expertise spanning Regulatory Affairs and Compliance, Conduct Risk, Operational Risk, Fraud and Financial Crime and IT Security. He is a hands-on leader with 25 years of experience leading and successfully delivering complex regulatory-driven business and technology initiatives for top-tier firms and currently assists clients with identifying and effectively integrating technology solutions to solve challenges, improve operational efficiency and reduce cost. Jonathan is a RegTech liaison to Accenture’s FinTech Strategy Group and FinTech Innovation Lab, an accelerator program for early stage FinTech and RegTech companies.

Venky Verrapotu, CEO and Co-Founder at 4CRisk has over 20 years of experience in building high performance GRC technology platforms and more importantly onboarding hundreds of customers onto the platforms.

‍

What is Governance, Risk and Compliance? (GRC)

It's been almost 20 years since the term “GRC”, or Governance, Risk Management and Compliance, was first introduced by Forrester Research and many organizations are still struggling to implement or perform effective GRC. Many of the same challenges that GRC technology solutions were intended to solve are still prevalent and firms are investing billions of dollars and 10 to 15% of their workforce towards GRC related activities and supporting technologies. Even with technology and process advancements in the GRC space it is still challenging for companies to handle the scale and complexity of all requirements given constantly evolving regulatory, business, and risk landscapes.

‍

‍How Can GRC Use AI to meet challenges in scale and complexity of requirements?

To counter this, it has become imperative for organizations to use a new generation of technologies which make use of Machine Learning (“ML”) and Artificial Intelligence (“AI”), including Cognitive capabilities, which attempt to model human behavior to solve complex problems based on real-time analysis of environment, context, and intent. Cognitive technologies have become more prevalent and accepted over the last several years, opening the door for their use in driving efficiency, effectiveness, and agility into GRC initiatives.

Embracing technology can address labor-intensive tasks, helping employees focus on value-add activities that bring more insight and intelligence when navigating the organization and managing risk and compliance. With business decisions driven by analytics and data, organizations can operate in a more efficient manner. Traditional methods and older GRC tools provide critical infrastructure for GRC operations but put the burden of discovery and analysis of information solely on the risk and compliance teams. AI and Cognitive technologies will augment the risk and compliance teams, reduce this burden, and provide actionable insights.

‍

How can Organizations deploy AI in their Risk Management and Compliance Programs?

Organizations that have completed or are undertaking initiatives to enhance their Risk Management and Compliance capabilities typically have a common desire to enable their businesses with the best possible tools and solutions that are scalable, flexible, accurate, provide a broad range of features and exceptional user experience.

‍"Many organizations find there is no single solution or platform that can deliver everything needed to enable their business with the best possible tools and solutions that are scalable, flexible, accurate, provide a broad range of features and exceptional user experience.

‍

This is where Cognitive AI and innovative technology solutions can help.

Most organizations focus on implementing and improving risk management processes first and foremost before thinking about technology, however given the wide range of advanced technology solutions available today, it is increasingly harder to separate thinking about both simultaneously. Some organizations may be at an earlier stage of maturity and not ready to consider advanced technology. To those firms we would say “walk before you run” but do so purposefully with a long-term view towards automation and development of capabilities that will provide actionable intelligence. Putting these items on your roadmap will serve as a reminder of the desired target state and inform decisions along the journey that will help prevent you from being limited at a later point. This also helps firms that might require additional time to plan for technology integration and adoption, strengthen understanding of new technologies that are available or obtain required skills to adapt and leverage them properly. This is particularly true for organizations with Technology and/or Risk and Compliance teams who have been scarred by prior lessons learned from projects that have gone wrong or are concerned that bringing in new advanced technology will take too much time, resources, and budget.

‍

How AI based Cognitive capabilities can help organizations transform and realize benefits

Today's solutions, in particular cognitive solutions, can potentially help to change that perception by accelerating implementation and reducing the time needed to achieve optimal usage and ROI. This is achieved based on their ability to “learn” continuously and generate better quality data and information from which decisions are made. The tools which contain these capabilities are also increasingly being introduced with interfaces that enhance the end user’s experience, which has a side-effect benefit of instilling passion, energy and confidence in the entire Risk Management and Compliance organization.

‍

AI based Cognitive capabilities can help organizations transform and realize benefits across multiple domains, spanning operations, data management, technology, and budget/finance. The number of use cases in which cognitive tools can be applied is also growing and includes, but is not limited to, regulatory change management, issue management, third party risk, policy management and data aggregation and reporting. In this blog series we will further explore the use of cognitive AI and advanced technologies in these areas. We will also look to provide practical, actionable recommendations, including where to begin your journey to bring cognitive and advanced capabilities to your firm, how to identify, evaluate and select the right solutions, how to prepare for successfully integrating them, and how to measure success and ensure long term sustainability.

The clear value proposition of incorporating cognitive technologies into GRC processes aligns with most organizations’ desire to operate with efficiency (e.g., time saved; money saved), effectiveness (e.g., accuracy, completeness, and thoroughness), and agility (e.g., quickly react to changes in your regulatory, business, and external risk environments).

In our next blog we will examine opportunities that exist to leverage cognitive capabilities in your GRC processes and the value that they can provide in more detail.

‍

[1] Source: 2020 Citi Annual Earnings Report (https://www.citigroup.com/citi/investor/ quarterly/2021/annual-report/)

Copyright © 2022 Accenture and 4CRisk. All rights reserved.‍

Check out these related blogs and resources  

• Blog Part II: AI in GRC:  GRC 5.0: Achieving Cognitive GRC ‍
• Blog Part III: AI in GRC: Leveraging Cognitive Capabilities to Create Value in Your GRC Processes
• Blog: https://www.4crisk.ai/post/compliance-three-key-actions-to-leveraging-ai-successfully-in-2025